ICO alerted to breach of EU citizens’ data

Written by Emilio Casalicchio on 12 April 2019 in News
News

For the second time inside a week, the Home Office has had to report itself to the UK data regulator, after accidentally sharing email addresses of settled status applicants

The Home Office has been forced to report itself to data watchdogs after it accidentally shared the emails of hundreds of EU citizens applying to stay in the UK after Brexit.

The department apologised after it failed to mask the addresses in a group email to applicants to the settled status scheme. Some 240 email addresses were revealed on Sunday 7 April after the department failed to use the 'bcc' function, which blanks out the details of other recipients.

It was contacting applicants who had faced technical difficulties while trying to apply to keep their rights in the UK after Brexit. In a fresh email on Wednesday, the Home Office apologised to those concerned and insisted all other personal data held by the department remained safe.

The Home Office has notified the Information Commissioner's Office of the breach but has not issued a formal report to the watchdog. It means the ICO will consider the evidence and decide whether or not to launch a full inquiry.


Related content


The Home Office said: “In communicating with a small group of applicants, an administrative error was made which meant other applicants’ email addresses could be seen. As soon as the error was identified, we apologised personally to the 240 applicants affected and have improved our systems and procedures to stop this occurring again.”

The department added that it had improved its email systems and procedures since the breach, as well as checks before communications are sent out.

An ICO spokesperson said: “The Home Office have made us aware of an incident in relation to the EU Settlement Scheme and we will assess the information provided.”

This breach comes after the Home Office admitted earlier this week that it had revealed private email addresses as the Windrush compensation scheme was launched.

Yvette Cooper, the Labour chair of the Home Affairs Select Committee, said: "For the Home Office to make the same basic mistake on data protection with EU citizens as it has just made with Windrush cases is extremely serious and raises major questions about Home Office systems and competence."

Tory MP Alberto Costa told PublicTechnology sister publication PoliticsHome: “I have repeatedly advised the government of the foreseeable problems that are now, sadly and unsurprisingly, arising with the Settled Status Scheme. I am very disappointed that my warnings are not being heeded. The Home Secretary, Sajid Javid, must now listen to those of us who are arguing that this registration process is fundamentally wrong, un-British and morally repugnant.”

 

About the author

Emilio Casalicchio is chief reporter for PublicTechnology sister publication PoliticsHome, where a version of this story first appeared

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

ICO probes King’s Cross facial recognition
16 August 2019

Information commissioner Elizabeth Denham says her office is launching an investigation into use of technology on privately owned development

CCS goes live with £5bn Network Services 2 framework despite three missing lots
12 August 2019

The last three of the deal's planned 13 sections will be awarded when CCS 'is in a position to do so'

Government badly needs a new message on encryption
1 August 2019
The new home secretary is the latest politician to put forward proposals that are disproportionate and disingenuous, believes PublicTechnology editor Sam Trendall