It has emerged that the extra security protection on the missing child benefit CDs might have been nothing more than Winzip release 8.
Interviewed on BBC Radio 4’s Today programme on 21 November 2007, a day after his statement to the House of Commons on the missing CDs, the Chancellor of the Exchequer Alistair Darling had implied that the CDs had a level of protection beyond that of a password, but he declined to give any details.
The Chancellor told the “Today” programme:
“They [the missing CDs] are password protected but they are not encrypted. There are other procedures which I really don’t want into go into for obvious reasons. There are other things that … (a stumble) …. something on these CDs which would prevent, would actually put a barrier to, finding out what was on them. But they are not encrypted in the way you describe.”
Now HMRC has confirmed that the missing CDs were “protected” by Winzip 8.0 which allows for compression and password-protection but not encryption. Files can be self-extracted without the use of Winzip – hardly impenetrable security.
Since HMRC’s CDs went missing the organisation requires that staff use more secure passwords so that there are now at least 20 characters and at times 30. And for further protection HMRC now employs a head of data security.
If the extra security that Alistair Darling was referring to so enigmatically on the “Today” broadcast was merely Winzip 8, he was being disingenuous in the extreme or, more likely, was poorly briefed.
Darling’s statement to the House of Commons on the involvement of a “junior official” in the downloading of child benefit information onto CDs is also looking increasingly disingenuous. His statement implied that the CDs were lost because a junior official at HMRC and another at the National Audit Office circumvented procedures.
HMRC is now conceding that the problem could be traced to faulty system design: staff were able to load the child benefit data onto a desktop computer, albeit one in what is called a secure environment, for compliance reasons – to check whether those in receipt of child benefits were entitled to them.
Even today senior management at HMRC does not know how it was possible for its staff to download a full copy of child benefit database onto a desktop, without any serious security restrictions.
It may be that the work of the Revenue, now that it includes tax credits, Customs and Excise, and national insurance systems, is simply too complex for senior managers to comprehend. An incident that followed the announcement of the missing CDs gives an insight into the potential for internal chaos.
A member of the public contacted an MP to say:
“I have just had an apology letter dated 21 November, 07 from Dave Hartnett, Acting Chairman of HM Revenue & Customs, apologising about the error of losing my personal child benefits data, including my bank account…which I was expecting.
“However, it’s ironic…I’ve also received seven other apology letters that should have been sent to other members of the public in the same predicament.
“I’ve got all their national insurance numbers, their child benefit ref. number, name and address. It really is…an absolutely awful mistake when they are trying to re-instill confidence.
“I have of course reported this to the HM Revenue & Customs helpline…I spoke to a gentleman… he made me aware I was not in the minority…this had happened to a number of individuals and [he] asked me to relay the national insurance numbers”.
Four immediate thoughts about the catastrophic HMRC data loss