Data security lapses in developed societies: public and private sector cases

Abstract

The loss of twenty five million (25) child-benefit records was disclosed on 20th November 2007 to the House of Commons. The scale of the security lapse at the Treasury’s tax agency, affected almost half the British population. Two computer discs containing the names, addresses and dates of birth of nine and a half (9.5) million parents and fifteen and a half (15.5) million children, together with their national-insurance and child-benefit numbers and bank-account details, went missing. The records would be a treasure trove for identity fraudsters. Such large scale institutional data loss is not an isolated incident. Whereas personal data loss by or stolen from credit-card companies, online retailers, government departments and banks is well known, there now appears to be no point in fraudsters stealing one person’s details when records can be had in their thousands and millions from processes and computer systems that are not secure. Moreover such theft is not limited to public sector or the UK. The policy implications and regulatory issues and possible sanctions are discussed.