By Andy McCue, 27 November 2007 17:09
NEWS
Plans for a national ID database must be reviewed following the HM Revenue & Customs (HMRC) data blunder, according to the government's own data protection minister.
Speaking at a joint House of Commons and House of Lords select committee on human rights, the data protection minister Michael Wills admitted he was not informed about the HMRC data breach before Alistair Darling's public statement last week.
He said it was "perfectly acceptable" he had not been told in advance about the lost CDs containing 25 million child benefit records, according to The Guardian.
Security A to Z
From antivirus to zero-day, click here for silicon.com's alphabetical guide to security. 
But he admitted the breach now raises questions about the security of the government's National Identity Register and biometric ID cards.
He said: "I think we are obviously going to have to look at the National Identity Register again in the light of this."
The ongoing police investigation has still failed to recover the lost HMRC CDs, despite searches of the department's offices and the premises of its courier TNT. TNT claims there is no evidence the package even entered its system.
The Poynter Review into the HMRC data bungle has also begun and is due to report its immediate findings on what caused the loss of the CDs by 14 December 2007.
The review is being led by PricewaterhouseCoopers chairman Kieran Poynter and it will make interim recommendations on any urgent measures that need to be put in place to strengthen data security at HMRC.
A full report is due in spring next year, which will take into account the Independent Police Complaints Commission investigation and consultation with the Information Commissioner's Office.
Comments
There are 3 comments. Join the discussion
1. Karen Challinor
7 things I'm not holding my breath for
1 - the discovery of a voice recorded in the WMAP data saying "I wonder what happens if I press this button"
2 - the id card gateway 0 review being released to parliament
3 - aliens landing in piccadilly and solving all our energy problems
4 - a sensible review of the ID card scheme without the party whips using everyone as a ventriloquists dummy
5 - antigravity/faster than light travel at a cost too cheap to meter
6 - politicians acting on the will of the electorate
7 - world peace
2. anonymous
Abuse by bureaucrats is the issue here! Whilst the loss of the data is appalling, the REAL lesson here that should halt the insane ID card scheme in its tracks is the wonderful illustration of how low level bureaucrats can readily abuse access to personal information.
That is the thing that should be worrying everyone about a national ID database - the ease with which petty bureaucrats could access and use the data, pass it or extracts of it to others etc etc.
Arguing that more and better controls would prevent this is bullshit. They would just entrench and legitimise ways of it being use, not prevent this.
3. Roger Huffadine
I agree with both Karen and Anonymous - We have no hope of any transparency or honesty from the government
and
The simplest way to get information is to ask for it - any decent spy knows that you often don't need to compromise your target to get the information that you need all you have to do is select an appropriate target and ask them in the right way for the information that you want.
It has always been the way - and always will be.
The shocking thing is that this information was available to a single person whatever their grade or employment status.
Oh! and if the information was intercepted by foreign agency then don't expect it to be exploited any time soon - maybe a few years down the line - or maybe they will just hold on to it until the National ID database is up and running - that way they will have a key to the database which is an extremely powerful weapon for a War in cyberspace.