It has emerged that Downing Street has ordered departments to collect and share “targeted and personaliSed information” on users that visit the GOV.UK portal.
Although officials have insisted that the move to start sharing data was solely to improve the service and that no personal details are being collected, many have raised concerns about the involvement of Boris Johnson and his chief advisOr.
A leaked memo, sent on August 19, from Johnson to members of the Cabinet’s EU exit operations (“XO) committee, stated the committee had been tasked with ensuring that GOV.UK “is serving as a platform to allow targeted and personalised information to be gathered, analysed and fed back actively to support key decision-making – in effect, focused on generating the highest-quality analytics and performance data to support exit preparations”.
Johnson concluded the memo: “I expect everyone to act immediately to execute the above actions.” To which nine days later the prime minister’s chief advisor, Dominic Cummings, emailed senior officials to stress that this would be a “top priority”.
A government spokesperson told BuzzFeed News: “Across the industry, it is normal for organisations to look at how their websites are used to make sure they provide the best possible service.
“Individual government departments currently collect anonymised user data when people use GOV.UK. The Government Digital Service is working on a project to bring this anonymous data together to make sure people can access all the services they need as easily as possible.
“No personal data is collected at any point during the process, and all activity is fully compliant with our legal and ethical obligations.”
However the harvesting of centralised personal data raises many privacy concerns, especially with the large amount of data being shared behind closed doors in the present political climate. The move raises many ethical and legal questions.
Silkie Carlo, the director of Big Brother Watch commented:
“This data grab raises important questions as to the legitimacy, urgency and purpose of such personal information collection. The government must answer these questions urgently.”
Carlos stressed that the government claiming that no data will be collected is at odds with the instruction to obtain “targeted and personalised information”.
“This secret instruction and contradictory public statement is cause for concern and undermines public trust at an important time. People need to be able to access government information without worrying about how their data might be tracked, recorded and used.”
Many privacy advocates emphasise how the move completely disregards the data rights of UK citizens, and that it shows no suggestion of gaining consent or public consultation.
Pascal Rowe, Open Rights Group, said:
“The public conversation around the use of data has shifted since the Cambridge Analytica scandal. Where is the public’s consent for this? Dominic Cummings may claim to be a pioneering advocate of data science, but when it comes to its ethical use, he is woefully behind.”
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/