The CMS, your data, hacking, and Government profiteering
We wrote recently about the Child Maintenance Service and your personal data. Suffice to say, we were extremely concerned about the levels of intrusion and lack of protection for UK citizens.
For those of you who have read other articles on Voice of the Child, you may recall a gentleman called Marc Gill. He was the positive pant wearing CMS Director of Arrears and Enforcement.
Marc informed us (and everyone else) about a “new data trial” being used in the CMS Falkirk office and that it was getting “great results”. We have obtained some further information about what Marc meant by this relatively innocuous message. We think you will be interested, concerned, and horrified by what we have uncovered.
What is this new data trial?
We have discovered that the “new data trial” relates to a
Indesser Data Sharing Proof of Concept (PoC) currently underway in CMG’s Falkirk centre
the CMS go on to say that the trial is intended
To understand the composition of non-compliant Child Maintenance Service (CMS) cases analysis was commissioned using a private sector company, Indesser, to help identify cases where a paying parent may be either unable to pay or unwilling to pay. The aim of the PoC is to help establish ways in which the CMS can prioritise and target more efficient debt recovery.
This was an interesting statement as it looked to us as if the CMS was now using a private company as part of a strategy for arrears collection. Bear in mind that Indesser, as a private company will have the objective of making a profit for its shareholders.
Who are Indesser?
We wanted to find out more about the company that the Child Maintenance Service selected to run this data trial. So, we started digging…..
Indesser is the trading name for a private company called “Integrated Debt Services Ltd”. It is a UK registered company owed 50% by a company called “TDX Group” (which is a subsidiary of the US business Equifax) and 50% by the UK Government. So the Government is profiting from this trial.
You can read more about Indesser’s formation here. It is clear that the Indesser remit is collect “debt owed to Government”.
Remember that the Government owns half of this company which, according to their latest company accounts made £20.8m in revenue with a profit margin of 15.6% which produced a profit of £3.3mln.
The average number of employees in that year was 10 and they had a total wage bill of £1.205mln with a further £636,000 in pension contributions and Emoluments for Directors. The highest paid director made £230,000 that year.
What is the CMS giving Indesser?
The “Design Scope and Approach” document is clear that the trial is
focused on a sample of 32,000 cases on CMS were the total debt balance was in excess of £1,000 and owed to the Receiving Parent (not the Secretary of State)
The CMS then overlaid this 32,000 case list over the “Arrears non paying case list” which resulted a match of 10,000 cases. Is your case one of the 10,000?
The CMS is passing the following data to Indesser:
National Insurance Number
Special Client Information Number (SCIN)
Date of Birth
Address Line 1-5
The CMS was asked about the discrepancy between Indesser’s remit to collect “Debt owed to Governement” and their use in this trial which is focused on “debt owed to the Receiving Parent” (i.e. not the Government).
They responded with the following line
All child maintenance debt is owed to the government, (although the government pays any owed money onto the receiving parents).
This is of course not true or indeed accurate (which is exactly why the scoping document makes the distinction). When you overlay the issues with Arrears calculation (or miscalculation as identified by the NAO) with the apparent fact that the CMS is using a company part owned by Government to harass its own citizens about “private debt” then things start to look rather questionable.
Let’s not forget, the Government is obtaining a profit from the aggressive practices employed by the CMS.
Data Breaches and Hacking
We mentioned above that Indesser is part owned by TDX (an Equifax subsidiary). If you have been reading the press then you would be right to have some concerns about where the data passed by the CMS to Indesser may have ended up.
Here are some of the articles relating to Equifax and their ability to keep data in their possession secure:
You get the idea. Equifax has shown that it is unable to safeguard data in its possession yet this is the (parent) organisation that the CMS has elected to use in their “data trial” and is literally a “business partner” of the UK Government. We are gravely concerned by this.
Is your case one of the 10,000 in the Data Trial? Has your information been hacked? Let us know your thoughts in the comments below, on Twitter or Facebook.
Also published on Medium.