Feeds

Your census data will be kept secret - except from MI5, police, courts etc

New Labour attitudes buried in the fine print

High performance access to file storage

Like you, I have received my 2011 census form from the Office of National Statistics (ONS). The cover page prominently states, in bold, "Your personal information is protected by law. Census information is kept confidential for 100 years". Like you, perhaps, I have taken this statement at face value.

However, preparing for our Privacy Impact Assessment (PIA) course, I came across the PIA for the Census (PDF/502 KB) . Under the heading "Keeping census records confidential", the Census PIA states: "Other than for the purposes of conducting the census and in the circumstances set out in Section 39 of the Statistics and Registration Service Act 2007, it is unlawful for any member or employee of the UK Statistic Authority (which includes any member or employee of ONS) or any person who has received personal information directly or indirectly from the Authority, to disclosure such information"(paragraph 12.6.1).

The ONS website has a "Commitment to confidentiality and data security” which says something similar. It states: "All employees of both ONS and any appointed contractors working with Census data are bound by Regulations made under the 1920 Census Act and the confidentiality provisions of the Statistics and Registration Service Act 2007 (SRSA)."

So, unlike the absolute "confidentiality" statement on the census form itself, the website and PIA "confidentiality" reference is qualified by a reference to legislation dated 2007: a year when the then New Labour Government was highly addicted to its unnecessary mass surveillance legislation. To abuse M&S's well-known advertising campaign slogan one has to consider whether "this is not just confidentiality, this is New Labour confidentiality".

Section 39 of the Statistics and Registration Service Act 2007 is, so the Act says, about "Confidentiality of personal information"; in practice the section achieves the precise opposite. Section 39(1) begins well enough. It states that: "Subject to this section, personal information held by the Board in relation to the exercise of any of its functions must not be disclosed by (a) any member or employee of the Board, (b) a member of any committee of the Board, or (c) any other person who has received it directly or indirectly from the Board."

However, Section 39(4) then states that the disclosure prohibition in section 39(1) "does not apply to a disclosure which (take a deep breath):

a) is required or permitted by any enactment,

b) is required by a Community obligation,

c) is necessary for the purpose of enabling or assisting the Board to exercise any of its functions,

d) has already lawfully been made available to the public,

e) is made in pursuance of an order of a court,

f) is made for the purposes of a criminal investigation or criminal proceedings (whether or not in the United Kingdom),

g) is made, in the interests of national security, to an Intelligence Service,

h) is made with the consent of the person to whom it relates, or

i) is made to an approved researcher."

Section 39(4) therefore possesses all the hallmarks of New Labour's disdain for personal privacy. It is not a clause to protect confidentiality; it is a clause to remove that confidentiality.

I should add that the national security paragraph (ie section 39(4)(g)) was removed a year later by Schedule 1 of the Counter-Terrorism Act 2008 (PDF/488 KB). It was replaced by a provision to provided unfettered access to a full copy of the Electoral Register whenever any of the national security agencies wants a full copy.

Can we reflect on this for a second? The idea behind section 39(4)(g) was for Census officials to promise Census confidentiality and at the same time register the UK population with the national security agencies. The replacement idea is for citizens to register for a vote and also register an entry in a Security Service database. There has been no public debate about such mass surveillance, and as far as I can see, this data acquisition has little to do with terrorism. After all, those individuals intent on undermining a Parliamentary democracy are unlikely to want to vote in one.

Note also that in relation to disclosures in connection with crime, the threshold test adopted by Section 39(4)(f) is not the Data Protection test of "failure to disclose" causing "prejudice" to criminal investigation (see Section 29 of the DPA). Instead, the New Labour threshold was reduced to any disclosure made for a criminal investigation.

In relation to an "approved" researcher (the last in the Section 39(4) list), the Board can decide from "time to time to publish criteria by reference to which it will determine whether to grant access" to an approved researcher. Note that this means that there is no obligation for the Board to publish any criteria relating any other recipient in the Section 39(4) list. This in turn means that details about ONS disclosures subject to section 39(4)(a)-(h) can be kept conveniently out of the public gaze as there is no obligation to publish criteria for access.

It is interesting to note that in 2009, the department responsible for Education was not keen on Section 39(4) when it wanted to disclose pupil personal data to the ONS. So, in the "Statistics and Registration Service Act 2007 (Disclosure of Pupil Information) (England) Regulations 2009", the department changed the law to permit the disclosure of personal data about school pupils to the ONS, but also excluded any further disclosure by the ONS for purposes identified in paragraphs 39(4)(d) and 39(4)(f) to 39(4)(h). In particular, the regulations made any national security and crime disclosure unlawful.

If one department of State discovers it cannot stomach the broad reach of section 39(4) disclosures, I cannot see why those who complete the Census forms in a fortnight's time cannot be similarly protected.

No doubt ONS officials will vociferously state that there will be no such disclosure and that confidentiality is an absolute. This is technically correct as they can argue that the fact that Section 39(4) has disclosure provisions does not mean the Census personal data will actually be disclosed. However, it is also very clear that personal census information can be disclosed, with a considerable degree of secrecy, almost at the whim of ONS senior managers. And it is the existence of this possibility which is, quite frankly, unacceptable.

Ministers, if they want, can easily clarify the relationship between Section 39(4) disclosures and the personal details collected in the Census. Indeed, the "Protection of Freedoms Bill", currently under debate in Parliament, provides a vehicle to table an amendment that absolutely protects the Census personal details from such disclosures.

Any failure to make this necessary legislative change, or to make a statement concerning the application of section 39(4), provides evidence that the government is not prepared to commit itself to ensuring the confidentiality of the 2011 Census. In which case, the promise that "Your personal information is protected by law. Census information is kept confidential for 100 years"... is worthless.

This story originally appeared at HAWKTALK, the blog of Amberhawk Training Ltd.

Combat fraud and increase customer satisfaction

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.