The Information Commissioner’s Office (ICO) has issued a warning against sharing passwords with other people.
The data protection regulator was responding to the news that MPs have been giving out their computer login details to their staff, including interns.
The practice has been heavily criticised, and the ICO says it’s looking into the matter.
Gadgets and tech news in pictures
- 43show all
“We’re aware of reports that MPs share logins and passwords and are making enquiries of the relevant parliamentary authorities,” it tweeted this morning.
“We would remind MPs and others of their obligations under the Data Protection Act to keep personal data secure.”
The ICO’s tweet included a link to a guide to data protection.
In an attempt to defend Damian Green, who has been accused of having pornography on his Commons computer, Conservative MP Nadine Dorries revealed that she routinely shares her login passwords with all her staff.
“My staff log onto my computer on my desk with my login everyday,” she tweeted over the weekend. “Including interns on exchange programmes. For the officer on @BBCNews just now to claim that the computer on Greens desk was accessed and therefore it was Green is utterly preposterous!!”
She then added, “All my staff have my login details. A frequent shout when I manage to sit at my desk myself is, ‘what is the password?’”
Nick Bowles followed this up by saying, “I certainly do [share login details with staff]. In fact I often forget my password and have to ask my staff what it is.”
Nadine Dorries defends ‘cavalier’ approach to cyber-security
Jim Killock, the Executive Director of the Open Rights Group, said, “On the face of it, Nadine Dorries is admitting to breaching basic data protection laws, making sure her constituents’ emails and correspondence is kept confidential and secure. She should not be sharing her log in with interns.
“More worryingly, it appears this practices of MPs sharing their log ins may be rather widespread. If so, we need to know.
“We are urging MPs staff and former staff to get in touch with us if they have knowledge about insecure data practices in MPs’ offices. Once we know more, we will consider complaining to the Information Commissioner and Parliamentary authorities.”