The government has admitted, yet again, losing a hard drive containing details of thousands of employees of the Ministry of Justice. In this case the data was being handled by a contractor EDS
This is not the first time the government has lost MoJ data, previously losing 4 CDs of un encrypted data. The home office, which is very closely related to the MoJ, very recently lost 84,000 details on a USB drive.
The same question keeps being asked, and not answered:
Why will the government not protect the data with encryption?
If a person was the victim of identity theft, or other personal or financial loss, there could be a very good case against the government; and if necessary through the court of human rights.
On 17th July 2008, the ECHR found against Finland when one of its citizens brought a case against Finland for failing to protect her data.
The millions of people who have had their data lost in the past couple of years by the UK government have a far stronger case than that brought against Finland.
For any politicians reading this, the solution is incredibly simple and free:
Encrypt the data.
That’s it, its simple and free! Yes free, i.e there is no reason the government can no use high level encryption, to protect your data, for free. If you don’t trust staff to encrypt files, then you can buy software to enforce it.
Interestingly, EDS, the company who lost the data previously produced advice on how companies can reduce data loss. They state that:
“The encryption of all data that is moved offsite is crucial, but should be mandatory for portable end-user devices such as laptops and PDAs, as well as all removable media.”