We are developing the social individualist meta-context for the future. From the very serious to the extremely frivolous... lets see what is on the mind of the Samizdata people.

Samizdata, derived from Samizdat /n. - a system of clandestine publication of banned literature in the USSR [Russ.,= self-publishing house]

The British government is hilarious, incompetent, and contemptible

Word got out today that Her Majesty’s Customs and Revenue (ie the British tax service) managed to lose a CD containing ‘customer records’ for recipients of child benefits that was being sent to the National Audit Office. These included sort code and bank account details, national insurance numbers, dates of birth, and names and address details of a mere twenty five million people.

These were apparently sent using the Civil Service’s hyper-secure ‘grid post’ system, which involves people putting unsealed and re-used envelopes in out trays in their offices. As the Register puts it.

“… sometimes you get the more security-aware users sticking a label across the seal and signing it, so there’s some evidence if it’s tampered with.”

When the CD sent this way did not arrive, they resent it, using the hyper-hyper-secure Registered Mail service provided by the Royal Mail (fortunately, this time it arrived).

However, Alistair Darling has now set up an investigation. That makes me feel so much better.

And Paul Smee, of the bank clearing system has said that we all enjoy protection under the Banking Code, so we will cannot suffer any financial loss. And anyway, the accounts in question have had “extra safeguards” put on them. All 25 million of them, presumably. That makes me feel so much better too.

And does anyone at all seriously believe that the proposed system of ID cards and national identity databases is not going to deliver us debacle after debacle of this kind? Why do ministers and bureaucrats live in this deluded world in which they believe they are competent?

29 comments to The British government is hilarious, incompetent, and contemptible

  • Johnathan Pearce#

    Michael, on a separate but related point, I have had so many items of my personal mail go missing, it is frankly getting beyond a joke; this problem started way before the recent strikes. With certain kinds of bills, I never rely on sending a cheque through the post since there is a large chance the letter will not be delivered or be stolen.

  • guy herbert

    Best comment on the Register story from “hans”, bears repeating:

    BBC4 just interviewd HMRC and HMRC will re-imburse any taxpayer who suffers a loss.

    Who do HMRC get their money from again?

  • Randall

    I would be willing to lose my life in the defense of liberty, but I don’t think that my vaporizing in a nuclear cloud would necessarily defend liberty. In my opinion having a major event such as a terrorist incident with nuclear or other WMD would end up destroying more liberty as the survivors would flee ever more willingly into the arms of the state to defend them.

    I think there is a place for temporary restrictions of liberty when the threat is grave enough. Of course it is a matter of debate which restrictions are necessary or when the threat is grave enough, but your post leaves the impression that the threat is never grave enough to warrant a reduction in liberties. I would argue that allowing the state to look for patterns in financial transactions that would indicate support for terrorism (and further investigation of those that fit the pattern) is warranted; permitting police to stop random citizens on the street and demand ID is not.

    Of course, the trick is identifying the correct measures and implementing them in a way that they can be rolled back when the threat recedes. Since this is nearly impossible to do, I would agree that any such liberty-reducing measures should be well considered and minimal. However, that is different than a blanket rejection of such restrictions.

    A complicated topic — and one difficult to summarize in a brief comment (and I think I failed in the brevity department).

  • RAB

    That’s half the countries bank account nos and social security details!!!
    This should blow ID cards right out of the water.
    If this is the best they can do pre
    Fuck knows about post.
    The fact that the CDs will eventually be found down the back of the sofa in a Post Office comfort room in Coventry (or similar!) is neither here or there.
    Yes I am going to enjoy the spin on this one!

  • Nick M

    RAB,
    By whatever bizarre workings they will spin this as the reason we need ID cards. It will be bullshit but when did that ever stop them? I used to work for the NI and nothing these clowns get up to surprises me. Perry has frequently opined that “the state is not your friend”. This is true. The state is though also not just unfriendly or even malicious it is also frequently truly incompetent. I was in data-entry as a temp and sometimes I was dealing with “errored input” from three years previously. The incompetence was beyond comprehension. Everything on the database could only be altered manually. Even a simple if/then couldn’t be done on the system. We worked down flow-charts and nobody had ever had the wit to implement simple if/then decisions or a scripting procedure into the system. You know, flow-charts, where computer programming starts… We used that database like an electrical card index, no more. And this was 2001 and this was the Inland Revenue’s much vaunted I2000 (a year late, naturally) system. It was pathetic.

  • Brian

    Frankly I am having a hard time believing my eyes.

    I have never had any faith whatever in the worthless parasites of the public sector. But this is simply unbelievable. I am, to use the vulgar phrase, gobsmacked.

    These valueless rubbish have already pissed away 25 billion quid of my money on a fatuous and pointless publicity stunt. Now they can’t even keep my records to themselves.

    There is simply no alternative.

    Start the killings now.

  • Francesco

    Can a British citizen (which I’m not) start a petition on the Number 10 website, asking for a vote of no confidence?

    It will be useless, of course: when does the State listen to the people it is supposed to be accountable to? But it will be fun to have, I guess, a couple of milion people signing that petition, asking for the parliament to be dissolved and election to be held.

    At least it will keep the story in the media a bit longer and make life a bit more difficult for this bunch of uber-foolish incompetent socialists 😀

  • permanentexpat

    Oh! Dearie me…who’d’ve thought it?
    Never mind, you’ll forget all about it soon…along with Northern Rock, our brave Ipod toting matelots, the arquebus Army and…………………….

    Better weep & rend the garments; it’s very near the end.

  • Mac the Knife

    Ah me, how times do change. Thirty years ago, I’d have bristled with righteous fury at the headline of this piece.

    Nowadays, working for a branch of UK law enforcement (although to hear the terminology used by our management, you’d think I slice salami in Sainsbury’s), and living under anti-tobacco apartheid; I just float along in semi-permanent despair.

    I think I’ll join permanentexile face down in the dust. Ashes anyone?

  • Nick M

    You slice salami, using edged tools! Have you filled out an H&S report? Dear God!

  • fjfjfj

    1)

    I wonder whether someone did this deliberately to stop ID cards. If so and ID cards look to go ahead, they should definitely put it all on bittorrent. I suppose a few battered wives would have to move house again, but it would be worth it.

    It’s almost certainly just incompetence, though, of course.

    2)

    Has anyone here heard anyone (other than another libertarian) suggest that child benefit should be abolished so that this never happens again?

    I don’t think it’s difficult to follow the argument that child benefit is a waste of everybody’s money except that of net welfare recipient families.

    It certainly cannot operate without a database of every child and their parents.

  • From the link,
    “Darling said in light of the most recent failures, along with previous losses of a laptop and 15,000 records, he was asking Kieron Poynter of PWC to investigate HMRC procedures. An interim report is expected next month and the full report next spring.”

    For one glorious moment I read that as PCW…PC World I thought?

  • Freddy

    Funny how PWC keep getting their snouts in the trough. Is there any sort of record of how much of our money they have taken over the last ten years ?

  • Sam Duncan

    Thanks to the investigative efforts of the mainstream media, I had no idea of the details of this until I clicked that Reg link.

    They’re shuffling millions of people’s personal information around on CDs? Christ. I don’t expect competence and efficiency from a Government department, nobody expects that, but this beggars belief. I wouldn’t hold sensitive data on my own hard drive unencrypted. Every ecommerce site in the world uses some form of secure transmission for personal data.

    How hard would it be for every HMRC employee to download a copy of GPG? Of course, there’s one obvious flaw in that plan: the Government couldn’t boast about how much it had spent on data security.

  • Sunfish

    How hard would it be for every HMRC employee to download a copy of GPG? Of course, there’s one obvious flaw in that plan: the Government couldn’t boast about how much it had spent on data security.

    They could donate a bunch to the FSF, though.

    And then they could rename themselves to GNUkGov’t, and require that all legislation be written in emacs.

  • Nick M

    Sunfish, better yet LaTex… Learning that would take ’em a while. And no KDE or Gnome… It’s all gotta be done via the CLI on 20 year old SG workstations. In a darkened room with a Dvorak keyboard whilst listening to the Spice Girls greatest hits on shuffle.

    OK, trivia question for UK readers. Do you know what use the final letter of a UK NI number is put to?

  • Nick, from Wikipedia (this link is so geeky I wonder if Nick wrote it himself — it even contains a regexp for validating NI numbers…):

    The actual meaning of the suffix letter dates back to before NIRS (see below), and referred to the quarter in which that individual’s annual record card was due for return, and is roughly (but not directly) linked to their date of birth.

    Although that doesn’t answer what purpose it’s put to.

    One thing I spotted is that the official advice from HMRC is to change any passwords that are based on child’s name of DOB. Does this mean details of children have also leaked? Imagine the social engineering possibilities and the Daily Mail outrage over that!

  • Random

    As an employee of a major government department myself (and a parent who’s details are almost certainly on that CD:-/), I can’t say I’m terribly surprised by this. And sad to say it’s not really about incompetence on the part of the bod who sent it off either. Although of course there was that – but given that the individual involved is almost certainly going to turn out to be a junior Admin or Executive Officer (despite the high sounding title, that’s pretty much about as far down the Civil Service food chain as you can get – AO in particular is a minimum wage job, at least at entry level, and the Civil service at this level competes with Macdonald’s for recruits:-/) who would not even have heard of, or known how to apply even if s/he had heard of, the sort of security procedures being discussed. There’s a limit to how much you can realistically blame them for, especially when you consider that at that level the only permissible response to a demand for information from the NAO (the NAO rarely requests) is to package it up and send it off pronto.

    What it is about is the question that no-one seems to be asking so far – why on Earth is the NAO asking for this information? They can’t conceivably need it to audit HMRC’s accounts, however such is their role at the centre of government that no-one would even dream of challenging them about something like this, with the result that some poor underpaid and overworked jobsworth at HMRC will probably be hung out to dry over this while the people really responsible at the NAO will escape all censure.

    You guys think the government treats everybody else badly? Trust me, it’s nothing compared to the way those parts of the government responsible for policing the rest of government behave. The likes of the NAO are the Inner Party treating the rest of us as the Outer Party. Granted, the proles may have limited symapthy with the plight of the Inner Party, but it’s still worth remembering where real blame lies when something like this happens.

  • Random

    Blast – “plight of the Outer Party” of course. So much for my fancy 1984 metaphor…

  • Nick M

    Well done Rob,
    The letter: A,B,C,D was used back in the days of paper to indicate when the stuff ought to be processed. It now has no meaning but it’s still there. In the days of paper the NICO employed 20,000 people. When I worked there (2001) the introduction of computers had reduced this to 13,000. Not a dramatic saving is it?

  • Does this mean details of children have also leaked?

    The two numbers I have heard thrown around are “Twenty five million people” and “Seven million families”. that would suggest to me that the 25 million consists of data concerning all children receiving child support as well as data concerning their parents.

    So almost certainly yes.

  • Nick M

    From a comment by “Anonymous Coward” on the Register article…

    There is a requirement for 24*365 access to some sensitive social services information that lists, for instance, adults who are a known danger to children and similar (schedule 1, section 48-kind of stuff for the knossers out there) – the kind of thing that the News of the World would pay dearly for – that can become unavailable due to planned network outages and similar.

    What to do? If it becomes unavailable it potentially puts vulnerable children at risk, which is bad enough, but worse yet it would be a breach of SLA which would cost whichever outsourcer is involved yer actual money, which is totally unacceptable.

    The answer is, incredibly, to set up a local copy at the office that maintains access to this information. At worst this involves putting a copy of the entire social services database, together with the necessary front ends, on a laptop… Unencrypted! In my experience they do secure the laptop – With that criminals nemesis, the Kensington laptop cable lock. Ha!

    Read the whole thing – it’s right down the end of the comments. It’s outrageous.

  • permanentexpat

    They can’t conceivably need it to audit HMRC’s accounts, however such is their role at the centre of government that no-one would even dream of challenging them about something like this,

    ………………..are you a dreamer, Random?

  • Deranged Texan

    Makes me wonder if anyone on that side of the pond has even any recollection of sanity. Between your nanny state laws and governmental incompetence I doubt there is anything left of the great empire once rooted there.

    Perhaps the motley and meager collection of people with their wits left and without tickets across the pond might consider revolution before the government topples of its own accord. Though I wonder how such an event could be detected.

  • Permanentexpat: imagine…

  • ian

    By whatever bizarre workings they will spin this as the reason we need ID cards.

    Some government minister I’ve never heard of doing just that on Newsnight tonight. He is either lying through his teeth or a total incompetent – and yes I know these are not necessarily mutually exclusive.

  • permanentexpat

    Alisa:
    Unfortunately I do.

    As an aside: During the years I have been visiting these pages, sometimes commenting, sometimes being threatened with expulsion for calling a spade what it is, often filled with envy at the use of good good prose & argument….I have reached the conclusion that many of the contributors are folk with clout…or who know or who are connected to those who have it.
    Sadly, I see no evidence of this influence being used to change the suicidal course of events. Imagine…….

  • William

    Well, I live in the US and we have the same type of problem, although I’ve never heard of such a large database getting compromised. A few years ago, our social security administrators decided that it would be very cool to publish all American social security numbers online. Fortunately, somebody with some sense stopped them. But what kind of a nitwit could have come up with such an idea in the first place?

    We have parts of our government capable of keeping secrets…the military and related administrations. If the government insists upon assembling these databases, then they need to enforce data security on their custodians.

  • Permanentexpat: rather fortunately.

    On the aside: just because you (and I) don’t see it, does not mean it does not exist. Imagine…:-)