“Stolen RAF vice files spark blackmail fear” was the heading of the report in The Guardian on the theft of sensitive files detailing the extramarital affairs, drug-taking and use of prostitutes by very senior officers in the United Kingdom’s Royal Air Force — a theft which, the Ministry of Defence fears, will expose up to 500 senior RAF personnel to blackmail.
Right: The RAF — cute rondel, but security requires a key
Three computer hard drives, holding the unencrypted personal information, went missing from RAF Innsworth, Gloucestershire, in September of last year. A fortnight after the theft, the RAF said they contained “only” the bank details and home addresses of 50,000 servicemen and women. Neither the then Information Commissioner Sir Richard Thomas nor Parliament itself were notified of the true position, outlined in an internal Ministry of Defence memo which was obtained under Freedom of Information legislation.
Following this, the latest in a sequence of public sector data protection disasters, a cynic might be entitled to conclude that data protection really doesn’t matter any more. The failure to guard against the loss of sensitive personal information has become so routine that it is more or less expected. In an era of data leaks, whistle-blowing, reality TV, Big Brother and the high level of media exposure of private and personal information in the name of freedom of expression and the preservation of the public interest, the best advice to anyone seeking to embark upon any act that he or she would not wish the world to know about is to assume that someone else will find about it sooner or later and that the law will offer no meaningful comfort.