Government FOI Act chief trails Data Act 'reform'

DPA is 'almost incomprehensible'

Government constitutional affairs secretary Lord Falconer has described the Data Protection Act as "almost incomprehensible" and says that there are "medium term" plans to simplify the Act and its treatment of personal information. The Act was brought in in 1998 by the then-new Blair government, but its near incomprehensibility seems not to have been a major issue at the time.

Today, the Information Commissioner's Office issued a statement saying it was unaware of any specific government plans, but that it would welcome any steps to to make it simpler to understand. A spokeswoman told The Register that describing it as almost incomprehensible was perhaps "putting it a bit strong."

Although Falconer, who was speaking in an interview with Patrick Wintour of The Guardian, stressed the need to make the Act easier to understand, the government has repeatedly indicated that current legislation covering personal information and the sharing of data between government departments is out of date, and needs reform. Falconer says: "There are constant difficulties about what information you are allowed to share between departments", but do these difficulties arise because departments do not understand what they are allowed to share, or because they are not allowed to share what they want to share?

It's clearly a bit of both, but government IT schemes in the works (not least, the national identity scheme) will result in a far higher level of inter-departmental data sharing. The Information Commissioner's response (available here) to the identity scheme draft bill says the draft has numerous areas where it is inconsistent with the Act's data protection principles. One might therefore speculate that at least some of these inconsistencies could be ironed out by a 'simplification' of the DPA.

Prior to the publication of any proposed changes the ICO clearly cannot comment on Falconer's reform plans, however the spokeswoman said it would welcome efforts to clarify the position on data sharing. She also pointed out that in many cases restrictions on sharing in the DPA are supported by similar restrictions in other legislation, for example with reference to personal financial data.

The comprehension issue with the DPA came to the fore in the wake of the Soham murders, where a misinterpretation of the Act led to police erasing data on killer Ian Huntley. And last year, after an elderly couple whose gas had been cut off were found dead, British Gas claimed that the DPA had stopped it passing on information of the disconnection to social services. British Gas too was entirely wrong, but the "incomprehensible" DPA does seem to serve as a handy whipping-boy for organisations whose data protection policies fail.

One other possibility, however, is that over-designing privacy policy can in some senses save organisations money. Generally, it's cheaper to have a wider ranging blanket policy than to have to consider whether or not a particular record should be retained, or whether there is good reason for it to be passed to another authority. So although organisations may have some justifications for complaining about the Act, these may not be quite as extensive as they would have us believe.

The widely perceived and supported need for reform, however, does give the government the opportunity to introduce modifications at the same time. Falconer himself, a former flatmate of Tony Blair's, became a peer shortly after Blair took power in 1997, and was solicitor general prior to moving to the Cabinet Office in 1998, the year the DPA came in. In addition to DPA reform, the implementation of the Freedom of Information Act from January is also in his safe hands. ®

Sponsored: How to determine if cloud backup is right for your servers