The House of Commons Science and Technology Select Committee has recommended that the Government introduce a criminal penalty for serious breaches of data protection.
In today’s report: The Big Data Dilemma, the Committee notes that concerns about people’s privacy and the security of their data are well founded and must be resolved by industry and the Government. The Committee has called for the Government to introduce a criminal penalty for serious data breaches and has suggested that this be introduced as soon as possible, (and not delayed by the two-year implementation period of the recent EU data protection regulation).
The Chair of Council, Professor Jonathan Montgomery, gave evidence to the Committee, which is cited several times in the Committee’s report. Professor Montgomery’s evidence drew on the Nuffield Council’s own report on biological and health data, published in February 2015. The Council recommended then that the Government should introduce criminal penalties, including imprisonment, for the deliberate misuse of data.
The House of Commons report also suggests that the Government should establish an independent ‘Council of Data Ethics’ as a means of addressing the growing legal and ethical challenges associated with balancing privacy, anonymisation, security and public benefit. This is consistent with the Council’s recommendation that there is a need for independent deliberation resulting in published advice about how data should be used in major data initiatives.
The Council’s 2015 report concludes that public participation should be at the centre of data projects, noting that public trust in data initiatives must be founded on trustworthy, responsible governance of the data.
Dr Peter Mills, Assistant Director of the Nuffield Council, said:
“This is an important and timely report, and we support the recommendation for a new offence of data misuse, and the call for a Council on Data Ethics.”
“People understandably have concerns about their privacy. If we don’t get the Governance of data right, we risk losing public trust in research, and ultimately missing out on the benefits that research can bring. Decisions about how data are used, by whom and for what purposes, must take proper account of social norms, individual freedoms and professional responsibilities. Consent procedures have a part to play, but given the complex and indefinite potential of big data, consent alone cannot do the whole job of determining what is morally responsible use of data – we need more adaptive Governance mechanisms. We welcome the calls in today’s report for immediate actions to ensure that privacy and security concerns surrounding the use of data are being better addressed and we look forward to the Government’s response.”