Skip to content
Chimera readability score 68 out of 100, Academic reading level.

20 immigration, data protection, and human rights organisations have asked the Chair of the Science, Innovation and Technology Select Committee to investigate the Information Commissioner’s Office’s failure to uphold data protection law in relation to the Home Office’s eVisa scheme.
In their letter to Dame Chi Onwurah MP, they have also called on the Committee to examine the eVisa scheme as part of its inquiry into government data security. They are also urging the Committee to require that the Home Office is transparent about the number of data security incidents and public complaints in relation to the scheme, and to set out how and when these issues will be addressed.
Data protection failings of the eVisa scheme
The eVisa scheme, has been plagued by widely known problems during the six years since it was first rolled out in 2020. People trying to prove their immigration status have reported mistakes in the Home Office’s records, while in some cases personal data has been incorrectly linked to others’ accounts. Many people have faced substantial difficulties in correcting these errors, leaving some unable to access their accounts or show their right to be in the UK.
These failures have had serious consequences. People have been prevented from proving their right to enter the UK, secure jobs, enrol in colleges, or access essential benefits and services. ORG heard of one man who was made homeless as the result of a data error in his eVisa. The ongoing problems with the scheme mean continued uncertainty for many people.
In November 2025, ORG and 18 other civil society organisations called on the ICO to open an investigation into the data protection breaches and accessibility issues arising as a result of the eVisa scheme. Seven months later, the ICO has failed to take any remedial action to address these infrigements. However, it did reveal in an FOI response, that they had already received 851 complaints about the Home Office as a whole between Dec 2023 and December 2025. The volume of complaints was so significant, the ICO was unable to identify how many were about the eVisa scheme specifically.
The need for institutional change at the ICO
The signatories are now calling on the Select Committee to investigate and get answers. However, they recognise that these failings are not just in relation to the eVisa scheme but a wider issue with the ICO’s enforcement. They are also calling for the Committee to investigate “what institutional changes are needed to strengthen the ICO ability to oversee the government and other public bodies, also to support the implementation of the recommendations of the Home Affairs Committee’s Report on digital identity”.
Following John Edwards’ resignation as Information Commissioner last week, Open Rights Group has called on the Government to “appoint a regulator with teeth, and reset the regulators’ approach of providing data protection in name only”.
Mariano delli Santi, Legal and Policy Officer at the Open Rights Group, has said:
“The ICO’s reasoning that it cannot be transparent about complaints relating to eVisas because there are simply too many Home Office complaints to review points to a government department and data regulator that are failing the public on many levels.”
“The ICO has a new policy, where complaints are logged for information purposes only, and action only taken if the volume of complaints against an organisation becomes substantial. The facts, however, speak for themselves: the ICO is ignoring the public’s complaints regardless of their volume. As the ICO’s FOI response revealed, they don’t even keep track of what you are complaining about.”
“We urge the Select Committee to take action to help those who have been impacted by data breaches but also to ensure that steps are taken so that data protection is taken seriously by the Home Office and upheld by the ICO.”