An independent authority is to be responsible for managing the increasing volume of personal data collected by the government, the House of Lords heard yesterday.
In a debate on personal privacy, The Earl of Northesk told peers that there was an "irreconcilable conflict of interest between the data interests of the state and those of the citizen."
"The stark reality is that over the past 10 years or so, the UK has earned an unenviable reputation for being a world leader in how to impose a whole raft of surveillance technologies upon its citizenry: the DNA database, CCTV cameras, the National Identity Register, the NHS National Plan for IT, and so on," he said.
The inability of the government to guarantee adequate security of data called into question the state's role as an administrator, processor and manager of the population's data, he said.
"The tasks and functions of data management should be, at the very least, delegated to an authority that is wholly independent of government," he said. "Perhaps even, if advances in technology permit, devolved to the level of the individual user, as a means of re-establishing the primacy of the data interests of our citizenry."
The Lords heard that The National Identity Register, the database behind the ID card programme, holds 92 million personal records, and 9,800 data fields, equivalent to 960 billion separate fields of data.
The HMRC now collects so much personal data that it provides parliament with the number of fields of data it collects, Northesk told the Lords.
Baroness Neville-Jones, shadow security minister, said that the government have not given enough regard to privacy or the need for public trust in the amount of data collected, how it is retained and how it is used.
"It is hard to see what has so changed in our national life that it is necessary and right to give all 474 local councils in England, every NHS trust and fire service, the Environment Agency, and even the Royal Mail and the Royal Pharmaceutical Society access to communications data or surveillance powers, or how that increases the security of the nation," she said.
She made five recommendations:
- Having separate disaggregated databases rather than centralised databases.
- Greater regulation and oversight of the transfer of data.
- Role and office of the Information Commissioner greatly enhanced.
- Legislation to allow Parliament to scrutinise data sharing measures effectively.
- Review of the Regulation of Investigatory Powers Act (RIPA) as soon as possible to curtail its powers.
Read more on Privacy and data protection
FCC guns for Huawei, ZTE in US comms network protection proposal
The only tech question that matters for a new PM: are you ready for the digital future, Mr Johnson?
NSA used Iraq war to develop surveillance capability, documents show
Data transparency has led to mass movements on a scale never seen before