Garlik highlights UK government data failings

Next Story

Ericsson's Bergendahl: Wi-Fi's days are numbered

UK online identity startup Garlik is putting the UK Government under pressure with new research which shows it is continuing to fail to put in place basic data protection and integrity policies despite recent major information breaches.

When Garlik put in some Freedom of Information requests, all 14 of the government departments that responded admitted they lack basic systems for proving compliance with the Data Protection Act (DPA). Only the House of Lords and the Serious Fraud Office said they have a written data correction policy or protocol. Garlik is calling on the government to establish written policies and procedures for monitoring the accuracy of information and correcting erroneous database entries. It also wants government departments to publish reports based on periodic independent audits.

Garlik allows consumers to identify what personal information about them is in the public domain and manage online identities. It’s Data Patrol product costs £2.99 per month and gives a customer frequent identity checks, local area reports and on-demand expert advice and support.

In April 2007 year Garlik raised £6 million ($12m) in series B funding. At the time said it had 50,000 customers for its DataPatrol product. Investors to date include 3i – which recently pulled out of early-stage venture capital – and Doughty Hanson Technology Ventures.

Garlik has a pretty heavy-weight team. The executive chairman is Mike Harris, the founding chief executive officer of online bank Egg; Tom Ilube is CEO and the former chief information officer of Egg and Professor Nigel Shadbolt is CTO and current President of the British Computer Society. The rest of the team is similarly impressively qualified. Advisors include one Tim Berners-Lee.

  • Emma Kane

    Interesting idea. Although I see that Mike has not yet signed up for a QDOS – their measure of your online kudos….

  • Mike Butcher

    @Emma – Yeah I’m really missing out not having that QDOS thing…

  • Emma Kane


  • Craig Cockburn

    This is all very well, but when you go to Garlik’s website the login form on the home page asks for your date of birth on a non SSL page, meaning that DoB (a major attribute for ID theft) is sent unencrypted and potentially stored in a web cache or proxy en route. Hardly best practice coming from a panel of “world-class ID protection and technology experts”


  • Craig Cockburn

    They actually have both the http and https versions of their homepage live with no redirect (sigh)


blog comments powered by Disqus