THOUSANDS of Afghans are being relocated to the UK after a major data leak revealed the identities of people who had worked with the British military against the Taliban.
The UK Government tried to gag the media with an unprecedented super-injunction which has now been lifted.
The data, which revealed the names, contact information and other personal details of around 25,000 Afghans, put people who had worked with the UK at significant risk of reprisal from the Taliban.
The information was leaked accidentally by a British defence official in emails in February 2022. It was not discovered until August 2023 when it was mentioned in a Facebook group.
Other details are still unpublishable because of a court order.
When the leak was discovered, Rishi Sunak’s government set up a secret scheme to bring Afghans to the UK for their safety.
Defence Secretary John Healey told the Commons on Tuesday that 900 people had moved to Britain or were in the process of moving on what was called the Afghan Response Rate to date, along with 3600 of their family members at a cost of £400 million.
He said that the scheme was now closed and no new offers would be made but that the Government would honour 600 existing invitations, which the Defence Secretary would double the overall cost.
As the High Court considered lifting a gagging order obtained by the Government through an unparalleled super-injunction, the scheme was cut short.
The High Court was told that civil servants had warned of the risk of “public disorder” had the relocation plan come to light, after far-right rioting swept across England last summer.
Justice Chamberlain, who lifted the super-injunction, had previously ruled that the gagging order should be lifted, saying there was a "significant possibility” the Taliban knew about the dataset, adding it was “fundamentally objectionable” that decisions about thousands of people’s lives and “enormous sums of public money now being committed” were being taken in secret. This was blocked by the Court of Appeal.
To date, the UK Government has moved only around 18,500 of the affected Afghans to the UK and the Ministry of Defence (MoD).
A review commissioned by the Government by former deputy chief of defence intelligence Paul Rimmer found that despite the human rights abuses of the Taliban, there was "little evidence" of retribution against former officials, Healey (above) told MPs.
Rimmer worked in "a range of posts" at the MoD between 1983 and 2008, according to his LinkedIn. He also served as chief of the assessments staff at the Cabinet Office and chief of staff at Permanent Joint Headquarters.
He said that while the Rimmer review did not rule out any risk, the Government had sought to lift the super-injunction because of the countervailing interests of transparency when weighed against the level of risk.
Most affected are already eligible to come to the UK through existing relocation routes for Afghans, the MoD said.
Earlier this month, the UK Government abruptly closed public asylum schemes for Afghans: the Afghan Relocations and Assistance Policy (Arap) and Afghan Citizens Resettlement Scheme.
The media has been silenced from reporting on the story since September 2023, after the High Court lifted the first ever super-injunction obtained by the UK Government.
But a fresh interim injunction means that some details remain unpublishable, despite explaining the severity of the breach.
The UK Government did not discover the leak until an anonymous person posted screenshots of the spreadsheet on Facebook in August 2023 and threatened to disclose the entire database.
One of the people familiar with the breach told the Financial Times that the database had been sold, at least once, for a five-figure sum. They also claimed that one of the recipients of the database used it to blackmail the Government to relocate them and 14 family members to the UK.
The identity of the soldier, or whether they have been sanctioned, has not been revealed by the MoD and it is not known whether the Taliban has obtained the list.
More than 665 Afghans have launched a collective lawsuit against the MoD over the breach, seeking at least £50,000 each in compensation.
In a statement, the Information Commissioner's Office's deputy commissioner, Emily Keaney, said the body had decided "no further regulatory action is required at this time in this case”.
She added: "Data protection should never be a barrier to sharing information when this is needed to prevent harm and we accept that the initial sharing of the document was intentional and considered under the circumstances.
“However, there were mistakes made beyond this with hidden data in the spreadsheet.
“We have been clear with the MoD that this incident is unacceptable and should never happen again – the stakes are simply too high."
