Institute for Government cautions government to draw right lessons from pandemic

The Institute for Government has published a report that indicates the government is in danger of drawing false lessons from the sharing of data during the Covid-19 pandemic.

Written by Gavin Freeguard and Paul Shepley, the report, Data sharing during coronavirus: Lessons for government, is based on six roundtables conducted by the IfG in the summer of 2022 among civil servants and data practitioners. The think tank has written up each roundtable, providing video and audio. They cover topics such as legislating to support data sharing, data sharing to combat fraud and the experiences of the NHS Covid-19 Data Store.

The report notes that the data store attracted controversy due to how open project owners were about the involvement of certain suppliers. “Openness about the private companies involved in the project led to several stories in the press,” said the report authors, coyly. Palantir has proved to be a controversial firm in the context of this project because it is a favourite target of civil libertarian organisations, such as Privacy International, Big Brother Watch and legal company Foxglove.

The report puts into question the government’s self-congratulation about data sharing during the pandemic. It points to the findings of two parliamentary committees, the House of Commons Health and Social Care Select Committee, and the Science and Technology Select Committee, which were critical of the government’s response to the pandemic.

“A country with a world-class expertise in data analysis should not have faced the biggest health crisis in 100 years with virtually no data to analyse,” one said. Also registered in the IfG report was the manner in which setting up NHS Test and Trace “as a new organisation outside the healthcare system created technical challenges that hindered the sharing of positive infection cases and their locations with local authorities”.

The report expresses reservations about the Data Protection and Digital Information Bill going through Parliament this year. Of the roundtable on that subject, the authors said: “The most significant challenges with data sharing identified by our roundtable participants were not legislative, but cultural and organisational, meaning further legislation may fail to resolve (and might instead distract from) the problems that actually posed a barrier to effective data sharing.” 

The report recommends that government should reconsider several of its proposed changes to the bill. These would, say the report’s authors, “remove the requirement for several measures that were highlighted as useful by roundtable participants, such as data protection impact assessments [DPIAs] and data protection officers. The bill should retain these aspects.”

The report notes that the bill has been framed by the government as delivering some of the so-called “benefits of Brexit” through creating a “pro-growth and innovation-friendly data protection regime”. This is because Brexit allows the UK to diverge from the European version of the General Data Protection Regulation. However, the report’s authors maintain that “a key lesson from the pandemic has been that existing legislation is largely fit for both emergency and non-emergency situations, and allowed the government to respond swiftly when data sharing was required”.

They go on to note that the new bill could “destabilise the existing legal environment, which is still bedding in, and remove some critical protections and processes.

“Data protection officers and DPIAs were frequently highlighted by participants in our roundtables as useful, and remain recommended by the ICO as a useful tool even when not mandatory,” it said.

The report also recommends that the Central Digital and Data Office should produce a so-called data sharing “playbook” to help public sector workers build new services founded on the use of data. The goal there would be to “minimise barriers to civil servants establishing new data sharing agreements for public benefit, while respecting the rights and views of the public and aligning with the Information Commissioner’s Office [ICO] guidance”. The report identifies a leading role to be played by the Centre for Data Ethics and Innovation in developing this “playbook”.

Though it’s not mentioned in the report, germane to the “playbook” concept is that the government plans to set up what it calls a “data marketplace” as part of its Roadmap for digital and data, 2022-2025. The policy paper describing this “roadmap” says all government departments “will have access to a Data Marketplace (including a Data Catalogue, standards and governance models) to rival best practice across public and private sectors”.

A Cabinet Office spokesperson confirmed to Computer Weekly that a blogpost from the Central Digital and Data Office is in the works that will put flesh on the idea of a “data marketplace”.

The IfG report authors conclude, in their report, that: “The pandemic showed what can be achieved and highlighted how a clear purpose and urgent need could overcome some of the traditionally cited barriers to data sharing. But it also showed which barriers remain to data sharing in the public interest.”