Originally Posted by SvenAge

The responsibility lies with BA to ensure that our data is looked after and can be accessed by the correct parties when their authority and identities are proven. This isn't in question and doesn't need to be. The fact that BA has been inadequate in providing this mechanism has been glossed over, but it doesn't stop this basic requirement. Blaming the government for not being able to cover the basics (without direction) would to many people seem outrageous.