For immediate release, 21/2/08

A report commissioned by the government following the HMRC Child Benefit
data breach last year confirms that the ContactPoint database [1], intended
to contain the details of every child and parent in the country, can never
be made secure. This confirms objections that NO2ID [2] and other
campaigners have been pressing since the passing of the Children Act 2004.

The report by Deloitte and Touche [3], of which a summary was published this
afternoon, says: “It should be noted that risk can only be managed, not
eliminated, and therefore there will always be a risk of data security
incidents occurring.”

The government has refused to publish the full report, ‘for security
reasons’. In essence it is trying to ignore the problem.

It appears from the Executive Summary that has been published that Deloitte
confirms some of the issues identified by campaigners well before the
legislation had been passed.

Phil Booth, NO2ID’s national coordinator, said:

“If the report identifies problems in ContactPoint, then the government
should face up to them – not try to keep them secret. Ministers can no
longer say, “You’ll just have to trust us”. We know we can’t.

“ContactPoint is just one more case where official face-saving trumps the
basic rights of the general public. Behind the cosy slogan, ‘every child
matters’ seems to mean putting every child equally at risk. If the
government cared about more than sloganising, it would scrap the whole
scheme immediately. ”

-ENDS-

Notes for editors

1) http://www.arch-ed.org/issues/databases/contactpoint.htm

2) NO2ID is the UK-wide non-partisan campaign against ID cards and the
database state. See http://www.no2id.net/dbstate.php for a list of ‘database
state’ initiatives that NO2ID is actively opposing.  NO2ID also comments
specifically on the Children Act 2004 data-sharing powers:
http://www.politics.co.uk/press-releases/domestic-policy/civil-liberties/identity-cards/no2id-surveillance-you-ain%C3%A2%E2%82%AC%E2%84%A2t-seen-nothing-yet-$449189.htm

3)
http://www.everychildmatters.gov.uk/_files/ED36DA697EF4466123B737C09234D747.pdf

20 February 2008

With MPs due to debate Electronic Patient Records tomorrow [1], the privacy campaign NO2ID [2] says that they should be discussing how the relationship
between doctor and patient is being subverted for management convenience and empire-building.

The NHS database is not just used for patient care. The so-called Secondary Uses Service (SUS) does not provide a service to patients. It is a vast
hidden system that distributes the most personal (and people think private) information to a horde of bureaucrats and other third parties.

“Pseudonymised” patient information – and in some instances, identifiable patient information [3] – is trafficked for purposes including “clinical
audit, performance improvement, research, clinical governance, planning, commissioning, public health and benchmarking” [4].

Via SUS, a wide range of non-clinical agencies, organisations and even private companies [5] have massively greater access to information on everyone than clinicians. Protection of confidentiality is utterly inadequate and it is unclear how, or even if, individuals can refuse consent for their most private details to be shared among thousands of bureaucrats.

Phil Booth, NO2ID’s national coordinator, said:
That medics have access to a summary on “the spine” is just an excuse. It is only rarely going to be useful. Meanwhile dozens of bureaucracies and even private companies will get to exploit your whole medical history without your consent.

The Secondary Uses Service turns doctor’s work and patients’ lives into fodder for the bureaucratic machine, and professional standards and human dignity are irrelevant.

-ENDS-

Notes for editors

1) On Thursday 21st February between 2.30pm and 5.30pm there will be a Westminster Hall debate on the Sixth Report from the Health Committee
(Session 2006-07) on The Electronic Patient Record, HC 422, and the Government response, Cm 7264.

2) NO2ID is the UK-wide non-partisan campaign against ID cards and the database state. See http://www.no2id.net/dbstate.php for a list of ‘database state’ initiatives that NO2ID is actively opposing.

3) See ‘NHS Care Record data safety fears grow’, Pulse, 12/11/07:
http://www.pulsetoday.co.uk/story.asp?sectioncode=23&storycode=4115820

4) See Connecting for Health’s factsheet on the Secondary Uses Service:
http://etdevents.connectingforhealth.nhs.uk/eventmanager/uploads/factsheet_sus1.doc
Quite clearly, bureaucrats in Primary Care Trusts, Strategic Health Authorities and the Department of Health all have access to SUS data.

5) See ‘Patient-identifiable data released’, Pulse, 23/8/07:
http://www.pulsetoday.co.uk/story.asp?sectioncode=23&storycode=4114197

Any private company or organisation can apply to the Patient Information Advisory Group (PIAG) for access to SUS data as, for example, has UK Biobank – the controversial genetic research charity that proposes to take the DNA of 500,000 people and track their health for the rest of their lives through the NHS Care Records System.

Learners to be tagged and tracked for life

13 February 2008

For immediate release, 13/2/08

All 14-year-old children in England are to have their personal details and examination results recorded for life on a new database, called MIAP (‘Managing information Across Partners’). [1]

Every child is to be issued with a ‘unique learner number’ which will allow educational establishments, local authorities and prospective employers to access individuals’ records online. Sensitive and potentially damaging information such as exclusions and expulsions will be stored on the database.

Though officials deny that this is another step towards a national identity *card*, this is clearly a part of the broader National Identity Scheme and ‘Transformational Government’ agenda. [2]

Phil Booth, NO2ID’s National Coordinator said:

“Numbered for life and with every black mark against you made public, you’ll never be able to make up for a bad year at school. If they get your marks wrong, you’ll be the one treated as a cheat.

“Without any warning and with the National ID Scheme on the rocks, yet another dodgy database is being proposed as the cure for all ills.

“Tag ‘em young and track them for life might work for cattle but it’s not how a fair and just society treats people, especially children. Official CV, unique number or ID card, it’s all just about the state telling you – and others – who you are.”
-ENDS-

Notes for editors

1) http://www.timesonline.co.uk/tol/news/uk/education/article3359931.ece –
‘Every child in school numbered for life’, The Times, 13/2/08. Note the explicit link to ID cards in the up-to-now secret planning stages of this new database:

“Original plans for MIAP drawn up by the Government in 2003 suggested that the database could be linked to identity cards, raising the prospect that once pupils were in the system they might be forced into accepting an ID card.”

2) http://www.hm-treasury.gov.uk/media/B/9/pbr_csr07_service.pdf – the latest articulation of the Transformational Government agenda is the ‘Service Transformation Agreement’, published October 2007. Every government department now has to follow the lead of the Home Office on “identity management” and the Ministry of Justice on “data-sharing”:

“The MoJ is leading a cross-government programme to deliver a package of measures over the next 3-5 years to overcome current barriers to information sharing within the public sector.”

3) NO2ID is the UK-wide non-partisan campaign against ID cards and the database state. See http://www.no2id.net/dbstate.php for a list of ‘database state’ initiatives that NO2ID is actively opposing. NO2ID occasionally commissions polls under BPC [3] rules, see:
http://ukpollingreport.co.uk/blog/issues/id-cards/