THE Vale of Glamorgan council is at the centre of a second major controversy after a computer memory stick containing confidential child protection information was found on the street.
The stick, which also allegedly contained medical records and details of court cases, was not encrypted or password-protected and its loss was only revealed after the person who found it took it home and recognised a man named on it.
That man – who had in the past been cleared of child abuse allegations – spoke of his “horror” at the discovery, and an investigation into how the memory stick was lost is being carried out by Vale council.
It is the second time in less than a month the council has come under fire.
Just over three weeks ago, the Echo revealed how the council’s social services department placed a known teenage sex offender with a family with two young children who were both seriously sexually assaulted by the teenager.
The man named on the stick, who asked to remain anonymous, said: “I am disgusted by it.
“I would have expected an apology when it happened to say they had lost the stick with information regarding my young son, but they didn’t even bother to say it had been returned safely.
“I have been paranoid for the last couple of weeks.
“When I see people walking down the street or past my house they will think I am a child abuser, even though we were cleared.
“It’s horrendous. I was paranoid I might even be blackmailed.”
In February, the man was approached by an acquaintance who told him he had seen his name on the memory stick, found by the council offices in Barry.
He said: “I was on the platform at Cardiff train station and there was a person there I hadn’t seen for five years.
“He said to me: ‘You’ll never guess what I found the other day. I was walking down Holton Road and I found a memory stick from a computer.’
“He was able to tell me details of medical notes and about cases I hadn’t told him about to do with my family. I was pretty shocked.”
Vale AM Jane Hutt said: “I am extremely concerned to hear this data may have been lost and I have contacted the Vale of Glamorgan council to ask for a full explanation.
“I have also written to the Deputy Minister for Social Services, Gwenda Thomas AM, to express my concerns.”
A council spokesperson said: “We are carrying out an investigation into this matter. The incident happened some time ago. Since then, the council has significantly improved security measures relating to the use of memory sticks.”
The council will meet on Monday, after which a further statement will be released.
Its opposition leader, Neil Moore, said: “As far as I’m concerned, it’s something which should not have happened.
“I do not believe memory sticks should be taken off machines unless it is encrypted as a basic policy.
“We need to ensure the policy is stringent enough.”
It is not currently clear how many other people might have seen the data, how much information was on the list, how long it was lost for or how many families are affected.
Bridget Beale, a spokeswoman for Liberty, a campaign group which seeks to protect civil liberties and promote human rights, said: “Another day, another data loss.
“This time round it’s confidential child protection data, which is bad enough for the families involved.
“But what if this lost data had come from the government’s planned national identity register or centralised communications database? These mammoth information stores will hold our most intimate details.
“Just ask the families in this latest bungle how well government at all levels does at keeping data safe.”
Paul Charkiw, head of efficiency and procurement at the Welsh Local Government Association (WLGA), said: “Local Government Data Handling Guidelines provide local authorities with an essential checklist of actions, and sets the standard for local government into the future.
“The WLGA has worked closely with a range of partners, including the Local Government Association, the Improvement and Development Agency, the Society of Information Technology Management, and with central and local government in developing this guidance. The standards local government is setting itself are challenging, but necessary to rebuild public confidence in the public sector’s ability to protect personal data.
“The Society of Local Authority Chief Executives and Senior Mangers and the Information Commissioner have both welcomed this publication.”