Apologetic PM orders data security review

Sign up for the View from Westminster email for expert analysis straight to your inbox

Get our free View from Westminster email

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

Gordon Brown today ordered a check of data security at all Government departments in the wake of the loss of 25 million people's personal details by HM Revenue and Customs.

The Prime Minister told MPs he "profoundly regretted and apologised" for the loss of the data, but insisted there was no reason for under-fire Chancellor of the Exchequer Alistair Darling to resign.

His comments came as police continued their hunt for two computer discs which went missing when they were sent from an HMRC office in Tyne and Wear to the National Audit Office in London on October 18.

Mr Darling yesterday blamed the loss on a breach of procedures by a junior official, but HMRC this morning refused to confirm whether only one member of staff was involved on three separate occasions this year when the information was sent to the NAO or whether any disciplinary action had been taken as a result.

The Chancellor this morning admitted his confidence had been shaken by the debacle at HMRC, but insisted he was determined to stay in his position to guide the department through its current difficulties.

Challenged at Prime Minister's Questions today on whether any ministers had offered their resignation, Mr Brown responded defiantly: "No, and nor should they."

He gave an endorsement to Mr Darling, telling MPs "the Chancellor has done an excellent job, both as a former minister at the Treasury and now as Chancellor of the Exchequer".

In a stormy Commons chamber, Conservative leader David Cameron told Mr Brown that millions of people were now "worrying about the safety of their bank accounts and the security of their family details" and "angry that the Government has failed in its first duty to protect the public" .

The fact that the sensitive information was sent three times in breach of procedures indicated a "systemic failure" at the HMRC, which was formed when Mr Brown merged the Inland Revenue and HM Customs and Excise as Chancellor, said Mr Cameron.

He said the public would find it "bizarre" that the Government was not willing to "stop and think" about the introduction of ID cards in the wake of the blunder.

Mr Brown told the Commons that, following the launch of a review of HMRC's handling of data by the chairman of PricewaterhouseCoopers, he had ordered Cabinet Secretary Sir Gus O'Donnell and security experts to ensure every Government department and agency checked its own procedures for keeping data safe.

And he announced that Information Commissioner Richard Thomas is to be granted new powers to carry out spot checks on departments to ensure that they are doing everything they can to protect the privacy of details given them.

"We will do everything in our power to ensure data is safe," the Prime Minister pledged.

But Mr Cameron asked MPs: "Won't people think that he has totally lost touch with reality, he is demonstrating no common sense at all? Won't they see a Prime Minister who tries to control everything but actually can't run anything?"

It emerged during today's Commons clash that there were differences between the

NAO and HMRC over the auditors' request for details of child benefit claimants,

which were sent once in March and twice in October this year.

Edward Leigh, the Conservative chairman of the Commons Public Accounts Committee, told MPs that in high-level discussions between the two organisations, the NAO asked only for basic details - omitting information on personal bank accounts - but was told that it would be "too burdensome" for HMRC to separate out this information.

In the event, the discs sent for auditing contained names, addresses, dates of birth, child benefit and National Insurance numbers and bank or building society account details for every child benefit claimant in the UK - some 25 million individuals and 7.25 million families.

"These decisions were therefore taken at a high level," said Mr Leigh. "Is this not an image of a department which has had too much work loaded on it at the same time it was cutting staff?"

He said the external audit had only become necessary because HMRC had reduced the size of the sample of claims audited internally after it took over responsibility for child benefit from the Department for Work and Pensions.

Mr Brown confirmed that the discussions over what information should go to the NAO would feature in the inquiry being carried out by PWC chairman Kieran Poynter, adding: "There is a dispute about what the NAO and HMRC said to each other about this personal data."

Mr Brown said official HMRC procedures had been breached on three separate points, which stipulated that protected information should be accessed only by authorised staff, should not be removed without authorisation and should be encrypted when being sent.

"There is no evidence of fraudulent activity taking place," the Prime Minister told MPs. "This was a failure in implementing the proper procedures."

Mr Darling this morning took to the airwaves to "apologise unreservedly" for the loss of the discs, which yesterday forced the resignation of HMRC chairman Paul Gray.

The Chancellor said the Government was working with the banks to ensure that the affected accounts can be monitored closely for signs of fraudulent activity. Customers have been advised to check their accounts for any indication of unauthorised transactions.