Previous Section Index Home Page

Why should we have more confidence today that that will be implemented? Can the Chancellor also explain why, in this day and age, information is being transmitted through CDs, rather than electronically? Is that not just a reflection on the ancient IT systems employed by HMRC? [Interruption.] For example, is he aware that officials within HMRC— [Interruption.]

Mr. Speaker: Order. Let the— [Interruption.] Order. Let the hon. Gentleman speak.

Dr. Cable: Is the Chancellor aware that officials within HMRC are being told to disregard elementary precautions such as dual running of old and new IT systems in order to make savings on the £8 billion Capgemini project? Will he not make an open, transparent statement of the IT position by publishing the gateway review rather than trying to suppress its findings by going to the High Court?

A basic question one has to ask is why private finance initiative contractors are being given greater data protection than 7.5 million families concerned with child benefit. Is not at least part of this problem due to the 25,000 job losses being implemented in HMRC? Clearly, if officials are being asked to do more and more with fewer staff, mistakes will be made, as they have been here and in relation to tax credits and VAT registration. Is the issue of confidence in Government databases restricted merely to the future ID card system? Is there not a complete lack of confidence in future benefit claims? How on earth are poor people going to have confidence that their data will be protected when they claim benefits?

Finally, I want to raise the issue of the principles governing resignation from Government when administrative disasters occur. One senior official, Paul Gray, has now resigned as a matter of honour; another, the Metropolitan Police Commissioner, declined to do so. Home Office Ministers have resigned on matters of honour; Treasury Ministers decline to do so. Where does the buck stop in this Government?

20 Nov 2007 : Column 1108

Mr. Darling: The hon. Gentleman asks a number of questions and I agree with him that this information should not have been downloaded in the way that it was; it certainly should not have been sent in the way that it was, without any readily available means of identifying where it was. It was password-protected, but that was inadequate. However, the hon. Gentleman needs to bear it in mind that the key problem is that HMRC has clear instructions, rules and procedures on requesting, downloading and transmitting information, and that the individuals concerned ignored those instructions. That is the difficulty, and that is what we need to make sure does not happen again.

HMRC is operationally responsible for the collection and making of payments. It is, quite properly, independent of Government, because it is involved in dealing with personal data. That is why it is a responsibility, which this House recently agreed to, of a board of commissioners and the chairman. They are accountable to Parliament through me, which is why I am making this statement today, but there is no doubt in my mind that what we have here is an extremely serious breach. It should never have happened, and the problem is that individuals within HMRC ignored the procedures that were there. That should not have happened and that is what we need to put right.

John McFall (West Dunbartonshire) (Lab/Co-op): Paul Gray, the chief executive of HMRC, has always been co-operative and helpful to the Treasury Committee in our dealings; however, he is correct today to resign from his post. This gives rise to the question, are data safe with Government agencies? No doubt the Treasury Committee will look at this issue, at the internal security procedures operated by departments, and at the level at which the security is signed off. Why does such sensitive information need to be shuffled around? Why cannot the NAO undertake its investigations at the departments? No doubt the Treasury Committee will want to look at this issue, and I ask the Chancellor for his full co-operation in that exercise, so that we investigate this matter thoroughly and ensure that never, ever again does such a situation arise.

Mr. Darling: I certainly welcome any inquiry by the Treasury Committee. My right hon. Friend asks me about the audit procedures and as I told the House earlier, Sir John Bourn, the Comptroller and Auditor General, is reviewing the procedures for how information is handled and what he requests. On child benefit, my understanding is that normally, the NAO would seek to investigate a comparatively small number of cases—perhaps as small as a dozen or so—in order to be sure that Revenue and Customs was following the correct procedures and paying them. It is not at all clear to me why 7 million records would be necessary, or whether it would be possible for anyone actually to look at 7 million records and properly audit them.

I also agree with my right hon. Friend—I said this in reply to the shadow Chancellor—that if large-scale information is sought, as I understand it, the internal procedures of the Revenue and Customs require that the auditor go to where these things are held, in Washington and the north-east, so that he could look at that information without it being taken out of a
20 Nov 2007 : Column 1109
secure building. I understand that those procedures are in place. One of the things that the inquiry will have to find out is why those established procedures were breached by the individuals concerned.

Mr. Edward Leigh (Gainsborough) (Con): I am grateful to the Comptroller and Auditor General and to the Chancellor for briefing me this morning. May I just make one or two things clear from the CAG’s briefing? He requested this information—the national insurance numbers—to create a sample to enable him to carry out the audit. It is clear that the CAG specifically asked that all personal details, bank account details and all that sort of information should be removed before this was sent. That is the most important thing. The National Audit Office simply asked for the national insurance numbers; this had nothing to do with personal details.

On the other important point the Chancellor may have inadvertently misled the House—I am sure that it would have been completely inadvertent. He said that this information was sent on 18 October. That is true; the Inland Revenue informed the NAO on 18 October. He then told us that it was not until 8 November that senior management were told that these discs had not arrived. In fact, the NAO informed HMRC on 24 October that the wallet had not arrived. It was sent completely insecurely. A second wallet was then sent, so there is no doubt that the wallet never arrived at the NAO; it was lost in the post. No blame can be attached to the NAO, which was simply doing its job in asking for this information. This is criminally irresponsible behaviour on the part of a Department that once had an unimpeachable reputation.

Mr. Darling: There is one point that I want to address head on, because I take very seriously my duty to tell this House the facts as I understand them. I did say in my statement that a request was made at the beginning of October to provide information for audit. That led to the official concerned despatching the two discs in the way that I described—these are the two that never arrived. I understand that subsequent to that, on discovering that they had not arrived, the same junior official spoke to his counterpart in the NAO to ask whether or not he had received them. As I said in my statement, on discovering that they had not been received he then posted another two copies—this time using registered post. That is precisely what I told the House. There had been further contact after the initial posting on 18 October. The fact remains that my understanding is that senior management of HMRC were not told of this until 8 November.

That is what I have been told by HMRC, so the hon. Gentleman is right to say that an initial request was made but the discs did not turn up at the NAO. The two officials spoke again and, wrongly, the discs were posted out a second time. This time they did arrive and are, as I understand it, in safe custody. The fact remains that it was not until 8 November that senior HMRC staff were told, and they subsequently informed Ministers. I want to be clear about that.

On the NAO’s original request, I am aware of the position that Sir John Bourn has helpfully set out for me. I have also received advice about what HMRC thinks it was asked for. One of the reasons that I want
20 Nov 2007 : Column 1110
Kieran Poynter to investigate is to reconcile the sometimes differing accounts of what happened. I have been at pains not to allocate blame as between the NAO or HMRC. I have no reason to criticise the NAO and I welcome the fact that Sir John Bourn is carrying out his own inquiry. I am sure that he will share his conclusions.

I wanted to clarify the position. I understand perfectly why the hon. Gentleman wants to make the position of the NAO clear, but I know that in my statement I acquainted the House with what happened to the best of my understanding.

Tom Levitt (High Peak) (Lab): My right hon. Friend is to be commended for his statement, which was responsible and proportionate. May I especially commend him for having given the banking system time to consider the situation without panicking and to prepare for what will be a demanding few days as people seek reassurance? I am sure that major banking institutions will be fully prepared, but can he assure the House that the smaller banks and building societies have the capacity to deal with customer demand over the next few days, especially Post Office branches in the high street, when the public seek the reassurance that they no doubt will?

Mr. Darling: Certainly HMRC will do everything that it can, together with the associations representing the banks and building societies, to help them and the Post Office prepare. As I said in my statement, I was conscious of the balance that I had to strike between telling the House and the public, and allowing sufficient time for preparation by the banks. Some small institutions asked for a couple of weeks, but it was my judgment that I had to make the information public as soon as was reasonable. I also had to do my best to ensure that the banks were given sufficient time. I have tried to strike that balance and I hope that the House will understand that. As I said earlier, the view of the banks and the building societies is that there is no need for people to contact them unless they have seen something suspicious. Because the bank accounts are being monitored—they have been flagged since the weekend because of the information that we gave the banks—the process is well under way, although we will obviously help some of the smaller institutions if they need and request that help.

Mr. Douglas Carswell (Harwich) (Con): If the Government have managed to lose 25 million confidential personal records in this way, how can we possibly trust them to run an ID card scheme nationally?

Mr. Darling: As I said, one of the problems is that the information we have at the moment can, in certain circumstances, be used for fraudulent purposes by people who have no right to use it. The point about ID cards is that because they will introduce biometric information they will mean that one can be more certain that the person asking for or dealing with that information has a legal right to do so.

Mr. George Mudie (Leeds, East) (Lab): The general public, hearing about this, will be less concerned about whether the NAO or the Treasury were to blame and
20 Nov 2007 : Column 1111
more concerned about the embarrassment of their records being public, the threat of identity theft and what protection they will get if it occurs. Can the Chancellor spell out what protection the public will get from the various banking codes if identity theft happens?

Mr. Darling: On the central point, there is no information suggesting that the information is in the wrong hands or, indeed, in the public domain. It is password protected. The police, who are constantly monitoring the situation, tell me that there is no reason to believe that the information has come into the hands of people who should not have it. As I said to the House earlier, the fact that the banks have been able to flag and monitor the accounts concerned means that if unusual activity occurs, it can be picked up. Individuals will also look at their own accounts. At the moment, there is no reason to believe that the information is in the public domain or that there has been any fraudulent or other criminal activity. However, the banks, the Government and everyone else will continue to do everything that they can, first to recover the information and then to put those protective measures in place.

Mr. Richard Bacon (South Norfolk) (Con): It is hard to know where to start with the Chancellor. He prays in aid the Information Commissioner, but it was the commissioner who told the Government to publish the gateway reviews for ID cards, so why did he not listen to that? Moreover, Sir John Bourn has qualified HMRC’s accounts for the past four or five years, not because of any fault on the part of that Department but because it is being required to implement the Government’s unimplementable tax credit policy. Paul Gray is a courteous and honourable man; what I fail to understand is why he is the only one offering his resignation.

Mr. Darling: I agree that Paul Gray is an extremely courteous and hard-working civil servant who has served successive Governments very well indeed. From my time in government with the Treasury and the Department for Work and Pensions, I know that he has served all Departments with distinction. He deeply regrets what has happened but he is chair of HMRC’s commissioners, who were established by statute, and he accepts that he has a responsibility in this matter. I am sorry about what has happened, just as he is, but the important thing is to make sure that such a massive and unforgivable mistake does not happen again. We must learn from it, and ensure that proper procedures are put in place to protect the public.

Mr. Siôn Simon (Birmingham, Erdington) (Lab): Notwithstanding the sad but not surprising sanctimony displayed by those on the Opposition Benches, does my right hon. Friend agree that what has happened is the sort of random, human mistake, in breach of all guidance and rules that occurs under all Governments of all colours? The test of the Government is how they deal with it. The Chancellor has told us what he has done, but will he now say whether any requests for co-operation or compliance from the police or any other investigating authority have been refused by the Government? Is there anything that he could have done that he has not done?

20 Nov 2007 : Column 1112

Mr. Darling: No. All requests made of the Government have been met in full. Where we have not been able to do that immediately, we are working with the relevant authorities to make sure that we put in place what is needed.

Mr. Peter Robinson (Belfast, East) (DUP): First, may I express the hope that the lost data might be found even now? If that happens, the problem can be treated as an exercise, with HMRC and other Departments looking at their procedures very carefully and changing them where necessary to ensure the safety of data transmission. Given the scale of problem, will the Chancellor say whether all parts of the UK are affected or whether any geographical importance can be attached to the data that have been lost? Will he also say—

Mr. Speaker: Order. Hon. Members may ask only one supplementary question.

Mr. Darling: I believe that the information that has been lost covers all recipients of child benefit. I know that the system in Northern Ireland is administered separately, but I am proceeding on the basis that all child benefit recipients are affected. As I said earlier, the police are still investigating, and that includes checking the precise details of what was taken off the computer. However, the information that I have today suggests that it is best to assume that recipients from all parts of the UK are affected, and not only those from Scotland, Wales and England. I am afraid that we will have to proceed on that basis.

John McDonnell (Hayes and Harlington) (Lab): It is clear that my right hon. Friend has taken prompt and decisive action from the time that he was informed of the mistake. As chair of the Public and Commercial Services trade union group, I am aware of the representations made to the Treasury in respect of concerns about management and the management systems that have been put in place, and about the impact of job cuts in HMRC. Will my right hon. Friend therefore meet the PCS group to discuss those matters of concern?

Mr. Darling: I know that the PCS has been extremely helpful in facilitating police interviews with members of staff who, like everyone else, are anxious to recover the items that have been lost. We are all grateful for that, and HMRC staff have behaved entirely in the way that one would expect from public servants. General staffing questions should be directed to my right hon. Friend the Financial Secretary to the Treasury, who has day-to-day responsibility for HMRC. I am sure that she will be happy to discuss them with my hon. Friend.

Mr. Peter Lilley (Hitchin and Harpenden) (Con): This calamitous breach of privacy occurred during the transfer of information between two public departments. Given that the national database behind the identity card system exists precisely to transfer and aggregate information between a great many departments, can the Chancellor give us an assurance that we will not proceed with that proposal without first carrying out a proper review of the privacy implications, especially in the light of the fact that the Australian proposal for an identity card foundered precisely on concerns about privacy?

20 Nov 2007 : Column 1113

Mr. Darling: As I said in my statement, there are a number of things we need to consider in relation to the holding of data by Government and the transfer of that information, which is why my right hon. Friend the Prime Minister asked for a report into the matter. In relation to this problem, as I have said on a number of occasions, it should never have been dealt with as it has been, and no one can possibly excuse the way in which the information was sent through the post. There are clearly a lot of lessons to be learned, and I am determined that we do just that.

Mr. George Howarth (Knowsley, North and Sefton, East) (Lab): Given that ultimately any system is vulnerable to human error, will my right hon. Friend consider during his various reviews of the problem whether it would be prudent for such databases to be encrypted in future?

Mr. Darling: That is certainly something we need to consider, because it is possible to encrypt information at present. My starting point is that in general if an auditor, or anyone else, wants to look at a large amount of information, it is best to do so where the information is stored so that we do not have to send it in the first place; but if information has to be sent—even if it is only a small amount concerning a small number of people, or an incomplete picture of someone’s circumstances—there is something to be said for encrypting it so that it can be kept as secure as possible. Let us be in no doubt: the public entrust the Government, or their agencies, with personal information and they expect that information to be safeguarded with as much security as we can possibly manage.

Mr. Iain Duncan Smith (Chingford and Woodford Green) (Con): The Chancellor said that he reckoned that the department was independent of his Department so in that sense it was enough for Paul Gray to resign, but it was to the Chancellor that HMRC came; it was he—rightly—who took the decision for a full search and then to call in the police, and it was he who has had to come to the Dispatch Box to explain it all. Does not that make it certain that he and his Department have absolute overall responsibility, so if the information gets into the wrong hands, would he consider it right that either he or his Financial Secretary should take the decision to resign?

Mr. Darling: The House debated the structure of HMRC recently when the two organisations merged. HMRC was set up as a body independent of Government, mainly to keep Ministers of whatever Government away from the business of collecting people’s money and paying out money. It has always been understood that although Ministers are responsible for policy, operational matters should be kept away from them for perfectly understandable reasons. HMRC is unusual: the body is run by a chairman and a board although it is clearly accountable to Parliament through Ministers—in this case, me. Of course, given the seriousness of what has happened, I took a very real interest in the matter right from the time it was drawn to my attention.

Next Section Index Home Page