The Information Commissioner's Office today found the Foreign and Commonwealth Office in breach of the Data Protection Act following an investigation into a security breach on the online application facility for UK visas.
The breach on the UK visas website allowed visitors to the site to see personal data of people applying for entry visas to the UK. A tip-off from Channel 4 alerted the Information Commissioner's Office in May. It launched an immediate investigation into the site, which is run jointly by the Home Office and Foreign and Commonwealth Office Directorate responsible for visa processing.
"The FCO cooperated fully with the ICO during the course of the investigation and provided the ICO with an independent report into the breach," the Information Commissioner's Office said in a statement. An Information Commissioner's Office spokesman said it had also used a report commissioned by the Foreign and Commonwealth Office from an independent investigator in its own investigation.
At the request of the Information Commissioner's Office, the Foreign and Commonwealth Office has signed a formal undertaking to comply with the principles of the Data Protection Act. "Failure to meet the terms of the undertaking is likely to lead to further enforcement action by the ICO," the Information Commissioner's Office said.