8 hours ago
4
One of many extraordinary features of the data breach that put tens of thousands of Afghan lives in jeopardy is the length of time between the original leak and the government taking action. The email containing a highly sensitive dataset was sent from a Ministry of Defence computer in February 2022. Ministers were not aware of the problem until August 2023.
The fact that the MoD’s systems were lax enough for the error to have been made is worrying enough. The delayed response is more alarming still. And then there is the disturbing mechanism by which the whole scandal was kept from the public eye.
There was an argument on safety grounds for keeping the existence of the leaked list secret. Applicants to the Afghan relocations and assistance policy (Arap), a scheme to expedite asylum for people who had worked with British forces in the country, would be natural targets for vengeful Taliban hit squads. A judge deemed the risk severe enough to grant the MoD’s request for an injunction on reporting the breach and upgraded it to a “superinjunction” – a prohibition on reporting the existence of reporting restrictions.
This powerful suppressive tool is usually associated with cases of celebrities guarding their privacy, and even then it is controversial. There is no known precedent for its deployment to protect the government from scrutiny in a case of manifest public interest. Mr Justice Robin Knowles took the view that the Arap applicants’ right to safety should take precedence over the freedom of the press to report the leak.
That may have been a worthy argument in 2023 – but not in perpetuity. However, ministers regularly sought to renew the superinjunction, citing increasingly spurious premises. It was almost removed in May 2024, but restored on appeal. It was only lifted this week after an internal government review, commissioned by the defence secretary, John Healey, found that being identified in the data breach should no longer be considered a matter of life and death. It would “simply be another factor in exacerbating a person’s existing vulnerability”.
How, why and when the balance of risk shifted is unclear. It happened over many years under multiple defence secretaries, straddling a change of government. Over the same period, hundreds of millions of pounds were spent on an emergency resettlement scheme for people affected by the data breach – an expensive policy on a matter of great political sensitivity run entirely below the radar of parliamentary scrutiny or any other mechanism of accountability.
Meanwhile, many of the legal arguments that led to renewal of the superinjunction were held in closed court. The grounds for keeping the blanket of secrecy in place were themselves wrapped in an extra layer of secrecy. Such a process goes against fundamental principles of open justice. In an era of depleted trust in politics, its deployment to keep a serious scandal from public view is also corrosive of democracy. A dangerous precedent has been set.
Lifting the superinjunction doesn’t in itself bring transparency. But it does at least permit overdue questions about how the data breach happened, the timeliness and effectiveness of the MoD’s response, and why no one has been held to account. The current Labour government was not responsible for keeping the public in the dark for so long, but it will be judged on its willingness to let the light in now.
-
Do you have an opinion on the issues raised in this article? If you would like to submit a response of up to 300 words by email to be considered for publication in our letters section, please click here.
