Missing Postal Service, Shaky National Trust - The 2007-2008 UK Information Breaches

Missing Postal Service, Shaky National Trust - The 2007-2008 UK Information Breaches

Between 2007 and 2008, the United Kingdom experienced an unprecedented series of serious personal data loss incidents. It began in November 2007, when the Revenue and Customs, the country's tax agency, attempted to send two computer disks containing information on all families receiving child benefit to another auditing agency. The disks contained some 25 million names, addresses, birth dates, bank account information, and insurance numbers. Amazingly, the information was not protected in any way, and because it was sent by regular mail, it was lost and misplaced along the way. As the information was repeatedly resent, it was completely unaccounted for, and the government finally acknowledged and announced that the information may have been leaked to outside parties.

On November 20, 2007, when this fact was reported, the then Minister of Finance apologized in Parliament, and the matter became a major national issue. Within the United Kingdom, the sloppy management and the too-big-to-fail leakage of information caused widespread anger and anxiety among citizens. Other institutions' past failures came to light one after another, and a series of scandals involving the handling of information came to light, including the loss of information on criminal records held by the City of London, a case in which a hospital mistakenly sent patient information, and the mishandling of evidence by local police forces.

By January 2008, these events were seen as serious problems that could affect the credibility of the entire country, forcing many government offices and municipalities to review their information management methods. Newspaper articles published during this period strongly criticized how sloppy the government's handling of information was, and how lax the mechanisms to prevent it were. It was said that a situation in which citizens' names and money information could easily get out was not acceptable in today's society.

In response to this series of incidents, the government finally began to improve the situation, and in early 2008, it began to consider such measures as applying special protections when government offices release personal information to the outside world, regularly checking how information is handled, and always reporting any information that has leaked out. Also discussed was the introduction of a system of punishment if a company or other entity made similar mistakes. These trends would later lead to a new system of information protection that would be promoted throughout Europe.

This major failure was not just a clerical error, but one that shook the foundation of "trust" in the information age. Subsequent revisions of laws and systems led to a widespread awareness of the need to protect information, and the idea that "personal information must be treated with care" took root throughout British society.