PL&B UK E-news, Issue 34
- Government task force targets EU bureaucracy
- European regulators back short privacy notices
- Home Office publishes ID card bill
- Police force accused of staff privacy breach
- Schools get guidance on student photos
1. Government task force targets EU bureaucracy
The Better Regulation Task Force (BRTF), an independent government advisory body, has challenged the European Union to introduce measures for simplifying regulation across Europe. Yesterday, the BRTF published the results of a year-long study focusing on three areas of EU legislation – food labelling, data protection and pollution control. The BRTF solicited responses from a range of organisations and industry groups including the Confederation of British Industry, members of the European Privacy Officers' Network and the Financial & Leasing Association.
The study, Make it Simple, Make it Better, notes that burdensome and complex legislation is not only an obstacle for industry, but leads to lower compliance levels and less protection for consumers and citizens. And while European directives can be amended, the report stresses that the process is complex and time consuming. It has led the BRTF to call for urgent action to simplify regulation. Key recommendations outlined in the report include:
- Adoption of ad hoc measure to progress simplification proposals
- Added flexibility to amend legislation
- ‘Common sense’ checks to ensure new legislation is both consistent with existing law, and does not impose unnecessary administrative burden
David Arculus, chairman of the BRTF, said that while Europe has recognised the problems, there has been little action taken. “There has been considerable talk but it is now time for action,” he said. “Any new EU legislation should build in as much flexibility as possible to enable it to be amended easily in the future, without the need for lengthy negotiation.”
The European Commission has signalled its support for the BRTF’s recommendations. In a statement, a group of EU Commissioner’s said: “Better regulation is of vital importance to the future competitiveness of the EU. We are determined to make it a priority.”
See the December edition of PL&B UK for the full story and recommendations on amendments to the Data Protection Directive.
2. European regulators back short privacy notices
The EU Data Protection Working Party (an advisory body to the European Commission) has published a report backing the use of ‘short privacy notices’ as a method for more effective compliance with European data protection law.
European-based organisations that collect personal data are legally required to provide individuals with a range of information such as their identity, why the data is being collected and used, and what privacy rights the individuals have. But according to an EU-funded survey published in 2003, a significant number of organisations are failing to comply with this so-called ‘notice’ requirement. Only 46 per cent, for example, were informing individuals on the purposes for collecting and using their data, while only 37 per cent disclosed their identity.
The Working Party’s report notes that data protection/privacy notices are often lengthy, legalistic and littered with legal jargon – leaving consumers with little idea about how, or if, their privacy is being protected.
In order to promote more effective compliance, and greater consumer awareness, the Working Party has pledged support for the concept of multi-layered notices. Instead of publishing single detailed and complex policies, organisations issue short or condensed notices that provide clear and concise privacy information. These notices are then layered over the more detailed privacy policies which individuals can access for further information.
The Working Party’s report outlines the steps organisations need to take to make short notices compliant with EU data protection law. In addition, it has published a short notice template, based on a format developed by Martin Abrams at the Center for Information Policy Leadership, a privacy think tank and consultancy practice set up by law firm Hunton & Williams.
See the next edition of PL&B International for full report and analysis.
3. Home Office publishes ID card bill
On November 30th, Home Secretary David Blunkett unveiled the government’s Identity Card Bill. The bill envisages the creation of an identity card scheme, described by the government as a ‘gold standard’ for proving identity, combating ID fraud, tackling crime and illegal working.
The scheme will involve issuing cards containing biometric identifiers, which are backed up by a national ID registry. The scheme will initially be rolled out to people applying for new passports and newly arrived foreign nationals from 2008. Although not compulsory, Parliament has reserved powers to eventually make ID cards compulsory.
Commenting on the bill, David Blunkett said, “The national identity card scheme will give people confidence, convenience and security in an increasingly vital aspect of modern life – proving and protecting their identity.”
The government’s proposals have already drawn criticism from civil liberties groups, as well as the Law Society and the Information Commissioner’s Office. Key concerns have included ambiguity over the purposes of the legislation, risk of function creep and lack of access to personal data. Addressing these concerns, Blunkett said, “Safeguards to ensure protection of privacy are a critical part of the identity cards scheme. But our liberties will be strengthened, not weakened, by a universal scheme which ensures that all citizens’ identities are protected from abuse.”
Despite concerns from civil liberties groups, there still appears to be strong backing from the public. Figures from think tank Reform show that 81 per cent of the UK public are in favour of identity cards.
4. Police force accused of staff privacy breach
The Police Federation has sought a judicial review in the High Court after Devon and Cornwall Constabulary posted photographs of police officers on its website. According to a report by the BBC in November, the photos were published in order to boost the profile of local officers in the force’s Neighbourhood Beat programme. According to reports some officers and their families have suffered abuse as result of the publicity, which has led to over 100 officers refusing to give consent to their photos (classed as personal data under the Data Protection Act) being published.
5. Schools get guidance on student photos
The Information Commissioner’s Office has published guidance on the data protection implications of student photographs. The publication follows a number of media stories in which parents have been prevented from photographing their children at school events on the grounds that the Data Protection Act prevents it. The guidance attempts to dispell fears of 'bureaucracy-gone-mad', offing pragmatic advice and stressing that, “Fear of breaching the provisions of the Act should not be wrongly used to stop people taking photographs or videos.”
Aimed at local education authorities, schools and universities, the guidance discusses a range of scenarios in which the Data Protection Act may, or may not, apply, including: photographs taken by the media, by parents, or images used for promotional material, building access passes etc.
Copyright Privacy Laws & Business 2004