Updates, commentary, training and advice on immigration and asylum law

Personal data breaches by the Home Office soar to over 4,000 last year


Older content is locked

A great deal of time and effort goes into producing the information on Free Movement, become a member of Free Movement to get unlimited access to all articles, and much, much more


By becoming a member of Free Movement, you not only support the hard-work that goes into maintaining the website, but get access to premium features;

  • Single login for personal use
  • FREE downloads of Free Movement ebooks
  • Access to all Free Movement blog content
  • Access to all our online training materials
  • Access to our busy forums
  • Downloadable CPD certificates

Personal data breaches at the Home Office rose 122% last year to over 4,000.

There were 4,204 “personal data related incidents” in 2019/20 compared to 1,895 in 2018/19, according to the department’s annual report and accounts. They included “loss of inadequately protected electronic equipment, devices or paper documents” and “unauthorised disclosure” of personal data.

Officials deemed only 25 data loss incidents significant enough to report to the Information Commissioner’s Office, down from 35 the year before.

The figures have been widely reported in the IT press this week, with outlets crediting Parliament Street, a think tank, for plucking them out of the annual report. 

It is not known — and the Home Office will not say — how many of these incidents related to the department’s immigration functions. But the immigration inspector, David Bolt, gave examples of data breaches affecting the EU Settlement Scheme in a report earlier this year. Some are quite serious.

Poor data security is a particular concern given the government’s plans for a centralised database of migrants’ legal status, known internally as the Status Checking Project.

The Home Office has issued revised guidance to staff to stop documents going astray. A spokesperson told Free Movement, “We take customer data protection and the security of documents extremely seriously and there are a number of robust processes in place to prevent losses within our control. This includes referring data incidents, which meet the appropriate threshold for reporting, to the Information Commissioner’s Office”.

This article has been updated. The percentage rise from 1,895 to 4,204 is 122%, not 55% as originally stated.

Relevant articles chosen for you
CJ McKinney

CJ McKinney

CJ McKinney is a specialist on immigration law and policy. Formerly the editor of Free Movement, you will find a lot of articles by CJ here on this website! Twitter: @mckinneytweets.