In 2011 the Information Commissioner’s Office published its first Data Sharing Code; in the intervening period the type and amount of data collected by organisations has changed enormously, as has the technology used to store and share it, and even the purposes for which it is used, writes Rachel Waller, one of our Data Protection law specialists.
The Data Sharing Code of Practice will lay before Parliament for 40 sitting days from 18 May 2021, before coming into force. To read the ICO’s statement in full and for a link to the new Code.
The ICO says that its new Data Sharing Code of Practice aims to, “give businesses and organisations the confidence to share data in a fair, safe and transparent way”. It also, “dispels many of the remaining myths about data sharing.”
Data is one of modern society’s greatest assets. Ready access to information and knowledge, including about individual citizens, can lead to many economic and social benefits, including greater growth, technological innovations and the delivery of more efficient and targeted services.
Proportionate, targeted data sharing delivered at pace between organisations in the public, private and voluntary sectors has been crucial to supporting and protecting the most vulnerable during the response to the COVID-19 pandemic. Be it through the shielding programme for vulnerable people, or sharing of health data in the Test and Trace system. On a local and national level, data sharing has been pivotal to fast, efficient and effective delivery of pandemic responses.
Elizabeth Denham CBE, the Information Commissioner, says in her Foreword to the Code, “Utilising the data we collectively hold and allowing it to be maximised properly will have economic benefits. Data sharing that engenders trust in how personal data is being used is a driver of innovation, competition, economic growth and greater choice for consumers and citizens. This is also true in the sphere of public service delivery where efficient sharing of data can improve insights, outcomes and increase options for recipients.
“This Code demonstrates that the legal framework is an enabler to responsible data sharing and busts some of the myths that currently exist. But we cannot pretend that a code of practice is a panacea to solve all the challenges for data sharing. Or that targeted ICO engagement and advice will solve everything. There are other barriers to data sharing, including cultural, technical and organisational factors. Overcoming these will require more than just the ICO; it will require a collective effort from practitioners, government and the regulator.”
As Ms Denham suggests, concerns remain that data can also be used for more unscrupulous purposes, which individuals would need to have addressed and, once it comes into force, it will remain to be seen how far the code will succeed in protecting the rights of individuals, and how far companies will adhere to it in any event. Regrettably, given the power and value of data, misuse of it will remain likely.
If you feel that your privacy rights have been breached, if someone has alleged that you have breached their rights, or if you are otherwise struggling to comply with your obligations, please contact Rachel Waller (with respect to general breaches) or Michael Kashis (with respect to reviewing commercial contracts to ensure compliance of Data Processor and Data Controller obligations under GDPR).
For more general property dispute matters, please contact our expert Litigation and Dispute Resolution team on commercial@bishopandsewell.co.uk or call them on 020 7631 4141.
The above is accurate as at 11 June 2021. The information above may be subject to change during these ever-changing times.
The content of this note should not be considered legal advice and each matter should be considered on a case-by-case basis.