How data leaks can bring down governments

Swedish Parliament building

By Steven McGinty

In July 2017, the Swedish Government faced a political crisis after admitting a huge data leak that affected almost all of its citizens.

The leak, which dates back to a 2015 outsourcing contract between the Swedish Transport Agency and IBM Sweden, occurred when IT contractors from Eastern Europe were allowed access to confidential data without proper security clearance. Media reports suggested that the exposed data included information about vehicles used by the armed forces and the police, as well as the identities of some security and military personnel.

The political fallout was huge for Sweden’s minority government. Infrastructure Minister Anna Johansson and Interior Minister Anders Ygeman both lost their positions, whilst the former head of the transport agency, Maria Ågren, was found to have been in breach of the country’s privacy and data protection laws when she waived the security clearance of foreign IT workers. In addition, the far-right Sweden Democrats were calling for an early election and Prime Minister Stefan Löfven faced a vote of no-confidence in parliament (although he easily survived).

However, it’s not just Sweden where data leaks have become political. Last year, the UK saw several high-profile incidents.

Government Digital Service (GDS)

The UK Government’s main data site incorrectly published the email addresses and “hashed passwords” of its users. There was no evidence that data had been misused, but the GDS recommended that users change their password as a precaution. And although users did not suffer any losses, it’s certainly embarrassing for the agency responsible for setting the UK’s digital agenda.

Scottish Government

Official documents revealed that Scottish Government agencies experienced “four significant data security incidents” in 2016-17. Three out of four of these cases breached data protection legislation.

Disclosure Scotland, a body which often deals with highly sensitive information through its work vetting individuals’, was one organisation that suffered a data leak. This involved a member of staff sending a mass email, in which email addresses could be viewed by all the recipients (a breach of the Data Protection Act).

Murdo Fraser, MSP for the Scottish Conservatives, criticised the data breaches, warning:

These mistakes are entirely the fault of the Scottish government and, worryingly, may signal security weaknesses that hackers may find enticing.”

Hacking parliaments

In the summer of 2017, the UK parliament suffered a ‘brute force’ attack, resulting in 90 email accounts with weak passwords being hacked and part of the parliamentary email system being taken offline. A few months later, the Scottish Parliament experienced a similar sustained attack on parliamentary email accounts. MPs have suggested Russia or North Korea could be to be blame for both attacks.

MPs sharing passwords

In December 2017, the Information Commissioner warned MPs over sharing passwords. This came after a number of Conservative MPs admitted they shared passwords with staff. Conservative MP Nadine Dorries explained:

My staff log onto my computer on my desk with my login every day. Including interns on exchange programmes.”

Their remarks were an attempt to defend the former First Secretary of State, Damian Green, over allegations he watched pornography in his parliamentary office.

Final thoughts

The Swedish data leak shows the political consequences of failing to protect data. The UK’s data leaks have not led to the same level of political scrutiny, but it’s important that UK politicians stay vigilant and ensure data protection is a key priority. Failure to protect citizen data may not only have financial consequences for citizens, but could also erode confidence in public institutions and threaten national security.


The Knowledge Exchange provides information services to local authorities, public agencies, research consultancies and commercial organisations across the UK. Follow us on Twitter to see what developments in policy and practice are interesting our research team. 

Going underground: in London, basement digging is a cheaper way to property expansion – but councils are getting tough on “iceberg homes”

ANTHONY_SALVIN_-_11_Hanover_Terrace_Regent's_Park_London_NW1_4RJ_est (1)

London’s Hanover Terrace, where Damien Hirst is planning an ambitious basement extension to his 19th century villa. Image by Spudgun67 via Creative Commons

 “It was the newly dug three-storey basement that had the guests buzzing. Below the cinema, gym and spa (complete with sauna, pool and massage table) sprawled an enormous six-car garage. But how did the vehicles get down there? Our host, an American who worked in finance, was only too happy to demonstrate: The cars were lowered down by a custom-built automobile elevator built into the parking pad in the side garden.”
Maclean’s 29 July 2015

Basement conversions and extensions are making a big noise in London. In 2001, the Royal Borough of Kensington and Chelsea received 46 planning applications for basement conversions. By 2013, that figure had soared to 450 applications. Rising house prices in the capital are making basement conversions more attractive, mostly to super-rich owners. The expansions can add millions to the value of their already expensive properties, and for those needing additional space a conversion can be cheaper than moving home.

But the trend to build down is not universally popular. Some conversions have hit the headlines because ambitious projects by rich and famous owners have triggered objections from their rich and famous neighbours:

  • in 2015, Jon Hunt, founder of Foxtons estate agency, won a legal battle with his neighbours (the French Embassy) to build an enormous basement to house his classic cars (the Embassy plans to challenge the ruling)
  • in 2013, Daimler-Benz heir Gert-Rudolf Flick got permission for a two-storey basement beneath his £30 million house in South Kensington. More than 50 local residents, including the cellist Julian Lloyd Webber, had objected to the construction plans, which they described as “entirely selfish”
  • last year, Queen guitarist Brian May launched a campaign to ban “iceberg homes” that can occupy more space below ground than the original property above

The bad feeling caused by these subterranean grand designs has spawned a new type of nimby – the “numbing” (Not Under My Bloody Idiot Neighbour’s Garden). Disgruntled neighbours’ concerns include:

  • the disruption caused by traffic, plant and equipment
  • the effects on the structural stability of nearby buildings and roads
  • the noise generated during construction (an experience described by Brian May as “an instrument of torture”)

The role of planning

Beyond the headlines, it’s planning authorities who have to deal with applications for basement extensions and to consider the implications.

Conversions of existing cellars don’t always require planning permission, unless the external appearance of the building is altered, for example by adding a light well. However, excavating the ground under a building to create a new basement may require planning permission, and these are the types of projects that can ignite disputes. As Westminster City Council’s 2014 planning guidance observes, with admirable understatement: “basement development is often contentious…”

Rewriting the rules on basement digging

In 2014, the rising tide of concerns prompted the Royal Borough of Kensington and Chelsea to revise its policy on basement development. The new policy restricts the extent of basement excavation to no more than under half the garden or open part of the site and limits the depth of excavation to a single storey in most cases.

Westminster City Council has moved to make similar changes to its basement extension policy, as has Richmond Council. As well as acknowledging residents’ concerns about noise and disruption, councils are anxious to address the wider environmental impact both during and after basement development. Westminster’s policy notes that:

“The uses associated with basement spaces may be more energy intensive due to additional requirements for lighting, ventilation and pumps, particularly where underground rooms house swimming pools and media rooms.”

Even if planning permission is not needed for basement development, the changes must comply with building control rules on fire safety, ventilation and structure. Neighbours affected by basement projects should also be aware of their legal position:

The only way is down?

The number of planning applications for domestic basements in London may have more than tripled since 2011, but a sharp deceleration in the rate of growth last year indicates that the trend may have peaked. As more boroughs tighten the conditions imposed on basement development, building costs are likely to rise and planning processes may be prolonged.

For some owners, however, thousands of pounds in additional costs is a drop in the ocean. Last month, artist Damien Hirst overcame council objections to extend the basement of his home in Westminster. Once the work is complete, it could more than double the value of his historic mansion, making it worth £100 million.