Minister calls for ID cards review

Plans for a national ID database must be reviewed following the HM Revenue & Customs (HMRC) data blunder, according to the government's own data protection minister.

Speaking at a joint House of Commons and House of Lords select committee on human rights, the data protection minister Michael Wills admitted he was not informed about the HMRC data breach before Alistair Darling's public statement last week.

He said it was "perfectly acceptable" he had not been told in advance about the lost CDs containing 25 million child benefit records, according to The Guardian.

Security A to Z

From antivirus to zero-day, click here for silicon.com's alphabetical guide to security.

But he admitted the breach now raises questions about the security of the government's National Identity Register and biometric ID cards.

He said: "I think we are obviously going to have to look at the National Identity Register again in the light of this."

The ongoing police investigation has still failed to recover the lost HMRC CDs, despite searches of the department's offices and the premises of its courier TNT. TNT claims there is no evidence the package even entered its system.

The Poynter Review into the HMRC data bungle has also begun and is due to report its immediate findings on what caused the loss of the CDs by 14 December 2007.

The review is being led by PricewaterhouseCoopers chairman Kieran Poynter and it will make interim recommendations on any urgent measures that need to be put in place to strengthen data security at HMRC.

A full report is due in spring next year, which will take into account the Independent Police Complaints Commission investigation and consultation with the Information Commissioner's Office.