A cross-party group of more than 20 MPs has criticised the UK’s privacy watchdog over its handling of the Government’s test and trace scheme.
The letter, signed by 22 MPs, calls on the Information Commissioner’s Office (ICO) to request changes to the NHS scheme over its use of personal data.
“The Government not only appears unwilling to understand its legal duties, it also seems to lack any sense that it needs your advice, except as a shield against criticism,” the MPs wrote.
MPs from the Liberal Democrats, Labour, Green party and Scottish National party called on the ICO to carry out “urgent” action such as demanding documents from the Government on how the scheme works.
They also suggested that the ICO demands changes are made to safeguard the personal data of people tracked by the system.
“ICO action is urgently required for Parliament and the public to have confidence that their data is being treated safely and legally, in the current COVID-19 pandemic and beyond,” the MPs wrote.
The letter was organised by the Open Rights Group, an organisation which has criticised the scheme since its launch.
In July, the Government admitted that it had failed to carry out a Data Protection Impact Assessment before the introduction of the test and trace scheme, following a legal challenge carried out by the Open Rights Group.
The Government’s admission prompted warnings that the public has no guarantee that medical records and personal details will be kept secure.
Jim Killock, the executive director of the Open Rights Group, said: “There is something rotten at the heart of the ICO that makes them tolerate Government’s unlawful behavior. The ICO is a public body, funded by the taxpayers, and accountable to Parliament. They must now sit up, listen, and act.”
“As a regulator, ICO must ensure that the Government upholds the law. They must heed the lessons from what’s happened to Public Health England. The only way to avoid that fate is to enforce the law and discharge their legal responsibility properly.”
A spokesman for the ICO said: “Our approach during the pandemic has been to provide advice on the data protection implications of a number of initiatives by the UK Government, the NHS, local councils and private sector organisations to respond to the public health crisis.”
“We understand and recognise the government and other organisations had to act quickly to deal with the national health emergency, and we have explained their data protection obligations and provided guidance and expertise at pace to them. We have published much of this work so there is transparency, and will audit and investigate arrangements where necessary to ensure people’s information rights are upheld.”