Commissioner reveals his Enforcement Log

This is how I would take enforcement action.

The Information Commissioner has given us a peek into his “Enforcement Action Log” which details those authorities that are being actively monitored by the ICO for not complying with the Act.

The data of who has fallen under the scrutiny of the ICO was released following a Freedom of Information question that was posted on WhatDoTheyKnow.

However, the Commissioner has only released details from the Log of those cases that have now been closed – all those authorities that are still being monitored have been redacted from the spreadsheet under S.31 (law enforcement).

But the spreadsheet which you can view here [Enforcement Action Log Closed cases] does make interesting reading. Those public authorities that have been probed by the Commissioner include:

Avon and Somerset Police: Issues relating to the way it was destroying information.

Birmingham City Council: Problems complying with the 20-day S.10 guideline for dealing with requests.

Department for Culture Media and Sport: Came to attention for late handling of requests and internal reviews.

Department for Work and Pensions: Problems with piecemeal disclosure.

Doncaster Council: Monitored by the ICO for six months for S.10 and other breaches. At the end of review the council was dealing with 94% of cases within 20 days.

Exports Credits Guarantee Department: Again monitored for six months in a bid to improve the time taken for requests and internal reviews.

Foreign and Commonwealth Office: “Poor” public interest test arguments and long review periods.

Haringey Council: Provided monthly updates to the ICO because of poor S.10 compliance. Has to provide a report to the ICO in November 2009 to update on its progress.

Kent County Council: Case was closed after it gave a detailed response stating how improvements had been made and staffing increased.

Office for National Statistics: Call for greater staff training.

Rother District Council: Told to look at ICO guidance after making e-mailed FoI requests invalid.

It is interesting up to a point but what would really be fascinating is a list of the organisations the Commissioner is actively looking at.

Any guesses as to who might be on that list? The Ministry of Justice? The BBC?……..

Tax ‘super-computer’ snooped on by council staff

It would appear that the problems associated with huge computer databases and just who has access to them are not going to go away. An article in Computing has highlighted the security issues around massive computerised databases that have thousands of access points.

The Department of Work and Pensions (DWP) which controls the £72m Customer Information System (CIS) has a database of 92 million tax and benefit records made available to 80,000 DWP employees, 60,000 workers from other government departments, and staff from 445 local authorities.

CIS holds information on anybody with a national insurance number, including where they live, their ethnicity, and their tax status.

Following a Freedom of Information request it has emerged that in the six months to January 2009, six DWP employees were disciplined for “inappropriate use” of the system.

In the same period, local authorities were obliged to carry out internal investigations eight times after being notified by DWP that CIS had been accessed inappropriately.
These 14 incidents were in just six months. Last month, the department admitted that since August 2006, 33 local authority staff have been confirmed as accessing records “without business justification”.

The DWP became so concerned about instances of unjustified access that in January it sent out a memo to authorities warning them that the practice must stop.

“Anyone found to be abusing CIS may face sanctions ranging from disciplinary action to prosecution,” read the memo. “DWP will support your local authority to ensure appropriate disciplinary or prosecution action is taken, and may consider prosecuting directly under social security legislation.”

Read the full article here.