British government plans to create a giant database of all telephone calls, emails and internet behaviour will suffer a setback today when the true scale of the misuse of personal information held by the state and private business is revealed for the first time.
An investigation by the information watchdog has found that in the past year, millions of people have been affected by nearly 300 serious breaches of data protection laws across central government and the private sector.
Cases include the loss or misuse of sensitive information about patients, service personnel, police, prison officers and the victims of domestic violence.
Richard Thomas, the Information Commissioner, will say today that in some instances lives may have been placed at risk, and he calls on ministers and chief executives to end the routine collection of data without ensuring proper safeguards are in place.
His comments will be interpreted as implicit criticism of the Home Office's controversial plans to set up a database holding information about every phone call, email and internet visit made in the United Kingdom.
Jacqui Smith, the Home Secretary, has promised to begin consulting on the database in January next year.
But speaking in London today Mr Thomas will say: "The more databases that are set up and the more information exchanged, the greater the risk of things going wrong." Mr Thomas warns that the soaring number of data breaches since HM Revenue and Customs lost 25 million child benefit records in November last year shows that holding data creates "toxic liabilities".
He adds: "The more you centralise data collection, the greater the risk of multiple records going missing or wrong decisions about real people being made.
The more you lose the trust and confidence of customers and the public, the more your prosperity and standing will suffer.
Put simply, holding huge collections of personal data brings significant risks." The number of data breaches reported to the Information Commissioner's Office (ICO) has soared to 277 in the past 12 months.
The figures, the first to be collated by the watchdog, include 80 reported breaches by the private sector; 75 within the NHS and other health bodies; 26 by local authorities; 47 by the public sector and 28 reported by central government.
One breach involved the details of 600,000 military personnel when the Ministry of Defence lost a laptop in January.
The ICO is investigating 30 of the most serious cases.
Mr Thomas says: "It is alarming that despite high profile data losses, the threat of enforcement action, a plethora of reports on data handling and clear ICO guidance, the flow of data breaches and sloppy information handling continues."
- THE INDEPENDENT