Summary: Policemen in the UK are left red-faced after a software screwup -- caused in part by the user -- which compromised the privacy of many people

Novell's fault or purely a human error? You decide. Software should be designed to minimise human error.

● Police send Reg hack CRB check database

Investigators are blaming human error for the data breach, rather than the system design. It occurred when the author of the email — a member of the force’s CID data management unit — used the autocomplete function in Novell’s email software to include the journalist’s address along with those of five Gwent Police officials in the “CC” field of the message.

● 'Serious' data breach at Gwent Police

The mistake is said to have occurred when the author of the email — a member of the force’s CID data management unit — used the auto-complete function in Novell’s email software to include the journalist’s address along with those of five Gwent Police officials in the “CC” field of the message. The Register email address had been automatically saved by the system after it was used to submit two unrelated Freedom of Information requests last year.

Hitherto, there has been no response from Novell, but it would be interesting to know if there's a deficiency in Novell's software that makes such an error easier to make and/or harder to spot? ⬆