Danny McCance 26 Jun 2018 11:14am

HMRC investigated for alleged data laws breach

The Information Commissioner’s Office (ICO) has launched an enquiry after it was revealed that HMRC has taken voice recordings of more than 5.1 million taxpayers without consent

“We have received a complaint about HMRC’s voice ID scheme and will be making enquiries,” an ICO spokesperson said.

Callers to HMRC are required to say “my voice is my password” to gain access to services on an automated line, but do not have the option to opt in or out, according to an investigation by privacy watchdog Big Brother Watch.

HMRC customers are able to access services without using voice ID.

The group accuses the Revenue of railroading taxpayers into a “mass ID scheme” and breaching UK data protection laws, after submitting a freedom of information request that revealed the extent of the voice data compiled.

“Our VoiceID system is very popular with customers as it gives a quick and secure route into our systems. Our customers’ data, including for VoiceID, is stored securely,” an HMRC spokesperson said.

Digital signatures are based on more than 100 measures of the voice, which are encrypted and securely stored, so that they cannot be tracked back to an individual.

Big Brother Watch also accused HMRC of sharing this data with other government departments and claims that it is refusing to reveal which departments the data has been shared with.

It added that HMRC will not share any information collected from any of the privacy impact assessments it has undertaken, answer how IDs are stored and used or if it is possible to delete a voice ID, or explain which legal territory the data is being held in or the cost of the scheme.