The Home Office has apologised to hundreds of EU citizens seeking settled status in the UK after accidentally sharing their details.
It blamed an “administrative error” for sending an email that revealed 240 personal email addresses – a likely breach of the Data Protection Act.
The department may now have to make an apology in Parliament.
In a statement to BBC Radio 4’s Today programme, it said it had since improved its systems and procedures.
One recipient of the email told Today that she was outraged and was considering returning to Germany.
The Home Office sent the email on Sunday 7 April asking applicants, who had already struggled with technical problems, to resubmit their information.
But it failed to use the “blind CC” box on the email, revealing the details of other applicants.
In another message apologising to those who had been affected, the Home Office wrote: “The deletion of the email you received from us on 7 April 2019 would be greatly appreciated.”
The government has already made an unreserved apology after making a similar error with emails sent to 500 members of the Windrush generation. The department notified the Information Commissioner’s Office and made a statement in Parliament.
EU citizens in the UK before Brexit can apply for settled status, which allows them to continue to live and work there afterwards. Applicants and campaigning groups have criticised the system, saying it has proved slow and bureaucratic for some.
Nicolas Hatton, from the 3 Million group that campaigns for EU citizens’ rights, said the incident showed the settled status process was not sufficiently robust. “It feels like it adds insult to injury,” he said.
A Home Office spokesman said: “In communicating with a small group of applicants, an administrative error was made which meant other applicants’ email addresses could be seen.
“As soon as the error was identified, we apologised personally to the 240 applicants affected and have improved our systems and procedures to stop this occurring again.”
The Home Office has apologised to hundreds of EU citizens seeking settled status in the UK after accidentally sharing their details. It blamed an “administrative error” for sending an email that revealed 240 personal email addresses – a likely breach of the Data Protection Act.