An independent authority is to be responsible for
managing the increasing volume of personal data collected by the
government, the House of Lords heard yesterday.
In a debate on personal privacy, The Earl of Northesk told peers
that there was an "irreconcilable conflict of interest between the
data interests of the state and those of the citizen."
"The stark reality is that over the past 10 years or so, the UK
has earned an unenviable reputation for being a world leader in how
to impose a whole raft of surveillance technologies upon its
citizenry: the DNA database, CCTV cameras, the National Identity
Register, the NHS National Plan for IT, and so on," he said.
The inability of the government to guarantee adequate security
of data called into question the state's role as an administrator,
processor and manager of the population's data, he said.
"The tasks and functions of data management should be, at the
very least, delegated to an authority that is wholly independent of
government," he said. "Perhaps even, if advances in technology
permit, devolved to the level of the individual user, as a means of
re-establishing the primacy of the data interests of our
citizenry."
The Lords heard that The National Identity Register, the
database behind the ID card programme, holds 92 million personal
records, and 9,800 data fields, equivalent to 960 billion separate
fields of data.
The HMRC now collects so much personal data that it provides
parliament with the number of fields of data it collects, Northesk
told the Lords.
Baroness Neville-Jones, shadow security minister, said that the
government have not given enough regard to privacy or the need for
public trust in the amount of data collected, how it is retained
and how it is used.
"It is hard to see what has so changed in our national life that
it is necessary and right to give all 474 local councils in
England, every NHS trust and fire service, the Environment Agency,
and even the Royal Mail and the Royal Pharmaceutical Society access
to communications data or surveillance powers, or how that
increases the security of the nation," she said.
She made five recommendations:
- Having separate disaggregated databases rather than centralised
databases.
- Greater regulation and oversight of the transfer of data.
- Role and office of the Information Commissioner greatly
enhanced.
- Legislation to allow Parliament to scrutinise data sharing
measures effectively.
- Review of the Regulation of Investigatory Powers Act (RIPA) as
soon as possible to curtail its powers.