As readers of this blog will know, the government has embarked on a programme to transform the use of data in public services. We're focusing on the use of open data, data science, fixing our core data infrastructure and developing policies and processes to ensure appropriate use of these increasingly powerful tools.
Last week we published detailed consultation proposals for new data access legislation, which cover tightly managed mechanisms for accessing data within government for specific purposes. It follows more than two years of discussion with civil society groups, and is designed to deal with some of the more challenging issues we face in society today.
Our proposals affect parts of government that sit somewhere between straightforward transactional digital services to individuals, where consent and visibility are the cornerstones of our approach, and open data which is nearly always about either inanimate things or data that has been thoroughly aggregated and anonymised.
The focus of the proposals is on how data is accessed across public services, such as government departments or local authorities. This can involve a complex landscape of different providers, but the proposals won’t sell or give away personal data for companies to use for marketing or other types of commercial gain.
Data and digital services are transforming government
There is no doubt that technology is changing how data is accessed across government. Rather than sending bulk copies of databases between departments, we now have the ability to use Application Programming Interfaces (APIs). Although APIs open up new possibilities with improved standards of control, and the ability to be clear about who has accessed what data and why, the underlying legal rules about what is possible remain.
Ministers have talked for some time about the way in which digital, data and technology in government are transforming and improving the relationship between citizen and the state. We are starting to see what this means in practice with data through our daily experience of transactional public services.
A good example is the DVLA’s view or share your driving licence information service. Through this anyone can see what vehicles they are licenced to drive, check penalty points, and with consent transfer that data to external providers, such as car insurance or hire car companies through an API. Notably, the way in which data is queried across systems in government is made explicit in this service. GOV.UK Verify, underpinned by strong privacy principles is another example.
Not all government - citizen relationships are transactional
However, the relationship between citizens and government is not always straightforwardly transactional - and so does not always fit into this model of direct user control of data. The legal changes proposed in this consultation tackle three areas where our default model - that individuals have sight of and control over data - is insufficient because of externalities that have an impact on other citizens.
The first set of changes concern the production of statistics or research about our collective behaviour. In these cases government is not interested in you as an individual, but is using data anonymously from your interaction with the state to discern a pattern of activity.
Allowing individual exemptions from aggregate research would have serious consequences for the ability to plan public services and understand what interventions work best, with subsequent data holes likely to affect more vulnerable groups.
A second area in our consultation covers crime and fraud, where there are serious impacts on others in addition to the individual in question. There are obvious conflicts of interest with a model of data control for citizens who will want to hide a pattern of malicious activity from the authorities.
Then the third area concerns a potential need for intervention where in addition to the individual’s wishes, there is also a collective public desire for action. Where data is held in different parts of government it can be hard to narrow down information to locate people. In the Troubled Families programme, for example, this created a catch-22 situation where government wanted to offer proactive services based on the consent of individuals involved, but faced legal hurdles to share data to see which individuals and families might benefit.
We need legal change to keep up with the data and digital revolutions
So the proposed changes to the law for data access are limited and fairly technical, but they are important in determining the way in which the digital and data revolution will continue to drive appropriate change.
There are good reasons why many people are concerned that the flow of data across public services is carefully controlled, and not only in relation to personal data like medical records or tax. But it is also important that on behalf of citizens, the Government is able to take some of the opportunities that better use of data offers for service improvement and cost reductions.
We have conducted an open policy making process over a number of years and sharing the thinking and early propositions has really helped improve our work. Having such a transparent process with civil society has achieved a good degree of consensus on the propositions in the consultation document, but a wide variety of voices took part and, as might be expected, there was not always unanimous agreement.
My team and policy leads from across government would therefore welcome additional feedback on these proposals, and hope we can identify further improvements from this formal eight week consultation period.