Close ☰
Menu ☰

Commons Select Committee review the future of personal data

Posted on: Monday 15th of August 2011

With cost savings firmly in their sights, the UK Government are paving the way for a wave of new services built around the individual and their data. There is a recognition by the House of Commons Public Administration Select Committee that by enabling individuals to manage their own data Government in its various forms will create huge efficiency savings and improve the quality of the services offered through improving the quality of the data about the individual. In itself this is a massive opportunity for the UK to improve it’s economy but when you add to that the fact that this will pave the way for new services across all sectors by addressing  questions about identity, security, privacy and legal constraints the opportunity becomes enormous.

The relevant sections are below: See the full report  here “Government and IT — “a recipe for rip-offs”: time for a new approach”
Conclusions and Recommendations:

29. Giving control of personal data to the individual has the potential to improve data quality while reducing both costs and risks. Individuals are used to controlling their own data with private sector companies, such as Amazon and with utility companies.

Moving to a model where the citizen maintains their own personal data with an independent, trusted provider and then can choose whether to authorise the sharing of that information with other organisations is an ambitious vision that will need to be trialled extensively. We also recognise that there may be legal constraints and concerns about privacy which could act as a barrier to implementing such a radical reform. We therefore recommend that the Government, working with the Information Commissioner, review potential barriers to the personal data model and explore the ways in which this model could best be developed. (Paragraph 156)

30. We welcome the work being done to create an integrated identity assurance trust model for simplifying access to Government services. We suggest that Government consider integrating this work with the personal data model. This could represent an important step, placing responsibility and control of personal data with citizens in their interactions with public and other online services. (Paragraph 157)

The section of the full report that it refers to:

148. We also heard of a more radical and transformative  approach being piloted by the London Borough of Brent. This system provides individuals with a secure, online personal data service run by an independent community interest company [Mydex] which enables the individual to enter and maintain their own personal data in one place. When they want to interact with an online council service, they can authorise the release of relevant personal information from their personal data store.

149. This approach enables citizens to maintain their personal information in one trusted place with every organisation they engage with online. The Council also benefits from knowing that it is dealing with up-to-date information. If the current pilot proves successful, the Council hopes that it will be able to remove many of its duplicated data systems, thereby reducing cost and risk whilst also delivering a better quality service.

150. Letting the individual maintain their own personal data can help ensure cleaner and more reliable records and reduce duplication. It also puts individuals in control, allowing them to authorise the appropriate flow of personal information to and between relevant organisations. For example, an individual could obtain  online proof  from the DVLA regarding their ownership of a vehicle and then use that proof to confirm to a local authority their eligibility for a resident’s parking permit. Even this process could be largely hidden from the user, with automated verification and checking completed electronically whilst they are online, making the whole process potentially as simple as pressing a few onscreen buttons to authorise the data exchange.

151. There are a number of challenges to adopting such an approach. It would require a major change of approach shifting the focus of service design away from public authorities and towards the citizen. Departments and other organisations would also need to assess the technical changes necessary to integrate input from individuals into existing services. The

Government would also need to examine the costs of such a change carefully and consider how it would be implemented in practice.

152. This must be balanced against current legal obligations. The Data Protection Act 1998 governs how the personal data of identifiable living people are processed and stored. It places a number of constraints on how long data can be stored for, what data can be used for, how information can be shared between different organisations, and how data are kept

secure.

153. Not all citizens are comfortable with or able to use online services. Government will have to consider how to engage with this group and make alternative offline access to information available. This is a problem affecting any attempt to migrate provision to an online environment and is work the Government will need to embark on anyway if it intends to realise its vision of having all public services become “digital by default”.

154. The Government is already developing an updated model of identity assurance – how users verify who they are – to streamline the way in which citizens can log into online Government services.

155. The Minister emphasised that by doing this the Government would not be creating “a kind of national database”,

156. Giving control of personal data to the individual has the potential to improve data quality while reducing both costs and risks. Individuals are used to controlling their own data with private sector companies, such as Amazon and with utility companies.

Moving to a model where the citizen maintains their own personal data with an independent, trusted provider and then can choose whether to authorise the sharing of that information with other organisations is an ambitious vision that will need to be trialled extensively. We also recognise that there may be legal constraints and concerns about privacy which could act as a barrier to implementing such a radical reform. We therefore recommend that the Government, working with the Information

Commissioner, review potential barriers to the personal data model and explore the ways in which this model could best be developed.

157. We welcome the work being done to create an integrated identity assurance trust model for simplifying access to Government services. We suggest that Government consider integrating this work with the personal data model. This could represent an important step, placing responsibility and control of personal data with citizens in their interactions with public and other online services.