{"id":59845,"date":"2025-12-12T12:58:46","date_gmt":"2025-12-12T12:58:46","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/uk-watchdog-urged-to-probe-gdpr-failures-in-home-office-evisa-rollout\/"},"modified":"2025-12-12T12:58:46","modified_gmt":"2025-12-12T12:58:46","slug":"uk-watchdog-urged-to-probe-gdpr-failures-in-home-office-evisa-rollout","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/uk-watchdog-urged-to-probe-gdpr-failures-in-home-office-evisa-rollout\/","title":{"rendered":"UK watchdog urged to probe GDPR failures in Home Office eVisa rollout"},"content":{"rendered":"

Civil society groups are urging the UK’s data watchdog to investigate whether the Home Office’s digital-only eVisa scheme is breaching GDPR, sounding the alarm about systemic data errors and design failures that are exposing sensitive personal information while leaving migrants unable to prove their lawful status.<\/p>\n

In a joint letter<\/a> [PDF] to the Information Commissioner’s Office (ICO), coordinated by the Open Rights Group, the signatories argue that the Home Office has failed to meet its data protection and equality obligations, despite rolling out a system that replaces physical proof-of-immigration status with a live, online record checked in real time. When that system breaks, they say, people are locked out of work, housing, travel, education, and essential services, with no meaningful fallback.<\/p>\n

\"Home<\/p>\n

Home Office staff still leaning on 25-year-old asylum case management system<\/h2>\n

READ MORE<\/span><\/a><\/div>\n

The groups cite a “high volume” of data errors linked to the eVisa scheme, which they say amount to both operational failures and serious data protection breaches. In one documented case referenced in the letter, the passport details, contact information, and immigration status of a Canadian citizen were wrongly disclosed to a Russian woman.<\/p>\n

Other failures have seen migrants locked out of their eVisa accounts, with no effective support from the Home Office and no clear way to escalate urgent issues. Because the scheme is digital-only, there is no physical document to fall back on when errors occur, leaving individuals unable to demonstrate their lawful right to live and work in the UK at critical moments.<\/p>\n

At the heart of the complaint is the Home Office’s Data Protection Impact Assessment (DPIA), which the signatories describe as incomplete and misleading. The groups argue it misses obvious risks baked into a digital-only system, especially for older people, disabled users, and those who are digitally excluded, while brushing off the impact of stripping away all physical proof-of-immigration status in favor of real-time online checks.<\/p>\n