A report that suggests a quarter of public sector databases are illegal under human rights or data protection laws has been criticised for inconsistencies and a lack of evidence.
Database State was published this week by the Joseph Rowntree Reform Trust. The report assesses 46 databases across major government departments and suggests ten – including the national DNA database (NDNAD) – should be “scrapped or substantially redesigned”.
The report was criticised by Peter Neyroud, the chief executive of the National Policing Improvement Agency (NPIA), which manages the main police databases. Mr Neyroud said: “The report contains a number of inaccuracies and contradictions. It fails to mention the Police National Computer at all and gives a green light to the fingerprint database despite the fact that fingerprints are taken on the same premise as DNA, whose database gets a red light.
“Had the NPIA been consulted, we would have been happy to assist but we were not asked. I am afraid the report contains very little or no evidence on which to base its findings.
“The NDNAD detects a disproportionate number of serious crimes and to suggest that it should be scrapped is ludicrous.”
The NDNA database has previously been condemned by the European Court of Human Rights. The report criticises this and other, what it refers to as “red systems”, for contravening human rights and data protection laws. Such databases collate sensitive personal data and in some cases do so without consent or a proper legal basis.
Home Secretary Jacqui Smith rejected the claims made in the report that a quarter of major public sector databases could be illegal and announced that the Government is in the process of drawing up proposals to end the blanket retention of DNA samples from the NDNA database.
Other “red light” databases included:
nThe NDNAD holds DNA profiles for approximately four million individuals, including more than 39,000 children. Over half a million of those on this database have not been convicted, reprimanded, given a final warning or cautioned, and have no proceedings pending against them.
nThe National Identity Register, which will store biographical information, biometric data and administrative data linked to the use of an ID card.
nThe Audit Commission’s National Fraud Initiative, which collects sensitive information from many different sources and under the Serious and Organised Crime Act 2007 is absolved from any breaches of confidentiality.
Amber databases were those deemed to have significant problems or be unlawful. Automatic Number Plate Recognition (ANPR) systems and the Schengen Information System (SIS) were among the 29 that fell under this category.
The SIS is a European police database that lists suspects, people to be denied entry to Europe and people to be kept under surveillance. It is due to be replaced with an updated SIS-II which will also store biometric data such as fingerprints.
Others included:
•The NHS Summary Care Record, which will ‘initially’ hold information such as allergies and current prescriptions, although it could develop it into a full electronic health record that will be available nationally.
•The National Childhood Obesity Database.
•The National Pupil Database, which holds data on every pupil in a state-maintained school and on younger children in nurseries or childcare if their places are funded by the local authority. It is planned to share this data with social workers, police and others.
•The Customer Information System of the Department for Work and Pensions, “one of the largest databases in Europe”. It makes 85 million records available to 80,000 DWP staff, 60,000 staff from other government departments, and 445 local authorities.
The Trust recommends that these databases be subjected to independent assessment to identify and prioritise necessary changes.
The Ministry of Justice has criticised the report for a lack of “substantive evidence” on which it bases its privacy impact assessments, but said it will take heed of the recommendations.
A spokesperson said: “Delivery of efficient public services and effective public protection are key functions of government.
“The Government can and does fulfil these responsibilities whilst never losing sight of its obligations under the Data Protection Act and the Human Rights Act.”
Liberal Democrat Shadow Home Secretary, Chris Huhne described Database State as a “damning” report which “exposes the Government’s obsession with hoarding our personal information”.
“In their desperation to track our every move, ministers have created a glut of databases, many of which are quite simply illegal,” he said.
Only six databases, including the National Fingerprint Database, were deemed broadly in line with law and “proportionate and necessary”.
Recommendations made in the report include the need for an ‘opt-in’ rather than ‘opt-out’ policy and that sensitive, personal information should only be collected and shared with the subject’s consent. The trust also proposes that citizens be given the right to access most public services anonymously.
“Many question the consequences of giving increasing numbers of civil servants daily access to our personal information,” states the report.
“Objections range from cost through efficiency to privacy. Over two-thirds of the population no longer trust the Government with their personal data.
“All of these systems had a rationale and purpose. But this report shows how, in too many cases, the public is neither served nor protected by the increasingly complex and intrusive holdings of personal information invading every aspect of our lives.”
The Home Secretary has said she wants “open and reasoned debate” about the issues highlighted, and that efforts must be made to remain committed to ensuring law enforcement agencies have the right tools to protect the public, while undertaking “effective safeguards and a solid legal framework that protects civil liberties”.
A Home Office spokesperson said: "We recognise the absolute necessity of striking the balance between the rights and privacy of the individual and the ability to disrupt, prevent and investigate crime effectively.
“That is why the Home Secretary has made clear that a "common sense” test must be applied to every action in this area to make sure it is proportionate, transparent and robust safeguards are in place.”