ICO alerted to breach of EU citizens’ data

Written by Emilio Casalicchio on 12 April 2019 in News
News

For the second time inside a week, the Home Office has had to report itself to the UK data regulator, after accidentally sharing email addresses of settled status applicants

The Home Office has been forced to report itself to data watchdogs after it accidentally shared the emails of hundreds of EU citizens applying to stay in the UK after Brexit.

The department apologised after it failed to mask the addresses in a group email to applicants to the settled status scheme. Some 240 email addresses were revealed on Sunday 7 April after the department failed to use the 'bcc' function, which blanks out the details of other recipients.

It was contacting applicants who had faced technical difficulties while trying to apply to keep their rights in the UK after Brexit. In a fresh email on Wednesday, the Home Office apologised to those concerned and insisted all other personal data held by the department remained safe.

The Home Office has notified the Information Commissioner's Office of the breach but has not issued a formal report to the watchdog. It means the ICO will consider the evidence and decide whether or not to launch a full inquiry.


Related content


The Home Office said: “In communicating with a small group of applicants, an administrative error was made which meant other applicants’ email addresses could be seen. As soon as the error was identified, we apologised personally to the 240 applicants affected and have improved our systems and procedures to stop this occurring again.”

The department added that it had improved its email systems and procedures since the breach, as well as checks before communications are sent out.

An ICO spokesperson said: “The Home Office have made us aware of an incident in relation to the EU Settlement Scheme and we will assess the information provided.”

This breach comes after the Home Office admitted earlier this week that it had revealed private email addresses as the Windrush compensation scheme was launched.

Yvette Cooper, the Labour chair of the Home Affairs Select Committee, said: "For the Home Office to make the same basic mistake on data protection with EU citizens as it has just made with Windrush cases is extremely serious and raises major questions about Home Office systems and competence."

Tory MP Alberto Costa told PublicTechnology sister publication PoliticsHome: “I have repeatedly advised the government of the foreseeable problems that are now, sadly and unsurprisingly, arising with the Settled Status Scheme. I am very disappointed that my warnings are not being heeded. The Home Secretary, Sajid Javid, must now listen to those of us who are arguing that this registration process is fundamentally wrong, un-British and morally repugnant.”

 

About the author

Emilio Casalicchio is chief reporter for PublicTechnology sister publication PoliticsHome, where a version of this story first appeared

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Related Sponsored Articles

"The inflection point is here": how Covid is driving digital transformation in health
9 June 2021

It’s been one of the most challenging years for healthcare providers, but Salesforce sees lasting change from accelerated digital transformation

Stopping Cyber Attacks in Higher Education
19 April 2021

Higher Education institutions are some of the most consistently targeted organisations for cyberattacks. CrowdStrike explores the importance of the right cybersecurity measures.