Liberal Democrats back plans to safeguard personal freedom and privacy

12.01.00am BST (GMT +0100) Wed 17th Sep 2008

The Liberal Democrat Autumn Conference today passed plans to safeguard personal liberty and privacy in the face of unprecedented collection of personal data by central Government, and a number of large-scale failures of data protection.

Commenting, Liberal Democrat Shadow Scotland Secretary, Michael Moore said:

“With an increasingly authoritarian UK Government bent on building up ever-larger amounts of personal information, the protection of individual freedom and privacy has never been such an important cause.

“These proposals will ensure that there is a much higher level of protection for people’s personal data.

“Along with the rest of the UK, Scotland has seen shocking lapses in data protection in recent months. These have been presided over by a centralising SNP Government which has done too little to ensure people’s privacy is protected.

“The SNP must promise that any ID cards brought in by the UK Government will not be required to access any of the public services under Holyrood’s control.

“Unless they can maintain this pledge, championed by the Liberal Democrats in government in Scotland, their talk of civil liberties and data protection is little more than empty rhetoric.”

The motion passed by conference follows:

Conference notes:

A. The collection of personal data by central government and the police forces on an unprecedented scale, including:

i) Large e-Governance projects (such as the Spine NHS central database and ContactPoint).

ii) The National DNA Database (NDNAD), the largest such database in the world, and the National Fingerprint Database.

iii) The implementation of the identity cards scheme.

iv) The use of closed-circuit television (CCTV) cameras.

B. The demonstrable failure of the Government to keep these data securely, and in particular the loss of computer disks with sensitive data concerning 25 million child benefit claimants by HM Revenue and Customs in 2007.

C. The enforcement difficulties faced by the Information Commissioner’s Office in terms of:

i) The powers available to ensure compliance with the Data Protection Act.

ii) The financial resources available.

D. Those held on the NDNAD in perpetuity include:

i) Those arrested on suspicion of (not convicted or charged with) a criminal offence which may be as minor as dropping litter.

ii) Over 300,000 children, including records for those under 10 years of age.

iii) Disproportionate numbers of children from black and other ethnic minorities.

Therefore, conference confirms:

I. Its belief in the primacy of the right to privacy and informational self-autonomy, and the pivotal relationship between that right and the freedom and liberty of the individual.

II. That while every step must be taken to detect crime and bring criminals to justice, in doing so the state must have sufficient regard for the individual right to privacy; any infringement of that right must be objectively justified and demonstrably proportionate to the benefits accrued to society at large.

III. Its belief in the importance of the proportionate, responsible and secure use of new technologies, including centralised databases, for the effective management of public services, the fight against crime and research in the public interest.

IV. Its confidence in the Information Commissioner’s Office as the critical component for the maintenance and enforcement of such a regime.

Conference therefore calls for:

1. Implementing the principle of consent: fully informing data subjects of any option to opt out of government databases and making participation rather than obligation the bedrock of future e-Government projects; this would include giving the right of those not convicted of any crime (except a violent or sexual offence) to have their data removed from the NDNAD.

2. Implementing the principle of respect: strengthening the Data Protection Act to ensure compliance with good data protection practice, including but not limited to:

a) Extensive civil penalties for serious breaches of data security.

b) Enhanced criminal offences for the negligent and reckless abuse of personal information.

c) The power to conduct spot checks on private companies, as well as public bodies.

d) Extending the definition of ‘personal data’ under the Act.

3. The provision of adequate funding for the Information Commissioner for the better maintenance of these two principles by abolishing the flat-rate charge currently levied against all data controllers irrespective of their size, profits and the amount of data held.

4. The immediate removal from the NDNAD of all DNA samples taken from children under 16, bar those convicted of either a violent or sexual offence.

5. The immediate amendment of legislation so as to provide that no profiles of children under the age of 16 may be stored on the NDNAD unless they have been convicted of a violent or sexual offence.