Skip to main content

Revenue and Customs

Volume 696: debated on Tuesday 20 November 2007

My Lords, with the leave of the House, I shall repeat a Statement made by my right honourable friend the Chancellor of the Exchequer in another place this afternoon. The Statement is as follows:

“With your permission, Mr Speaker, I should like to make a Statement on the breach of procedures which led to missing personal data relating to child benefit from Her Majesty’s Revenue and Customs.

“I shall set out the nature of the data and circumstances relating to how they went missing. However, it might be helpful to the House to set out the background before I do that.

“The National Audit Office, which is independent of government, but answerable to Parliament, has a right to ask for and access data from HMRC in discharging its compliance responsibilities. In March of this year, it appears that a junior official within HMRC provided the National Audit Office with a full copy of HMRC’s data in relation to the payment of child benefit. It is clear that, in doing so, the strict rules governing HMRC standing procedures were not followed. These procedures relate to the security and access to data, as well as their transit, to ensure that data are properly protected. This information should not have been handed over by HMRC in the way that it was. However, I understand that, in this case, the National Audit Office subsequently returned all the information that it received in March to HMRC after auditing it.

“It now appears that, following a further request from the National Audit Office in October for information from the child benefit database, again at a junior level and again contrary to all HMRC standing procedures, two password- protected discs containing a full copy of HMRC’s entire data in relation to the payment of child benefit were sent to the National Audit Office by HMRC’s post system, operated by the courier, TNT. The package was not recorded or registered. It appears that the data have failed to reach the addressee in the National Audit Office.

“I also have to tell the House that, when it was found that the package had not arrived at the National Audit Office, a further copy of this data was sent, this time by registered post, which did arrive at the National Audit Office. However, again, HMRC should never have let this happen.

“Although it is believed that the data were sent from HMRC to the National Audit Office on 18 October, the fact that they did not arrive was not reported to HMRC’s senior management until 8 November—nearly three weeks later. I was informed on Saturday 10 November and immediately instructed that comprehensive searches be carried out of all premises where the missing data might be found. These searches are continuing.

“I asked for an immediate investigation, which was initiated that weekend. I also insisted that immediate steps be taken to prevent this happening again, and action has been taken. On Monday 12 November, HMRC informed me that evidence of the route taken by the data might have been found and that the data were likely to be found. However, by Wednesday 14 November, it was clear to me that HMRC’s searches had failed to find them. I therefore instructed the chairman of HMRC to call in the Metropolitan Police to conduct a full investigation to find the missing package. That investigation is still under way. Our priority was and is to find those data. Searches have been and continue to be carried out, including of HMRC and National Audit Office premises. Staff are being interviewed, but so far the missing data have not been found. The police tell me that they have no reason to believe that those data have found their way into the wrong hands. The police are not aware of any evidence that they have been used for fraudulent purposes or criminal activity.

“Let me tell the House what is missing as a result of this extremely serious failure on the part of HMRC to protect sensitive personal data entrusted to it in breach of its own guidelines. In terms of protecting confidential data, Her Majesty's Revenue and Customs is operationally independent of Ministers. It is established by statute. It is run by its chairman, Paul Gray, and a board of commissioners who are responsible for its operations, but answerable to Parliament through me.

“Last week Paul Gray told me on his own initiative that, given the seriousness of the operational failing, he felt that he should resign. He has now confirmed that intention. I am very grateful to Paul Gray for his contribution to the work of government in Her Majesty’s Treasury, the Department for Work and Pensions and in HMRC.

“The missing information contains details of all child benefit recipients: records for 25 million individuals and 7.25 million families. These records include the recipient and their children's names, addresses and dates of birth, it includes child benefit numbers, national insurance numbers, and, where relevant, bank or building society account details.

“I regard this as an extremely serious failure by HMRC in its responsibility to the public. In making this Statement today, I have had to balance the imperative of informing the House and the public at the earliest opportunity, while at the same time ensuring that when I did so the appropriate safeguards were in place to protect the public, including in relation to bank accounts. Indeed, the banks were adamant that they wanted as much time as possible to prepare for this announcement.

“I discussed this with the Information Commissioner on Thursday who agreed that appropriate remedial action needed to be taken before a public statement was made. That action has now been taken.

“I have also sought the advice of the Financial Services Authority and the Serious Organised Crime Agency. Other government departments have been made aware.

“Mr Speaker, let me set out what we have done. First, the UK Payments Association, the British Bankers’ Association and Building Societies Association have been informed. Through them HMRC informed individual banks and other financial institutions, including building societies and post offices, of affected accounts. Secondly, individual institutions are flagging these accounts, which enables them continually to monitor for irregular activity. They tell me that so far they have found no evidence of such activity.

“Thirdly, they are also tracking back and analysing transactions on affected accounts back to 18 October. They have again so far found no evidence of unusual activity. They will continue to monitor these accounts so that if there is any suspicious activity, action can be taken immediately.

“Fourthly, if someone is the innocent victim of fraud as a result of this incident, people can be assured that they have protection under the Banking Code so that they will not suffer any financial loss as a result.

“The UK Payments Association has confirmed that it is confident that every action has been taken by the banking industry to minimise the risk of any fraud. It has also confirmed that the missing data are not enough in themselves for someone to access a person's bank account for fraudulent purposes, as additional security information and passwords are always required. But we have to recognise the increased risk caused by this missing data, so people will want to monitor their accounts and guard against any unusual activity.

“The advice of banks is that there is no need for customers to ask for a new account or to contact their bank or building society. But they should do what they should be doing anyway: they should check their statement and keep a close eye on their account for any unusual activity; if they see anything in their statement that concerns them, they should then contact their bank or building society immediately; and they should not give out personal or account details requested unexpectedly by phone or e-mail.

“I reiterate: the banks have made it clear that individuals will not have to pay out for any loss in the event that they are innocent victims of fraudulent activity. I can also assure the House that child benefit payments will continue to be paid as before. There are already clear HMRC standing procedures, which appear to have been broken. HMRC has initiated changes to security processes and procedures so that those will now take place only with written authorisation from a senior HMRC manager and with the appropriate protection for the transfer.

“The police investigation continues, though there is also likely to be an inquiry into the missing data by the Independent Police Complaints Commission, which has a responsibility for monitoring HMRC. I have kept the Information Commissioner informed. It is highly likely that there have been breaches in the Data Protection Act. That is something the commissioner will investigate.

“The Government take the protection of personal data, in whatever form, extremely seriously and have therefore put in place and are strengthening the rights and safeguards on use and handling of such data. The Data Protection Act set out the framework enforced by the Information Commissioner and the courts. Departments have specific controls on information sharing and duties of confidentiality that are being enhanced by amending the Data Protection Act to guard against misuse, and by providing further information for citizens about the information that the Government hold.

“Last month, the Prime Minister asked the Information Commissioner and Professor Mark Walport, director of the Wellcome Trust, to carry out a review of the framework in the UK to ensure the security of personal data. That review will look at government departments and other organisations. I can also tell the House that the Comptroller and Auditor-General, Sir John Bourn, has said that the National Audit Office will review its own procedures for requesting data, to confirm that these remain in line with best practice. It will apply any lessons arising.

“In addition, the House will be aware of other data security breaches by HMRC, including the loss in transit at the end of September of the records of around 15,000 people by HMRC’s external courier. In the same month, a laptop and other material containing personal details relating to HMRC customers were also lost. I have therefore asked Kieran Poynter, chair of PricewaterhouseCoopers, to investigate HMRC security processes and procedures for data handling. I have asked for an interim report next month and a full report in the spring. That review will be conducted in consultation with the Independent Police Complaints Commission and a full report will be made available to the Information Commissioner. I express my gratitude to the Metropolitan Police for its investigation, to the Information Commissioner for his advice and to the banks for their co-operation in working with the Government to take steps to protect the public.

“The House will understand that because the investigation is continuing I am not yet in a position to give a full account of what has happened here, but I will continue to keep the House informed. This is an extremely serious matter. HMRC has a responsibility towards the general public who entrust it with highly sensitive personal information. It has failed to meet the high standards that should be expected of it. I recognise that millions of people across the country will be concerned about what has happened. I deeply regret this, and apologise for the anxiety that will undoubtedly be caused.

“Let me reiterate: there is no evidence that these data have reached the wrong hands, and no evidence of fraud or criminal activity. Banks and building societies are putting in place safeguards to protect people’s accounts, and they will continue to monitor those accounts. No one will suffer any loss if they are an innocent victim of fraud and I will, of course, keep the House updated of any further developments”.

My Lords, that concludes the Statement.

My Lords, I thank the Minister for repeating the Statement. This is a sorry tale of incompetence and mismanagement in the Treasury’s own back yard. We already knew that HMRC was prone to running computer systems which caused operational problems and that its operation of the tax credits system resulted in the incorrect payment of more than 40 per cent of tax credits. Now we are told that the records for 25 million individuals have gone missing.

The Minister has told us that after 18 October when the junior official was first aware that the data were missing, the only thing that happened is that the official sent another copy of the information. Apparently, this person kept the information about the data loss to himself until 8 November. Can the Minister explain what kind of organisation would encourage its junior staff to behave in this way? There is something very wrong with an organisation that is incapable of admitting to errors or unable to respond to them. We have learnt something very distressing about HMRC’s culture and the way in which it behaves.

This is not the first time that data have gone missing when in the care and custody of HMRC. A couple of months ago we heard that a disc with the confidential data of more than 15,000 people got lost between HMRC and Standard Life. In August 2007 it was reported on BBC radio that a laptop with confidential ISA data was stolen from an HMRC official’s car. It took a number of questions from my honourable friend Mr Mark Hoban to extract from HMRC the fact that 41 laptops went missing in the 12 months to September 2007. In May 2007, a faulty printer was blamed by HMRC for 42,000 families in receipt of tax credits having their bank account details revealed to other people, and only this week the BBC “Watchdog” programme featured other errors which caused misery and mayhem to the life of some individuals whose data were incorrectly released.

When we debated the creation of HMRC under the Commissioners for Revenue and Customs Bill in early 2005, we noted with some concern that the integration of the Inland Revenue and Customs and Excise was proceeding with very little information about how the integration of the two organisations was going to be effected. We were concerned about the merging of two separate cultures without a clear plan of action and about the lack of specificity about the integration plans. It was clear to us that the Chancellor and his Treasury were fixated on realising £100 million of ongoing cost savings above all else. Unfortunately, we did not suspect that the organisation that would be created as a result of the Act would be so careless about the data of individuals.

During the passage of the Bill, we pressed the Government hard on the data protection provisions and, in particular, wanted to be sure that the protection of confidential data was managed and overseen at the level of the board itself, with rigorous and documented procedures. We were only partially successful in persuading the Government to accept some changes to the Bill. We were often told that data protection was taken very seriously in both the Inland Revenue and in Customs and Excise and that we must not hamper the operational effectiveness of the organisation. We did not press all our amendments but, with the benefit of hindsight, we should have done so.

Because we believe that data protection responsibilities need to start at the top, it is clearly right that the chairman of HMRC should resign. He and his fellow commissioners had plenty of warnings that things were not right and they should carry the can. But they are not the only ones and officials at all levels between the board and the junior official at the centre of this affair need to examine the part that they played, whether by act or omission, in this sorry tale.

The Minister has said that Mr Poynter from PricewaterhouseCoopers will carry out a security review. Will the Minister make the terms of reference for that review available to Parliament and commit to making Mr Poynter’s interim and final reports available to Parliament? Will he also say how the Information Commissioner will be involved? I am aware that he is carrying out the wider review described by the Minister this afternoon, but will the noble Lord confirm that the Information Commissioner can have complete and unfettered access to HMRC to carry out his own investigations if he so chooses? I am sure that PricewaterhouseCoopers will carry out a review admirably but we would also like to be sure that the public sector’s own data protection expert will be able to pursue these issues.

The disclosure of personal data without proper reason is illegal under data protection legislation and specific offences are built into the 2005 Act. There are data protection offences all over the statute book but I do not believe that they have been used much. Can the Minister confirm that all individuals who are found to have breached the law in this case will be considered for prosecution?

Over the past few years the Government have created statutory data gateways all over the public sector and seem intent on creating one great data free-for-all across the public sector. It is all in the name of customer service and efficient service delivery but it carries with it great dangers. We were assured that HMRC has the confidentiality of data at its core. There is even a statutory confidentiality declaration made by each member of HMRC’s staff. If HMRC can make the kind of errors that we have heard about today, what could go wrong elsewhere in the public sector? We certainly await the review in which the Information Commissioner is involved and we hope that it will have at its heart the need to protect data and not compromise them in the name of modernisation.

The case before us today involves child benefit records and therefore involves data concerning children. The organisation Action on Rights for Children has reminded us today of the concerns that it has expressed, and that we share, about the large children’s database that the Government intend to create. Will the Government pause its development and think again about the dangers of information held on databases about children, some of the most vulnerable members of our society? Will they commit to a full review of the national identity database which will underpin the identity cards that the Government propose? Every citizen in the land will fear for the security of his or her information which has been entrusted to the Government. The Government ought now to recognise that there are huge dangers for individuals when their information is transferred, however well intentioned the policy intent.

There needs to be a full public debate on the collection, handling and use of personal data before we go any further on these issues—including the national identity database—and I hope that the Minister will commit to that too.

My Lords, we thank the Minister for repeating the Chancellor’s Statement on this sorry tale. I am afraid that the Chancellor is not having a desperately good week and we can hope only that tomorrow is a calmer day.

When the Bill merging Customs and Excise and the Inland Revenue came before your Lordships’ House, we spent a lot of time scrutinising data sharing between departments—as the noble Baroness pointed out. However, we were less than wholly diligent in our work in that we failed to include a clause which said, “Thou shalt not simply post the stuff out without keeping any records of where it is going or when it went”.

On the specific issues, can the Minister say how many other HMRC CDs have been posted out over the past six months to other government departments and what information they might contain? As the noble Baroness said, we have had several incidents over the past few months that have come into the public domain in this area. Given the clear lack of any rigour on the part of junior staff in this case, it is very difficult to believe that these were completely isolated incidents. It also raises the question of how other government departments operate in similar circumstances. Data are regularly being shared between government departments and in this case they are being shared in the most cack-handed manner possible. What assurances can we have that across government we do not have junior officials simply putting CDs containing other sensitive material in the post?

At the end of September, when we were looking at the previous lapse of security in this area, HMRC announced,

“We have also reviewed our arrangements and introduced safeguards to prevent this happening in future”.

Given that events since have led to an even more serious breach of security, can the Minister explain what arrangements and safeguards were introduced in September and why they failed so spectacularly in this case?

Why on earth is HMRC still using CDs for data transmission at all in this day and age? Does that point out a more fundamental problem in terms of its IT systems? We believe that there are a number of problems related to the Capgemini contract, and that a gateway review has been undertaken to investigate them—a review on which, incidentally, it is alleged that the Chancellor plans to go to the High Court to prevent it being brought into the public domain. Exactly what broader problems are there in relation to IT in this department?

Is not the failure a symptom of the consequences of an ill thought-through merger? As the noble Baroness said, we spent a lot of time concerning ourselves about how two large departments with distinct histories and staff were brought together when it was clear that significant training would be required if staff at all levels were to do their new jobs properly. Unfortunately, far from additional resources being made available to ensure that the integration worked sensibly, we had severe staff cuts—25,000—in the department under the Gershon programme. My colleagues in another place have been dealing with the practical consequences of that for months—the increasing difficulty of taxpayers getting a sensible response from the department, in terms of their own affairs. Is not the problem that we are dealing with today yet another symptom of the low morale, poor procedures and inadequate resources that have flowed from the merger and the Gershon programme?

The Statement says that the Comptroller and Auditor-General will review the NAO’s procedures for requesting data. I hope that he will also look at its procedures for dealing with data when it gets them. The Statement does not say when it returned the data—earlier in the year, it put them in an envelope and sent them back in the way it got them. For the NAO to request data in this manner—perfectly happily accepting them in a brown paper envelope and not drawing it to the attention of Customs—seems peculiarly dilatory.

Finally, there is the question of the increasing responsibilities of HMRC. The child maintenance Bill proposes that additional responsibilities for managing a system are given to it. Given the problems that we have debated today, one wonders whether now is the moment when further responsibilities should be heaped on that department. Leaving them to one side, surely if ever there were an example of why we should be careful and critical about an ID card scheme, this is it, as the noble Baroness said. If such information relating to 25 million people—almost half the population of the UK—can be willy-nilly put into the public domain, so far as we know, because some junior clerk does not follow procedures, how can any citizen believe that they can be secure of their information not being made available under an ID card scheme? Among its other consequences, I hope that this matter sounds the death knell to that scheme.

My Lords, I am grateful to the noble Lords for the points they have made. The noble Baroness has accurately identified what we said in the Statement; namely, that there was an extensive gap between the disks being sent and lost and senior management being made aware of that loss. The loss was discovered on 24 October and senior management did not know anything was awry until 8 November. We make no bones about it: that is completely unacceptable. When the noble Baroness says that all the individuals who have been close to the operation should examine their role in it, she is right, and I assure the House that others will also examine the role of those officials in this situation. What took place is quite unacceptable.

I do not accept the noble Baroness’s suggestion that the problem comes from the merging of two cultures with the formation of HMRC. This kind of mistake and lax behaviour and the failure to observe proper procedures would be unacceptable in any culture. I assure her that the review that is being carried out will be made available to Parliament so progress will be monitored, although HMRC does not make its disciplinary procedures public. This is a severe crisis for the organisation. Its chair has resigned and the impact on all staff concerned with this sorry affair is still to be thoroughly investigated. No stone will be left unturned as we learn what we can from the situation. If people have been remiss, as some clearly have, in fulfilling their obligations, they will face appropriate sanctions, but the inquiry will also be concerned to learn lessons so there is no question of any repetition of such a development in the future.

Strict procedures were in place. They were not followed in these instances. HMRC has strengthened its guidelines and will make sure that its data security guidelines are followed meticulously; that will be a clear obligation upon all management throughout the organisation.

What does this mean for the Government with regard to data sharing? I am not able to say how many disks have moved between government departments, and I do not think the noble Lord would expect me to be able to answer that question. The question that lies behind that is: “Is the transfer of such information covered by strict guidelines and secure?”, and the answer is that it is—unless there is a serious lapse of this kind, which has the widest repercussions.

My right honourable friend the Chancellor of the Exchequer did not exactly enjoy telling the nation about this lapse, nor can he do anything except apologise for the implications for the large numbers of the public who will be exercised about this problem. All government departments will be well aware of the necessity of following correct procedures, which on this occasion were manifestly not followed. That is why, for instance, the disks had no greater security than passwords—they were not encrypted.

I want to reassure the House on that front. The thrust of the noble Baroness’s remarks was about identifying accurately what went wrong. Not only will lessons be learnt from that on how we can improve procedures, but action has already been taken to ensure that existing procedures—which, if followed, would certainly not have given rise to this lapse—will be followed meticulously.

On the future of government information, the whole House will recognise that the Government will need to reassure the nation of confidence in data protection, not least because there is no way in which we can serve the community without guaranteeing that confidence to the nation.

The noble Lord, Lord Newby, asked about failures in the recent past—which the Chancellor of the Exchequer identified in his Statement. Those were nothing to do with CDs in the post—a stolen laptop was one of the previous lapses, for instance. The subject of today’s Statement was a specific case. The noble Lord said it was due to low morale among the staff. That is an easy thing to assert and difficult to refute. I say that members of the government service—we all meet many of them in our daily lives—carry out their duties with proper attention to their responsibilities, but here was a catastrophic lapse where someone did not.

The noble Lord ought not to suggest that the National Audit Office was remiss in the way it requested the information. The National Audit Office asked for the information and it was the responsibility of HMRC to ensure that it was transmitted in a secure fashion—an obligation that was not followed through.

I reiterate that the Chancellor of the Exchequer did not make the Statement to the House until he had assured himself of a severe tightening up of procedures within his department. He also set out to make sure that the public was safeguarded by the full co-operation of all those who would be in possession of customer accounts, in order to effect the best possible protection to people with such accounts.

On ID cards, noble Lords will recognise that part of the problem arose because of the limited nature and degree of security involved. ID cards are meant to improve aspects of that.

I reiterate, the lapse was unacceptable, but day by day, right across government, such procedures are conducted with care, scrupulously and according to proper procedures. Such a lapse is unacceptable and requires the most immediate and proper action. The Chancellor of the Exchequer has already taken such action, and promised further action to tighten up procedures for the future.

My Lords, I remind the House that the limited time of 20 minutes for Back-Bench interventions is for brief comments or questions only.

My Lords, one good thing to come out of this disgraceful incident is that child benefit will continue to be paid. Were I a novelist in your Lordships’ House, I would think long and hard before putting such a story into one of my novels. Be that as it may, why it is necessary for the NAO to have such data, in such enormous detail, and why cannot anonymised data be used, such as other organs within government would use?

My Lords, that is a very important question which we expect the review to look at very closely. It may be that what was sent to the National Audit Office in the disk was information above and beyond that which it needed for its purposes. The failure there would have less to do with the request from the National Audit Office than from the way in which the information had been prepared for it. We await the review on that. The Chancellor is concerned that that should form an important part of the review to be carried out which, of course, will be reported to Parliament.

My Lords, I have had 40 years of close connection with the Revenue department, 10 of which I was in it and subsequently with the Inland Revenue Staff Federation. The Chancellor certainly deserves credit for the thoroughness and care that he has taken in dealing with this matter once it came to his attention. As two speakers have already hinted, I believe it would be a mistake for inquiries to be limited simply to the issue of data, important though that is.

The Revenue is now being dealt with very differently from how that was done in the past. Culture, which was strong and valuable in the department, has been driven out. That is not something for which I would blame the present Government; if one is honest about it, it started in the days of the noble Baroness, Lady Thatcher. It is now treated like a factory and if one treats a department like a factory results of this nature will occur. To my knowledge, only one member of the board of the Revenue has revenue experience and that was in a specialist department. I think there may be someone from Customs, but I am not sure. The heads of many of the departments have no previous experience in this area. I strongly urge my noble friend to give some assurance that an examination of what is happening there will go beyond that and look at the management style and at the way in which staff are now being treated.

My Lords, the House will recognise the almost unrivalled experience of the relevant department that my noble friend brings to the issue. I assure him that all procedures are being examined. This is a matter of successful and proper management. I assure my noble friend that he is right in that unless one gets management structures right and the staff are co-operative, difficulties may flow. It is the responsibility of management to ensure that staff co-operate and enjoy their work as well as they are able and that they fulfil their duties properly. He will appreciate that no stone will be left unturned in examining how the issue arose. The points that he wants examined will indeed be examined. We will require that degree of thoroughness because there can be no question of a lapse of this seriousness ever happening again.

My Lords, I have two questions for the Minister. The Statement from the Chancellor of the Exchequer says that the HMRC,

“is operationally independent of Ministers. It is established by statute. It is run by its chairman … and a board of commissioners who are responsible for its operations, but answerable to Parliament through me”.

Where does the buck stop? The chairman has now gone and the board of commissioners, according to what the noble Lord, Lord Christopher, says, does not have the experience. It could be in free fall even more now. What responsibility does the Chancellor of the Exchequer take personally?

Secondly, did anyone anticipate that there would be a real problem of morale following the merging of two major organisations and that staff who might be threatened with the cuts could do this out of sheer misery? There are ways that commercial organisations have had to cope by appointing someone tasked specially to bring large organisations together. Did HMRC have someone like that?

My Lords, the question of where the buck stops is quite clear. HMRC is operationally independent; that is why the chair has resigned—he takes responsibility for a clear management failure. But the buck also stops with the Chancellor of the Exchequer, who is responsible for the department in which HMRC is located. Seized by his responsibilities, the Chancellor, of course, immediately took action to minimise the impact upon the public of this catastrophic failure. That is why he acted in the way that he has as soon as he was informed of the calamity and is why he brought to Parliament today his full Statement on what has gone wrong, the action he has already taken to minimise the damage and the action that he intends to take to guarantee that such an event does not occur again. That is the clear line of responsibility.

As to the merging of departments, although this was a more significant bringing together of two former organisations, the House will recognise that the public service sees considerable reorganisations quite frequently, in terms of both efficiency and costs. The noble Baroness will recognise that her own side, too, is very keen to point out from time to time the way in which costs can be reduced by more effective administration. It is the responsibility of every Government to seek to improve the quality of their administration. It is clear that we have particular lessons to learn from this event and the Chancellor has made it clear how he proposes that the nation and particularly the Government should learn those lessons.

My Lords, the Chancellor was informed of this serious incident on 10 November. Does the noble Lord agree that it is a serious matter that the House has not been informed for more than 10 days afterwards? Secondly, I would like to add to the question of the noble Lord, Lord Newby, about all this information being passed around on CDs. While I am not at all a computer expert, that seems to be a strange way of proceeding. How many other unencrypted CDs are floating around the country? Thirdly, HMRC has been stretched in many ways—it has been entrusted with the distribution of tax credits and the former Chancellor has demanded 25,000 redundancies or job cuts by way of efficiency savings. Is it any wonder that HMRC is in such chaos?

My Lords, I sought to reply earlier on the question of the length of time. The noble Lord will recognise that two issues confronted the Chancellor as soon as he knew that this loss had occurred—first, that the intensity of the search for the missing discs should be stepped up. That is why he intensified the search and then brought in the Metropolitan Police in the hope that the discs would be recovered, which regrettably has not occurred, as yet. Secondly, he was obliged to make sure that the public were protected with regard to their accounts with financial institutions and the banks. The Chancellor needed the fullest possible co-operation from all sectors of the industry where this information related to individual accounts. He has had that full co-operation. That is why we can say with confidence, at this stage, that we know of no reported instance at all of untoward development as a consequence of this information.

We also have every bank working on their customers’ behalf, operating the closest watch on personal accounts. If anything untoward occurs, the customer is made aware. That is not achieved overnight, but it was essential that it should be in place before the Statement to the House. The Chancellor has to balance the obligation to report to Parliament about an issue as serious as this as soon as he is able against effective and necessary action to safeguard the needs of the public.

My Lords, this is clearly an appalling lapse by officials in the department concerned. I am prepared, obviously, to leave this matter to further investigation and, I hope, some effective action. However, can my noble friend ensure that staff cuts are not blamed for what happened? As the noble Lord, Lord James, will know from his examination and the Gershon report, in huge government departments it was right that efforts were made to cut staff numbers to create a more effective department. Can my noble friend ensure that there is no question of rushing to blame the whole lapse of management on the staff cuts?

My Lords, I am grateful to my noble friend for putting that issue in context. There have been cuts in a number of departments as a result of work on efficiency, and there has been a massive reorganisation as a result of work by the Government; we have not had a lapse of this seriousness or to this extent in any other department. My noble friend is right about that.

The obvious point is that procedures were not followed effectively in this case. There is no evidence that it concerned someone suffering from an enormous overload of work or insufficient supervision. The problem was that procedures were not followed. That lapse cannot be countenanced. Neither I nor anyone else in the House can put the lapse down to insufficient numbers of staff without more evidence than I have at my disposal at the moment.

My Lords, I, too, was involved in the HMRC Bill, during whose passage confidentiality issues were dealt with. First, regardless of whether Customs and the Inland Revenue had merged, if procedures had not been followed this breach could have happened under the old Inland Revenue. Secondly, can the Minister confirm that while there is a target of 25,000 cuts, in fact only 12,500 cuts have been delivered? If so, and if there is a problem with staffing, will he undertake to ensure that proper staffing is in place before the Government proceed with the further 12,500 cuts to meet the target? Thirdly, did loss of the disk on 18 October arise because of the internal postal service of the merged Revenue and Customs or is there an outsourced service that acts on behalf of the new department? Fourthly, has it been established if any other items went astray on the same day?

My Lords, on the latter point, the TNT courier service was used for this delivery. It will be recognised that other deliverers—in particular, Royal Mail—were in some difficulty at the time because there was a suspension of some services. However, as I have sought to make clear all afternoon, the failure was in the procedure relating to the disk and its security and the fact that it was entrusted to a courier service, which can be of a high standard but is, nevertheless, an external service, and we all know that, by definition, there are limited guarantees in that. That was the process. Where the fault lay is still to be identified, but clearly responsibility rests with the person who pursued this action and the question is whether, in carrying out that action, they followed proper departmental procedures.

I tried, however inadequately, to answer my noble friend on a question a moment ago about cuts. I do not think that cuts have anything to do with this. Of course, economies are being effected across the government service, but that can happen while guaranteeing the service. It is management’s role to ensure that, otherwise the cuts would not be justified. I assure my noble friend that due process will be followed in the department on any development.

My Lords, can the noble Lord answer the question that I posed earlier about whether disks are the most sensible way for this information to be sent around and should a review of this should be carried out?

My Lords, that issue will certainly be considered by the review, but I think that encrypted disks with proper security can be used effectively. We all recognise the enormous convenience of using disks, but these two disks were safeguarded only by passwords, which provide very limited security, and that is certainly unacceptable.

My Lords, we have been assured that there are strict procedures to prevent data leaking into unauthorised hands but it is clear that the methods are not successful and that they are not doing the job. I know that the Minister said that there will be a review but, during that review, will the Government examine whether they can handle all the information that they are now demanding about people, whatever they are doing—for example, medical records, the children’s database, the 53 pieces of information that will be required by people who travel and the ID card database? Will it be possible for government to manage all that, plus very much more information? Is it all necessary and will that be inquired into when the safeguarding of systems is reviewed?

My Lords, the review will look at this department’s procedures and at any lessons that can be learnt across government. However, there is a massive movement of information across government departments and between government agencies and external organisations, and safeguarding the privacy of data takes place every day.

When we get a lapse of this nature, we recognise that it is essential that all procedures are followed meticulously and that those procedures are fail-safe. The noble Lord will recognise that over a vast area of the government service there is no question but that data are handled entirely properly. As for the future, technology makes it possible for Governments and for all organisations to acquire information on a scale which could not have been contemplated 20 years ago. What is incumbent upon Governments and other organisations is that information should be used only for the purposes for which it is intended and safeguarded properly. It is the responsibility of the Government to ensure that that occurs with regard to all their information.