Scottish police have been embarrassed by the appearance of a confidential laptop at a car-boot sale.

The laptop contained road accident crash victim pictures, according to the BBC. The Lothian and Borders Police had disposed of the unwanted device through a third-party 'specialist' firm, it said. It was bought at a Glasgow car-boot sale by a computer engineer. The computer's hard drive also held data on 200 police officers, yet the system was not password-protected.

Lamentable laptop computer security seems to be a fact of life these days. Here are some examples from the past few years.


Two laptops stolen from a human resources service provider put the names and Social Security numbers of Motorola employees at risk. At Wells Fargo, information on thousands of the bank's borrowers was compromised when three laptops were stolen from a subcontractor. In both cases, the data wasn't encrypted. (July 2005)


US government contractor SAIC (Science Applications International) reported a break-in at its headquarters during which laptops containing personal information about its stockholders were stolen. (February 2005)


The personal information of 196,000 Hewlett-Packard employees was put at risk after a laptop containing the data was stolen. (March 2006)


And only weeks ago, McAfee admitted it had lost personal records relating to 9,000 of its employees, after an auditor left a data CD in the seat-back pocket of an airliner.

Lothian and Borders Police should know all about mobile computer device security. The force recently started using PDAs instead of paper notebooks while talking to witnesses. It seems obvious that they should delete files from the hard disks of their systems rather than sending them to an unreliable third party. Apparently not.