• Media Enquiries

    07505 448925(24hr)

Time for surveillance transparency


Today the three heads of Britain's intelligence agencies appear infront of Parliament's Intelligence and Security Committee in a televised hearing, the first time for such a hearing to be broadcast. Progress, yes, but let's not get ahead of ourselves - the head of the CIA first appeared on TV speaking to congress in 1975, so it's hardly a revolution in oversight. Today we have published new polling by

GCHQ faces legal action over mass surveillance


Today Big Brother Watch, working with the Open Rights Group, English PEN and German internet activist Constanze Kurz, has announced legal papers have been filed alleging that GCHQ has illegally intruded on the privacy of millions of British and European citizens. We allege that by collecting vast amounts of data leaving or entering the UK, including the content of emails and social media messages, the UK’s spy

Patients win choice of sharing medical records


Earlier this year, we led the concern that a new NHS data sharing plan would see every patient's medical records uploaded to a new information system without the right to opt-out. We warned at the time that patient records would be out of patient control. On Friday, the Secretary of State confirmed that this will not be the case. We have worked closely with MedConfidential and Privacy International to ensure

Boom in private investigators risks avoiding surveillance regulation


Our latest report highlights the growing use of private investigators by local and public authorities, particularly the number of times they are used without RIPA authorisation. The law in the UK, particularly the Police and Criminal Evidence Act 1984, is broadly drawn to allow evidence to be introduced in court that in other jurisdictions would not be deemed admissible. Contrasted with the fruit of the poisonous

Data Protection

Another Group backs the end of the Edited Register

Posted on by Dan Nesbitt Posted in Councils, Data Protection, Databases, Marketing, Privacy | 2 Comments

mail_splashThe Edited Electoral Register (EER) has come under fire in the past few weeks, with a series of reports indicating that the Register is proving to be more trouble than it is worth.  To add fuel to the fire,  the Local Government Association (LGA) has called for the sale of the EER to be stopped and the register itself to be scrapped.

Councillor Peter Fleming, Chair of the LGA’s Improvement Board  has hit the nail on the head with what is wrong with the EER, arguing that  councils resent having to pass “the electoral roll onto direct marketing companies”, continuing that “it demeans our democracy for the voters’ details to be sold off to help direct marketing companies make money.”

Indeed, one of the main problems with the EER is that it is of benefit to no one but the very marketing companies that purchase the data. In fact it is especially troublesome for residents who find themselves being deluged with junk mail due to their councils being forced to sell it on.

Read more

Traffic Enforcement: Over-Zealous and Heavy-Handed

Posted on by Dan Nesbitt Posted in ANPR, CCTV, CCTV cars, Councils, Data Protection, Databases | 3 Comments

Image20A single case has managed to combine all that is worrying about the way in which local councils carry out traffic enforcement. The story, reported in the Daily Mail, showed that after being caught on CCTV a driver was subsequently tracked down by bailiffs using a combination of mobile Automatic Number Plate Recognition (ANPR) and their access to the DVLA database.

The use of CCTV for handing out traffic fines is something that has raised concerns from a number of sources, for example Eric Pickles, Secretary of State for Communities and Local Government, who accused councils of “bending the law as a means of filling their coffers with taxpayers’ cash.”  The Surveillance Camera Commissioner (SCC) also published guidance on this practice, stating that cameras should only be used “when other means of enforcement are not practical”.

Research by Big Brother Watch (PDF) has highlighted that the use of static CCTV to tackle parking and traffic violations has proved lucrative for local councils, bringing in over £179m in 5 years. This reinforces Eric Pickles’ concerns that CCTV cameras are in fact being used to raise revenues, rather than actually improve traffic conditions.

Read more

New guidance only shows the problems of surveillance oversight. Where are the solutions?

Posted on by Dan Nesbitt Posted in Civil Liberties, Data Protection, Information Commissioner, RIPA, Surveillance | Leave a comment

iStock_000016822421MediumFinally clarifying what was already widely accepted, a publication by the Information Commissioner’s Office (ICO) has confirmed that surveillance legislation is “complex”. “Surveillance Road Map” (PDF) seeks to set out the responsibilities of each body tasked with overseeing the laws that govern surveillance as well as highlighting some of their overlapping functions.

One of the aims of the guidance is to show members of the public “the avenues available to challenge or complain about any alleged breach of surveillance legislation”. Whilst this is a laudable aim it misses the real problem: that in too many cases roles are unnecessarily duplicated.

One prime example is of the Surveillance Camera Commissioner (SCC) and the ICO. The guidance states that the two bodies’ CCTV Codes of Practice “dovetail”; in fact they repeat each other. There is no reason for both bodies to be responsible for CCTV oversight. As the document points out the SCC has no “complaints handling or enforcement function”. Action should be taken to rectify this, as a result the SCC could be made responsible for a single, enforceable Code of Practice and the ICO would be able to focus more attention on its other functions.

Read more

Yet another Government Database Mooted

Posted on by Dan Nesbitt Posted in Data Protection, Databases, Information Commissioner | 1 Comment

serversEven plans made with the best of intentions can go awry. In a speech made last week, Mark Hoban, a former Minister of State for Work and Pensions, floated the idea of combining previously separate personal financial information into a single database.

Mr Hoban argued that “It would be great if we could use the Retirement Saver Service to store data on their savings, pensions – state and private – and housing”. The idea is that it would give individuals a clearer idea of their current savings situation as well as helping to signpost any necessary action they would need to take in the future.

At the moment the regulatory framework simply isn’t good enough to ensure that another new database would be secure. The sanctions that are available for punishing those who misuse personal information and break the Data Protection Act 1998 are almost non-existent. At present the most any breach will receive is a fine, there is no option for a court to hand down a custodial sentence. When compared to the financial gains that can be made through selling the information on, a, usually small, fine cannot be considered to be an effective deterrent.

Read more

Almost 3000 NHS staff’s Equality and Diversity Information Accidently Published

Posted on by Emma Carr Posted in Data Protection | 3 Comments

3797160719_337b4742e7_bSouth Central Ambulance Service has found itself on the wrong side of the Information Commissioner’s Office (ICO) after it accidentally published the Equality and Diversity information of members of staff on its website. What’s worse is that the Trust was alerted to the data breach by the ICO, rather than by someone in the Trust itself.

We have previously warned about the serious data breaches that can occur in the NHS, with our report highlighting more than 806 separate incidents where medical records were compromised. This incident shows that patients aren’t the only ones at risk of a having their data compromised by the NHS.

The ICO found that the Trust had published 2825 current and former members of staff’s personal details on its website, with information including  the individual’s name, job and work location, nationality, marital status, age, gender, ethnic origin, disability, religious belief and sexual orientation.

Read more

Calls for urgent review of Met Police’s security measures following 300 data breaches

Posted on by Emma Carr Posted in Data Protection, Police | Leave a comment

filesAn investigation by the Press Association has revealed 300 serious data breaches in the Metropolitan Police Service (MPS), including information being passed on or sold to journalists.  These revelations are likely to have a direct impact on the level of trust between the public and police, so it is essential that MPS now launches an urgent review into the security measures used for confidential and sensitive information.

With increasing amounts of information being collected by police forces, these data breaches make it clear that there is simply not enough has been done to ensure it is protected. The information held on police computers is of huge significance and for details to be disclosed, maliciously accessed or lost is completely unacceptable.

The 300 breaches, which cover a five year period, and range from minor rule-breaks on social media to serious allegations of misconduct leading to arrests. The instances include:

Read more

Police staff forced to quit after snooping on familes and lovers

Posted on by Emma Carr Posted in Data Protection, Databases, Police | 2 Comments

keyboardFrom passing on incorrect information to snooping on friends, a number of shocking data protection breaches in police forces have been uncovered. With hundreds of incidents every year it is time to start asking whether it is too easy for police databases to be abused to snoop on innocent people.

Big Brother Watch has long been concerned about the number of data breaches occurring within police forces. In 2011, we published the report ‘Police Databases: How More Than 900 Staff Abused Their Access’. The report highlighted a shocking number of data protection breaches and the subsequent limited number of punishments that were handed out. We also commented on the recent case of a police officer being charged with stealing thousands of accident victims’ details from her police force’s computer to sell to law firms.

Read more

Patients remain ill-informed about changes to medical records

Posted on by Emma Carr Posted in Data Protection, Medical Records, NHS | 6 Comments

3797160719_337b4742e7_bLast week we wrote about the leaflet that every household will be receiving from NHS England detailing serious changes to the way our medical records are shared. We warned that such a lacklustre scheme to inform the public is arguably illegal under data protection law and goes against the Government’s commitment to give patients control over their medical records.

Today, the British Heart Foundation, Arthritis Research UK, Cancer Research UK, Diabetes UK, the Academy of Medical Sciences, the Medical Research Council and the Wellcome Trust have launched an advertising campaign encouraging people not to opt out of the initiative.

Quite simply, patients should not be forced, or feel pressured, to take part in a scheme that involved sharing details contained in their medical records. Especially at a time when NHS England has failed to properly inform patients about how medical records will be shared and which organisations will be able to see them.

Read more

Police database abused by officers

Posted on by Emma Carr Posted in Data Protection, Information Commissioner, Police, Privacy | 7 Comments

keyboardWe are barely into 2014, yet we are faced with yet another serious data protection breach concerning a public sector computer. On this occasion, a police officer has been charged with stealing thousands of accident victims’ details from her police force’s computer and selling them to law firms

This case alone highlights that serious need for our courts to issue much tougher penalties for unlawfully obtaining or disclosing personal information, otherwise these cases will continue to occur.

A court has heard that Sugra Hanif accessed Thames Valley Police’s command and control computer to note down the personal details of members of the public involved in road traffic accidents, including the unique reference number each incident was given.

Read more

NHS England’s wholly inadequate leaflet drop

Posted on by Emma Carr Posted in Data Protection, Databases, Medical Records, NHS | 6 Comments

3797160719_337b4742e7_bWhen you check your letterbox for mail this morning, make sure you take a second glance because you might just miss a leaflet from NHS England detailing serious changes to the way our medical records are shared.

Last year we campaigned to ensure that patients have the right to opt-out of these changes, however, despite this victory for patient privacy, NHS England has taken the decision that if patients do wish to opt-out of sharing their medical records then they must visit their GP to do so. Given GPs are already very busy, people should not have to see their GP to opt-out of the system. It should be possible to opt-out online or over the phone, and people who opted out of previous NHS IT projects, such as the Summary Care Records, should have their choice carried over for this system.

Read more

1 2 3 4 5 6 7 8 9 10   Next »