In what is becoming an ever more regular occurrence for the NHS, it has been reported that the East Midlands Ambulance Service has lost a disk containing the notes of 42,000 patients’ who had been treated by paramedics in the last few months.
This incident once again underlines the dangers of organisations holding increasing amounts of personal information about individuals both electronically or in paper format. It seems obvious that the greater the amount of information that is held in one place, the more likely it is to go missing, either by accident or as the result of a deliberate breach. Indeed, just last week Kent Social Care Professionals unintentionally sent out an email containing the names, addresses and phone numbers of 120 elderly and vulnerable individuals to nearly 200 people.
Accidental leaks such as this make the need for proper data protection training amongst staff painfully apparent. If an organisation knows that it is going to hold large amounts of personal information, about staff or customers, it should ensure that its employees know their responsibilities under the Data Protection Act 1998 (DPA). Of course this cannot help to stop those who wish to purposely breach data protection law. This can only be achieved by improving the sanctions that are available to punish those who seek to misuse personal information.
The Edited Electoral Register (EER) has come under fire in the past few weeks, with a series of reports indicating that the Register is proving to be more trouble than it is worth. To add fuel to the fire, the Local Government Association (LGA) has called for the sale of the EER to be stopped and the register itself to be scrapped.
Councillor Peter Fleming, Chair of the LGA’s Improvement Board has hit the nail on the head with what is wrong with the EER, arguing that councils resent having to pass “the electoral roll onto direct marketing companies”, continuing that “it demeans our democracy for the voters’ details to be sold off to help direct marketing companies make money.”
Indeed, one of the main problems with the EER is that it is of benefit to no one but the very marketing companies that purchase the data. In fact it is especially troublesome for residents who find themselves being deluged with junk mail due to their councils being forced to sell it on.
A single case has managed to combine all that is worrying about the way in which local councils carry out traffic enforcement. The story, reported in the Daily Mail, showed that after being caught on CCTV a driver was subsequently tracked down by bailiffs using a combination of mobile Automatic Number Plate Recognition (ANPR) and their access to the DVLA database.
The use of CCTV for handing out traffic fines is something that has raised concerns from a number of sources, for example Eric Pickles, Secretary of State for Communities and Local Government, who accused councils of “bending the law as a means of filling their coffers with taxpayers’ cash.” The Surveillance Camera Commissioner (SCC) also published guidance on this practice, stating that cameras should only be used “when other means of enforcement are not practical”.
Research by Big Brother Watch (PDF) has highlighted that the use of static CCTV to tackle parking and traffic violations has proved lucrative for local councils, bringing in over £179m in 5 years. This reinforces Eric Pickles’ concerns that CCTV cameras are in fact being used to raise revenues, rather than actually improve traffic conditions.
Just months before Big Brother Watch’s fifth anniversary, we can today announce the new leadership team, following the departure of Nick Pickles, who left the campaign in May to join Twitter as UK Public Policy Manager.
Emma Carr is to take up the role of Director, whilst Renate Samson is to become Chief Executive.
Emma Carr joined Big Brother Watch (BBW) in February 2012 as Deputy Director and became Acting Director in May 2014. Over the course of the last two and a half years Emma has worked hard to challenge policies that threaten our civil liberties, privacy and freedom: making an active contribution to the organisation’s research, frequently appearing on national and international television and radio programmes, and actively spreading the ethos of the organisation at conferences around the world. As BBW’s new Director, Emma will be overseeing BBW’s research, media and campaigns. Emma takes up the post of Director with immediate effect.
Joining Emma is Renate Samson in the new role of Chief Executive, in which she will oversee BBW’s operations, parliamentary outreach and new projects. The first of these will be a new educational outreach programme, designed specifically for those in higher education. Further details about this project will be announced in due course. Renate has spent the past four years as Chief of Staff to David Davis MP, working on every major civil liberties debate during this Parliament. She comes to BBW with a wealth of contacts and knowledge which will be vital as the campaign expands over the coming years. Renate will start later this year, after the party conference season.
BBW’s researcher, Daniel Nesbitt, will also be taking on the role of Research Director. Daniel has been with the campaign for eighteen months, during which time he has produced a high calibre of research and started appearing as a spokesperson for BBW in the media.
We will also be looking to recruit a new member of staff later in the Autumn, which will be advertised to the BBW mailing list, and elsewhere.
If the UK is serious about conducting a proper debate on mass data collection and surveillance transparency, they would do well to take note of the issues raised in Foreign Intelligence Surveillance Court (FISC) documents recently released by the US. In a redacted, 117-page document [PDF], FISC Judge John Bates heavily criticised the NSA’s repeated ‘overcollection’ of data, stating that:
“The government has said nothing about how the systematic overcollection was permitted to continue, [redacted]. On the record before the court, the most charitable interpretation possible is that the same factors identified by the government [redacted] remained unabated and in full effect.”
Alarmingly, not only was too much data collected but, as Judge Bates also highlights, it “included some data that had not been authorized for collection.” The document shows that the agency struggled to collect metadata – the who, when and where – without also collecting information such as the content. (For more information about metadata you can read our briefing here)
Finally clarifying what was already widely accepted, a publication by the Information Commissioner’s Office (ICO) has confirmed that surveillance legislation is “complex”. “Surveillance Road Map” (PDF) seeks to set out the responsibilities of each body tasked with overseeing the laws that govern surveillance as well as highlighting some of their overlapping functions.
One of the aims of the guidance is to show members of the public “the avenues available to challenge or complain about any alleged breach of surveillance legislation”. Whilst this is a laudable aim it misses the real problem: that in too many cases roles are unnecessarily duplicated.
One prime example is of the Surveillance Camera Commissioner (SCC) and the ICO. The guidance states that the two bodies’ CCTV Codes of Practice “dovetail”; in fact they repeat each other. There is no reason for both bodies to be responsible for CCTV oversight. As the document points out the SCC has no “complaints handling or enforcement function”. Action should be taken to rectify this, as a result the SCC could be made responsible for a single, enforceable Code of Practice and the ICO would be able to focus more attention on its other functions.
The patient-doctor relationship is the bedrock of the NHS, where patient confidentiality and trust in that system must be constantly maintained. Failure to maintain this trust could have devastating consequences for both individual patients and the NHS as a whole, which is why we are concerned that Greater Manchester Police has said that it wants direct and regular access to medical records.
In an interview with The Guardian, Sir Peter Fahy, the Chief Constable of Greater Manchester Police, has said that “we could do a better job if we have greater access to information, which it is currently hard for us to get.”
Public bodies do not have a great track record on data protection and as sharing private information around more public bodies only increases, so does the risk that it will be leaked, lost or otherwise revealed. Big Brother Watch has previously drawn attention to the scale of data breaches in reports such as Local Authority Data Loss and NHS Breaches of Data Protection Law. Specifically on the subject of medical records we have given evidence to the Health Select Committee (pdf) on the flaws in the proposed care.data scheme.
In a victory for transparency, the Government has announced that from today members of the public and journalists will be able to film and report on all public meetings held by local councils in England.
The Openness of Local Government Regulations 2014, signed into law by the Communities and Local Government (DCLG) Secretary Eric Pickles, will allow citizens to use 21st Century techniques such as tweeting and blogging to report on council meetings. It will also allow them to view material relating to some decisions made elsewhere by officers acting under a “general or specific delegated power”.
The move to update the law follows attempts by DCLG to use non-legislative methods, including the publication of guidance which explicitly confirmed that members of the public could overtly film council meetings. Sadly some councils chose to ignore this step.
You may remember the now infamous “ring of steel” system of ANPR cameras that was placed around Royston, which was ruled to be unlawful by the Information Commissioner’s Office (ICO). A year on from that ruling, figures have been published which show that since Hertfordshire Police was forced to dismantle the system there hasn’t been a sudden and uncontrollable outbreak of lawlessness and crime.
Crime statistics, recently released by Hertfordshire Police, show that between April and June 2013, when the ANPR system was still in place,172 crimes were committed. When comparing this to the same period in 2014 it turns out that 171 crimes were recorded, a drop of 1.
The scheme originally involved the position of ANPR cameras in such a way that it was impossible for motorists to drive in or out of the town without being filmed. In July 2013, the ICO ruled that the Police had failed to carry out “any effective impact assessments” whilst commenting that “it is difficult to see why a small rural town … requires cameras monitoring all traffic in and out of the town, 24 hours a day”.
With Police forces around the UK conducting trial schemes and roll outs of body worn cameras (BWCs), we have created a briefing on the use of the technology which can be viewed here (pdf).
The largest trial has taken place within the Metropolitan Police Service, beginning on 8 May 2014 and seeing the distribution of 500 BWCs to officers in 10 London boroughs in an aim to repeat the success of a similar scheme in Rialto, Los Angeles. The £815,000 trial scheme will see the distribution of BWCs to police officers in Barnet, Bexley, Bromley, Brent, Camden, Croydon, Ealing, Havering, Hillingdon and Lewisham. The MPS and Ministers believe that the pilot will show whether or not BWCs will boost accountability, improve the accuracy of evidence and speed up convictions.