header-logo header-logo

Home Login E-newsletter About us
06 December 2007 / Timothy Pitt-payne
Issue: 7300 / Categories: Features , Data protection
printer mail-detail

Honey, I shrunk the database

© Copyright LexisNexis 2026. All Rights Reserved.

Timothy Pitt-Payne considers the legal implications
of the HMRC data disaster

“To lose one parent may be regarded as a misfortune; to lose both looks like carelessness.” And to lose every parent in the country? Even Oscar Wilde’s Lady Bracknell might be left speechless.

On 20 November 2007 the chancellor of the exchequer made a statement to the House of Commons about what he described as “an extremely serious failure” at HM Revenue & Customs (HMRC). In October 2007 a junior official at HMRC sent two CDs to the National Audit Office (NAO) by courier. The disks contained a full copy of HMRC’s child benefits database, including names, addresses, dates of birth, national insurance numbers, and bank and building society account details. There was information about 25 million individuals. The disks were password protected but not encrypted, and the package in which they were sent was neither registered nor recorded. The CDs did not arrive at the NAO. For the past few weeks, every family claiming child benefit has been left wondering if

If you are not a subscriber, subscribe now to read this content
If you are already a subscriber sign in
...or Register for two weeks' free access to subscriber content

MOVERS & SHAKERS

Read All
Sponsored by
Freeths—Rachel Crosier

Freeths—Rachel Crosier

Projects and rail practices strengthened by director hire in London

DWF—Stephen Hickling

DWF—Stephen Hickling

Real estate team in Birmingham welcomes back returning partner

Ward Hadaway—44 appointments

Ward Hadaway—44 appointments

Firm invests in national growth with 44 appointments across five offices

NEWS
Read All
NLJ this week: 40 years on, has PACE lost its edge?
The Police and Criminal Evidence Act 1984 transformed criminal justice. Writing in NLJ this week, Ed Cape of UWE and Matthew Hardcastle and Sandra Paul of Kingsley Napley trace its ‘seismic impact’
NLJ this week: Stress-testing the City
Operational resilience is no longer optional. Writing in NLJ this week, Emma Radmore and Michael Lewis of Womble Bond Dickinson explain how UK regulators expect firms to identify ‘important business services’ that could cause ‘intolerable levels of harm’ if disrupted
NLJ this week: How sure is ‘sure’ enough?
Criminal juries may be convicting—or acquitting—on a misunderstanding. Writing in NLJ this week Paul McKeown, Adrian Keane and Sally Stares of The City Law School and LSE report troubling survey findings on the meaning of ‘sure’
NLJ this week: A deferred prosecution reprieve
The Serious Fraud Office (SFO) has narrowly preserved a key weapon in its anti-corruption arsenal. In this week's NLJ, Jonathan Fisher KC of Red Lion Chambers examines Guralp Systems Ltd v SFO, in which the High Court ruled that a deferred prosecution agreement (DPA) remained in force despite the company’s failure to disgorge £2m by the stated deadline
NLJ this week: Mandelson, Epstein & the court of popular opinion
As the drip-feed of Epstein disclosures fuels ‘collateral damage’, the rush to cry misconduct in public office may be premature. Writing in NLJ this week, David Locke of Hill Dickinson warns that the offence is no catch-all for political embarrassment. It demands a ‘grave departure’ from proper standards, an ‘abuse of the public’s trust’ and conduct ‘sufficiently serious to warrant criminal punishment’
Copyright © 2026 LexisNexis
back-to-top-scroll