Government data sharing plans may breach Data Protection Act 4

Graeme Burton writes in Computing:

Cabinet Office plans to increase data sharing among government departments and other public-sector bodies will require a new “consent exemption” to legalise the sharing of sensitive personal data.

That is the view of Kathryn Wynn, a data protection law specialist and senior associate at law firm Pinsent Masons. Even with such an exception, she warns, public-sector bodies might still have difficulty justifying sharing sensitive personal data under the Data Protection Act, without first notifying the individuals concerned.

It follows revelations that Cabinet Office minister Francis Maude is planning new laws that would provide the public sector with a “fast-track mechanism” to enable personal data collected by one government department or public-sector organisation to be used by others for purposes other than those originally intended.

According to the reports, even data collected by doctors or the police could be shared with other bodies without individuals’ consent or notification. This, however, might contravene as many as four of the eight data protection principles established under the Data Protection Acts 1984 and 1998.