Feeds

Government FOI Act chief trails Data Act 'reform'

DPA is 'almost incomprehensible'

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Government constitutional affairs secretary Lord Falconer has described the Data Protection Act as "almost incomprehensible" and says that there are "medium term" plans to simplify the Act and its treatment of personal information. The Act was brought in in 1998 by the then-new Blair government, but its near incomprehensibility seems not to have been a major issue at the time.

Today, the Information Commissioner's Office issued a statement saying it was unaware of any specific government plans, but that it would welcome any steps to to make it simpler to understand. A spokeswoman told The Register that describing it as almost incomprehensible was perhaps "putting it a bit strong."

Although Falconer, who was speaking in an interview with Patrick Wintour of The Guardian, stressed the need to make the Act easier to understand, the government has repeatedly indicated that current legislation covering personal information and the sharing of data between government departments is out of date, and needs reform. Falconer says: "There are constant difficulties about what information you are allowed to share between departments", but do these difficulties arise because departments do not understand what they are allowed to share, or because they are not allowed to share what they want to share?

It's clearly a bit of both, but government IT schemes in the works (not least, the national identity scheme) will result in a far higher level of inter-departmental data sharing. The Information Commissioner's response (available here) to the identity scheme draft bill says the draft has numerous areas where it is inconsistent with the Act's data protection principles. One might therefore speculate that at least some of these inconsistencies could be ironed out by a 'simplification' of the DPA.

Prior to the publication of any proposed changes the ICO clearly cannot comment on Falconer's reform plans, however the spokeswoman said it would welcome efforts to clarify the position on data sharing. She also pointed out that in many cases restrictions on sharing in the DPA are supported by similar restrictions in other legislation, for example with reference to personal financial data.

The comprehension issue with the DPA came to the fore in the wake of the Soham murders, where a misinterpretation of the Act led to police erasing data on killer Ian Huntley. And last year, after an elderly couple whose gas had been cut off were found dead, British Gas claimed that the DPA had stopped it passing on information of the disconnection to social services. British Gas too was entirely wrong, but the "incomprehensible" DPA does seem to serve as a handy whipping-boy for organisations whose data protection policies fail.

One other possibility, however, is that over-designing privacy policy can in some senses save organisations money. Generally, it's cheaper to have a wider ranging blanket policy than to have to consider whether or not a particular record should be retained, or whether there is good reason for it to be passed to another authority. So although organisations may have some justifications for complaining about the Act, these may not be quite as extensive as they would have us believe.

The widely perceived and supported need for reform, however, does give the government the opportunity to introduce modifications at the same time. Falconer himself, a former flatmate of Tony Blair's, became a peer shortly after Blair took power in 1997, and was solicitor general prior to moving to the Cabinet Office in 1998, the year the DPA came in. In addition to DPA reform, the implementation of the Freedom of Information Act from January is also in his safe hands. ®

Internet Security Threat Report 2014

More from The Register

next story
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
NSA mass spying reform KILLED by US Senators
Democrats needed just TWO more votes to keep alive bill reining in some surveillance
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.