Feeds

ID Card database to be used as population register

Personal data to be shared without consent

Security for virtualized datacentres

The Government announced last week that data from the National Identity Register (NIR) will also be used as an adult population register for a range of novel data sharing functions.

The Office of National Statistics had promoted a separate adult population register as part of the Citizen Information Project (CIP) for these functions, but the announcement states that the CIP project has been wound up and its functions incorporated into the wider use of NIR data. The announcement also changes many undertakings given to Parliament when it considered the ID Card legislation.

Minutes released in relation to the CIP show the NIR will be used in conjunction with the Census and could check that citizens are eligible to vote at elections. Data from the NIR will also be shared with many public authorities so they can update their databases without the consent of the cardholder. Other changes also envisage the storage of medical records as part of the NIR.

When these plans are put into effect, personal data from the NIR will be used for purposes unconnected with crime, terrorism, illegal employment and immigration - the only purposes mentioned by Labour in its manifesto prepared for the 2005 General Election. The manifesto is important as the ID Card Act passed its Parliamentary stages in March after a dispute between the House of Commons and Lords over its wording.

Minutes of meetings available on the CIP's website (7 page/22KB PDF) show that the Home Office:

  • "has responsibility for delivering an adult population register that enables basic contact data held on NIR to be downloaded to other public sector stakeholders" (The "Treasury and Cabinet Office should ensure that NIR delivers CIP functionality as planned");
  • "takes responsibility for ensuring from around 2021 basic contact data held by stakeholders can be up-loaded to the NIR";
  • "should design the take-up profile of the NIR to be such that population statistics can be realised for the 2021 census".

The CIP's final report (29 page/404KB PDF) states (at page 17), that secondary legislation will allow "public services to be provided with NIR data without the need to obtain specific citizen consent".

This wide ranging access to NIR data without consent of the citizen is a change from the explanations given to Parliament when it considered the ID Card legislation. On 5 October, MPs were told by Parliamentary under secretary Andy Burnham that: "Direct access to information held on the National Identity Register by anyone outside those responsible for administering the scheme will not be possible, only requests for information can be made by third parties. In the vast majority of cases, verification of information on the register will only be possible with the person's consent."

In October 2005, the Home Secretary reinforced this message and told the House of Commons: "What the Bill allows is for information to be provided from the register either with the consent of the individual or without that consent in strictly limited circumstances in accordance with the law of the land."

On 10 January 2005, the CIP wrote to the Office of the Deputy Prime Minister saying that: "The ID Card would seem to provide a logical way to confirm the identity and eligibility to vote in the longer term" and that the Electoral Register holds the same information on the NIR and that "there would seem scope here for collaboration between the two systems". On 13th February 2006, the Government stated: "There is currently no proposal for these specifications to provide for two-way data-sharing with the proposed identity cards register".

The CIP final report provides examples of how NIR data could be used:

  • "DWP targeting the 300,000 eligible citizens not currently claiming pensions";
  • Taxation authorities "contacting employees required to complete self assessment";
  • Managing passport application peaks by getting customers to apply early;
  • Department for Education and Skills "tracing children at risk via their guardians addresses";
  • "Local councils collecting debt from citizens who have moved to another authority";
  • "NHS targeting specific citizen groups for screening campaigns"; and
  • "reducing the overall administrative burden on bereaved people"

The Sunday Times reported on 23 April that ministers are considering whether or not to enter health personal details as part of the ID Card holder's details in the NIR. The newspaper reports that: "the Home Office wants cardholders to put personal health information on the cards to give doctors information for emergencies. Cardholders will also be urged to volunteer details of blood group, allergies, and whether they wish to donate organs".

Although the storage of these medical details will require the consent of the cardholder, the step changes the position as stated during the passage of the ID Cards Bill. In the House of Lords, Baroness Scotland of Asthal told Peers on 30 January 2006 that it is clear that the register will not contain health records as "any addition to the list of information in Schedule 1 (the part of the ID Card legislation which describes the content of the NIR) would have to be consistent with the statutory purposes, which in effect rules out any possibility of adding, for example, medical or criminal records".

The CIP Minutes also show that a draft of the 18 April announcement was prepared for release nine months earlier. The minutes state: "The board noted that the timing of the CIP announcement needed to be considered against the ID Cards programme."

Copyright © 2006, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Security for virtualized datacentres

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Why Oracle CEO Larry Ellison had to go ... Except he hasn't
Silicon Valley's veteran seadog in piratical Putin impression
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.