Information Assurance

Oral Answers to Questions — Duchy of Lancaster – in the House of Commons at 11:30 am on 6th February 2008.

Alert me about debates like this

Photo of Shailesh Vara Shailesh Vara Shadow Deputy Leader of the House of Commons 11:30 am, 6th February 2008

What assessment he has made of the effectiveness of the Cabinet Office in providing information assurance across Government.

Photo of Tom Watson Tom Watson Parliamentary Secretary (Cabinet Office), Member, Labour Party National Executive Committee

The Cabinet Office sets out the strategic direction for information assurance in Government. Individual Departments are responsible for following the strategy and protecting the data that they hold.

Photo of Shailesh Vara Shailesh Vara Shadow Deputy Leader of the House of Commons

Will the Minister finally confirm what is abundantly clear to the rest of the country—that there is insufficient Government information assurance for schemes such as ID cards and national road pricing?

Photo of Tom Watson Tom Watson Parliamentary Secretary (Cabinet Office), Member, Labour Party National Executive Committee

The Government take information assurance very seriously, and the hon. Gentleman will not be surprised to know that I have spent a lot of time in my new post understanding this new brief. The Prime Minister announced that the new Secretary of State for Wales will be increasing ministerial firepower on the matter, and any lessons that have to be learnt, will be.

Photo of Andrew Miller Andrew Miller Chair, Regulatory Reform Committee, Chair, Regulatory Reform Committee

I congratulate my hon. Friend on his new appointment. When he considers the failures that there have been in data security, he will find a common thread. It is not a policy failure, but a failure of management and training. Will he look at what the private sector does to ensure that people are properly trained and that they are aware of their obligations under privacy legislation, and will he ensure that such rules are adopted in the civil service?

Photo of Tom Watson Tom Watson Parliamentary Secretary (Cabinet Office), Member, Labour Party National Executive Committee

I thank my hon. Friend for his kind remarks. I know that he is an recognised expert in this House on information assurance. His points on training are important and one of the early indications from the O'Donnell review is that there is a role for enhanced training. If such training is required to be mandatory, it probably should be.

Photo of Francis Maude Francis Maude Shadow Minister (Cabinet Office)

I welcome the Minister back to the Dispatch Box; no doubt that is his reward for his part in dispatching the previous Prime Minister.

Two years ago the Walport report called for the Government to improve data security, warning that leaks of personal data would damage the Government's reputation. A year ago, Sir Edmund Burton, the Cabinet Office's own adviser on information assurance, pointed out a systemic lack of awareness of data security throughout the Government. Just last summer, the Coleman report raised concerns—a report that it is now clear that no Minister actually bothered to read. After all those warnings, and after 25 million bank details have gone missing, benefit files were dumped on a roundabout and 3 million drivers' records were lost in Iowa, of all places, why are we still seeing personal data disasters week after week?

Photo of Tom Watson Tom Watson Parliamentary Secretary (Cabinet Office), Member, Labour Party National Executive Committee

Let me repeat my earlier answer: we take the matter seriously, and the information assurance strategy launched last June increased Government security. The O'Donnell review, when it reports, will again improve Government policy. Four principles underpin our approach to that review. We require enhanced transparency, increased monitoring, improved guidance and better, and possibly mandatory, training.

Photo of Francis Maude Francis Maude Shadow Minister (Cabinet Office)

How many reports does the Minister need? He has had three so far. The problem is not a lack of transparency, but a great deal too much of it in respect of personal data.

Nick Coleman said in his report last year that

"adequate mechanisms are not yet in place...which puts at risk the government's aspirations for service delivery enabled by technology."

Is not that the clearest possible indication that the Government can never be trusted with all the personal data involved in setting up a national ID card? When will Ministers at the centre of Government show some leadership, get a grip and start to protect the public's personal data, which are constantly being put at risk?

Photo of Tom Watson Tom Watson Parliamentary Secretary (Cabinet Office), Member, Labour Party National Executive Committee

The O'Donnell review is already changing Departments' activities. The right hon. Gentleman and I both aspire to a cultural change in Government. Our hard-working civil servants should deal with people's personal information in the same way as they deal with taxpayers' money. That is a contemporary challenge for Government. Twenty-five years ago, when the right hon. Gentleman first entered Parliament—and when his Front-Bench colleague Greg Clark and I were probably playing "Manic Miner" on a 48-kilobyte ZX Spectrum—the information that can now be held on a DVD would have filled 400 filing cabinets. We are rising to that contemporary challenge and Departments are taking action.

Photo of Gordon Prentice Gordon Prentice Labour, Pendle

The Government want the Information Commissioner to carry out spot checks on Departments to ensure that data are secure. Is that happening and does the Information Commissioner have enough staff to make a decent job of it?

Photo of Tom Watson Tom Watson Parliamentary Secretary (Cabinet Office), Member, Labour Party National Executive Committee

That is a matter for the Information Commissioner, but we will give him all the support he requires in doing that job. Indeed, that was announced in the interim review from the O'Donnell report.