Councils have accidentally leaked data ‘once a fortnight’ since 2009


Local authorities are mistakenly releasing private data, containing personal details of individuals, at an average rate of ‘once a fortnight’ since 2009, according to social charity mySociety.

A volunteer team from WhatDoTheyKnew, the freedom of information website run by mySociety, have dealt with over 150 accidental data leaks made by public sector authorities from freedom of information requests in the past six years.

mySociety has described the evidence as “only the tip of the iceberg” of a wider problem of data protection and security in the public sector.

Public authorities are instructed to remove or censor personal information before any data is released, however WhatDoTheyKnow have said that often data is provided to them in a spreadsheet where data is not ‘anonymised’ correctly.

In particular, WhatDoTheyKnow found personal data hidden in separate tabs or pivot tables which had been forgotten or overlooked as sources of confidential data.

Myfanwy Nixon, a spokesperson for the group said: “Information officers need to be given more robust training that focuses on ways to prevent data breaches.

Before this can happen, public authorities are going to need to fully understand the importance of the kind of data they are routinely releasing – the incidences of repeat offenders would indicate that that’s not always the case.”

A spokesperson for the Local Government Association said: “Councils take the handling of confidential data extremely seriously and staff are given rigorous training. On the rare occasions breaches occur, robust investigations and reviews are immediately undertaken to ensure processes are tightened.”

Related reading