Migrants’ Data Rights Under Attack

If you are a migrant in the UK, asylum seeker, refugee or working on this issue, you must read this carefully. The new Data Protection and Digital Information Bill (DPDI Bill) is returning to parliament for its second reading; the changes in DPDI Bill will:

1. More Home Office Powers

Give the Home Office the power to repurpose the use of migrants, refugees and asylum seekers’ data to be used beyond what they consented to or expected, such as for immigration enforcement purposes or sharing data with their home country’s authorities, immigration authorities, without the need for explicit consent or a thorough assessment of the risks involved.

2. Fewer Safeguards

Eliminate the need to carry out a “balancing test” to weigh the interests and impact of data processing on the individuals. That would put migrants, refugees, and asylum seekers’ safety at risk if government agencies or other organisations used this to require employers, landlords, general practitioners, and any other private entity to hand over migrants’ data for various purposes, such as immigration enforcement or border security.

3. Less Scrutiny

Give organisations the power to refuse to act upon a data rights request, which will cause a chilling effect on the migrants, refugees and asylum seekers as vulnerable groups regarding exercising their right to request in such a hostile environment.

4. More Abuse

Remove the requirement to appoint a UK representative in overseas organisations. Potentially this will put migrants, refugees, and asylum seekers’ digital rights at risk, as they would have less recourse if their data were mishandled or misused by a foreign company.

5. Lack of appeal

Enable the government to use AI and algorithms to make life-changing decisions and deprive migrant workers, refugees and asylum seekers the right to know the reasoning behind these decisions or to appeal them.


The Data Protection and Digital Information Bill will worsen the existing power imbalances of migrants over their data.

Read the briefing

6. Data Discrimination

Waive the need for consent for cookies, exposing the personal data of migrant workers, refugees and asylum seekers to targeted advertising. That could lead to discriminatory practices that exclude them from specific jobs, services, and housing based on their legal status, race, sex, or ethnicity.

7. Data Laundering

Authorise the international transfer of personal data to countries without proper laws or safeguarding procedures for data protection rights. The UK government could authorise transfers of migrants, refugees, or asylum seekers’ data to their home country or other countries without adequately considering how this data could be weaponised against them.

8. Political Interference

Weaken the role of ICO and prevent them from acting to benefit people’s interests, and give the UK’s government more power to set the strategic priorities for data protection. ICO will become subject to political influence and pressure, which could compromise its ability to act independently and enforce data protection laws effectively.

9. Less Oversight

Replace the requirement to nominate a ‘data protection officer’ (DPO) with an appointed ‘senior responsible individual’ (SRI), which would affect the creditability, independence, and neutrality of the officer.

What you can do


Write to your MP urging them the need of UK’s government to drop this Bill.

Take Action