Human rights campaigners have called for a probe over a watchdog’s failure to investigate the Home Office’s digital visa problems that saw people’s data wrongly shared with others and some struggling to prove their right to work or study.
Millions of people have registered to access an eVisa after physical documents were phased out for foreign nationals at the end of 2024.
However, some have reported problems proving they have the right to work, study, rent or travel to the UK due to errors and misunderstanding around electronic visas.
In some instances, foreign nationals have had their personal information and immigration history wrongly shared with strangers in cases of merged identities.
Civil rights organisations want the government to publish figures on the number of data security incidents and complaints linked to the service. They are also calling for an investigation into the data regulator, the Information Commissioners Office (ICO), over its failure to act over the issues.
In a letter to the chair of the science, innovation and technology select committee, 20 organisations told Dame Chi Onwurah MP: “eVisa failures prevent individuals from proving their status when they need it to enter the country, from applying for jobs or getting a pay rise, from enrolling in education, from claiming benefits. The human price of [data] non-compliance is high and unjustifiable.”
The problems are “systemic and rooted in design and architectural choices”, the letter, co-ordinated by the Open Rights Group and shared with The Independent, continues.
Campaigners, including the rights group the3million and the Migrants’ Rights Network, said that the ICO “refrains from holding the government to account, to intervene when they get it wrong, and to protect the public from harm.”
The ICO has said that it assesses complaints individually and decides to act further depending on the harm caused and whether the organisation is taking steps to resolve the issues.
The regulator revealed in response to a data request that revealed it has received 851 complaints about the Home Office as a whole between December 2023 and December 2025.
The ICO is currently without a commissioner, after John Edwards resigned in June following a workplace investigation into his conduct. The investigation found that he used “vulgar and highly sexualised language” in his interactions with staff, secretary of state for science Liz Kendall said.
In a post on LinkedIn announcing the resignation, Ms Kendall added: “Such conduct does not belong in the workplace, least of all exhibited by the leader of an organisation. Multiple women shared testimony to the investigator on feeling offended, shocked and uncomfortable following interactions with Mr Edwards.”
The regulator has also been under fire for its light-touch approach to government during Mr Edwards tenure. Mr Edwards told MPs that he preferred to “work collaboratively with government to identify errors and raise standards” rather than carrying out formal investigations or imposing fines.
This came to a head when it was revealed that the ICO was one of the few bodies allowed to know about a catastrophic data breach involving applicants to Afghan resettlement schemes, while the public and MPs were kept in the dark for nearly two years. The ICO chose not to launch a formal investigation into what had gone wrong and officials did not take any contemporaneous notes of its decision not to launch an official probe of the data loss.
Information Commissioner John Edwards told MPs on the science, innovation and technology committee that the ICO did not officially investigate but was relying on “honesty” from MoD officials.
He said the ICO had occasional meetings with MoD officials and would “feed in their observations about lines of inquiry”, adding: “I understand that those were received with gratitude”. The ICO decided in June 2024 that the MoD had done enough to ensure the bad data practices wouldn’t happen again.
Tory MP Kit Malthouse said he was surprised that no formal investigation had taken place, given the severity of the breach. He told Mr Edwards: “What you’ve broadly said to us, is that it was dealt with with a few unrecorded meetings and a handshake. See ya, nothing to see here.
“It seems extraordinary to me given the severity and the impact of it... The picture you’ve painted of the way the ICO handled it seems alarming”.
A spokesperson for the Information Commissioner’s Office said: “We are actively engaging with government departments in line with the Memorandum of Understanding between the ICO and HM Government.
“The MoU provides a framework for ongoing cooperation and information sharing while preserving the ICO’s independent regulatory role and ability to hold the government to account. This includes the Home Office on matters relating to immigration activities."
A Home Office spokesperson said: “We take data security and accuracy extremely seriously and aim to resolve any issues in a timely manner, with the most urgent addressed in less than 24 hours.
“More than 10 million eVisas have now been issued, and the vast majority of people continue to use them without any problems.”