New Data Sharing Laws: Too Far, Too Fast?

According a story in the Guardian newspaper last week, proposals to be published in May by the Cabinet Office minister, Francis Maude, are expected to make it easier for government and public-sector organisations to share confidential information supplied by the public.

“In May, we will publish proposals that will make data sharing easier – and, in particular, we will revisit the recommendations of the Walport-Thomas Review that would make it easier for legitimate requests for data sharing to be agreed with a view to considering their implementation,” said Maude, adding that current barriers between databases made it difficult for public sector workers to access relevant information.

“It’s clearly wrong to have social workers, doctors, dentists, Job Centres, the police all working in isolation on the same problems.”

The Guardian reported that the proposals are expected to include fast-track procedures for ministers to license the sharing of data in areas where it is currently prohibited, subject to privacy safeguards.

Maude has hit back at the reporting of the proposals. Whilst the detail is awaited, one has to wonder whether this is the right time to consider such measures. The recent announcement of a new law to require Internet firms to give intelligence agency, GCHQ, access to everyone’s communications data on demand and in real time as well as the ongoing controversy about the failure to regulate press intrusion has already raised concerns about the Government’s commitment to “roll back the surveillance state”.

Civil liberties campaigners are already saying that the new plans are further evidence of the revival of “The Database State” proposed by New Labour. In a recent article the Campaign Group, NO2ID, argued that the Government should establish clear guidelines on people’s rights to privacy to put a brake on official bodies sharing data.

This is not the first time that concerns have been raised about data sharing. In July 2008 “The Data Sharing Review Report” was written by the then Information Commissioner, Richard Thomas, and Wellcome Trust director, Mark Walport. In it they warned:

“The tenor of the government’s argument has focused closely on the benefits of data sharing, paying perhaps too little attention to the potential hazards associated with ambitious programmes of data sharing,” stated the report. “The government has consistently laid itself open to the criticism that it considers ‘data sharing’ in itself an unconditional good, and that it will go to considerable lengths to encourage data-sharing programmes, while paying insufficient heed to the corresponding risks or to people’s legitimate concerns.”

Is the current law not adequate to regulate yet allow responsible data sharing? The Data Protection Act 1998 (DPA) already governs all processing of personal data including the sharing of it. Whilst it is still conceived as a barrier, if properly understood, it can be a tool for responsible data sharing. Most public sector data sharing will be lawful if organisations comply with the Eight Data Protection Principles; particularly the First Principle which requires information to be processed fairly and lawfully. There are also numerous exemptions in the Act including where sharing is required for the purpose of prevention or detection of crime (section 29).

In May 2011, the Information Commissioner published a new statutory Code of Practice on data sharing. The Code explains how the DPA applies to the sharing of personal data both within and outside an organisation. It provides practical advice to the public, private and third sectors, and covers systematic data sharing arrangements as well as one off requests for information.

So is there really a need for a new law on data sharing? The Information Commissioner’s Office has issued a short statement on the proposals. Reading between the lines, it seems to be saying that the current law and the ICO Code are adequate. What do think?

Read our article for a full explanation of the ICO Data Sharing Code.

You can attend our full day Multi Agency Information Sharing workshops

We also have a one-hour online seminar on this subject.

Author: actnowtraining

Act Now Training is Europe's leading provider of information governance training, serving government agencies, multinational corporations, financial institutions, and corporate law firms. Our associates have decades of information governance experience. We pride ourselves on delivering high quality training that is practical and makes the complex simple. Our extensive programme ranges from short webinars and one day workshops through to higher level practitioner certificate courses delivered online or in the classroom.

One thought on “New Data Sharing Laws: Too Far, Too Fast?”

Leave a Reply