On 27 February 2014, a group of civil society organisations and experts met with government officials to begin to explore whether a collaborative and open policy process could be developed around the issue of data sharing within government.
The meeting was split into three sessions, with a pre-meeting of civil society organisations and experts to begin, followed by a larger meeting with government officials, and closed with a wash-up meeting of the CSOs and experts. All three of the meetings were chaired by Simon Burall, director of Involve (a charity specialised in citizen engagement and opening up decision making) who have been asked by the Cabinet Office to coordinate an open policy process (more on this below).
This meeting note sets out the key points of the discussion in each of the three sessions. To avoid repetition and aid ease of reading, related points are grouped together.
Key outcomes of the meeting
It was agreed that:
- The issue of data sharing in government could be the focus of an open policy process
- This process would need to be at least 6 months in length
- The process would lead to a collaborative document between government, and civil society and experts
- The process would start by defining what this output will be and principles for working together. A meeting would be set up very soon to begin this
- Working groups would then be established to work up specific components, which would be evaluated against the agreement established at the beginning
- In collaboration with the Cabinet Office, Involve would co-ordinate the process and civil society’s involvement within it. This role would include challenging government and civil society, and creating a space in which constructive discussions can take place
- Outreach and engagement would need to be conducted to engage a wide range of organisations, experts and stakeholders
In addition, it was discussed that:
- There would need to be transparency of government’s true intentions behind data sharing
- Evidence would need to be collected for the benefits and risks of data sharing, the impact of current data sharing arrangements, the extent to which data sharing can achieve the intended outcomes and the impact of safeguards, sanctions and governance
- Legal experts would need to be involved to assess the impact of any proposals
- Working groups could be focused on specific use cases for data sharing or on principles that should cut across all areas. If the former, it would need to be ensured that proposals form a coherent whole. If the latter, it would need to be assessed how proposals would impact citizens in practice
The first session was attended by civil society organisations and experts. Peter Lawrence, from the Cabinet Office, was present at the beginning to introduce the purpose and answer initial questions, but subsequently left.
Amanda Smith, Open Data Institute
Angela Sasse, University College London
Emma Carr, Big Brother Watch;
Guy Herbert, No2ID
Kim Vowden, National Centre Social Research
Kieron O’Hara, Southampton University
Lynne Stafford, CancerCare;
Nadine Smith, Institute for Government
Pamela Lewis, CancerCare;
Ruby Casey-Knight, NCVO
Simon Burall, Involve
Sonia Sodha, Which
Tanvi Desai, ESRC
Tim Hughes, Involve
The purpose of bringing people to the meeting was outlined by Peter Lawrence (Cabinet Office). Government is keen to explore how sharing data within government can be used to achieve a range of benefits for citizens. Proposals have been developed for a number of ways in which data could be used, but the Cabinet Office is keen to understand fully the issues and reach a balanced set of proposals. Based on the experience of developing the UK’s Open Government Partnership National Action Plan through an open and collaborative process, the Cabinet Office is keen to explore whether a similar process can be used on the topic of data sharing to ensure that there is external challenge within the policy process.
The three strands of current data sharing proposals were briefly outlined, including research and statistics; fraud, error and debt; and tailoring public services.
Simon Burall (Involve), introduced Involve’s role within the process, reporting that Involve had been asked by the Cabinet Office to coordinate civil society engagement with the project in a similar way to which it coordinates a civil society network on the Open Government Partnership in the UK.
A brief description was given by Tim Hughes (Involve) of the principles that were used to ensure that the process of developing the UK’s Open Government Partnership National Action Plan was open. This included publishing meeting invitations beforehand, allowing for remote participation, producing meeting notes, conducting conversations under Chatham House Rule, conducting wider outreach and engagement, and ensuring that appropriate time was allocated.
Points of discussion
It was questioned why those present in the meeting had been selected. It was responded that the invitation list was based on previous people that the Cabinet Office had had contact with, but that a key task will be to expand the group to cover a range of views.
It was asked whether any work had been done by the Cabinet Office to understand public attitudes. While the Cabinet Office has not undertaken any such work, it was reported that a social intelligence report on the subject is due to be published by Sciencewise shortly.
It was questioned whether by being in the room participants were accepting that it was a legitimate process, and highlighted that the assumption should not be that people are going to agree. It was responded that presence in the room was not acceptance that it was a legitimate process, and indeed that it was not clear what the process would be. This would be up to civil society to shape.
There was concern that government was attempting to reintroduce the proposals of the Criminal Justice and Coroners Bill again, but in disguised form.
It was pointed out that other groups had already been working on connected issues, including the Identity Assurance Privacy and Consumer Advisory Group. This group had already seen data sharing proposals in June and December of the previous year. A new process would therefore not be starting from a black slate and there’s a need for these activities to be joined up.
Concern was expressed that a new group of organisations was being used to validate plans already made by government.
The governance of any data sharing was pointed out to be the key issue. It was questioned whether a permissive piece of legislation was needed at all, and suggested that pilots should instead be run in a couple of areas to test the safeguards and governance.
The role of the Information Commissioner’s Office was questioned, including whether the ICO needed to be involved in discussions. However, as the Government were not proposing changes to the Data Protection Act, it was suggested that the ICO should not be affected. Any new data sharing legislation would have potentially far reaching legal impacts though, so organisations like the Law Society would need to be involved. In addition, the legal impact of new data protection legislation from the EU would need to be taken into account.
It was suggested that the benefits of sharing data are often quite concentrated, and the wider negatives to periphery groups are often not taken into account in risk/benefit analyses. It was also pointed out that those in receipt of the services supported by data sharing should be the beneficiaries, but these groups are also often most at risk from data sharing.
It was questioned whether the current policy making process represented good policy making? The following questions needed to be addressed: Has it learnt from past mistakes? Does it meet success factors? Is this the right time to be doing this? Are there strong compelling reasons? Is there a strong pressure from outside the political circle for doing this? Is there a substantive problem to solve? What is the motivation? What is the policy issue that needs to be addressed? It was agreed that more evidence was needed on what the benefits and risks are, and what works in terms of governance, safeguards and sanctions.
The appropriateness of the timeline, which was thought to be three to four weeks, was questioned – particularly considering the need to involve many more people. It was reflected on that the Open Government Partnership process to develop the UK’s National Action Plan had taken 12 months in total – to define the scope, and agree specific commitments.
It was highlighted that a sensible timeline is needed, as there have been too many examples of legislation being drafted so poorly that it needed to be done again. It was agreed that three weeks would not be long enough and that civil society should not be involved in a superficial process. It was suggested that the group should demand 6 months if it were to participate.
It was highlighted that the group needed a clear idea of what was being asked of it, in order to decide how much time was needed. But it was suggested that the group might be able to influence this, and should take forward its own proposal. A joint output, identifying the purposes, benefits, costs, risks and safeguards was suggested.
It was agreed that if the group were to be involved in the process, clear conversations would be needed upfront to agree what was going to happen, with clear principles for working together defined.
The session ended with Simon Burall (Involve) reporting that, if the group were in agreement with Involve playing the role of coordinator, Involve would be paid to do so by the Cabinet Office. He suggested that the group might want to discuss in private at a later stage whether they were in agreement that Involve should perform the role or not.
At this stage, the group was joined by officials from a number of central government departments, local governments and other public agencies.
Additional attendees (tbc)
Bob Thompson, DWP;
Charlotte Hickman, Home Office;
Claire Everitt, Leicestershire County Council;
Darren Sugg, Dept of Health;
Emma Jones, CLG;
Frances Pottier, BIS;
Graeme Thomson, Cabinet Office;
Jacqueline Riley, HMRC;
James Edmonds, ONS;
Jessica Adkins, Cabinet Office;
Julian Moss, Cabinet Office;
Kam Marshall, Cabinet Office;
Lorna Horton, Cabinet Office;
Nicola Underdown, Leicestershire County Council;
Paul Arnold, Cabinet Office;
Peter Lawrence, Cabinet Office;
Richard Lumley, Dept for Education;
Rufus Rottenberg, Cabinet Office;
Sean Rigney, Ministry of Justice;
Simon Meats, Cabinet Office;
Sophie Faber, HMT
Simon Burall (Involve), introduced his role in chairing the meeting and Involve’s (yet to be confirmed) role of coordinating civil society engagement in the process. He reported that this note of the meeting would be published, but that the meeting would be conducted under Chatham House Rules, and the meeting note would be shared with the Cabinet Office before publication.
Peter Lawrence (Cabinet Office) again introduced the purpose of the meeting to explore the potential of improved data sharing within government to achieve policy outcomes. He again introduced the three strands that the government has already been exploring – Research and statistics; Tailoring Public Services; and Fraud, error and debt – but highlighted that the purpose of involving others outside government was to understand whether this is the right thing to do and whether it is the best way to do it.
The three Cabinet Office officials leading the strands then outlined in greater detail the existing ideas and proposals that had been developed. See note circulated by Peter Lawrence.
Points of Discussion
Responses to existing proposals
The realism of some of the current proposals was challenged. It was questioned whether particular groups could easily be segmented off from the rest of the population in the case of the Tailoring Public Services strand. In addition, it was questioned whether the data to identify some of these groups (e.g. FGM victims) existed at all. It was also felt that the sharing of data to prevent, detect and combat error would be far too broad.
It was argued that the issue of public organisations perceiving there to be barriers to data sharing where there are none is not a good motivation for new legislation, and could be tackled in other ways.
It was suggested that while there may be an administrative benefit from future proofing, non future proofing isn’t necessarily a bad thing, as it can be quite a good safeguard for citizens’ privacy. It was responded that it was important from a public authority perspective as gaps and restrictions will mean that as issues or programmes change, some groups maybe excluded from services they are entitled to or need, meaning that public authorities would need to go through the process again to agree new permissions.
It was questioned whether new legislation was really needed to achieve some of the purposes, and highlighted that the range of proposals discussed was very broad. While some seem to be logical next steps, others seem to be large leaps.
It was argued that there’s a need not to see this as a case of government vs citizens, because the money being lost to fraud and error is the public’s money. Any gaps left in the system are exploited by fraudsters. It was responded that the issue was whether the same piece of legislation should be used for other purposes (e.g. tailoring public services). It was therefore questioned: A: Do we need new legislation? B: Should it be the same piece of legislation?
It was responded that part of the process would be to go through the detail, and that views from outside government were needed. It was acknowledged that the issues are contentious and sensitive, with divides in government as well. It was reported that in existing proposals there had been a deliberate attempt not to have a broad power, and the starting place had been restrictive proposals.
Thoughts on a process for developing proposals
It was questioned why there were no politicians at the meeting, as what was being spoken about had raised significant political questions about the relationship between citizens and the state. It was responded that groundwork needed to be done first to understand the opportunities and boundaries, which could be taken to Ministers, but that there was potential for political engagement at future meetings.
It was commented that it was encouraging to see the Government adopting an open policy making process for this issue, and that it was right that ministers weren’t involved at this stage. However, concern was expressed that the limited timescale would halt the potential of the open policy process.
It was commented that there needed to be more information on what the evidence for data sharing is and on the extent to which safeguards work. It was highlighted that government needs to both be able to present evidence of loss from fraud, and that this can be solved through data sharing.
It was suggested that proposals needed to be piloted before being applied across the board, and that this would build up the evidence base.
Concern was expressed about what the purpose of the process was, particularly considering there have been previous conversations with Cabinet Office about privacy principles.
It was commented that influencing the process itself was a key point of an open policy process.
It was reported back that nobody in the earlier session felt that 3 to 4 weeks was enough time to reach an output, and so the group would not be willing to engage in such a short process. There would need to be at least 6 months to ensure that the right people were involved.
It was proposed that a collaborative document could be worked towards that outlined the benefits, costs, risks and safeguards, and drew out where there was disagreement as well as agreement.
A 3 stage process was proposed of:
- Defining how we are going to work together – including: what would a document need to look like and what are our principles for working together – against which we can judge the process at the end
- Detailed work on components – with working groups taking on responsibility for exploring various issues
- A check of whether what’s produced fits with how we said we’d work
In response to the suggested process, it was commented that it would be positive from governments point of view as there was no point government developing something by itself that gets nowhere. If something could be developed in 6 months that could go somewhere, then it would be worth doing.
On the other hand, it was argued that if six months were devoted to the discussion, then x amount of money would be lost during this time through fraud. In response, it was countered that the risk of going quickly is that the proposals get rejected by the public, which would cost more time. Government needs to both tackle fraud and protect citizens data. It was questioned whether for some issues (e.g. fraud) there may be a case for separating them off, rather than keeping as one package.
It was highlighted that there needed to be a balance of different views involved in the process, including local practitioners, legal specialists, SMEs and other stakeholders. It was commented that data sharing is an enabler for other government programmes and so there’s a need to be mindful of the impacts on those programmes.
It was questioned what civil society’s role would be, and responded that that was up for discussion. Civil society could be involved in discussion on the three pre-existing strands, or groups could be set up on more cross cutting issues (e.g. de-identified data, safeguards). There was an opportunity to cut the issue in a variety of different ways.
There was some discussion over at what level the issue should be explored – principles that could be applied across multiple areas or specific use cases. It was highlighted that there was a challenge of getting a grip of what this will look like in practice, at the same time as breaking it up thematically. It was suggested that a focus on the detail of specific uses would best show the effect on citizens.
However, it was also highlighted that it’s important that the different strands do not end up contradicting each other when it comes to application, which would be a potential risk of cutting the conversation by issue, rather than principles across issues.
It was commented that there is a risk that splitting into smaller groups will mean that not all perspectives would be included in each. It was agreed that all those with an interest would need to be able to be involved. Clear statements of purpose for each meeting would support this.
It was also highlighted that there’s a need to be mindful of what’s already been done, particularly drawing upon the work of the Identity Assurance Privacy and Consumer Advisory Group.
It was agreed that – assuming a much longer timeframe was agreed to by Ministers – that there was space to have a conversation on the issue and develop a collaborative product.
A three stage process would be carried out, with stage 1 agreeing:
- What it is that will be collaboratively developed
- At what level the issue will be addressed (e.g. specific proposals or principles)
- Whether items will be split off
- How government, civil society, experts and other stakeholders will work together
- What working groups will focus on
- Who else needs to be involved and how we engage them
- When and how Ministers and other political parties are involved
In stage 2, working groups would to develop the output for their specific component.
In stage 3, the full group would come back together to sense check what’s been developed, and ensure it matches what was agreed in stage 1.
Following the meeting with government officials, the CSOs and experts met to reflect on what had been discussed and agreed.
It was again questioned whether the same piece of legislation should be used for empowering citizens and saving money, and whether some proposals were politically motivated ahead of the next election (e.g. on fuel poverty and troubled families).
It was highlighted that there’s still a need to determine the level of commitment needed from CSOs and stakeholders, particularly those outside London and without funding to engage with this type of activity. It was commented that teleconferencing facilities could be provided, but also that there is a case for exploring whether funding could be provided for key organisations to engage.
It was agreed that the next meeting should be about the process and what should be tackled – understanding the parameters of the conversation. The group would also need to think about its governance, including whether to have a smaller steering group.
The role of the coordinator would be to challenge both government and civil society, and create a space for a constructive conversation to happen.
It was questioned who else needed to be in the room. It was suggested that the government should be asked to provide legal support to the group in order to ensure the legal implications of any policies are well understood. The group also felt that other privacy groups should be involved, as well as other civil society organisations. It was suggested that organisations might be identified through NCVO’s network. Academics were also suggested as a key group to involve, including those working with particular groups that the government wishes to target and those working on data and statistics.
It was highlighted that not all organisations or experts would necessarily need to be engaged in the process throughout, but could be pulled in by the core group at key points that required their expertise.
It was questioned where organisations like research councils fit, as they’re neither classed as civil society nor government. It was agreed that they should be involved in the group as they have an important perspective.
It was agreed that more transparency was needed on the intended purposes of data sharing (e.g. whether the true driver was to restrict services), and that this would need to be unpacked at an early stage.
It was suggested that there was a need to work on overarching principles for data sharing at the same time as specifics of particular proposals.
The issue of evidence was raised again, and the need to unpick what the evidence is, tease out the stories and determine whether the problems are really data sharing problems. It was suggested that three types of evidence are needed:
- On the costs and benefits of data sharing
- On the extent to which the status quo is/is not working
- On whether the proposals and safeguards will work
It was questioned whether the scope included data sharing on individuals and organisations, as this would have implications on which stakeholders needed to be involved.
The issue of future proofing was raised again, with concern that it might lead to powers becoming overstretched (as has been the case with surveillance powers). People want to know exactly who has data and for what purpose its being used. Concern was expressed that any legislation being put in place are evaluated regularly. It was suggested that this might require a joint Parliamentary committee and/or a new monitoring organisation being established. It was also suggested that the process itself should not be static, but rather be ongoing and organic – monitoring the implementation and evaluating the effects of the changes.
Finally, the issue of whether Involve was the right organisation to conduct the coordination role was raised by Simon Burall (Involve), with the suggestion that the group might want to discuss this in private. However, this was felt not to be necessary with the group being happy for Involve to perform the coordination role.