ICO alerted to breach of EU citizens’ data

Written by Emilio Casalicchio on 12 April 2019 in News
News

For the second time inside a week, the Home Office has had to report itself to the UK data regulator, after accidentally sharing email addresses of settled status applicants

The Home Office has been forced to report itself to data watchdogs after it accidentally shared the emails of hundreds of EU citizens applying to stay in the UK after Brexit.

The department apologised after it failed to mask the addresses in a group email to applicants to the settled status scheme. Some 240 email addresses were revealed on Sunday 7 April after the department failed to use the 'bcc' function, which blanks out the details of other recipients.

It was contacting applicants who had faced technical difficulties while trying to apply to keep their rights in the UK after Brexit. In a fresh email on Wednesday, the Home Office apologised to those concerned and insisted all other personal data held by the department remained safe.

The Home Office has notified the Information Commissioner's Office of the breach but has not issued a formal report to the watchdog. It means the ICO will consider the evidence and decide whether or not to launch a full inquiry.


Related content


The Home Office said: “In communicating with a small group of applicants, an administrative error was made which meant other applicants’ email addresses could be seen. As soon as the error was identified, we apologised personally to the 240 applicants affected and have improved our systems and procedures to stop this occurring again.”

The department added that it had improved its email systems and procedures since the breach, as well as checks before communications are sent out.

An ICO spokesperson said: “The Home Office have made us aware of an incident in relation to the EU Settlement Scheme and we will assess the information provided.”

This breach comes after the Home Office admitted earlier this week that it had revealed private email addresses as the Windrush compensation scheme was launched.

Yvette Cooper, the Labour chair of the Home Affairs Select Committee, said: "For the Home Office to make the same basic mistake on data protection with EU citizens as it has just made with Windrush cases is extremely serious and raises major questions about Home Office systems and competence."

Tory MP Alberto Costa told PublicTechnology sister publication PoliticsHome: “I have repeatedly advised the government of the foreseeable problems that are now, sadly and unsurprisingly, arising with the Settled Status Scheme. I am very disappointed that my warnings are not being heeded. The Home Secretary, Sajid Javid, must now listen to those of us who are arguing that this registration process is fundamentally wrong, un-British and morally repugnant.”

 

About the author

Emilio Casalicchio is chief reporter for PublicTechnology sister publication PoliticsHome, where a version of this story first appeared

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Russia: sanctions tightened on exports of monitoring and military tech
24 June 2022

New measures prohibit supply of any tech used for ‘internal repression’

Immigration status: Home Office recruiting staff to expedite online checks for employers
9 June 2022

Minister also claims that new services and tech will reduce demands on digital platform

HMRC urges importers to switch to new customs IT system as outgoing platform enters final weeks
1 June 2022

Tax agency claims that new CDS tool is ‘resilient, reliable and adaptable’

‘A core part of national infrastructure’ – ministers consider regulating to make the cloud safer
27 May 2022

Consultation launched seeking feedback on risks and mitigations for systems that now underpin a wide range of ‘essential services’