The UK government was forced to admit a breach of the most fundamental level of faith between the state and citizen on Tuesday when it disclosed that the personal records of 25 million individuals, including their dates of birth, addresses, bank accounts and national insurance numbers had been lost in the post, opening up the threat of mass identity fraud and theft from personal bank accounts.
Parliament members gasped when the chancellor, or finance minister, Alistair Darling, told the House of Commons that disks containing personal details from 7.25 million families claiming child benefits had been lost. They went missing in the internal post after a junior customs official breached all government security rules by sending them by courier to the National Audit Office in London.
A frantic, secret police-led search over the past week has been unable to locate the disks, containing information on half the British population, sent by unrecorded post. All banks and building societies have been alerted and the public has been told to be vigilant of raids on their bank accounts. Treasury ministers were desperately hoping to stave off bank panic, fearing account holders would rush to change their accounts either in person or on the Internet, leading to a second banking crisis akin to the run on Northern Rock.
On Tuesday night the information commissioner, Richard Thomas, conducting a broad inquiry on government data privacy, said he was demanding more powers to enter government offices without warning for spot-checks.
He said he wanted new criminal penalties for reckless disregard of procedures. He also disclosed that only last week he had sought assurances from the Home Office on limiting information to be stored on ID cards.
"This could not be more serious and has to be a serious wake-up call to the whole of government. We have been warning about these dangers for more than a year," Thomas said.
"The frightening aspect of this episode is that it just does not matter what laws, rules, procedures and regulations are in place, if there is no proper enforcement of those rules. That is why we in our office must have the power to mount spot checks, so managers of data know the consequences if they do not follow the rules," he said.
The shadow chancellor, George Osborne, described the security breach as "catastrophic," urging Gordon Brown to drop his search for a vision and "just get a grip."
Public confidence in the government and its ability to protect information has been destroyed." Osborne said insisting that the blunders were the "nail in the coffin" of ID cards.
Addressing the House of Commons, Darling, already on the rack over the £25 billion (US$51.6 billion) loan to Northern Rock, apologized to the nation, but refused to resign, saying there had been no policy failure.
Darling admitted it was an "extremely serious failure on the part of customs to protect sensitive personal data entrusted to it in breach of its own guidelines."
He admitted it was possible the government or some other agency may be liable for any losses that occur, but stressed there was no evidence the disks had fallen into criminal hands. However, the Revenue and Customs chief, Sir Paul Gray, who is generally well regarded in White-hall, has resigned.
"This is not the way I would have planned my departure," he said.