Few would disagree there is a lot riding on the NHS’s Covid-19 Tracing app.

Will it work? Is it safe? Will anyone actually use it? Will it help England get life back to normal.

Currently being tested in the Isle of Wight, the NHS Covid-19 Tracing app uses the Bluetooth capabilities in smartphones to keep records of whom a person meets. If a user or contact declares they have become ill it will send notifications to everybody on that list advising them to self-isolate.

Whether it can help crush the Covid19 curve remains to be seen, but privacy campaign groups have already opposed its introduction.

Harriet Harman, the chair of the joint committee on human rights, said government assurances on privacy were “not enough”.

“The contact-tracing app involves unprecedented data gathering. There must be robust legal protection for individuals about what that data will be used for, who will have access to it and how it will be safeguarded from hacking.”

Clearly, the government’s choice to lead this project must be a careful choice. If it is to be successful, It needs to be someone able to balance an understanding of health tech with our acute need for privacy and security over our personal data

Regrettably, the government’s choice is an ex CEO who’s single most famous act as a boss was to run a firm which suffered a catastrophic cyber attack that wiped £24 million worth of revenue off its balance sheet.

Former Talk Talk boss Dido Harding, for it is she, has just been named by the British Government chief of its coronavirus test and trace programme with responsibility for overseeing contact tracing.

Baroness Harding, you will recall, is the former boss of broadband provider TalkTalk after a career in consulting at McKinsey.

Wikipedia tells us that while she was CEO of TalkTalk, the internet provider suffered the worst cyber attack in its history, affecting 157,000 customers in 2015.

The attack cost Talk Talk around £77m. The firm lost 42,000 broadband customers and 31,000 TV customers in a single year.  Revenues fell from £459m to £435m while the company’s share price dropped almost 30%.

TalkTalk was fined £400,000 by the UK’s Information Commission for the hack, a ransomware attack that in the end saw two hackers arrested.

In a notorious BBC interview after the attack, Harding was forced to admit that the “honest truth” was she did not know if the data stolen was encrypted or not.

It emerged she did not listen to the chief information officer or the other senior IT staff that quit the company while she was there; nor did she listen to the security consultant who warned the company about their feeble cyber-security.

So what happened? As I reported back in 2015, under Harding’s reign, TalkTalk’s retail market share shrunk by nine percentage points. As a result, TalkTalk had to make cuts. Harding promised to take £140m out of the cost base by 2017.

Given the need to trim costs, was data security not a priority for TalkTalk? Harding said no.

“With the benefit of hindsight, were we doing enough? Well, you’ve got to say that we weren’t,” she told The Independent.

Eighteen months after the hacking fiasco, she was out, but not receiving £2.81m for her efforts.

After throwing the world’s leading epidemiologist Neil Ferguson under the bus for breaking the lockdown rules he recommended, the government is obviously finding it hard to recruit top calibre candidates to run critical projects. What other reason could there be for employing someone to run the NHS contact and tracing app whose career is a byword for security breaches?

A member of this government once declared himself tired of experts. That being the case, I think Harding would seem the perfect choice.

Posted in: Infographic of the day