top of page
Lanon Wee

Ministry of Defence Penalized Following Error with Emails that Endangered Afghan Interpreters

The MoD has been penalized to the amount of £350,000 due to a careless email that disclosed the details of interpreters escaping Afghanistan. The 265 individuals who had been employed by the British government were impacted when the Taliban took over - some of them were even in hiding during this time. The data watchdog warned that had the data been obtained by them, lives would have been in danger. The MoD expressed recognition of the gravity of the breach, accepted the decision, and apologised to those affected. John Edwards, the Information Commissioner, declared that the mistake had failed to do justice to those for whom we owe a great debt. He said: "This was an especially egregious violation of the security responsibility owed to these people, so fittingly meriting the financial punishment my agency is imposing today." interpreters' relatives, and some civilian staff. It was in September 2021 that the BBC first uncovered the primary breach, which had taken place when the Afghan Relocation and Assistance Policy Team (ARAP) had sent out a widespread email to 245 people who had been employed by the British government and were entitled to evacuation. Most of them were interpreters, relatives of interpreters, and some civilian staff members, though not all. In the message, their addresses were placed in the "to" field instead of the anticipated blind carbon copy (Bcc) field - which revealed the email addresses to all those who received it. When two individuals responded to the email by using the "reply all" function, additional facts about those seeking to leave Afghanistan, such as one person's whereabouts, were divulged. An internal investigation by the Ministry of Defence (MoD) has revealed two additional cases, raising the total number of people affected to 265, according to the Information Commissioner's Office. The ICO has identified the Bcc mistake as being at the root of numerous data security breaches. An interpreter affected by the breach said in 2021 that the mistake "could possibly lead to the death of interpreters, particularly those who remain in Afghanistan." Some of the interpreters failed to spot the mistake and had already responded to all the emails, explaining the precarious situation. The email contained their profile pictures and contact information. Ben Wallace, the previous defence secretary, indicated at that time that expressing his outrage at the infringement would be an understatement. Mr Wallace remarked to the House of Commons in September 2021 that the incident had disappointed the thousands of members of the armed forces and veterans. This video cannot be played. Ben Wallace addressed MPs regarding the incident in 2021. The ICO's inquiry into the incident revealed that between August and September of 2021, the Ministry of Defence had not met the technical standards for ensuring data security as specified by UK data protection regulations. Mr Edwards stated that although it took into account the hard environment in which the episode happened, "when the danger and damage to people increases, so must the answer,". The watchdog revealed that it had lessened an original fine of £1m to £700,000 due to the MoD's endeavours to alert the occurrence, minimize its consequences and consider the issues concerning staff relocation. The ICO's effort to reduce the impact of government fines on the public resulted in this being cut down to £350,000. The MoD noted that it had provided extensive cooperation with the data watchdog to resolve the breach. A spokesperson noted the seriousness of the situation, and expressed their full acceptance of the ruling, adding an apology to those affected.

Comments


bottom of page