Scottish govt forms data privacy group

The Scottish government has set up a group of privacy and security experts to scrutinize how local government services handle personal data.

The group will develop a draft set of guiding principles for Scottish public bodies in an effort to protect individuals' privacy. It will cover services that use IT, such as online council tax payments, using cards in libraries and paying for parking by mobile phone, the Scottish government said in an announcement on Tuesday.

"While I am confident that public bodies are already working to high standards of IT security, we recognize the need to ensure public confidence in the public sector's handling of personal information," Scottish finance secretary John Swinney said in the statement.

The announcement is designed to raise public confidence in local authority privacy and security measures. Local authorities in the United Kingdom have been criticized by opposition MPs for using the Regulation of Investigatory Powers Act (RIPA) to access telephone communications records. Shadow home secretary Dominic Grieve told The Times in August that the government had been "unable to resist the temptation to take a power quite properly designed to combat terrorism to snoop on the lives of ordinary people in everyday circumstances".

Public confidence has also been undermined by the series of data breaches which have rocked local and central government in the past year. A recent Experian survey found that 32 percent of the population had "no trust at all" in the government.

The group will consist of privacy experts from the public and private sectors, and will be chaired by Paul Gray, the Scottish government's director of corporate services. The privacy luminaries involved include Ken Macdonald, assistant information commissioner for Scotland; Jerry Fishenden, Microsoft's U.K. lead technology adviser; Rosemary Jay, privacy lead and partner at Pinsent Masons solicitors; and Gus Hosein, a senior fellow at LSE and Privacy International member.

The Scottish government is also attempting to calm public disquiet about the use of biometrics in Scottish schools, by launching a consultation effort, also announced on Tuesday. Some Scottish schools are using fingerprint- and palm-scanning technologies to establish cafeteria payment systems, attendance records and school library borrowing. However, according to the consultation document, it is debatable whether these systems are proportionate or appropriate for an educational environment, while "biometric systems can be perceived as more intrusive than other systems".

The government noted that suppliers of biometric technologies claim those technologies possess advantages over some other means of identification. "For example, in relation to catering or borrowing books, pupils do not need to remember to bring anything with them to the canteen or school library, so nothing can be lost, such as a swipe card," stated the consultation document.