House of Commons refuses to release data visible online over ‘national security risk’

Sign up for the View from Westminster email for expert analysis straight to your inbox

Get our free View from Westminster email

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

The House of Commons has refused to release data about the most visited websites from the parliamentary estate – despite the data being publicly available for four years on its own website.

The Independent requested updated versions of the most visited websites and services from the parliamentary estate, using freedom of information (FOI) legislation.

The information – past versions of which are still available online – was classed as a national security risk by the House of Commons, despite the fact that versions of it are still available on the internet.

As a result, the House of Commons declined to release the information.

“It’s a weirdly backwards decision because the data has been in the public domain for years and there’s no evidence of the breach that the House of Commons claims to be afraid of,” said Tim Turner, a Manchester-based data protection expert.

Mr Turner also believes that the decision, which was made by the House of Commons and upheld by the UK’s information commissioner, Elizabeth Denham, is “the opposite of what FOI demands – refusal should be based on cause and effect”.

The data protection expert believes the House of Commons is incorrectly claiming disclosure would be likely to lead to websites being hijacked and taken over by criminal gangs, even though many of the top 500 websites are major organisations which have huge incentives to keep their websites secure.

The top 30 most visited websites in January 2016, in data published by the House of Commons and on their website for years, includes the BBC, parliament’s own website, Google, and the websites of The Telegraph, The Guardian and Daily Mail.

In the first 21 days of January 2016, Rightmove was also the 38th most-visited website, with 44,192 page views.

The Independent was the 47th most-visited website from the parliamentary estate’s IT system.

“The ICO [Information Commissioner’s Office] seems to believe a plot of Bond villain complexity is a likely consequence of seeing what MPs and their staff are browsing,” said Mr Turner.

“It’s worrying that ICO is willing to endorse such speculative arguments to hide data that we’ve previously had access to.”

Despite the fact that the freedom of information request was lodged on 5 April 2018, the House of Commons waited until September 2018 to remove the information that is purportedly a national security risk, and can supposedly be used to aid and abet criminal activity.

After September 2018, the House of Commons also reuploaded at least some of the files again in error.

Versions of the data are still easily accessible through the digital archive Wayback Machine, which was launched in 2001 by Internet Archive (a San Francisco-based nonprofit digital library whose mission is “universal access to all knowledge”). Despite this, the House of Commons claims that the data is a national security risk.

A House of Commons spokesperson said: “The House of Commons agrees with the findings of the ICO.”

They pointed out that the ICO used an exemption relating to the prevention and detection of crime, and “therefore did not need to consider other exemptions relied on by the House of Commons”.

The spokesperson added: “As has been stated by the House of Commons to the ICO, the understanding and appetite for risk has evolved over time. We no longer publish any such information.”

They ignored questions asking why the data they claim is a national security risk was easily accessible via the Internet Archive’s Wayback Machine, and whether any efforts had been made to contact the Internet Archive to remove the data that is supposedly a national security threat.