The Government's 2020 Honours List Breach

What does this breach mean for technological security?

What does this breach mean for technological security?

On Friday, a government website uploaded the sensitive information of those on the forthcoming Honours List. A government spokesman said: "A version of the New Year Honours 2020 list was published in error which contained recipients' addresses”. "The information was removed as soon as possible.” The data was eventually removed yesterday. Sir Elton John was one of the individuals who fell victim to this technological mishap, together with the former Conservative Party leader Iain Duncan Smith, cricketer Ben Stokes, TV cook Nadiya Hussain, former director of public prosecution, Alison Saunders, and former Ofcom boss, Sharon White. 

Big Brother Watch, a privacy campaign group, labelled this breach of data as “farcical and inexcusable”. There has been a call for enquiry into this breach and The Cabinet Office stated that it was “looking into how this happened”. 

Silkie Carlo, the director for Big Brother Watch detailed that "it's extremely worrying to see that the government doesn't have a basic grip on data protection, and that people receiving some of the highest honours have been put at risk because of this.” 

This breach has been highlighted to be in conflict with the Data Protection Act 2018. It raises questions and shed light to the need for more regulation as the technological world advances. It is not enough anymore to have sealed documents as not only are most tasks being word processed, but also put onto a technological database which needs as much of a ‘seal’ as that of the physical form. 

The Information Comissioner’s Office (ICO), which currently serves as a regulatory body when it comes to punishment for data breaches within organisations stated that it will be "making enquiries".

So far, the ICO has only issued one fine under the new 2018 Data Protection Act. It was for a pharmacy in London, which received a £275,000 fine for carelessly storing highly sensitive medical data of 500,000 individuals. However, it has been legally advised that the ICO may see this governmental data breach as a less serious offence of human error. However, out of the 1,097 people who had their data breached, it now depends on their views of such leaking of private information and whether they wish to bring a civil claim against the Government.

By Saffron-Lucia Gilbert-Kaluba