132 local authorities lose data in three years
A Big Brother Watch FOI shows how lax councils have been with citizens' data.
The extent of poor security processes at UK councils has been revealed, with 132 local authorities found to have lost data over the last three years.
That represents nearly a third of all councils in the UK, the Big Brother Watch (BBW) found.
There were a total of 1,035 incidents of data loss between 3 August 2008 and 3 August 2011, with only 55 reported to the Information Commissioner's Office (ICO), a BBW Freedom of Information (FOI) request uncovered.
The ICO may lack the power of compulsory audit, but they should be doing much more to highlight those councils who are not consenting to audits.
Plenty of data on children was lost too, with info relating to at least 3,100 youngsters compromised in 118 cases.
At least 244 laptops, 98 memory sticks and 93 mobile devices were lost.
"The ICO may lack the power of compulsory audit, but they should be doing much more to highlight those councils who are not consenting to audits. Our research does raise the question that some councils are not reporting the full picture, or even logging incidents as thoroughly as their counterparts," Nick Pickles, director of the BBW, told IT Pro.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"There needs to me much more enforcement of data protection, and much less movement of data between staff's personal computers and work machines. The more data that is held, and the more it is moved, the greater the risk to our privacy and not enough is being done to protect our personal information."
The worst offenders were Buckinghamshire and Kent with a total of 72 incidents each. Essex was third on 62, with Northamptonshire in fourth with 46.
Only nine incidents in total resulted in a member of staff being sacked.
"This research highlights a shockingly lax attitude to protecting confidential information across nearly a third of councils," Pickles added in an official statement earlier today.
"The fact that only a tiny fraction of staff have been dismissed brings into question how seriously managers take protecting the privacy of their service users and local residents."
The BBW research was released just a day after Southwark Council was found in breach of the Data Protection Act. A computer and papers containing personal information of over 7,000 people were misplaced.
The council was not fined, but agreed to shore up its practices, as has been the case in most breaches of the Act.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.