In the wake of the largest-ever data breach to hit the UK, the Information Commissioner's Office has criticised the apparent lack of technological safeguards in government departments and called for "privacy-enhancing technologies" to be built into future projects.
The loss by HM Revenue & Customs of two password-protected CDs containing 25 million personal details of those who claim and receive child benefits was a major blow for privacy, according to assistant information commissioner Jonathan Bamford.
"This is the biggest privacy disaster by our government," said Bamford on Wednesday. "It's a bad day for those of us who care about privacy. Security lapses like we just found out about are very worrying, especially as we've had data-protection laws on our statute books for 21 years."
Bamford said that much more could have been done in terms of privacy-enhancing technologies (PETs) to safeguard the information lost, which included the name and address of every child in the country.
"Why are we not using our ingenuity and expertise to develop privacy-enhancing technologies?" said Bamford, speaking at a conference in Westminster on Wednesday called "Fine Balance".
The idea that someone could burn a disc of the whole child benefit database, and had the capability, the access, and the authority to do so "raises questions", said Bamford.
"How you can have a system which allows you to copy a whole database onto a disk is of concern," Bamford continued. "Clearly there are issues about when the data was accessed and by whom. They should have had access controls and authorisation levels to make it physically impossible to burn a disc of the database without the say-so of the chairman of HMRC. Why isn't the technology there to do that? It isn't rocket science."
Ulf Dahlsten, director of emerging technologies and infrastructure for the European Commission, said that HMRC "needed to enhance its protection", and added that the European Commission had issued guidance on the use of privacy-enhancing technologies.
"[HMRC] should have had the data protected," Dahlsten told ZDNet.co.uk. "They should have encrypted the data, and not allowed one officer to access and download the information. They also have to think about how they store the data."
Dahlsten said that HMRC needed an awareness-raising scheme about data security, but added that the data need not have been linked to individual identities at all.
"It's a way of thinking," said Dahlsten. "You can dissolve identity from a string of data and make that data anonymous. For auditing purposes, [the National Audit Office] didn't need the names of the people."
It emerged in Parliament on Tuesday that the National Audit Office had not in fact requested the names, addresses, dates of birth, national insurance numbers and banking details lost by HMRC, but had just requested national insurance numbers.
The government is currently in the process of implementing other database projects, including the National Identity Register for the ID cards scheme. Dahlsten warned against large databases that store a lot of data and have many people accessing them, as this "increases the chance of a data breach".