Church of England abuse survivors have been failed – again

The Church of England’s abuse Redress Scheme was set up to help survivors of abuse, but a serious data breach last night led to the email addresses of dozens of survivors being unwittingly revealed. More than 180 people were openly copied into an email update about the project sent by a law firm tasked with administering the scheme. The Church of England has expressed ‘profound concern’ about what happened. These words offer little comfort to those caught up in this latest debacle.

The Church of England has expressed ‘profound concern’ about what happened

One survivor told The Spectator they had opened the message expecting long-awaited details on how the compensation programme would function. ‘Instead I saw nearly 200 people copied in, names visible in their email addresses, mine among them. I was horrified,’ they said.

The survivor noted that the email was addressed, ‘dear prospective applicant,’ making clear the shared context of everyone on the list. ‘Victims of sexual abuse are supposed to be granted life-long anonymity. To have it breached in this way – by the very institution meant to administer redress – was staggering.’

The message, sent at 5.30pm by Kennedys Law on behalf of the church, placed 194 email addresses in the ‘cc’ field rather than ‘bcc,’ revealing names and contact details to all recipients. A recall was issued minutes later, but it failed. The incident has deepened mistrust of the church’s ability to handle the scheme before it has even begun.

‘People were understandably angry and distressed, but their replies only compounded the problem,’ one survivor told The Spectator. ‘I have been opening my inbox with trepidation since the breach for fear of being flooded with others’ anger at the church and their trauma and disappointment with an institution that seems to flounder at every turn.’

The redress scheme was one of the key recommendations of the Independent Inquiry into Child Sexual Abuse (IICSA), which reported in 2022. It was intended to provide financial compensation and pastoral support to survivors of abuse in church settings.

Originally due to launch in mid-2023, the programme has faced repeated delays. This latest email had been billed as an update on how the scheme would operate once formally approved by parliament. Instead, it has become a fresh symbol of the church’s faltering response.

Some survivors say the breach reflects deeper flaws in the way the scheme has been set up. In correspondence seen by The Spectator, concerns had been raised more than a year ago that Kennedys was not being given sufficient funding or resources by the Archbishops’ Council to run an effective and robust scheme. Questions were also raised over whether the terms of reference offered by the church could compromise its independence.

The email breach does little to address victims’ concerns. Among those included in the email chain were diocesan safeguarding advisers, law firms and consultants connected to the church. Survivors argue that including such figures – some of whom they have previously accused of cover-ups or conflicts of interest – further undermines trust in the scheme’s integrity.

In an email apologising for the breach, Kennedys said the mistake was the result of ‘human error’ and stressed that no information beyond email addresses had been shared. The firm apologised for what it called a ‘significant error’ and said it had contacted all recipients individually. The incident has been reported to the Charity Commission, the Information Commissioner’s Office and the Solicitors Regulation Authority.

The firm said it had launched an internal investigation and would strengthen its procedures immediately to prevent a repeat. The Church of England said in a statement that: ‘Kennedys has taken full responsibility for the incident and is contacting all those affected directly to apologise and offer support….This should not have happened. We will continue to monitor the situation closely and support efforts to restore trust and confidence.’

Some survivors are now urging MPs and regulators to intervene. Emails circulated among recipients after the breach included calls to write to the Minister for Safeguarding, Jess Phillips, and the Second Church Estates Commissioner, Marsha de Cordova, demanding a statutory public inquiry into what one described as the ‘shambolic, unregulated, amateurish and unaccountable state of CofE safeguarding.’

For many, however, the damage is already done. ‘Every delay, every misstep makes it harder to trust that the church understands the scale of the harm it has done,’ one survivor said. ‘This incident only confirms my belief that it is not fit to handle the impact of its own incompetence on victims and survivors.’