The British public needs to become more trusting with its data, says EMC IT officer
As the UK faces a time of turmoil, never has it been more important to refine the rules governing data sharing to ensure the public trusts government, says James Norman, UK public sector chief information officer at cloud computing company EMC.
James Norman says the data code of practice needs to be updated - Photo credit: James Norman
This year’s Queen’s speech outlined plans for the government to put in place a Digital Economy Bill to accelerate the use of digital technology in the public sector.
Part of this bill aims to increase sharing of information across government departments, with the aim of delivering better public services and producing world-leading research and statistics.
Proposals aimed at easing public sector data sharing
ICO survey: 36% of public trust government to protect their data
It didn’t go down well with some. Describing the scheme as “intrusive”, Big Brother Watch’s chief executive Renate Samson said that the government had failed to define what was meant by ‘data sharing’ and that it would “make the intrusive and scrapped ID Card scheme blush”.
Damning words - and she wasn’t alone. The announcement caused concern that, as British citizens, we are losing control over our most personal information.
But, at the same time, public services are not meeting the expectations and needs of the public because they are not using the petabytes of information that are available to them.
In his book The Big Data Opportunity, Chris Yiu estimates that smarter use of data would improve overall efficiency for government by up to £33 billion a year.
And at the recent National Digital Conference 2016, Cabinet Office minister Matt Hancock reiterated the importance of data in transforming public services, saying that data should be treated as a “public service in its own right rather than an afterthought”.
It’s a difficult balancing act and one that relies on building trust.
Define the boundaries
Trust is one of the biggest barriers to smarter and better use of data in the public sector.
According to EMC’s Future of Government Digital Services report, 45% of citizens are not happy to have their data shared with or across areas of the public sector in any scenario.
This means that there is a lot of data just sitting there, providing no useful insights.
To put that into context, The Big Data Opportunity (which was published back in 2012), showed that HMRC has 80 times more data than the British Library. Four years on, imagine how much more that has increased.
To ensure public trust, there need to be strong safeguards and ministerial oversight over how the power of that data is used.
Setting clear boundaries is a crucial step to building this trust. For example, citizens’ data should only be shared where there is a demonstrable benefit to the public – not for commercial gain of a private company or third party.
Of course, private and third party organisations carrying out work on behalf of the public sector will need access to relevant data, but they must be subject to the same level of restrictions, scrutiny and sanctions.
This includes prosecution if these boundaries are abused or broken.
Moreover, data sharing should only take place securely with citizen’s consent.
As part of EMC’s response to the government’s consultation on the better use of data – which closed in February this year - we put forward a recommendation for a single data sharing framework to be overseen by one body.
This, we argued, would provide consistent and joined up oversight and governance over data sharing in the public sector.
Moreover, such a framework needs to be understood across the public sector and communicated clearly to the public, so communication is key.
Citizens need to be aware of the positive impact that the sharing of their information is having on public services, society as a whole and them as individuals.
Not to mention that making them aware of the safeguards that have been put in place will also engender confidence.
The data sharing code of practice plays a big part in this, but unfortunately, there are areas of ambiguity in the current system that are hindering better use of data.
Fear of prosecution by the Information Commissioner’s Office has resulted in organisations taking the easy option and opting to share nothing, regardless of the benefits to citizens.
For instance, the current bar on data sharing unless for a specific, consented purpose prohibits experimentation and the development of business cases – a classic chicken and egg situation.
Updating the code
I believe that the Code of Practice should be updated to:
- View information governance as an enabler for information sharing, research, and improving the delivery of public services
- Ensure dynamic and skilled leadership within each organisation. This includes a Director at Board level who is formally responsible for information governance and oversees the safeguarding of personal data
- Develop clear policies, processes, access control protocols, and ways in which to get appropriate levels of support proactively applied
- Harmonise and consistently apply guidance and processes across the organisation
- Ensure that everyone working with personal data is aware of and understands their responsibilities, through audited training linked to financial penalties for failures to comply
We are in a period of huge uncertainty so it’s not surprising that the general public is feeling nervous.
What is definite, however, is the need to transform public sector services, sooner rather than later.
Access to data is at the heart of this transformation so the government needs to find a way to get the public on side.
Minister discusses need for new training campus and greater use of data in evaluation of projects
Minister claims government wants UK financial institutions to lead on the use of digital currencies
Experts discuss what the lasting impact of the pandemic might be for government and the public sector
Cross-party group voices opposition to plans to ask members to return to Westminster
CyberArk's David Higgins explores the cyber risks of hiring independent contractors
CyberArk's John Hurst looks at the true cost of GDPR breaches