I am watching Alistair Darling's statement to the House of Commons on the UK’s biggest data breach ever with rising anger.
It is quite clear that the chancellor just doesn’t get it. Time and again he sought to put the blame on individuals who broke “correct procedures”.
The real question is why did these individuals break correct procedures and how could they do so.
What kind of internal culture is it that allows this cavalier disregard of data to occur? Is it that basic data protection policies are held in disrepute? Is it that workers are driven to take short cuts because of the ongoing efficiency drive at HMRC?
Why is it that there are no technical safeguards in place to stop unencrypted data being downloaded? Why are there no technical safeguards in place to only allow data to be downloaded with the active permission of senior managers?
How many times have data protection and IT security experts warned that it is not enough to have a policy in place and to deliver homilies at six-monthly intervals on the importance of data security?
Last but not least, why is Darling so convinced that the biometric on his beloved ID card will prove so secure? What is to stop some individual downloading the biometric database along with the rest of the data HMRC owns?
He should go.