Council workers sacked for snooping personal details

Nine staff have been sacked from their local authority jobs for snooping on personal records of celebrities and personal acquaintances held on the core database of the government's National Identity Scheme.

Nine staff have been sacked from their local authority jobs for snooping on personal records of celebrities and personal acquaintances held on the core database of the government's National Identity Scheme.

They are among 34 council workers who illegally accessed the Customer Information System (CIS) database, which holds the biographical data of the population that will underpin the government's multi-billion-pound ID card programme.

List of security breaches in full >>

The disclosures, obtained by Computer Weekly using the Freedom of Information Act, will add to calls for the government to come clean over the security of the National Identity Scheme.

The CIS database, run by the Department for Work and Pensions, stores up to 9,800 items of information on 92 million people, including sensitive data, such as ethnicity, relationship history, whether someone is being investigated for fraud and whether they have special needs.

Freedom of information requests by Computer Weekly, have uncovered a string of breaches by council workers:

  • Cardiff and Glasgow councils sacked staff after they looked up celebrities' personal records
  • Tonbridge and Bromley councils sacked workers for looking up their friends
  • Brent sacked someone who looked at their girlfriend's details
  • A worker at Torfaen was sacked for looking at his own details

But this may just be the tip of the iceberg. Many of the breaches were discovered after sample checks, raising concerns that other breaches may gone undetected.

Over 200,000 government officials have access to the database, including staff at 480 local authorities, and numerous government departments, including the Department of Work and Pensions, HM Revenue & Customs, and the Courts Service. The Child Support Agency uses the CIS to trace missing parents,

Gus Hosein, a management systems academic with the London School of Economics, said that breaches were inevitable.

"Human nature and the propensity of governments to abuse privacy means that the only real safeguard is to not collect this information in the first place," he said. "Create a central store and you will get abuse".

A DWP spokesman said, "The small number of incidents shows that the CIS security system is working and is protected by several different audit and monitoring controls, which actively manage and report attempts at unauthorised or inappropriate access."

In other breaches discovered by Computer Weekly, Exeter sacked someone for being unable to justify an access to the database. Hertsmere and Penwith (now part of Cornwall) councils sacked people for looking at records they shouldn't, but couldn't say what the records were.

Carmarthenshire Council disciplined a person who illegally used the CIS to look at the records in July 2008 of someone "known personally" to them, but refused to give details. Solihull took disciplinary action after a CIS breach in February 2008.

Peter Sommer, visiting professor at the London School of Economics Information Systems Integrity Group, said, "Any system in which you have a large number of users can never be secure. Instead of giving generalised assurances, the government should say explicitly what level of security failures they consider to be acceptable. Politically, that is a very awkward thing to say."

The government plans to extend use of the CIS, beyond its present community of DWP government partners and customers. Its next phase of development, called CISx (CIS cross-government), will give access to departments such as the Driver and Vehicle Licensing Agency.

A Home Office spokesman said the CIS breaches should not reflect badly on the National Identity Scheme, which is still in development. The CIS might be pegged as the biographical store for the Identity Scheme, he said, but Home Office data would be stored separately from data held by the DWP and protected by "strict access controls".

"IPS [Identity and Passport Service] will make the systems supporting the National Identity Scheme as secure as possible, building on an excellent track record with the current passport database," he said.

The DWP is conducting the ongoing development of the CIS in close partnership with the Home Office and HMRC.

ID cards database breached by nosey council staff >>

Read more on IT legislation and regulation