written by John Urquhart

by consensus of the Disability Activism Society

We have received reports that the Department for Work and Pensions has failed to "blind copy" (also known as "BCC") the participants of the upcoming virtual consultation resulting in anyone who was sent an email being able to see the emails of every other attendee. We feel this is a significant safeguarding breach, and the kind of error that is difficult to understand given the size, scope, and institutional experience of the department in question.

The DWP employs tens of thousands of people and has safeguarding responsibility for millions: that it must do better than this could not be more obvious given the recent example of the case of "David" - a man who died after his benefits were cut by the DWP, but which were subsequently reinstated, possibly after they learned of his death.

Given that the DWP is responsible for safeguarding the data of millions of people in this country it is beyond reprehensible that a breach of this nature should take place, even if it does seem relatively minor. Benefit claimants must feel secure in sending incredibly privileged information to the DWP as a natural part of claiming; keeping data safe is an integral part of the department's role.

If you have been impacted by this data protection breach, you may may a complaint to the Information Commissioner's Office here.