The Information Commissioner's Office (ICO) yesterday criticised the latest government plans to extend the use of personal data as "too wide," with safeguards that were "weak".
The ICO made the comments in the critical second opinion, issued in response to the clauses allowing data sharing across government departments and with the private sector in the government's proposed Coroners and Justice Bill.
The bill was given its second reading in Parliament at the end of January. And, at the time, a clause hidden in its proposals to amend the Data Protection Act raised civil liberty concerns.
The clause would enable ministers to issue information sharing orders,' to use information obtained under the DPA for one purpose, along with its conditions of confidentiality, to be used in the fight against terrorism and crime.
The anti-ID card campaign NO2ID wrote in January: "This single clause is as grave a threat to privacy as the entire ID Scheme. Combine it with the index to your life formed by the planned National Identity Register and everything recorded about you anywhere could be accessible to any official body."
The ICO responded in January: "Some have suggested that the bill's information sharing provisions represent an unwarranted interference with the privacy of personal information."
"We do not agree. The provisions of the DPA will continue to apply to the sharing of personal information whether undertaken within the scope of an information order or otherwise," it stated.
Now the ICO's second opinion has strengthened its original stance on the bill's data sharing plans.
"The bill's information-sharing provisions are too wide, and its safeguards relatively weak. The provisions should only apply in precisely defined circumstances where there is a legal barrier to information sharing that would be in the public interest," stated the second opinion.
It said the bill needs an additional safeguard to prevent the use of information sharing orders in the context of large-scale data sharing initiatives that "would constitute significant changes to public policy," it added.
Click here to read everything you need to know about ID cards.
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Third time lucky? Microsoft finally begins roll-out of controversial Recall featureNews The Windows Recall feature has been plagued by setbacks and backlash from security professionals
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victimsNews Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlashNews UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
ICO slams Electoral Commission over security failuresNews The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firmsNews Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement
-
ICO reprimands Coventry school over repeated data protection failuresNews The ICO said the academy trust failed to follow previous guidance, which caused a serious data breach
-
ICO dishes out fine to HelloFresh for marketing spam campaignNews HelloFresh failed to offer proper opt-outs, the ICO said, and customers weren’t warned their data would be used for months after they cancelled
