Tuesday, January 23, 2007

Citizens own their data, not the government

For the last couple of years, there have been arguments in the UK about how much personal data government departments should hold, and how they should manage it. These arguments increased recently when Tony Blair announced that existing databases, holding police records, social security files, tax information, and pensions data, would be integrated.

From Tony Blair’s perspective, this will lower costs and enable new uses for existing data. His critics say that this is yet another invasion of our privacy with potentially dangerous consequences – what if a hacker or a bad government got their hands on the information?

Both sides are correct. It makes no sense to cripple government departments with overlapping databases that don’t link to each other, especially if this means citizens having to repeat the same information to each department. But no one is convinced that there are adequate safeguards.

What’s worse, no one knows the scale of the issue. Who can tell me exactly which pieces of information the government knows about me, which departments have access to it, and what they are using it for? Until I’m told, how can I (or indeed a senior civil servant) sensibly pass judgment as to how and when the databases should be joined up?

It’s my data (and yours) in these databases – the government is holding it on our behalf. So I think I have a right to know exactly what’s in these databases about me, who has access to them, and what they’re using it for. There should be a secure website where I could conveniently check my details from all government departments, and update them as necessary.

This right of data ownership would provide the safeguards necessary for me to trust the government to join databases up.

Any time the government asks for more data, it would be immediately obvious, and it would have to be justified. Existing information should be used instead where possible. This avoids the current ‘creep’, where more and more information is held – this week the police DNA database, next week satellite car tracking – without adequate debate.

By putting citizens in control of their own information, and showing how it is used, data quality is likely to go up (always an issue with databases), and trust in government will increase (as suspicions about data usage are replaced with facts).

There’s even an opportunity for government to grant data access to external organizations, too (with my approval). For example, when I fill out a magazine subscription, there could be a button saying “get address from UK government”. Then whenever I move house, the magazine subscription is automatically updated based on UK government data. And on the government website, I could see all the external organizations that can look up my address. Providing a standard ‘user profile’ would give a massive boost to the internet economy.

The government should continue to press for efficiency and integration in its IT systems. But it should ensure that all citizens have the right to see all their data, edit it where appropriate, and find out exactly who else can see it and what they use it for.

No comments: