Ministers need to ask “very serious questions” about how the home addresses of celebrities, military figures and elderly people named in the New Year Honours list came to be inadvertently posted online, a former Conservative Party leader has said.
Iain Duncan Smith, who was knighted in the latest honours list, described the alleged data breach as a “complete disaster”.
There have also been calls for an inquiry into the leak, which is being investigated by the Information Commissioner’s Office (ICO).
READ MORE: Stars of screen, sport and charity recognised in New Year honours
The Cabinet Office apologised and said it was contacting those affected after details relating to the vast majority of the 1,097 recipients could be viewed online from 11pm on Friday, shortly after news of their honours went public.
The details were removed around an hour after the disclosure.
Sir Iain told the Sunday Times: “Ministers need to be asking some very serious questions of those involved about how this was allowed to happen and why no final checks were carried out before the document was published.
“Everybody knows virtually everything about me. It’s much more concerning for private citizens, like those who have been involved in policing or counter-terrorism or other such sensitive cases, to have their addresses published.”
Lord Kerslake, who was head of the civil service between 2012 and 2014, said an “urgent investigation” was needed.
He told BBC Breakfast: “It is a serious and indeed extraordinary breach because this is a well-established process that has gone on in pretty much the same way for years, so I think an urgent investigation is certainly needed.
“Of course, it’s likely to be human error, as has been suggested, but we need to know how well staff were trained about the importance of maintaining security. Were they briefed on the potential consequences if this information was released?”
On Saturday, Silkie Carlo, director of privacy campaign group Big Brother Watch, said it was “extremely worrying to see that the Government doesn’t have a basic grip on data protection”, adding: “It’s a farcical and inexcusable mistake, especially given the new Data Protection Act passed by the Government last year – it clearly can’t stick by its rules.”
The list saw awards given to members of England’s World Cup-winning cricket team, as well as performers such as Sir Elton John and Grease star Olivia Newton-John.
Alison Saunders, the former director of public prosecutions, was also among the honours recipients, alongside 94-year-old D-Day veteran Harry Billinge, and 13-year-old schoolboy Ibrahim Yousaf.
The list also included senior diplomats, counter-terror police and figures from the military.
A Cabinet Office spokesman said: “A version of the New Year Honours 2020 list was published in error which contained recipients’ addresses.
“The information was removed as soon as possible.
“We apologise to all those affected and are looking into how this happened.
“We have reported the matter to the ICO (Information Commissioner’s Office) and are contacting all those affected directly.”
Only six people honoured for services to defence were left off the list, according to the BBC.
The introduction of General Data Protection Regulation (GDPR) rules in May 2018 increased the penalties regulators such as the ICO are able to introduce.
It means breaches can result in the ICO issuing penalties equivalent of up to 4% of annual global turnover or £17 million – whichever is greater.
READ MORE: Birthday Honours 2019: The full Scottish list
Previously, the largest penalty the ICO meted out was to Facebook when it was fined £500,000 – the maximum allowed at the time – for failing to protect users’ personal data.
But in July, the ICO announced its intention to fine British Airways £183 million for its own data breach, which will become the largest penalty ever issued by the regulator once the process is completed.
The ICO later handed out an intention to fine the hotel chain Marriott International £99 million after it admitted the guest records of around 339 million people had been accessed.
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules hereLast Updated:
Report this comment Cancel