But isn't the first real question Why was this information being sent on two CDs in the first place? At most that means data of some 1.4GB; hardly enough to break sweat on a secure internet connection, and the government has such a network in place. Why wasn't this safer - and much faster - method of data transfer utilised?
The second real question is if these CDs were sent by *internal post* what were they then doing in the normal public postal service?. Companies that I've worked for have sometimes had 'internal post' and it was transported around by company employees. That is, after all, what 'internal' means.
And finally, ID cards. Once upon a time it was stated that there would be a whole new database created especially for the purpose. More recently it was announced that instead of having 'clean and secure' data that instead the Government would re-purpose the existing data they hold. Now that detailed information has fallen out of their control on over one-third of the UK population how can we ever trust the information likely to be stored on an ID database? and the safety / security / privacy of that data?
And the answer to that is, of course, that we cannot.