The Information Commissioner's Officer (ICO) has revealed that the Identity and Passport Service (IPS) breached the data protection act by losing 21 passport applications containing applicants' personal details.
The loss occurred in May 2010 and the details that went astray included the personal data of both the applicants and their countersignatories.
The ICO said that the affected people had been informed and were given new passports and it has received no complaints about the data being used by a third party.
The IPS has signed an undertaking under which it has agreed to deploy a number of measures that would ensure that such a breach is not repeated. The measures involve the staff being trained on how to handle sensitive documents. The measures are outined this this pdf.
Mick Gorrill, head of enforcement at the ICO, said in a statement: “A passport is an important identification document and it is clearly of concern that information relating to renewal applications has been lost.
"However, there is no evidence to suggest that the applications have fallen into the wrong hands and we are pleased that the Identity and Passport Service is taking steps to stop this happening again.”