Privacy watchdog fears government super-database

The Information Commissioner's Office, the UK's privacy guardian, has warned that the government's new data-sharing proposals could damage privacy.

On Monday, Prime Minister Tony Blair hosted a seminar at Number 10 Downing Street to discuss areas of government policy including the "impact of data-sharing and privacy laws on [government] customer service" as part of an ongoing governmental policy review. The review has recommended a relaxation of the data-sharing laws that govern how civil servants access and share citizens' personal data.

The key area of policy which seeks to guarantee the privacy rights of the UK public is the Data Protection Act. But, according to the PM's policy review, "overzealous data sharing rules may be an obstacle to improving public services".

The policy review has recommended that data sharing rules be relaxed as "current privacy procedures and working practices can sometimes still force people to have to convey the same information multiple times to different agencies".

The Data Protection Act prevents public bodies from sharing data about individuals, unless those officials have a clear "need to know".

Responding to the policy review, the Information Commissioner's Office warned that relaxing these rules could cause excessive surveillance and data-sharing, leading to loss of public trust and confidence in the government.

"We all want to see information used to provide high-quality and efficient public services, but public trust and confidence may well be jeopardised with any wholesale or unrestrained sharing of personal information," said the ICO.

The ICO said it was important to strike a balance between the need to share information as part of delivering efficient public services and the need to ensure privacy and the integrity of personal information.

The privacy watchdog said that "a cautious approach to information sharing is needed in order to avoid the dangers of excessive surveillance and the loss of public trust and confidence".

"As more and more information is passed from one database to another there is a greater risk to individuals from inaccurate or insecure information and mistaken identity," the ICO said in a statement. "Two months ago the Information Commissioner warned about the dangers of a surveillance society and the need to consider the wider risks to society if the government knows too much about us.

"There must be clarity of purpose and some limits to sharing — information must not be shared just because the technology allows it," said the ICO.

According to the ICO, it is essential that information is only shared to the extent that it is necessary and reasonable to do so, and that strong safeguards are put in place that work in practice, not just in theory.

Snooping dangers
The policy review criticised current data-sharing laws, saying that it is difficult for government services to anticipate or deal with problems such as bereavement quickly and sensitively when "there are barriers around the sharing of information" between different public services.

However, the ICO said that the Data Protection Act already allows for detailed information sharing, while attempting to safeguard citizens' rights against government snooping.

"The Data Protection Act provides a valuable framework for sharing information across government and should not be seen as a barrier. The Act underpins essential safeguards such as accuracy, security and openness and gives us all important rights in an age where increased levels of information are being collected and traded," said the ICO.

Answering a policy review assertion that some civil servants are either constrained by or unsure about the legality of data-sharing, the ICO said it was developing "practical, common-sense guidance... to help public authorities, which will be published shortly".

The Number 10 policy review will consult members of a citizens' panel "to ask whether they would be in favour of relaxing current privacy procedures so they don't have to repeat personal information to several different public bodies", according to the Number 10 website.

Anti-ID Card campaign group No2ID said that this question was deliberately phrased to obscure the privacy implications of a relaxation of data-sharing laws.

"Real debate is too unpredictable. By controlling the questions considered by his discussion groups, Mr Blair intends to make sure that 'the people' only tell him what he wants to hear," the campaign said on its website.