PL&B UK E-news, Issue 81

1. New code on data sharing

The Code of Practice on Data Sharing for the Prevention of Fraud, presented to Parliament on 6 October, makes recommendations about sharing data between the public and the private sectors. It applies to public authorities disclosing information to a specified anti-fraud organisation under sections 68 to 72 of the Serious Crime Act 2007.

Public authorities should prepare an agreed information sharing document with a specified anti-fraud organisation setting out mutually agreed standards on areas such as the use, handling and security of information. The document should incorporate the requirements of this new Code of Practice and follow the Information Commissioner’s Office’s (ICO) information sharing framework code.

The Information Commissioner welcomed the Home Office’s commitment to make any organisation participating in these information sharing arrangements subject to audit by the ICO.

At present there are six specified anti-fraud organisations:

• Experian Limited;
• Insurance Fraud Investigators Group;
• N Hunter Limited:
• The Insurance Fraud Bureau; and
• The Telecommunications United Kingdom Fraud Forum Limited.

The code, “Data sharing for the prevention of fraud’, is not yet available on the Home Office website, but can be seen here.

2. Inquiry into security breach of Atos-run government site

The recent loss of a memory stick with user names and passwords for the Government Gateway system resulted in ministers ordering an emergency shutdown of the website, and an inquiry into the incident. Subcontractor, Atos Origin, which lost the stick, said there had been a "direct breach" of its procedures.

A spokesman for the Information Commissioner's Office (ICO) said on 3 November:
"The Information Commissioner, Richard Thomas, was notified of this incident on Saturday by the Government. He is now awaiting the results of ongoing investigations to establish the facts and the nature and extent of any risk to individuals. The Information Commissioner expects the Government to take appropriate damage limitation steps as its first priority."

Read more about this issue in December’s PL&B UK Newsletter.

3. House of Lords does not agree with retention of DNA and fingerprints

The Lords accepted the opposition amendment to the Counter-Terrorism Bill 2008 which will provide some transparency for innocent people and create a process to apply to have their DNA and fingerprints removed from the national databases.

The amendment, approved on 4 November, says that ‘the Secretary of State shall by regulations publish national guidelines for governmental agencies establishing:

(a) a procedure by which a person can request a statement of what information relating to fingerprints and samples is held on them or on a dependent;
(b) a procedure by which a person can request that such information held on them or a dependent is destroyed
(c) the circumstances in which a request under paragraph (b) may be refused.'

4. Have your say about DP in CBI survey

The Confederation of British Industry is surveying business people's perceptions and experiences of data protection legislation. You still have time to put your views across – the survey closes 24 November 2008.

The survey seeks views of UK businesses on how data protection legislation impacts upon their ability to develop new products, services and approaches. However, it does not only ask about your opinion about UK legislation but data protection legislation in EU Member and EFTA States as well. The findings of this survey will be taken into account in the review of the European Data Protection Directive, research which ICO has commissioned to be completed by April 2009.

The survey can be accessed here

5. What are your top three priorities for the year ahead?

We would like to get a clear picture of what UK DP managers regard as the most pressing data protection issues, so that we can make sure these topics are covered in the PL&B newsletters, workshops and conferences.

Send us your top three data protection priorities by e-mail to

For further details on the Privacy Laws & Business UK Newsletter, please click here.

Copyright Privacy Laws & Business 2008