Feeds

UK.gov data sell-off row: HMRC denies claims it'll flog YOUR private info

Says there are 'clear public benefits' with such a plan, though

Intelligent flash storage arrays

Comment "There is no question of HMRC selling data." That's the promise from Whitehall, which is floating the idea of "sharing" sensitive taxpayer information with private businesses.

It's the latest in a series of attempts from the Tory-led coalition to turn public and not-so-public data into a moneyspinner for UK PLC.

A period of consultation quietly came and went in July 2013 (PDF), when the government sought views on its proposal that the HMRC could:

[I]ncrease the scope for the department to share non-identifying information (that is, information that does not relate to identifiable individuals or legal entities), and on proposed safeguards. Options cover general and aggregate data as well as anonymised data sets.

HMRC also seeks views on the potential benefits, costs / risks and necessary safeguards for proposals to share VAT registration data, either publicly or under controlled conditions for specified purposes, for example, credit rating.

By December last year, Chancellor of the Exchequer George Osborne apparently told Parliament (or at least mentioned on page 97 of the Autumn Statement: PDF) that the government planned to "proceed with next steps to make aggregated and anonymised HMRC data available for wider public benefit, publishing draft legislation for further consultation in early 2014".

Remember the National Pupil Database?

Strangely, this is the latest such consultation about British citizens' data to fail to have initially gained much traction in Westminster, let alone beyond its doors.

In late 2012, your correspondent was the first to spot that Education Secretary Michael Gove wanted "to share extracts of data held in the National Pupil Database (NPD) for a wider range of purposes than possible in order to maximise the value of this rich dataset".

Ultimately, the government wanted the private sector to tout "tools and services which present anonymised versions" of records on Blighty's kids.

In that instance, Gove did a spectacular job of getting legislation passed with very little opposition to the plan after the Department for Education agreed, in response to public consultation, to change the wording of some of its more contentious plans with the NPD.

Similarly, it took privacy campaigners against the Department of Health's highly controversial care.data scheme well over a year to convince Brits that they really ought to oppose the plan, because information from their GP medical records was about to be extracted "anonymously" (a word which, in this context, Whitehall has repeatedly struggled to define) and shared with private companies.

Eventually, the care.data programme was paused for six months after a political stink about the patient records finally hung over Westminster like a wet fart.

It's now the turn of mandarins at the Treasury to fight off very late in the day complaints about its proposals to yank open taxpayer data so as the private sector can make money out of allowing "controlled" access to it.

"No final decisions have been taken, but HMRC remains committed to safeguarding taxpayer confidentiality," El Reg was told by an HMRC spokesman.

"HMRC would only share data where this would generate clear public benefits, and where there are robust safeguards in place. There is no question of HMRC selling data."

He added:

Last year’s consultation made it very clear that there would be a rigorous accreditation process for anyone wanting access to the data and that any access would take place in a secure environment. Those accessing data would be subject to the same confidentiality provisions as HMRC staff, including a criminal sanction for unlawful disclosure of taxpayer information.

HMRC will be consulting further and will ask for views on whether to charge to cover the costs of processing and providing anonymised data. This would not be charging for the data itself, purely covering the costs of providing it.

We understand that the types of "anonymised" data the HMRC could offload includes employment information about citizens who have been in government programmes to help them find a job and housing info to see how certain characteristics might be connected to excess winter mortality rates.

Whitehall is now routinely batting aside suggestions that it is selling Brits' data to private biz.

The latest plan is yet to be poked at in Parliament, so MPs could yet derail the proposed legislation, but their inertia around similar issues suggests that this one might also slide its way through the House with little struggle.

It seems, then, that the nightmare is true. I've thought as much since late 2012. ®

Internet Security Threat Report 2014

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.