Session 2007-08, 5 June 2008
A Surveillance Society? Inquiry
A Surveillance Society? Inquiry
PUBLICATON OF REPORT
COMMITTEE SAYS GOVERNMENT SHOULD MINIMISE DATA HELD ON CITIZENS
In a report released today, Sunday 8 June 2008, the Home Affairs Committee calls on Government to “adopt a principle of data minimisation” in the information it collects and holds on citizens-it should collect only what is essential, to be stored only for as long as is necessary-and it should “resist a tendency to collect more personal information and establish larger databases”.
The report lays out a set of “ground rules” for Government as a whole and the Home Office in particular that it says Government should follow to “curb unnecessary surveillance, protect the public against the loss of personal data, and maintain the trust of those individuals whose sense of privacy and individual liberty underpins the relationship between citizen and state in our society”.
The inquiry was conducted over a year in which major concerns were raised about data protection in the public sector in the wake of the HMRC records loss scandal and in other contexts such as the recording of an MP’s conversation at HM Prison Woodhill and local authorities’ use of surveillance powers. The Report does not look at the merits of identity cards but the Committee says that the Government’s assurances that it has learned lessons from the high profile data losses “though welcome, are not sufficient to reassure us or, we suspect, the public. Access to National Identity Register databases should be strictly limited and governed by clear protocols”.
The Committee rejects a characterisation of Britain as a “surveillance society” but warns against the expansion of surveillance techniques and the dangers of “function creep”, where information is used for purposes beyond those originally intended. The Committee wants assurance from the Home Office, for example, that “it will not countenance schemes such as those which involve the use of microphones attached to cameras, and in effect apply the techniques of directed and intrusive surveillance to the general public”, and says it must ensure that any extension of the use of camera surveillance is justified by evidence of its effectiveness. It is particularly concerned about any attempt to use patient data or information held on children for the purposes of predictive profiling for future criminal behaviour rather than child protection and says “the Home Office must not undertake or sponsor work of this sort.”
It also says the Home Office should take every opportunity to raise awareness of how and why the surveillance techniques provided for by the Regulation of Investigatory Powers Act might be used, and should keep under review its statutory oversight of RIPA powers.
The Committee would like to see the “Privacy Impact Assessments” recommended by the Information Commissioner be used as a tool to “carry out preliminary risk analysis for a new project before the design phase begins” with any new system for collecting and storing personal information to be designed “with a focus on security and privacy”. The Committee also suggests that the Information Commissioner should produce an annual report on the state of surveillance in the UK to Parliament, to be debated in Parliament.
Chairman of the Committee Rt Hon Keith Vaz MP said:
“What we are calling for is an overall principle of “least data, for least time”. We have all seen over the past year extraordinary examples of how badly things can go wrong when data is mis-handled, with potentially disastrous consequences.”
“What we are concerned with is the tendency to collect more and more data just because the technology allows it and for data to be used beyond the purposes it was initially collected for. For example, we would completely object to any attempt to use data on children for the purposes of predictive criminal profiling rather than child protection and we want an assurance from Government that this kind of thing will not happen.”
“The key issue is trust - the public don’t have much choice over the data held on them by public bodies, so they must be confident about how it is being collected, stored and used - otherwise we are in danger of becoming a “surveillance society”. Data that is collected and managed well and securely by Governments has great potential for improvements in our safety and security and in improving public services. Data that is managed badly - the wrong kind of information, kept for too long - will have exactly the opposite effects.”