Coroners and Justice Bill
Mr. Bellingham: I have additional questions on clauses 154 and 155, but other colleagues may want to come in on clause 152.
Q 327Mr. Boswell: I thank my hon. Friend for letting me in, because I have to leave shortly. I shall raise three quick points. The first is about what I understand is called field protection. Information may pass from one Government Department to another or elsewhere. I have heard criticism in the past that you are either in or out of that process, and that the whole file is sent. The more common practice in data security in the private sector is to release the amount of information that is relevant to the particular inquiry. Should we turn our attention to that?
Richard Thomas: Yes, I think that you are raising a very important point and I entirely agree. Data minimisation is a fundamental principle of data protectionno more, for no longer than is needed for a particular purpose. With the broad machinery of a privacy impact assessment, people can ensure that nothing excessive is happening, so each action can be justified, by ensuring that no more data than are needed are used or shared, and there are safeguards about security and the end use. That is a more transparent way of ensuring that we are not giving a blank cheque to those who are otherwise engaged in data sharing.
I think that the commissioners opinion will be important, because I do not think that it is simply a formality. The commissioner can insist on a privacy impact assessment under the code of practice to see the justification for a particular measure. If they still think that it goes too far and is either wholly unacceptable or does not have sufficient safeguards or conditions, the commissioner can say so. We have a robust and responsible approach and I believe that I, and my successors, would say if a particular measure went too far in the report to Parliament. Frankly, it would be a brave Department that came forward and said, We insist on this particular data-sharing measure, even though the commissioner has said that it is unacceptable and does not meet data protection requirements.
Q 328Mr. Boswell: Thank you for that firm statement. Following on from that thought is the question of what you might call data gouging, in which data are passed for a perfectly defensible purpose and then employed for other purposes or used more widely. I notice that you refer to that danger in your memorandum. Can we stop or restrict that more than we appear to be able to with the provisions in the Bill? For example, once the data have leapt the wall, it is difficult to prevent the whole lot being used for other purposes, whatever undertakings were given at the time.
Richard Thomas: I understand the point. That is one reason why Mark Walport and I called for precisely defined circumstances in our recommendations. We also said that the process would not be suitable for any large-scale data-sharing initiative that constitutes a significant change to public policyfor example, identity cards and the DNA database. There needs to be absolute stringency and control, and limitations on any data-sharing order brought forward to meet the sort of concerns that you have expressed.
I would like to turn to a specific concern, which echoes part of Mr. Bellinghams question. We are unhappy with the definition of sharing in proposed new section 50A to the Data Protection Act 1998. Proposed new section 50A(3)(a) is fine; that is about data sharing from one organisation to another. However, we have strong reservations about paragraph (b), which reads,
consults or uses the information for a purpose other than the purpose for which the information was obtained.
That is not data sharing as Mark Walport and I understood it. We were concerned with sharing from one organisation to another, but that raises a completely different set of issues where a single organisation, having collected and gathered information for one purpose, wishes to use it for another purpose. That goes to the heart of some of the principles of data protection. Use limitation is the shorthand for that part of data protection, and we have anxieties about the drafting of that provision. It may be more than just a drafting point, because whereas proposed new section 50A(3)(a) deals with genuine sharing, proposed new paragraph (b) is concerned with a different situation altogether.
Q 329Mr. Boswell: In the public sector, there are at least in principlealbeit they may not work well in practicea series of safeguards over and above those available through your office. For example, there is the Official Secrets Act and in certain cases, such as cases involving the Taxes Act, it is a criminal offence to disclose peoples Revenue files.
In a different context, I expressed some concern about this extensionwhere you use contractors who may be located outwith the jurisdiction, for example. That same point is also of concern in relation to data that are shared with private sector organisations. How do we get an equality of responsibility with that sort of situation?
Richard Thomas: In our report, we looked at the picture at large, and we explicitly said that it no longer makes sense to draw sharp dividing lines between the public, private and voluntary sectors. We have the use of private sector contractors, the involvement of the private sector in traditional public functions and the use of the voluntary sector to carry out public functionsI had a meeting with the Minister last week, and we discussed the example of a childrens charity carrying out child protection work for a local authority. It is right to have a global approach. We cannot draw those sorts of distinctions between the different sectors any more. That is one fundamental reason why we think that the powers available to the commissioners office need to extend to all data controllers. It does not make sense to limit the assessment notice only to Government Departments or other public authorities designated by the Secretary of State, as clause 152 is currently does. It needs to apply to all data controllers from the outset, to put right something that has been wrong for more than 20 years.
Q 330Ian Lucas (Wrexham) (Lab): Mr. Thomas, earlier you gave the example of the Transport for London protocol relating to the sharing of images from congestion charging. I am interested in what process was used to activate that. Was it a legislative process?
Richard Thomas: Yes it was. There is a section of the Data Protection ActI forget which number; perhaps David will remind mewhich allows the commissioner to agree that for law enforcement purposes, a particular arrangement can be made along those lines. That is a good example. Nobody would ever justify use of the congestion cameras for anything other than congestion charging or for very serious matters. Mark Walport and I said that it would be manifestly unreasonable if a wife
Richard Thomas: No, and I think that was a defect. It would clearly be far better if that sort of arrangement could come before Parliament as part of a democratic process. Parliament would then say, Yes, that is okay, or No, that is not okay. That is a better way forward than having some of this done behind closed doors.
Q 332Ian Lucas: Do you have any concerns that the affirmative resolution process is secondary legislation, which will effectively amend primary legislation?
Richard Thomas: We understood when we put this forward that it would be very controversial, and I think that it is for the Government to defend the precise nature of what is being introduced. But we also documented the unsatisfactory current state of affairs. Lawyers are expressing doubt; there is a lot of confusion; and a specific gateway has been included at the back of a Bill, which just adds to the general field of confusion. We have said a lot about more and more layers being put on top of the basic legal framework. That just creates greater and greater confusion, and there is no scrutiny whatsoever. So, although I understand that anything that even looks like a Henry VIII clause will be very controversialit is for you to decide whether this is the right way forwardon balance we thought that that was a better way forward and a better way of getting more scrutiny, more safeguards and ultimately more certainty into a very confused area. But, all my support for that is qualified by the reservations that I am expressing.
Q 333Mr. Kidney: Mr. Thomas, it is evident that discussion is ongoing between you and the Ministry of Justice about why you feel that the Bill is inadequate on safeguards. May I push you, on behalf of us all, on that? Do you envisage that the Bill should set out the kinds of themes that you gave uslaw enforcement, public services improvement and researchand no others, or do you envisage a set of examples of what is not acceptable, or indeed a mixture of the two?
Richard Thomas: Mark and I are not draftsmen; we put forward broad themes. I was a little surprised when I saw mention in the Bill of securing a relevant policy objective. We are very clear that there need to be rationales under those three broad headingslaw enforcement and public protection, improving public services and research and statistical analysis. I have not come here this afternoon with specific drafting ideas. Perhaps one could work around that, or around some sort of public interest justification, but a rationale based purely on securing a governmental policy objective seems too wide.
Q 334Mr. Kidney: We have received an angry representation from the BMA, saying that it would be totally unacceptable, under any circumstances, for peoples personal health details, on their sexually transmitted infections or whatever, to be handed over by the NHS
Richard Thomas: I cannot think of absolute no-go areas. I have not seen the BMA paper, but to say that under no circumstances should information be shared seems a little extreme. Sometimes information needs to be shared for research and statistical purposes. There is a lot in our report about the need to ensure patient anonymity, but sometimes you need to study what happened to patient A in year one, and then go back to the same patient in years five and 10. You do not need to know who the patient is, but you need to know that it is the same patient. So, I do not think that you can say no sharing under any circumstances, but the BMA is absolutely right to say that you need much stronger safeguards for sensitive data, such as health data. I do not quarrel with that. I just say that you cannot be black and white.
David Smith: The area of health information is very difficult, and we are often challenged on it. The simple approach, which has a lot to justify it, is that our health information is entirely private. We give that data to our doctor, and they must not be shared more widely. There is a strong public policy argument in that. If people think that their information will be made widely available, they will stop going to the doctor and to hospital, and public health will suffer. However, we already have provisions whereby doctors share information when there are things such as notifiable diseases, because the interest in protecting public health is wider than the confidentiality of the individual.
It is never simple. I hesitate to go into the area of sexually transmitted diseases in detail, because that is so sensitive, but the idea that never under any circumstances should information about a sexually transmitted disease be shared is perhaps wrong. But the grounds would have to be extremely strong. Any sharing would have to be extremely limited and the justification in public interest terms would have to be high. As the commissioner said, perhaps the real test here is not whether this supports a policy initiative but whether, weighing up the pros and cons, it is in the public interest.
I wonder whether it might help if I gave an example. This one goes back a little way but shows at the other end of the spectrum what can be prevented by the restrictions on information sharing. Older members of the Committee may remember the European Unions butter mountain. There was a proposal to distribute that butter mountain free to old age pensioners. The people who were capable of doing the distribution were in the local authorities. But they do not have any information on who are the pensioners in their area. That was held by the Department of Social Security, but it had no power under the legislative provisions that it operated under to share information on pensioners with local authorities, so that they could distribute the butter mountain. That was a real problem. There are ways around some of these things. The DSS could have written to individuals and told them to go along to their local authority with proof of their age to collect their butter. These things are not impossible, but it was a real hurdle. The legal restrictions were clearly operating against the public interest and against people getting free butter.
Q 335Mr. Kidney: Thank you for that. Can I go back to another point? You mentioned anonymised information which might be more acceptable to be released. In fairness to the BMA, it is keen on releasing information for research but such information is properly anonymised. Would there be sufficient safeguards in the system that is proposed in the Bill, however it gets amended and with the impact assessment, your report to Parliament and so on, for anonymised sharing of information to be more acceptable than sharing peoples personal details?
Richard Thomas: I have always been an optimist in these matters. When you have statutory requirements to go through certain procedures, it puts pressure on those concerned to demonstrate that they are meeting those requirements. As well as being an optimist I am also a very strong advocate of transparency, which is often the best regulator of all. So if we have an open process so that we can scrutinise each scheme as it comes forward, that will serve the public interest better than a rather bland blanket approval included in sectoral statute, which then opens the door for anything to happen with virtually no check or balance at a subsequent stage.
I hope that I am not sticking my neck out. In five years time, I may be proved wrong on this. Having sat through seven months of evidence on this and the sorts of examples that David mentions, and many others besides, I think we need some sort of fast-track provision in precisely defined circumstances to allow beneficial sharing. It is as much in the public interest to allow beneficial sharing as it is to stop undesirable sharing. You cannot generalise and say, All sharing bad, all non-sharing good. You have to look at each situation on its own merits and then make sure that it is properly constrained.
|©Parliamentary copyright 2009||Prepared 6 February 2009|