Regulator Warns MPs Over Sharing Of Computer Passwords

Regulator Warns MPs Over Sharing Of Computer Passwords
|

The UK’s data privacy regulator has warned MPs over the sharing of computer passwords.

The Information Commissioner’s Office (ICO) said it was “making inquiries” after two Conservative MPs tweeted claims they shared their login details with staff.

The incident was sparked by MP for Mid Bedfordshire Nadine Dorries, who was defending First Secretary of State Damian Green, who is the subject of a Cabinet Office inquiry into allegations pornography was found on a work computer used by him in 2008.

She said computer use by multiple people was common, and her staff “log onto my computer on my desk with my login everyday. Including interns on exchange programmes”.

In response fellow Conservative Nick Boles, MP for Grantham and Stamford, tweeted that he often forgot his own password and would “ask my staff what it is”.

The House of Commons handbook states that staff must not share passwords, but the rules do not appear to extend to MPs and their login details.

“We’re aware of reports that MPs share logins and passwords and are making inquiries of the relevant parliamentary authorities,” the ICO said on Twitter.

“We would remind MPs and others of their obligations under the Data Protection Act to keep personal data secure.”

It also included a link to an online guide on best practices for data security.

Ms Dorries defended her revelation following criticism on social media, adding that she was a backbench MP who did not have access to Government documents.

However, Jim Killock of online privacy watchdog Open Rights Group, said the practice of sharing log in details were a concern.

“On the face of it, Nadine Dorries is admitting to breaching basic data protection laws, making sure her constituents’ emails and correspondence is kept confidential and secure. She should not be sharing her log in with interns,” he said.

“More worryingly, it appears this practice of MPs sharing their logins may be rather widespread. If so, we need to know.”

He urged MPs’ staff and former staff to get in touch with the group if they had any knowledge of “insecure data practices in MPs’ offices”.