I have previously written about the utter disarray which continues to be the only way to characterise this government’s approach to data, despite the heavy criticism they received for their handling of citizens’ data in the care.data project and HMRC data sharing.
Last week it finally appeared on the front page of the mainstream press with the Telegraph leading on “Can we trust Whitehall with all our personal details? - The relationship between state and citizen would be changed for the worse if a White Paper containing proposals to 'mine' our personal data becomes law”.
In the article the author, Matthew Holehouse, described the lack of openness and transparency about proposals to change the way in which departments share data.
I have previously highlighted a meeting between the data sharing policy unit in the Cabinet Office and concerned civil society groups. This apparently is now to be dignified with the term ‘public consultation’.
This is a kind of reverse spin on the DCMS green paper disaster when a promised but much delayed paper and consultation on the future of our communications infrastructure and industry ended up as a series of five seminars in Whitehall.
Cabinet Office minister Francis Maude’s reply to that front page attack came in that same paper and was a masterclass in denying all whilst saying nothing.
What’s actually going on?
So let us look at what is going on across Whitehall.
As the Law Commission recently confirmed, HMRC has established 273 data sharing “gateways” with other agencies and organisations. I have previously mentioned how the Department for Health’s 24-hour line for replacing European health insurance cards has an automated message saying that: “The NHS Business Services Authority has a data-sharing agreement with other government agencies. By continuing this call, you signal your awareness and agreement to data sharing.”
So the NHS assumes consent for data sharing as long as you do not hang up the telephone. When I raised this with a minister recently, the department admitted consent “could be clearer” and promised that they would not share any further EHIC data which is gathered through the telephone service, at least until the message has been updated. No apology, no principles, just the promise of an updated message...
Government has no control over data security
Meanwhile, in Swansea, the DVLA have started to replace the paper licence process with a scheme called MyLicence. This will also be available for use by insurance companies without our consent to cut fraud and “reduce drivers’ lies”. But the only information I can find about data security seems to have been issued by the insurance industry, rather than the government.
Reading the small print, it is clear that all responsibilities regarding data protection lie with the companies receiving the data, with very little guidance and few, if any, checks in place. This includes information which some might consider personal, for example, which drivers are disabled. At the same time I understand DWP are discussing with the organisations which manage our payments’ systems how they can be alerted to potential fraud by benefits claimants.
Then last week the former minister for employment Mark Hoban made a speech in which he talked about using new pension legislation to centralise all details of individual’s wealth in a database operated by the Money Advice Service, which can then offer a financial information service using the information.
A laudable objective, perhaps. But Francis Maude said they were not building ‘any central databases’. That’s why we are now in a situation where one department will share your data if you do not hang up the phone, whereas in another they want a new law for every gateway, and in a third are happy to just hand it over to industry and assume they will do the right thing.
Last month I met with the Law Commission, whose recently published report highlighted some of the issues they identified after looking at the existing law relating to data sharing. They acknowledge that it is complex and inconsistent. They say that public bodies often tell them that they are not able – or are not sure if they are allowed – to share the data they need to improve or deliver services. At the same time, they worry about individuals’ privacy. They have said a comprehensive review is required. But the government has yet to respond.
Empower, not exploit
In opposition, the Labour Party has been working across departments to ensure that this kind of chaos would not continue under a Labour government in 2015. There is a frontbench working group bringing shadow ministers together and several ongoing digital policy reviews including our Digital Review of Government. Shadow business minister Stella Creasy and I have also been working closely on emerging data issues in the government’s Deregulation Bill and Consumer Rights Bill.
Open and shared data has enormous potential to improve our lives, but when I hear Tory ministers saying ‘data is the new oil’ my heart sinks – we need an approach which empowers not exploits people. Ed Miliband has said that a Labour government will empower people by giving them ownership over their data held by the public sector. Our review will help realise that.
Chi Onwurah is Labour shadow Cabinet Office minister and MP for Newcastle Central