Data Sharing is Good, Right? Or is HM Gov Evil?

I made a couple of soft resolutions to myself at the start of this year, one of which was to try to take more interest in policy matters, particular in areas that impact upon the web and “information”. But I suspect that getting my head round the implications of proposed new legislation is going to be non-trivial.

For example, the MySpace generation believes that sharing personal information in public is the thing you do, right? But what about when government agencies can freely share your personal data between themselves.

Becuase it seems that Her Majesty’s Government also seems to think the naive MySpace generation way… A couple of days ago, the Coroners and Justice Bill was introduced to Parliament containing a proposed amendment to the Data Protection Act:

152 Information sharing
After section 50 of the Data Protection Act 1998 (c.29) insert—
“PART 5A INFORMATION SHARING
50A Power to enable information sharing
(1) Subject to the following provisions of this Part, a designated authority may by order (an “information-sharing order”) enable any person to share information which consists of or includes personal data.

(3) For the purposes of this Part a person shares information if the
person—
(a) discloses the information by transmission, dissemination or otherwise making it available, or
(b) consults or uses the information for a purpose other than the purpose for which the information was obtained.”

I’m not sure what this might mean in practice (if you can think of any scenarios, please post them as a comment), so I’ll try to keep an ear out for what examples are given by Members when the Bill goes through its readings.

It seems, though, that there are “Explanatory notes” that explain the intention behind some of the proposals: Explanatory notes (Clause 152: Information Sharing):

691. Section 50A(1) creates an order-making power to enable a person to share information that consists of, or includes, personal data. The power is conferred on a designated authority. “Designated authority” is defined in new section 50A(2) as the Scottish Ministers, the Welsh Ministers, a Northern Ireland Department or an appropriate Minister. Section 50C determines when each of these designated authorities is entitled to make an order. An order under section 50A is known as an information-sharing order.

692. New section 50A(3) sets out the definition of data-sharing for the purposes of this section. Sharing in this section includes both the disclosure of data between two or more persons (such as when one company provides its client list to another company for commercial purposes), as well as where a single person uses some data for a purpose other than that which it was obtained for (for example where a Government Department obtains information for the purposes of exercising one particular statutory function such as the collection of tax but then later wishes to use the same information for another statutory function such as the provision of benefits and credits).

Here’s a bit more from the introduced Bill itself:

50B Information-sharing orders: supplementary provision
(1) An information-sharing order may—
(a) confer powers on the person in respect of whom it is made;
(b) remove or modify any prohibition or restriction imposed (whether by virtue of an enactment or otherwise) on the sharing of the information by that person or on further or onward disclosure of the information;
(c) confer powers on any person to enable further or onward disclosure of the information;
(d) prohibit or restrict further or onward disclosure of the information;
(e) impose conditions on the sharing of information;
(f) provide for a person to exercise a discretion in dealing with any matter;
(g) enable information to be shared by, or disclosed to, the designated authority;
(h) modify any enactment.

Now I’m not a lawyer, and I don’t speak Legislation, but what do paragraphs b and c mean exactly? In “real terms”? And how do they operate differently to g? Read them again… go on… read them…

(And “confer powers”? WTF? Like Heroes, or something?! Heh, heh… but seriously, folks, how far does that “powers” word unpack…?)

And some more:
(1) An information-sharing order may—
(b) remove or modify any prohibition or restriction imposed (whether by virtue of an enactment or otherwise) on the sharing of the information by that person or on further or onward disclosure of the information;
(c) confer powers on any person to enable further or onward disclosure of the information;

(g) enable information to be shared by, or disclosed to, the designated authority;

Paragraph f looks to me (but what do I know?) like a get-out/escape clause, if “exercise a discretion” means “I’ll do what the f**k I want” (which is how I’d naively translate it? Maybe a lawyer could correct my interpretation (“I’ll do what the f**k I want if I can bully or bluster you into believing I had a good reason at the time”, maybe?)

Here are the “explanatory notes“:

697. New section 50B of the 1998 Act makes supplemental provisions in relation to the information-sharing order powers in section 50A, and includes a non-exhaustive list of the kinds of provisions that may be included in an order under section 50A. New section 50B(1) provides that an order may remove or modify any legal barrier to information-sharing. This could be by repealing or amending other primary legislation, changing any other rule of law (for example, the application of the common law of confidentiality to defined circumstances), or creating a new power to share information where that power is currently absent. This section also provides for the conferral of powers on particular persons, the imposition of prohibitions and restrictions upon disclosure or sharing, and the provisions of a power to allow persons to exercise a discretion in dealing with such matters.

When popular websites changes their terms and conditions, it sometimes hits the blogosphere. But we have to remember that the web isn’t for everyone, and that most people don’t use the web as aggressively as do most OUseful.info readers. But if you live in the UK, the above “terms and conditions” could well apply to you one day soon. So maybe we should be taking more of an interest? (Or maybe y’all do, and it’s just me who’s late to the party…?)

One way forward might be if we encourage the growth of initiatives like the following (reviewed here) by making use of the resources provided and adding our own commentary/contribution to the discussion, as well as airing these matters in a wider forum than the Westminster village?

which leads to a page of White Paper Resources for Media and Bloggers. Resources that us bloggers can use to build a post around (remembering, of course, who actually produced the resources…), or at least that will act as a starting point for developing an understanding of what the government thinks it’s trying to achieve with yet more legislation. (See also: New Opportunities – Goevrnment 2.0 sites.)

(Remember also the reach out into the blogosphere by the debate on the future of Higher Education? We all got involved, right? Err….)

Anyway, anyway, if Tesco Clubcard’s T’s and C’s included the “data-sharing” provisions outlined above, would you be any more or less concerned?

Nah, probably not; who cares anyway…?!

PS if you do want to follow the Bill along, you can track its progress here:
Coroners and Justice Bill 2008-09: Progress of Bill including links to debates

I didn’t notice an RSS feed, though? If I get a chance, I’ll try to put one together over the weekend… (although, arguably, doing it now would be more useful – and more timely – than revising online course materials (for a deadline I’ve already missed) that go live to students for the first time in, err, March 2010, I believe?!;-)

Author: Tony Hirst

I'm a Senior Lecturer at The Open University, with an interest in #opendata policy and practice, as well as general web tinkering...

5 thoughts on “Data Sharing is Good, Right? Or is HM Gov Evil?”

  1. I’d say ‘not evil’ but (i) inclined towards flexible solutions with plenty of wiggle-room; and (ii) not all that great at transparency.

    Happily, that’s why civil servants don’t get to approve laws, but it also means that we need plenty of help and prodding to get the issues in front of interested citizens and politicians so they can get properly informed and sift the good ideas from the bad…

  2. @steph My take on evil, in the sense of “is Google/Tesco/Dunnhumby/HMG evil?” is (as Ray B2fxxx Corrigan pointed out to me) is more accurately shorthand for “is there the potential to do evil?”.

    That is, notwithstanding the fluff we_would_never “guarantees” that are made in advance of a law being passed (we will ensure there are full controls in place etc etc), are the laws/Ts & Cs constructed in such a way that we can imagine a malicious or malevolent agent acting within the letter of the law, yet still go beyond any intended ‘acceptable’ course of action that the lawmakers sought to “frame”, limit or restrict in their drafting of the law.

    If the answer to any query of the “could this Bad Thing happen in this situation?” type is “well, yes, I suppose you could do that, legally, but we would never…” my answer would be “well someone might and it would be YOUR fault…”

    – They came first for the … –

Comments are closed.

%d bloggers like this: