Feeds

Rights Commish warns of creeping gov data menace

'Need for personal info has to be clearly justified'

Security for virtualized datacentres

The government's approach to the collection and use of personal data is "deeply flawed", according to a report from the Equalities and Human Rights Commission (EHRC).

The EHRC has joined in long running complaints from privacy activists with the publication of a report, Protecting Information Privacy (105-page PDF/716KB), which says public authorities may be unaware they are breaking the law, as the complexity of the legal framework makes their obligations unclear.

It acknowledges that the demand for information is coming from the public and the private sectors, and says there is a risk of eroding the right to privacy.

The report finds that it is difficult for people to know what information is held about them, by which government agency or private sector body, or how it is being used. For example, as there is currently no law regulating the use of CCTV cameras it would be very difficult for someone to find which organisations hold footage of them.

It can be hard to check the accuracy of personal data held, to hold anyone to account for errors in the data or its misuse and to challenge decisions made about someone on the basis of that information. Calling any public or private organisation to account is made more difficult because people often may not know what their rights are or know when a breach of those rights has occurred.

The EHRC says that breaches of privacy are likely to get worse in the future as demand for personal information increases and as new technology is developed that is not covered by existing legislation or regulations. Piecemeal reform of relevant laws, such as the proposals in the Protection of Freedoms Bill, may not be sufficient to ensure people's rights are protected.

In response, it makes a handful of recommendations:

  • Streamline the current legislation on information privacy so that it is easier for organisations to understand their responsibilities and simpler for citizens to know and use their rights.
  • Ensure that public bodies and others have to properly justify why they need someone's personal data and for what purpose. Any requirement to use personal data for any purpose other than for which it was collected should go through a vetting process.
  • All public bodies should carefully consider the impact on information privacy of any new policy or practice and ensure that all requests for personal data are justified and proportionate.

Geraldine Van Bueren, a commissioner for the EHRC, said: "It's important that the government and its agencies have the information they need about us to do their job, for example to fight crime, or protect our health. However, the state is holding increasing amounts of information about our lives without us knowing, being able to check that it's accurate or being able to challenge this effectively.

"This needs to change so that any need for personal information has to be clearly justified by the organisation that wants it. The law and regulatory framework needs to be simplified and in the meantime public authorities need to check what data they have and that it complies with the existing laws."

This article was originally published at Guardian Government Computing.

Guardian Government Computing is a business division of Guardian Professional, and covers the latest news and analysis of public sector technology. For updates on public sector IT, join the Government Computing Network here.

Choosing a cloud hosting partner with confidence

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Big Content outs piracy hotbeds: São Paulo, Beijing ... TORONTO?
MPAA calls Canadians a bunch of bootlegging movie thieves
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
Lawyers mobilise angry mob against Apple over alleged 2011 Macbook Pro crapness
We suffered 'random bouts of graphical distortion' - fanbois
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
US court SHUTS DOWN 'scammers posing as Microsoft, Facebook support staff'
Netizens allegedly duped into paying for bogus tech advice
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.