Parliamentary committee calls for additional privacy for NHS tracing app
MPs and peers express concerns over ‘unprecedented data-gathering’
Credit: Adobe Stock
Ministers must improve data protections in the NHS coronavirus tracing app before it is made widely available to the public, an influential group of MPs and peers has said.
The Joint Committee on Human Rights warned there were still "significant concerns" about the safety of the application, which they claimed had "potential longer-term effects on personal freedoms and concerns around surveillance".
The NHS app, which is currently undergoing a pilot study on the Isle of Wight, will alert users if they have been in significant contact with an infected person, and allow medical staff to follow the spread of the illness
Health secretary Matt Hancock has already said the public had a "duty" to download it when it is made available, but insisted the software had been developed to bring "high privacy" to users’ data.
- NHS tracking app must do ‘heavy lifting’ to avoid second virus peak, claims chief scientific adviser
- How Denmark aims to ‘create trust’ in contact-tracing tech
- Coronavirus: can we keep track of our sensitive data?
But in a new report, the committee said they were "not reassured" the measures went far enough to protect the public "regarding surveillance and the impact on other human rights".
While the group said the app could "pave the way" out of lockdown if successful, they hit out at the lack of parliamentary scrutiny of the plans as they demanded ministers sought the urgent approval of MPs.
They wrote: "Previous extensions of state powers of surveillance and data collection for the purposes of terrorism prevention have been legitimised by legislation scrutinised by Parliament; and so, it should be for public health purposes. Without clear efficacy and benefits of the app, the level of data being collected will not be justifiable and it will, therefore, fall foul of data protection law and human rights protections."
They added: "The government and health authorities must at all times be transparent about how the app, and data collected through it, is being used, including publishing ethics reviews and sufficient technical specification information relating to the app and to data security."
Meanwhile, the group also called for a review of the app's safety every 21 days to be carried out by the health secretary to ensure there had been no breaches of sensitive data.
Labour MP Harriet Harman, who chairs the committee, said: "Assurances from ministers about privacy are not enough. The government has given assurances about protection of privacy so they should have no objection to those assurances being enshrined in law.
"The contact-tracing app involves unprecedented data gathering. There must be robust legal protection for individuals about what that data will be used for, who will have access to it and how it will be safeguarded from hacking. Parliament was able quickly to agree to give the government sweeping powers. It is perfectly possible for parliament to do the same for legislation to protect privacy."
PHE also reveals outsourcers Serco and Sitel will process sensitive information and claims length of retention is ‘because Covid-19 is a new disease’
Minister and local MP cite success of ongoing trial on the Isle of Wight
Sir Patrick Vallance believes UK ‘should be able to avoid a second wave’ of Covid-19
The CEO of Danish tech firm NetCompany tells PublicTechnology why the country’s existing digital infrastructure could help encourage adoption of its soon-to-launch coronavirus...
PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right
CyberArk's David Higgins explores the cyber risks of hiring independent contractors
CyberArk's John Hurst looks at the true cost of GDPR breaches