Stuart Monk - Fotolia

Experts attack Digital Economy Bill for lack of data-sharing safeguards

Group of 26 experts criticises Digital Economy Bill for vague information-sharing provisions and lack of safeguards, calling on the government to take action

A group of experts has slammed the Digital Economy Bill for failing to provide enough detail and scrutiny around its data-sharing commitments.  

The group, comprising 26 businesses, professional bodies, academics and privacy groups, has written a letter, published in the Telegraph, calling on the government to expand the details about data-sharing provisions in the legislation. 

The bill’s stated aim is to make the UK “a place where technology ceaselessly transforms the economy, society and government”, with one of its key commitments focusing on the sharing of publicly held datasets “to improve service delivery while maintaining safeguards on privacy”. 

It has already faced serious scrutiny by MPs reviewing the bill, and has been criticised for not including a definition of data-sharing, as well as not being transparent enough on safeguards.

In the letter, the experts said the bill was changing the relationship between citizen and state by putting government ministers “in control of citizens’ personal data”.

“It means that personal data provided to one part of government can be shared with other parts of government and private-sector companies without citizens’ knowledge or consent,” the letter said.

“Legal and technical safeguards need to be embedded within the bill to ensure citizens’ trust. There must be clear guidance for officials, and mechanisms by which they and the organisations with whom they share information can be held to account.”

The experts putting their names to the letter included Jerry Fishenden, co-chair of the Cabinet Office’s Privacy and Consumer Advisory Group; Rachel Coldicutt, CEO of Doteveryone; and David Evans, director of policy at the BCS.

They argued that the government must strengthen, not weaken, the protection of sensitive information.

“The government should be an exemplar in ensuring the security and protection of citizens’ personal data,” they wrote. “If the necessary technical and legal safeguards cannot be embedded in the current bill and codes of practice, we respectfully urge the government to remove its personal data-sharing proposals in their entirety.”

Read more about the Digital Economy Bill

The government already has a chequered history in building public trust on data protection, such as the scandal.

One of the main reasons for the failure of that programme, which aimed to extract anonymised patient data from GPs to a central repository held by NHS Digital, was a lack of transparency.

The government was accused of pushing through without explaining its implications for highly sensitive patient records.

In a blog post, Fishenden highlighted the fact that a similar letter had been written in 2009, raising similar concerns about data-sharing. 

The government later withdrew its proposals for data-sharing at that time because they were “drafted in a way that was too wide”. 

“It’s almost as if someone has mischievously dusted off those old proposals and tried to sneak them back past ministers again in the hope that they wouldn’t notice or remember them from the last time around,” said Fishenden.

“It is disappointing that, some seven years later, similarly poorly defined proposals for data-sharing have been reintroduced to parliament, still without the required legal and technical safeguards that raised so many concerns last time around.”

The government has now published a code of practice that aims to clarify the government’s definition of data-sharing and how data will be used, but critics say the code is still vague on safeguards and transparency.

Read more on IT for government and public sector