The Government’s Performance and Innovation Unit (PIU) yesterday released a report on the sharing of personal information among government departments, an essential step in the move towards e-governance. In effect, it enables departments to talk to each other. However, the report has already been criticised by a privacy group.
Entitled “Privacy and Data-Sharing: The Way Forward for Public Services”, the PIU report says that action is needed in a number of areas, including:
- Building public trust: ensuring clear and consistent principles govern the way personal information is used across the public sector, and improved access to personal data along with simple processes for correcting mistakes;
- Improving data quality: ensuring that the data held for public service delivery is high quality and up-to-date, for example through increased use of data quality audits;
- Making better use of technology to deliver more secure, more joined-up services: ensuring high levels of data security, effective protection from fraud and more joined-up, more personalised service delivery, for example through the use of smartcard and Public Key Infrastructure (PKI) technology and by implementing best practice on information security throughout the public sector; and
- Addressing legal problems: ensuring that public services are clear about how the law regulates data-sharing, together with consultation on possible legal changes to allow wider data-sharing with the consent of the individual and to change the processes for establishing data-sharing gateways.
Shortly after yesterday’s publication, the Foundation for Information Policy Research (FIPR) described the 200-page report as “deeply disappointing.” The independent organisation that exists to study the interaction between information technology and society, criticised the length of time taken in preparing the report.
The FIPR claimed that the adoption of the new culture and the technical infrastructure on which the plans will need to be based will be “far too late” to meet the “e-government” target of 2005.
It also criticised the plan for some data sharing to take place without an individual’s consent being introduced by secondary legislation:
“Legislation is clearly needed for people’s privacy to be overridden in this way – but the PIU merely proposes the use of Regulations, where Parliament will be unable to amend the proposals if indeed they are ever debated at all.”
Finally, the FIPR criticises the intention that the Chief Knowledge Officer in each department will be the person responsible for both protecting the data and disclosing it.