It appears that the Home Office and their sub-contractor PA Consulting have put people's lives in danger, by losing an unencrypted memory stick, containing the personal name and address details of every prisoner in in the UK, about 84,000 people, and also the 43,000 most dangerous criminals.
How many murders, kidnappings , rapes, blackmail attempts etc. will this lead to, if this data gets into the hands of serious criminals or vigilantes ?
Why should anyone believe that the National Identity Register will not be compromised in a similar way, by exactly the same people i.e. the Home Office and their "delivery partner" PA Consulting ?
Remember that when, not if, something similar happens to your biometric fingerprint details on the National Identity Register, they will have been compromised for the rest of your life.
Why were PA Consulting mucking around with a copy, or multiple copies of live data containing tens of thousands of real records ? That is not required to develop a new "tracking system", until the very final testing stages of the project, at which point the full security and scalability of the system should already have been proven.
See the Home Office's Crime Reduction website description of JTrack, which seems to operate over the Police National Network.
Will anybody actually resign over this disaster ? It will cost a lot of money, to change the identities of Protected Witnesses and Confidential Human Intelligence Sources (CHIS), and innocent members of their families, many of whom will be on these lists, and some of whom are being actively hunted by other criminals.
See the whistleblower story in the Daily Mail:
New data fiasco as Home Office 'loses' secret records of worst offenders
By James Slack
Last updated at 11:28 PM on 21st August 2008
Secret personal details of Britain's most dangerous criminals have been lost by the Government.
The public could now face an enormous bill to protect paedophiles, rapists, drug runners and killers from vigilantes or rival gangsters.
The names, addresses, details of convictions and even jail release dates of almost 130,000 people were all in Home Office files lost when a computer memory stick went missing.
It was being used by an employee of a private contractor working for the department.
The astonishing security blunder plunges Home Secretary Jacqui Smith, who was told of the scandal on Tuesday, into the greatest crisis of her career.
Miss Smith informed the Metropolitan Police - who are now frantically hunting for the portable data storage device - but chose not to tell the public immediately.
It took the intervention of a whistleblower for details to emerge. The delay is likely to lead to damaging questions for the Home Secretary, whose mood last night was described by aides as 'livid'.
The Office of the Information Commissioner said the data - a list of all 84,000 prisoners in England and Wales, plus details of 43,000 most serious and persistent offenders - was a 'toxic liability'.
The latest shambles centres on a Whitehall project known as JTrack, to share details of the country's worst offenders.
A private firm working on the project, PA Consulting, was sent the convicts' personal details by the Home Office.
An employee of the company - which has Government contracts worth millions and has worked on the highly-sensitive ID cards project - placed the data, unencrypted, on the memory stick, which went missing at an unknown location.
The Home Office was told on Monday and Miss Smith informed on Tuesday. Officials are desperately hoping the data on the stick, worth many thousands of pounds to criminals, does not fall into the wrong hands or be made public.
The Home Office said: 'Arrangements were in place for data to be sent securely to the contractor, in a fully encrypted form to a secure location. It appears that an employee of the contractor then transferred the data to an insecure memory stick.
'All transfer of data has been suspended pending investigation.'
Would that be the half hearted Home Office Central Cryptography service reported on by The Register ?
It is irrelevant that the data breach seems to have happened at a sub-contractor - the Home Office is still legally and morally responsible for that data, and the Home Secretary is still politically responsible.
PA Consulting had no comment last night. The company, which has 3,000 employees in 35 countries, was paid a reported £2million a month by the Passport Service for its work on ID cards.
Was this the first of such transfers of all of the Jtrack project live data, or has this been a regular occurrence between the Home Office and PA Consulting ?
What is the involvement of the Ministry of Justice, and its sub-contractors who supposedly now run the Prisons and the Court systems ?
Isn't time that the Information Commissioner's Office criminally prosecuted some of the senior Whitehall civil servants and their public sector contractors, for criminal breaches of the Data Protection Act like this one ?
If you are worried about the dangers to innocent people, posed by the Government's inept and dangerous handling of supposedly sensitive databases, then please support the cross party NO2ID Campaign