'Admin error' sees Home Office wrongly share data of Windrush victims
Department informs ICO and launches internal investigation
Credit: Kirsty O'Connor/PA Archive/PA Images
The Home Office has admitted breaching data rules after it wrongly shared the email addresses of hundreds of people interested in the recently launched Windrush compensation scheme.
Immigration minister Caroline Nokes said the department had launched an internal inquiry and reported itself to the Information Commissioner's Office over the blunder, which happened during efforts to promote the scheme.
In a written statement to parliament, Nokes said some individuals and organisations who had asked to receive information about the compensation scheme – worth hundreds of millions of pounds – had “regrettably” had their details shared with others.
Home secretary Sajid Javid said last week that the department expected to pay out around £200m in compensation to victims of the so-called "hostile environment" of immigration enforcement introduced under Theresa May, who led the Home Office during the coalition government.
- Windrush scandal fallout sees Home Office suspend data-sharing activities
- Public ethics body to examine Home Office data use
- ‘Clear parallels with Windrush’ – concerns raised on EU settlement scheme reliance on digital
Javid said there would be no cap on the fund, which is open to people whose right to remain in the UK was wrongly challenged. In some cases, relatives of victims will be eligible for compensation.
At least 83 people from the Windrush generation were wrongly deported as a result of May's immigration enforcement drive.
Last week, cabinet secretary Sir Mark Sedwill – who was permanent secretary at the Home Office from 2013 to 2017 – told MPs that his former department had “lacked the analytical capability” to spot that the tough environment ushered in by the 2014 and 2016 Immigration Acts would affect people who were not in the UK illegally.
A Home Office impact assessment gave a “high-end” estimate that the compensation scheme could cost £587m – but admitted that there was “significant uncertainty” over its maximum cost. It added that the department's planning assumptions had been based on there being 15,000 eligible claimants.
In her statement to parliament, Nokes said 500 individuals and organisations' details had been wrongly shared in recent days.
“Regrettably, in promoting the scheme via email to interested parties, an administrative error was made which has meant data protection requirements have not been met, for which the Home Office apologises unreservedly,” she said. “This occurred in emails sent to some of the individuals and organisations who had registered an interest in being kept informed about the launch of the compensation scheme, which included other recipients’ email addresses. Five batches of emails, each with 100 recipients, were affected. No other personal data was included."
Nokes added: “A recall was commenced as soon as the problem had been identified. The departmental data-protection officer has been informed and an internal review will be conducted to ensure this cannot happen again. The department has voluntarily notified the Information Commissioner’s Office of the incident. I am firmly committed to doing right by the Windrush generation. The compensation scheme is an important step towards that and I will ensure that action is taken to ensure the highest standards are met not only in the processing of cases, but also in continued efforts to publicise the scheme and ensure those entitled to redress receive it.”
An ICO spokesperson confirmed that the Home Office had alerted the watchdog to the incident.
“After looking at the detail, we decided that no further action was necessary,” they said.
Share this page
CONTRIBUTIONS FROM READERS
Please login to post a comment or register for a free account.
Technology services firm has revealed two data-compromising incidents in recent week
In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...
Department has seen impact of ‘IT stabilisation’ according to Robert Jenrick
Tool will run on a trial basis for a year
Related Sponsored Articles
The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...