The Database State report — the first ever comprehensive study of the area — showed that public sector databases, such as the DNA Database and ContactPoint, are out of budgetary and regulatory control.
Billions of our most personal details are stored in and have leaked from databases that are not fit for purpose. These data caches typically harm those they are intended to benefit, including society’s most vulnerable groups.
The possible solutions and underlying drivers for these problems were debated in a series of seminars convened in November 2009. These resultant briefings summarise the discussion to encourage further engagement with Parliamentarians and key decision makers.
These key principles were proposed and, broadly, accepted as necessary for future public sector IT projects:
- Minimise data: collect only what is needed, and keep it no longer than necessary. Central systems should be simple and minimal and hold sensitive data only when both proportionate and necessary;
- Share data only where proportionate and necessary: Government should only compel the provision or sharing of sensitive personal data for clearly defined purposes that are proportionate and necessary in a democratic society;
- Give subjects ownership of their data: By default sensitive personal information should be kept on local systems and shared only with the subject’s fully informed consent;
- Build for anonymity: Citizens should have the right to access most public services anonymously.
What you can do now
MPs and their staff should read the reports linked below and follow-up by getting in touch with privacy advocates. We would be very happy to hear from you.
Everyone who is concerned about their privacy in the digital age should read these reports too. You should also join our email list to hear about positive actions and consider becoming a supporter of our work.
Click through for more detailed reports.
- Health and personal data pdf briefing
- Law enforcement and personal data pdf briefing
- Transport and personal data pdf briefing
- Children and personal data pdf briefing