UK.gov hoovers up data on five-year-olds
What I did on my holidays, and all the other days
When asked to cite specific statutory justification for collecting data in potential breach of the DPA, Ms Backoe cited Department of Health "guidance". She referred to the Children Act 2004 which she claimed "sets out standards and expectations about how services for children and young people should be developed strategically and organisationally".
Sections 12 and 29 of this Act include provisions whereby the Secretary of State may order the setting up of databases - and have already been used fairly extensively in respect of the Contactpoint project. In theory, they allow for government to demand whatever information it sees fit to demand in respect of children, and to pass it on to any third party. Nonetheless, the regulations do not appear to include any powers to demand information on parents.
She also alluded to DoH "guidance" that local areas should "aim for 100 per cent coverage of children in the locality using whatever information systems are available".
Whether the intention of this exercise was to be intimidatory or not, the net effect appears to have been just that.
The approach is not dissimilar to that already employed by the DoH in respect of patient records being uploaded to "the spine" (pdf). To achieve 100 per cent coverage of any data source is an objective that those working in IT will know is impossible without statutory backing: but to date, the DoH have attempted to circumvent this by the simple trick of not telling patients they have a right to opt out.
Government response to concerns by the BMA and patient groups was set out by the Chief Medical Officer, who demanded that GPs provide the names and addresses of those wishing to opt out to central government, on the grounds that their dissent was not "correct".
We also asked the DoH for comment. However, apart from an initial reaction that this project was nothing to do with them and probably belonged to the Department for Children Schools and Families (it doesn’t!), they have so far not come back to us.
If successful, this approach will be rolled out to the rest of England and Wales. ®
Sponsored: Network DDoS protection