The Independent London Newspaper


Bank holiday ‘rush’ caused council data blunder that leaked witness details to troublemakers

Paul Convery

Cllr Paul Convery: 'Our primary concern was whether there was a culture that led to the problem in the legal department'

Published: 13 July, 2012

AN inquiry into a leak which saw the names and addresses of dozens of residents sent to the homes of troublemakers has concluded that Islington Council is “ineffective” at protecting personal data.

But the council’s deputy Labour leader Richard Greening and crime chief Paul Convery said that they were introducing measures that would ensure the mistake could not happen again.

Police had to provide 24-hour patrols on the Andover estate in Finsbury Park in April after it emerged that the details – including addresses and phone numbers – of people who had contacted the council in confidence to complain about anti-social behaviour had been sent to 10 troublemakers.

The details were part of legal documentation being served on the youths in order to gain a court injunction to ban them from the estate. The log covered complaints from five wards – approximately a third of the borough.

Eight households have had to be moved because of the error. Yesterday (Thurs) the Town Hall’s legal chief, Louise Round, explained that the error occurred because of a “rush” to serve the injunctions before the May bank holiday. As a result a member of staff forgot to Tippex out the names and addresses of those who had complained. The staff member has been disciplined but not sacked, she added.

Councillor Convery described the “rush” as “urgency”, however.

The council immediately reported itself to the information commissioner – who is still investigating and could hit the council with a large fine – and asked Westminster Council to carry out a review of its procedures, as well as an internal audit carried out by PricewaterhouseCoopers.

While the Westminster report was happy that “recent staff training” had been effective, the council’s own report was more damning.

It listed a range of issues regarding the safety of sensitive information including: “cabinets containing data not being locked at the end of the day, fireproof cabinets not being used to store data, documents not collected immediately upon printing, and documents not being held in secured mechanisms when behind reception/front desk”.

It added: “Employees often take sensitive hard copies off-site but there is no record retained for tracking purposes.”

The report was concerned that only managers were trained in data protection, with the expectation that they would pass the information down to their teams, but there was not monitoring to ensure this happened.

It concluded: “Failure in the overall effectiveness of safeguards is indicative of a culture that could place greater emphasis on compliance with information require­ments (especially at more junior levels of staff).

“Overall, we found that the safeguards in place to protect personal data held within hard copy documents were not effective.”

However, Cllr Greening said that the changes to procedure were ongoing and once new technology was introduced in September there would be no chance of a similar data breach happening again.

“There are some weaknesses that we are going to address,” he said. “Our primary concern was whether there was a culture that led to the problem in the legal department. In my view the reports tell us there isn’t a culture.

“What happened was a very serious mistake made by a member of staff. We are confident that the culture is good and there is good awareness of data protection which will stop this happening again. We are not entirely happy with the current position. It’s evolving.”

Ms Round added that all legal documentation was now checked by two people before being sent out.

Cllr Convery added that the second half of Labour’s term would see a crack down on anti-social behaviour and a key part of this would be asking residents to report crime.“We haven’t seen a drop off in reporting,” he said.

“This was a hell of a shock to the organisation. There are now systems in place to make sure a repeat of this kind of mistake is not likely.”

Both reports will be considered by the overview and scrutiny committee on Thursday.


Post new comment

Type the characters you see in this picture. (verify using audio)
Type the characters you see in the picture above; if you can't read them, submit the form and a new image will be generated. Not case sensitive.