The Sir Edmund Burton's Review into the MoD recruitment laptop theft scandal, is now available online.
7.The stolen laptop, designated TAFMIS-R(H)SQL, was one of a small population of, currently, 512 laptops, which hold a large database incorporating over 600,000 personal records. Investigations revealed that a total of 4 of these laptops have been stolen since 2004 (all from parked cars). Only the recent theft appears to have led to disciplinary proceedings. Although the security instructions for the safekeeping of laptops were clear in prohibiting them from being left in unattended vehicles, they did not dictate that the data must be encrypted.
18.The loss of four laptops containing 600,000 personal records from unattended vehicles in clear breach of security instructions (and common sense) out of total population of 55 laptops over a period of less than four years indicates a failure of supervision.
27. The laptop stolen from Edgbaston in January 2008 was a TAFMIS-R(H) laptop using SQL, which contained the whole RN/RAF database, holding some 600,000 personal data records. Although the laptop held records relating to some 600,000 recruits or potential recruits, investigations by MOD DG Info staff, in conjunction with EDS, has indicated that the database includes personal details of some 400,000 additional individuals, who were either referees or parents of the recruits. Technically, therefore, the laptop held some 1,000,000 personal records. The reason for the large number of records is due to the original user requirement and design drawn up between RN, RAF and AFPAA. The TAFMIS-R(H) design synchronises the whole database from the main server to the laptop.
34.During a visit to an Armed Forces Career Office (AFCO) Joint Services recruiting unit in London, it was discovered that recruiting staff were unaware of MOD DPA retention policy for recruiting data. Nevertheless, the TAFMIS system does not allow recruiters to delete information once submitted to the database. The only people able to delete are EDS staff under authorisation from ARTD. Yet it is understood that no policy or process currently exists to manage data according to the eight principles defined with in the DPA 1998.
30. Hard Power: There is anecdotal evidence that the censure and punishment handed out to those who lose, compromise or misuse personal data within the Department is inconsistent at present. Serious compromises of personal data must invoke appropriate punishment, in order to create a deterrent effect and to emphasise the seriousness of such losses.
Recommendation 38: MOD to review and formalise a coherent system of censure and punishment for those who lose or compromise personal data, where the level of punishment reflects the scale and seriousness of the loss; seeking to apply this equitably, regardless of whether the individual responsible is military or civilian, government employee or contractor.
The report heavily criticises EDS for failing to comply with instructions issued back in 2003, to ensure that all these laptop computers had Reflex Data's DataVault hard disk encryption software installed, suitable for Restricted documents and data at least. The current laptop hard disk encryption, which seems to have been installed rapidly in a few weeks, on all MoD laptops, after the Birmingham laptop theft, appears to be the CESG approved BeCrypt software. This contrasts with the failure to install such encryption over the previous five years.
There is no good reason why the entire recruitment database should have been designed to be synchronised with a local SQL copies on dozens of laptop computers. The claim that this would have been too expensive in terms of communications costs in 2002, is false, and telecomms prices have gone down since then.
This data aggregation of having all those personal records in one SQL database should have bumped up the Protective Marking classification well above Restricted.
If Recommendation 38 is actually implemented, perhaps we will actually see some proper sanctions i.e. prison sentences for the negligent , inept or corrupt.
Regrettably there is no sign of Minister of Defence Des Browne acting honourably and offering his resignation.