A couple of years ago there was a big push by the Central Government within England to get local Government to put more of their services online so that the public had more access to them. This created a big push which resulted in lots of online services from a large number of local governments.
One of the services that seemed to be popular to publish were Planning Permission Applications. I assume this was popular since it was fairly easy to achieve as a number of the applications that supported this were already web-based. As a result it was now possible to view all applications or track your own application online. The advanced ones even let you leave comments about applications.
Today within one of the free London newspapers “London Lite”, I was reading how ID thieves are using the information on these planning applications to steal people’s identity. The problem is caused because many councils scan the entire application form electronically and then publish that form. They seem to have missed the fact that these forms can contain, among other things:
- Full names
- Contact phone numbers
I didn’t believe the story so I checked for myself. One of the culprits cited was Westminster Council. Sure enough after a bit of clicking around I was able to download a PDF of a scanned application form containing all of the above information. I did a cursory search of a few other council websites and most seem to be a bit better than Westminster. They tended to blank out the sensitive information.
It seems that in the case of some councils, their rush to get services online meant that security and privacy were not taken into account (isn’t that all too common). This is a prime example of users not being in control of their own identity information and how it is disseminated.
Hopefully, Westminster and other guilty councils will correct this mistake quickly!
powered by performancing firefox