Category Archives: Updates

Read the External Advisory Group Report

We are happy to share with you the External-Advisory-Group-Report.

The document outlines process and outcome of the Consultation Workshop on 9th May 2016. As a result of discussions during the day, the Terms of Reference of the Group changed. This report documents these changes and the reasons behind it, and sets out a list of key recommendations for the analysis of responses to the Better Use of Data in Government Consultation (29 February 2016 to 22 April 2016)

(Minor editorial corrections to External Advisory Group Report on 19/07/2016)

The Consultation is now closed – Here the next steps for the weeks ahead:

April 22nd was the final day to submit a response to the Better use of data in government consultation. The Cabinet Office are now in the process of analysing the feedback received.

The Quality Assurance Group has provided their input to a first draft of the approach to the analysis. On the 9th of May the group will meet for a full-day workshop to review the approach taken. Their statement and the discussion points from the day will be captured by Involve in the form of a report.

The final report from the group will be published on this website on the same day as the official consultation analysis.

Update on the Quality Assurance Group

The Cabinet Office decided to open up the government’s analysis of the responses to the Better use of data in government consultation to external review. To carry out this review, Involve has established a Consultation Quality Assurance Group and a quality assurance process under which the review will be carried out.

We are pleased to announce that we received ten nominations to sit on the Quality Assurance Group, and accepted eight of those nominations.  We based selection on the criteria outlined in the Terms of Reference, in particular that nominees:

  1. could demonstrate a strong commitment to the OPM process and have attended at least one of the OPM events;
  2. have sufficient expertise to be able to contribute fully to one or more of the proposals or cross-cutting themes that arise;
  3. work for a recognised civil society or academic organisation.

Below are the names of the eight members of the Quality Assurance Group:

  1. Edgar Whitley, London School of Economic and Political Science
  2. Claudia Pagliari, University of Edinburgh
  3. Roeland Beerten, Royal Statistical Society
  4. Professor Matthew Woollard, UK Data Archive
  5. Javier Ruiz Diaz, Open Rights Group
  6. Vanessa Cuthill, Economic and Social Research Council
  7. Daniel Nesbitt, Big Brother Watch
  8. Kieron O’Hara, University of Southampton

Invitation to submit nominations for the Quality Assurance Group, deadline 12 April

We are pleased to announce the call for nominations for the Quality Assurance Group.

The Cabinet Office have made the decision to open up the government’s analysis of the responses to the Better use of data in government consultation for external review. To carry out this review we are establishing a Consultation Quality Assurance Group and a quality assurance process under which the review will be carried out. Please, find more detailed information in the Terms of Reference.

This is the first time we are aware that government has opened a consultation process to the public, and we see this as an opportunity for creating real impact in open policy making.

Please, nominate yourself or others by filling out the Nomination Form by COP 12 April 2016.
We will select members based on the criteria outlined in the Terms of Reference and set a particular focus on the group’s balanced knowledge of proposal topics and cross-cutting themes. Involve will be transparent about choices and inform successful candidates and the network about selections on 13 April 2016.

Data sharing consultation workshop I | 22 March 2016 | Meeting note

1100-1500

1 Horse Guards Road, London SW1A 2HQ

The following notes are a complete record of the comments and questions raised during group work at the above session. They are intended to be a faithful record of discussions in the spirit of open policy-making, and we have not provided a commentary or response to comments or questions at this stage. We are very grateful for all attendees for their participation (including those who volunteered to facilitate discussions or to be designated note-takers), and for the useful input that they have provided as a result. Whilst all comments will be carefully studied and used to inform our thinking, the content that has been summarised here does not commit us to recommending any particular course of action.

Where it is felt that a particular comment or question might need clarifying, we have added a suggestion in square brackets “[ ].”

 

 

Introduction

Simon Burall, Director of Involve, welcomed attendees and explained how the session would work and set out the key principles which attendees would be asked to adhere to, such as openness, allowing all opinions to be heard and maintaining the spirit of collaboration that has been present throughout the OPM process.

Sue Bateman, Deputy Director of Data Access Policy Team in Cabinet Office, provided a recap of the OPM work carried out to arrive at this point in the public consultation process. Sue explained that the aim of the session was to explore in more detail the purposes and constraints of the proposed powers and make the details of these discussions available to help inform public responses to the consultation.

Public Service Delivery

Presentations were given by respective policy leads on the following subjects:

Public Service Delivery, including Fuel Poverty (Firoze Salim), and Civil Registration (John Duffy).

Group discussions – Public Service Delivery power

The meeting then divided into table discussions on questions relating to the Public Service Delivery power. A summary of these discussions against questions agreed with Involve (added here for reference) follows:

Discussion point 1: Do you agree with the power being used for these objectives?

(a)        ­ identifying individuals or households who face multiple disadvantages and enabling the public services to be provided to such individuals and households to be tailored to their needs, and

(b)        ­ reducing the energy costs of, or improving the health or well-being of, people living in fuel poverty.

Responses may be grouped around the following themes:

Purposes/Scope

  • Are we identifying individuals or households? How do we define households, and should this be made clearer?
  • Will the powers only be used for the two purposes stated?
  • Is the criterion of “multiple disadvantages” required before these powers can be used? (Could the scope be widened? At present it is focussed on the disadvantaged and vulnerable.)
  • Will powers be sufficient to allow future data sharing needed for other purposes? (Some attendees not happy that it has been limited in this way.)
  • How permissive should these powers be?
  • Power should not be used to the detriment of the individual.
  • Is this bold enough to tackle the caution that some organisations demonstrate towards sharing data?
  • Who will decide what is allowable under the permissive power?
  • What is an appropriate share?
  • How broad should these powers be – broad enough to support multi-agency work whilst constrained to prevent widening of power to include unnamed organisations/purposes?
  • “In general objectives seem reasonable but detail is important”
  • The objectives do not clarify how the Bill relates to other powers

Safeguards and assurance

  • The public would recognise the good in data being collected for two purposes. (the individuals concerned might not want it shared.)
  • How would “improving the health..of people” be measured?
  • Safeguards will be required to protect health data and other sensitive information; what additional safeguards will be in place?
  • Will policy people have more data than researchers? [Presumably this refers to the fact that under the de-identified data proposals researchers would access aggregated datasets without personal identifiers.]

Links between powers

  • If as a result of a share under this power, a fraud issue is identified, can data collected for Public Service Delivery purposes be shared? (Data shared for PSD is collected for those purposes only)

Discussion point 2: The proposed powers do not permit disclosure of the information by the person or anyone else who has received it directly or indirectly from that person for purposes other than the listed objectives. Anyone who contravenes this will be guilty of criminal offence and on conviction be liable to being imprisoned, fined, or both. Do you have any views on these sanctions?

(5)        ­ A person who is guilty of an offence under subsection (3) is liable on conviction on indictment to imprisonment for a term not exceeding two years, to a fine or to both.

(6)        ­ A person who is guilty of an offence under subsection (3) is liable on summary conviction —

(a)        ­ in England and Wales, to imprisonment for a term not exceeding 12 months, to a fine or to both;

(b)        ­ in Scotland, to imprisonment for a term not exceeding 12 months, to a fine not exceeding the statutory maximum or to both;

(c)        ­ in Northern Ireland, to imprisonment for a term not exceeding 6 months, to a fine not exceeding the statutory maximum or to both.

  • Could restrict willingness to share data
  • The same sanctions may not be appropriate for all datasets
  • Custodial sanctions are necessary to boost public trust, they must be seen to have ‘teeth’ to protect individuals
  • Individuals should be protected by an opt-out
  • These sanctions go further (in terms of sentence maxima) than the DPA. There are potential inconsistencies with enforcement of the power compared with the ICO’s enforcement of the DPA.
  • If private companies are included within scope of power (they are currently excluded but there is a question about their inclusion in the consultation paper), these sanctions may not be stringent enough
  • A clear code of practice will help third parties
  • How does individual accountability occur within a public organisation?
  • What happens when an organisation is culpable, e.g. how do you take a local authority to court?
  • Sanctions already exist for some organisations (e.g. Ofgen). How would that fit with proposed new sanctions?
  • “Consistency is important – and these appear to be consistent”

Discussion point 3: There are instances where disclosure of information received under the power is permitted (listed below). Do you have views on these conditions?

(a)        ­ which is required or permitted by any enactment (including section 1),

(b)        ­ which is required by an EU obligation,

(c)        ­ which is made in pursuance of an order of the court,

(d)        ­ of information which has already lawfully been made available to the public,

(e)        ­ which is made for the purposes of a criminal investigation (whether or not in the United Kingdom),

(f)        ­ which is made for the purposes of legal proceedings (whether civil or criminal and whether or not in the United Kingdom),

(g)        ­ which is made with the consent of the person to whom it relates, or

(h)        ­ which is made for the purposes of —

(i)         ­ saving life,

(ii)        ­ safeguarding vulnerable adults or children,

(iii)       ­ responding to an emergency, or

(iv)       ­ protecting national security.

  • How are we defining “saving lives,” as an emergency-only situation or towards data shares aimed at preventing deaths (Such as work being carried out by FRS and NHS, or medical research)?Is this too broad?
  • Similarly, how are we defining “vulnerable adults or children”?
  • Who arbitrates where the meaning of criteria, e.g. “national security” is disputed/unclear?
  • “Any enactment” or EU obligation is very vague
  • Could there be a requirement for future monitoring/review of the legislation?
  • Nothing about the length of time covered [possibly asking whether there should be duty to review power?]

Discussion point 4: The proposed power includes the ability for the relevant Minister to add or modify objectives as long as it meets certain conditions (listed below). Do you have views on these conditions?

(4) The condition in this subsection is that the objective has as its purpose —

(a) the improvement or targeting of a public service provided to individuals of a particular description, or

(b) the facilitation of the provision of a benefit (whether or not financial) to individuals of a particular description.

(5) The condition in this subsection is that the objective has as its purpose the improvement of the well-being of individuals of a particular description.

(6) The reference in subsection (5) to the well-being of individuals includes —

(a) their physical and mental health and emotional well-being,

(b) the contribution made by them to society, and

(c) their social and economic well-being.

  • These objectives are potentially very wide in their definition, some feel that they are too wide and that the power is set out unnecessarily broadly without sufficient constraints
  • Is this more about policy intent than effects?
  • In whose opinion is “well being” defined?
  • How is “contribution…to society” defined? Needs consideration
  • Need to be clear about specific objectives when setting out the details of how this would be used operationally (e.g. given the earlier point about not being used for the detriment of individuals).
  • Would individuals give consent to data share if they were asked (perhaps a good test?)
  • “There should be a presumption to share by public authorities”
  • There are some circumstances where data should not be linked [does not specify what they are]
  • If more objectives are added, will the original objectives be removed?
  • Checks and balances are required to assuage public concerns
  • Affirmative resolution will be required in Parliament – will this cause significant delays to public authorities accessing data in order to deal with the problem/issue that they need it for?

Discussion point 5: The proposal as it currently stands is to define public authority so that it excludes non-public sector organisations (such as charities and private bodies) who fulfil a public function to a public authority. The consultation paper asks the question whether the scope of the power should be broadened to cover such bodies. Do you have any views on whether the scope should be extended?  

(3)        ­ A person is not a public authority for the purposes of this Part if, apart from this subsection, the person would be a public authority for those purposes merely because the person exercises functions on behalf of another public authority.
  • Why disclose information to a non-public body? Given broad scope of power some caution required when sharing data with private sector?
  • It should be recognised that charities and private bodies already carry out some functions for the public sector
  • On a similar theme, the scope of the power needs to be broad enough and be adaptable to changes to the status of public bodies, etc. Extending the power to (private sector) service providers could come with requirement for consent [of individuals or data holder/] before making onward disclosure
  • Need more clarity as to why some parts of the data sharing work exclude private/third sector
  • Does not account for safeguards that are in place
  •  Can a broader version of the fuel poverty proposal be used?

Fuel Poverty

Discussion point 6: Should the Government share information with non-public sector organisations as proposed for the sole purpose of providing assistance to citizens living in fuel poverty or for any other reason?

  • “This proposal makes sense”
  • “Its purposes should be extended beyond fuel poverty (although it is not clear what other purposes should be included)”
  • “Warm Home Discount is acceptable as a purpose but extending scope of power would be an issue”
  • Depends what “any other reason” might include
  • “Clauses need to be tightly drafted to prevent broader use, e.g. using data to target other households in that area.”
  • How are we defining “citizen” – does this include groups of citizens?

Discussion point 7: Would the provision of energy bill rebates, alongside information about energy efficiency support, be appropriate forms of assistance to citizens living in fuel poverty?

  • “Yes they would be appropriate forms of assistance”
  • “Free energy efficiency surveys would be acceptable but should not be used beyond that.”
  • If they are provided this information, could fuel companies use this to select/deselect customers?

Civil Registration

Discussion point 8: The proposed power would allow civil registration officials to disclose civil registration information with specified public authorities and other civil registration officials to exercise one or more of their functions. Do you have any views?

(1)        ­ A civil registration official may, subject to this section, disclose any information held in connection with any of the official’s functions to —

(a)        ­ a specified public authority (see section 2), or

(b)        ­ any other civil registration official.

(2)        ­ A civil registration official may disclose information under this section only if the official is satisfied that the authority or civil registration official to whom it is disclosed (the “recipient”) requires the information to enable the recipient to exercise one or more of the recipient’s functions.

  • “Broadly happy with the powers”
  • Are we broadening the meaning of “public bodies”? [As a question number was not recorded, it was not clear where this comment should be placed. This appears to be the most likely discussion point for it to be placed.]
  • Some of this information (e.g. death records) is useful for research purposes. Would researchers be able to access this information through this route?

Discussion point 9: It is proposed that any  express restrictions placed on the data through other  legislation will not be overridden by this power. Do you have any views?

(4)        ­ The power to disclose information under this section is subject to any express restriction on disclosure imposed by another enactment (ignoring any restriction which allows disclosure if authorised by an enactment).
  • Some issues over consistency – this wording appears to place restrictions on sharing data in a way that the Public Service Delivery power does not.

Discussion Point 10:  Is it considered appropriate to include controls as part of a Code of Practice instead of criminal sanctions given that Misconduct in Public Office offences would act to safeguard any deliberate misuse of data. Do you have any views?

  • Sanctions could help improve public trust in the process
  • Would outcomes/sanctions be published?
  • Who governs the Code of Practice, and is this a strong enough safeguard?

General comments (applicable to all three proposals)

  • What happens if (inputting) errors that are made in one dataset are duplicated as a result of the data share? Would they be reversible, and would there be any sanctions?
  • We need clarity about whether “personal information” would be correct wording, e.g. would it include house type
  • Punitive sanctions may discourage smaller third parties for using data

Fraud and Debt powers

There followed two short presentations on the Fraud proposals (Graeme Thomson) and the Debt proposals (Naomi Hunter)

Fraud powers

Discussion point 11: A definition of fraud is set out in the illustrative clauses. Do you have any views?

(2)        ­ In this section “fraud against a public authority” means an offence under section 1 of the Fraud Act 2006 which involves —

(a)        ­ loss to a public authority, or

(b)        ­ the exposure of a public authority to a risk of loss.

(3)        ­ In subsection (2) “loss” has the same meaning as in the Fraud Act 2006 (see section 5 of that Act).

  • At least one table happy with definition of fraud
  • Fraud Act 2006 extends to England and Wales only
  • There was some discussion about how this might be applied to devolved administrations
  • If fraud is discovered to be occurring in a public authority that is not part of a given data share, would there be a legal duty on those who are in the share to inform that authority?
  • Do these proposals cover non-monetised services?
  • Do they apply to companies as well as individuals?
  • Clause 4 (a) and (b) are possibly too broad and disproportionate as currently worded
  • Is there an inconsistency between scope of Clause 2 (which implies that fraud hs already taken place, and Clause, which includes the purposes of detection and prevention
  • No mention of “Error,” it may not be intentional fraud, could be an error on the part of a local authority

Discussion point 12: The purpose of the power is defined as taking action in connection with fraud against a public authority. The illustrative clauses provides a definition of such actions (set out below). Do you have any views on the definition?

(4)        ­ The reference in subsection (1) to taking action in connection with fraud against a public authority includes any of the following —

(a)        ­ preventing fraud of that kind;

(b)        ­ detecting fraud of that kind;

(c)        ­ investigating fraud of that kind;

(d)        ­ prosecuting fraud of that kind;

(e)        ­ bringing civil proceedings as a result of fraud of that kind;

(f)        ­ taking administrative action as a result of fraud of that kind.

  • At least one table agreed that this looked reasonable
  • Is there a danger of scope creep here? We need to identify how great the risk of fraud is to the public sector first

Debt powers

Discussion point 13: The illustrative clauses for the purpose of the proposed powers provides a definition of debt. Do you have any views?

(1) A specified person may disclose information held by the person in connection with any of the person’s functions to another specified person for the purposes of the taking of action in connection with debt owed to a specified person or to the Crown.

(2) For the purposes of this section debt is owed to a specified person or to the Crown if—

(a) a person is required to pay a sum of money to a specified person or to the Crown, and

(b) all or part of that sum remains unpaid after the date on which, or after the end of the period within which, it is required to be paid.

  • Do we need to define the purpose/benefit of this power more in the legislation?
  • Issue is sometimes one of losing contact with the individual, e.g. in the case of student loans, the individual may not be in debt but need to be able to check this.
  • It would be useful to explain meaning of “debt to the Crown”
  • Is this more controversial than fraud – is data going to be shared to obtain money from me?
  • Is a “person” here defined as a specific person or an organisation?
  • Does this apply to public authorities or to private bodies?

Discussion point 14:  The purpose of the power is defined as taking action in connection with debt owed to a specified person or to the Crown. The illustrative clauses provides a definition of such actions (set out below). Do you have any views on the definition?

(a) identifying debt of that kind;

(b) collecting debt of that kind;

(c) bringing civil proceedings as a result of debt of that kind;

(d) taking administrative action as a result of debt of that kind.

  • Is it a realistic proposal if a number of public authorities are involved? How will it work in practice, who leads etc?
  • Criteria (d) felt possibly to be too broad, although “administrative action” tightens this
  • Is there a requirement for transparency, e.g. to measure effectiveness of this power?
  • Is there a threshold for the size of debt to be recovered in order for this power to apply?

Issues relating to both fraud and debt proposals

Discussion point 15: The proposed powers do not permit disclosure of the information by the person or anyone else who has received it directly or indirectly from that person for purposes other than the listed purposes. Anyone who contravenes this will be guilty of criminal offence and on conviction be liable to being imprisoned, fined, or both. Do you have any views on these sanctions?

(5)        ­ A person who is guilty of an offence under subsection (3) is liable on conviction on indictment to imprisonment for a term not exceeding two years, to a fine or to both.

(6)        ­ A person who is guilty of an offence under subsection (3) is liable on summary conviction —

(a)        ­ in England and Wales, to imprisonment for a term not exceeding 12 months, to a fine or to both;

(b)        ­ in Scotland, to imprisonment for a term not exceeding 12 months, to a fine not exceeding the statutory maximum or to both;

(c)        ­ in Northern Ireland, to imprisonment for a term not exceeding 6 months, to a fine not exceeding the statutory maximum or to both.

  • These sanctions are standard for HMRC
  • Sanctions should be strong as the power has a strong financial component?
  • Should the deployment of sanctions be preceded by a warning?
  • Why do these sanctions differ from those under Civil Registration powers?
  • Safeguards need to cover private bodies who might disclose/access data under this power
  • Can personal data be onwardly disclosed if used for the same purpose? How is it controlled?
  • These sanctions are consistent with the previous section but not DPA
  • Who is responsible for enforcement, and what is the process?
  • “The relevant Minister” does not suggest independence of process
  • Sanctions should be applied proportionately
  • Incentives for smaller organisations to comply?

Discussion point 16: It is proposed that the power be reviewed after an agreed period of time to determine whether it should be amended or repealed.

  • Do you have any views on what would be a suitable length of time for the gateway to be active before this review is carried out?
  • Do you have any views on who the Minister should consult when carrying out the review?
(1)        ­ As soon as is reasonably practicable after the end of three years beginning with the day on which this Part comes into force, the relevant Minister must review its operation for the purposes of deciding whether it should be amended or repealed.

(2)        ­ Before carrying out the review the relevant Minister must publish the criteria by reference to which that determination will be made.

(3)        ­ In carrying out the review the relevant Minister must consult —

(a)        ­ the Information Commissioner, and

(b)        ­ such other persons as the relevant Minister thinks appropriate.

(4)        ­ Once the review is completed the relevant Minister must —

(a)        ­ publish a report on its outcome, and

(b)        ­ lay a copy of the report before Parliament.

(5)        ­ If as a result of the review the relevant Minister decides that this Part should be amended or repealed, the relevant Minister may by regulations amend or repeal it (as the case may be).

  • Legislation to be reviewed after 3 years to ascertain that it is required, i.e. that the problem is indeed legal
  • Is 3 years long enough for the whole process to be demonstrably effective?
  • Is 3 years too long?
  • Who is “the relevant Minister”? Should it be someone more independent?
  • Who should they consult? Should this requirement include bodies already in the schedule to canvass their views on its efficacy? Should it include debtors’ representatives?
  • Will the Minister be obliged to take into account the findings of his consultation?
  • Civil society groups not specified to keep power future-proofed
  • Is there a requirement for transparency, to state who is sharing data with who, so that data source can vet service
  • Process and protections could be checked if consent was required for onward disclosure
  • How are the public assured that the authorities in the schedule are competent to carry out their functions under this power?
  • The Code of Practice will need to set expectations on the bodies covered in the Schedule (arms-length agencies etc)
  • Review of power should use open methodology on a continuous basis
  • Why piloting for Fraud and Debt but not other powers?
  • Standards required for processing and destroying of datasets over time, compliance with DPA principles etc

Discussion point 17: It is proposed that the scope of the power covers non-public sector organisations who fulfil public functions to a public authority. Disclosure of information will be strictly limited to the functions that the organisation exercises in taking action in connection with fraud against a public authority. Do you have any views?

(6)        ­ In the case of a person (“P”) who is within the Schedule merely because of providing services to another specified person, the reference in subsection (1) to the functions of a specified person is limited to the functions P exercises for that purpose.
  • Should the power extend beyond the public sector?
  • Schedule will set out who may access data under this power
  • Data is only shared for those specific purposes set out in DSP 13
  • Should power be consolidated with public service power?
  • What is risk of data being used for other purposes?
  • Consent will need to be re-sought over time [It is not clear whether this refers to consent of individuals, data holding authorities, or both]

Research and statistics proposals

Simon Meats gave a short presentation on the proposals for sharing de-identified data for research purposes. Ross Young then presented on the proposals for UKSA to access identified data for the purpose of prducing national and official statistics.

De-identified data for research purposes

Discussion point 18: The illustrative clauses defines the instances in which the proposed powers can be used by a public authority. Do you have views on how the purpose has been defined?

(1)        ­ This section applies to a public authority if —

(a)        ­ the authority holds information in the form of a dataset,

(b)        ­ the dataset contains information which directly identifies one or more persons, and

(c)        ­ the authority thinks the information in the dataset would, if combined with information in one or more other datasets held by one or more other persons, produce information which would be useful for the purposes of research which is in the public interest.

(2)        ­ The public authority may supply —

(a)        ­ the information by reference to which the person or persons are identified to an accredited indexer, and

(b)        ­ a de-identified dataset created from the dataset mentioned in subsection (1)(b) to an accredited access facility for the accredited access facility to exercise the functions in subsection (4).

  • Provides flexibility in the spirit of the DPA and also provides legal clarity
  • Is there a better way of setting out the purpose/process
  • “Pleased to see changes in the consultation paper allowing a public authority to be both the data provider and secure access facility
  • Re fees charging – some views from data holding departments that it is possible to calculate costs of making data available
  • What if information is held, but not as a dataset?
  • How are we defining “dataset”? What is the definition of this? Prefer “electronically held data.”
  • Re 1(c) – the use of the word “thinks” is odd, needs to be worded more positively
  • Does this place restrictions on existing facilities with existing processes and established teams for de-identification?
  • Why not simply have regard to the ICO’s Code of Practice on Anonymisation, rather than re-define something that is already defined?
  • We need a definition for research (purpose/statement/in public interest)

Discussion point 19: The de-identification process is set out in the illustrative clauses. Do you have any views about how it is described?

  • “This is acceptable provided terminology does not inadvertently restrict/exclude current practice”
  • Can we “future-proof” it more?
  • Can we take out the details of the specified process (Clause 1) and instead set out criteria/conditions that can be met?
  • Need to be careful and consistent in referring to “data” versus “information”
  • The UKSA needs to be clear about its role as accreditor and transparent about the purposes of the research undertaken under this power
  • Does this power make composite datasets (in other strands) accessible?

Discussion point 20: To allow the power to be kept up-to-date with new de-identification methods, the illustrative clauses allow the relevant Minister to modify or include additional procedures by regulations. Any changes will need to adhere to key parts of the de-identification process. Do you have any views on this power to amend the procedure?

  • “This is acceptable provided terminology does not inadvertently restrict/exclude current practice”
  • Who is the relevant Minister? Should it include departmental Ministers as well as MCO?
(3)        ­ Any procedure for which provision is made by virtue of subsection (1) must —

(a)        ­ enable the creation of information using a dataset held by a public authority and one or more other datasets held by one or more other persons,

(b)        ­ enable the information that is created to be supplied only for accredited research purposes,

(c)        ­ ensure that, where the datasets contain information that directly identifies a person (“identity information”), the identity information is removed before the information is supplied, and

(d)        ­ involve a person or persons who are accredited in the removal of identity information, the creation of information for supply and the supply of that information.

(4)        ­ Regulations under subsection (1) must have the effect that —

(a)        ­ section 2 applies in relation to the supply of information under a procedure for which provision is made by virtue of subsection (1),

(b)        ­ sections 3 and 4 apply in relation to personal information supplied under that procedure,

(c)        ­ section 5 applies in relation to the accreditation of persons and research for the purposes of that procedure, and

(d)        ­ section 6 applies in relation to the resulting functions of the Statistics Board.

  • Should requirements for accreditation for researchers, or at least the broad principles, be published?

UKSA access to identified data for the purpose of producing national and official statistics

Discussion point 21: Under the proposed power, the Board can only request information via a notice if it enables the Board to exercise its functions (as set out in the Statistics and Registration Service Act). Do you have any views?

(7)        ­ The Board may give a notice under subsection (1) only if the Board requires the information to which the notice relates to enable it to exercise one or more of its functions.
  • Is there a commitment to transparency? Will the notices be made public?

Discussion point 22: Under the proposed powers public authorities and undertakings do not have to comply to a notice to provide information if compliance would result in certain outcomes. Do you have any views?

(10)      ­ But the public authority need not comply with the notice if compliance —

(a)        ­ might prejudice national security,

(b)        ­ would contravene the Data Protection Act 1998, or

(c)        ­ would be prohibited by Part 1 of the Regulation of Investigatory Powers Act 2000.

  • Mandation is inconsistent with other proposed data measures
  • What about a cost recovery mechanism?
  • As a general comment, how do we guarantee data quality?

Discussion point 23: Under the proposed power, the UKSA can only use information received as a result of issuing a notice for the purpose of one or more of its functions. Furthermore, consent from the disclosing body is required where the Board wishes to to use the information for the purpose of its statistical services. Do you have any views?

(1)        ­ Information disclosed pursuant to a notice under section 45B or 45C may only be used by the Board for the purposes of any one or more of its functions.

(2)        ­ Information disclosed pursuant to a notice under section 45B or 45C may not be used by the Board for the purposes of its function under section 22 (statistical services) except with the consent of the person who disclosed the information.

Discussion point 24: Under the proposed power, the Board must publish a statement setting out how the procedures under the powers will be exercised. Do you have any views?

(5)        ­ The Board must prepare and publish a statement of —

(a)        ­ the principles to which it will have regard in exercising its functions under section 45B or 45C, and

(b)        ­ the procedures which it will adopt in exercising those functions.

  • This is similar in approach to current codes of practice
  • Data accessed by UKSA is not available to data providers – “a missed opportunity?”
  • Explicit consent for onward disclosure should also be in other proposed powers

General comments on Research and Statistics

  • “Consistency of sanctions is good”
  • We need consistency in approach to disclosure
  • Data access has been complicated by fragmentation/privatisation
  • Data quality is important and is not mentioned much
  • Implementation – are the processes/knowledge/will there to make this work\/
  • Work is needed to support legislation is educating officials to give them the confidence to use data
  • Proportionality is important, there seems to be an emphasis on big data, whilst some organisations, e.g. local authorities often need to share data in small volumes
  • “Allow data accessed by Fraud and Debt purposes be then de-identified and used for research purposes”
  • Bill should enshrine transparency needs

Wrap-up

The main meeting ended with closing remarks from Simon Burall and Sue Bateman, including a reminder that the second session will be held on Monday 11th April.

Terms of Reference for the Quality Assurance Group which will monitor/audit consultation responses

Some delegates remained to meet on this issue in a discussion chaired by Simon Burall.

The meeting closed at 1500.

Invitation to data sharing consultation workshop, Monday 11 April 2016

The Cabinet Office is running two workshops facilitated by Involve to feed into the Cabinet Office’s ‘Better use of data in government’ consultation, which opened on 29 February and closes on 22 April 2016. The first of these workshops took place on 22 March. The notes from this workshop, which examined the Cabinet Office’s policy proposals in detail, will be available on the data sharing website shortly. The second of these workshops will take place on 11 April. Please note that it is not necessary to have attended the first workshop to attend this second workshop.

This workshop on 11 April will provide an opportunity for the Cabinet Office to draw on the expertise and knowledge of the network, focusing on the development of principles and codes of practice that will support the proposed powers on: Public Service Delivery; Fraud and Debt; and Research and Statistics. The workshop will also provide an opportunity to raise any other issues on the proposals that you think should be considered. We will be circulating more materials for this workshop prior to the event. Register to attend this workshop here: http://www.eventbrite.co.uk/e/data-sharing-consultation-workshop-ii-tickets-24254138782 

While they will not constitute a formal response to the consultation, the workshops are part of the ongoing open policy making process intended to inform thinking.

Invitation to data sharing consultation workshop, Tuesday 22 March 2016

The Cabinet Office will be running two workshops facilitated by Involve to feed into the Cabinet Office’s ‘Better use of data in government’ consultation, which opened on 29 February and closes on 22 April 2016:

Workshop 1 (22 March)
– Workshop 2 (11 April)

The first workshop on 22 March will provide an opportunity for the Cabinet Office to draw on the expertise and knowledge of the network about the detail of the proposals, focusing on the constraints on powers specified in primary legislation and consistency between the three strands of proposals: Public Service Delivery; Fraud and Debt; and Research and Statistics. We will be circulating an outline agenda and more materials for this event in the next few days. Register to attend this workshop here: https://www.eventbrite.co.uk/e/data-sharing-consultation-workshop-i-tickets-23103346732

The second workshop on 11 April will focus on the codes of practice that will sit alongside the powers, and will also provide an opportunity for those taking part to raise any other significant issues that they think are important for the Cabinet Office to hear. Details of venue and timings for 11 April workshop TBC. A separate Eventbrite page will be set up for 11 April workshop.

While they will not constitute a formal response to the consultation, the workshops are part of the ongoing open policy making process intended to inform thinking.

 

Hold the date: data sharing consultation sessions, 22 March and 11 April

The Cabinet Office will be running two workshops facilitated by Involve to feed into the Cabinet Office’s ‘Better use of data in government’ consultation, which opened on 29 February and closes on 22 April 2016.
While they will not constitute a formal response to the consultation, the workshops are part of the ongoing open policy making process intended to inform thinking. They will provide the opportunity to explore the detail of the proposals, focusing on the constraints on powers specified in primary legislation and the supporting guidance.
Please hold Tuesday 22nd March and Monday 11th April 2016 in your diaries for the consultation sessions. More details will follow shortly.

A message from Cabinet Office on the “Better Use of Data” Consultation Launch

We are grateful for your involvement during the extensive open policy-making process on improving public authority access to data for the purposes of improving public service delivery, tackling fraud and debt, and supporting research and statistics. We are pleased to announce that the proposals developed through the open policy-making process have now been published and is now open to public consultation. The consultation document and accompanying illustrative clauses and consultation stage impact assessments can be found at:
We are encouraging views from as wide range of people (and organisations) as possible. Please do take the time to review and share the link with anyone who may have an interest in these issues. The closing date for responses is c.o.p. April 22nd.