This post was also written Nick Tyler.

Now that the UK Coalition Government has published its Protection of Freedoms Bill (the Bill) the big question is whether the proposed changes will achieve their objective “to restore the rights of individuals in the face of encroaching state power, in keeping with Britain’s tradition of freedom and fairness”.

Key aspects of the Bill will impact data protection and freedom of information:

1. Regulation of biometric data – the UK Government has been forced to revise existing laws on the collection and retention of fingerprints and DNA following a decision by the European Court of Human Rights (ECHR) . The ECHR found UK practice an unjustifiable interference with the right to private and family life . The proposed scheme will be based on Scotland’s which the ECHR cited with approval, as outlined in a Home Office Memorandum.

2. Regulation of surveillance:

  • CCTV and other technology – the Bill requires a Code of Practice for CCTV and automatic number plate recognition applicable to local authorities and the police, although other bodies may be added by order to be policed by a newly-created regulator, the Surveillance Camera Commissioner. By default, this has fallen on the ICO who generally supports the proposal, but who intends to monitor the legislation, see recent ICO statement. Industry comment has, however, been negative because of the potential for overlapping authority and conflicting principles between regulators.
  • The Regulation of Investigatory Powers Act 2000 governing surveillance will be restricted to prevent headline-grabbing examples of ‘snooping’ abuse by local government, such as:

3. Vulnerable Groups – The Bill seeks to balance protection of vulnerable groups against “disproportionate scrutiny” of individuals by limiting the disclosure of criminal records to redress a growing UK “culture of suspicion”. Vulnerable groups have raised concerns that the proposals will leave gaps—the very gaps current legislation sought to close:

  • “School safety ‘insult’”
  • “NSPCC: Child worker vetting plan has ‘disturbing gap’”

The Bill will also permit deletion of consensual gay sexual offences from criminal records, which redresses an earlier ECHR judgment and is the subject of a Home Office Privacy Impact Assessment.
4. Data Protection & FOIA Amendments – Our previous blog predicted the ability of the ICO to charge for conducting audits and privacy impact assessments; however, the Bill’s provisions only enable charges for publications, training and conferences. The Bill seeks to extend FOIA which is likely to impact private sector companies operating in publicly-owned environments, and will require government departments and other public authorities to release “datasets” to allow public scrutiny of governmental services and spending.
We shall continue to monitor the Bill’s progress through Parliament and keep readers informed of its likely implications.