Your browser is no longer supported

For the best possible experience using our website we recommend you upgrade to a newer version or another browser.

Your browser appears to have cookies disabled. For the best experience of this website, please enable cookies in your browser

We'll assume we have your consent to use cookies, for example so you won't need to log in each time you visit our site.
Learn more

DEBATE ON USE OF PERSONAL INFORMATION IN PUBLIC REGISTERS

  • Comment
The data protection commissioner has published a report on the ...
The data protection commissioner has published a report on the

'Availability and use of Personal Information in Public Registers'.

The Report sets out the extent to which information about individuals

is made widely available through public registers. It is intended to

inform the debate on how far access to and use of such details should

be restricted. Public registers include the electoral roll but the

report looks more widely; in particular at financial and business

registers such as the Register of Members (shareholder register).

Professor Charles Oppenheim and Dr J. Eric Davies of the department

of information science at Loughborough University are the authors of

the report. A summary of their findings is attached.

In welcoming the report Elizabeth France, data protection

commissioner said, 'Modern technology has changed the nature of

public registers. The privacy protection the public gained from the

length, format and inaccessibility of many registers has been eroded.

We need to know what information is available about whom and how it

is being used so we can decide whether new measures are needed to

protect individuals. This report starts the ball rolling'.

The Representation of the People Bill is currently before parliament.

This provides for significant change in the way the electoral

register is compiled and used. Publication of the report is therefore

opportune. Its findings support the proposal that individuals should

be able to opt-out of having their details included on copies of the

register that are sold commercially. The full register would still

be available for law enforcement related purposes.

Ms France said: 'The Representation of the People Bill is a welcome step forward. The present position whereby individuals, on penalty of a criminal conviction, have to supply their details to the electoral

registration office who is then obliged to sell them to anyone who

wants them for whatever purpose is unsustainable. Although industry

has lobbied to retain the present system, change is long overdue. The

proposals in the Bill strike the correct balance between individuals'

privacy and commercial interests. I look forward to them becoming

law'.

EXECUTIVE SUMMARY - Public Registers

Study of the Availability and Use of Personal Information in Public

Registers: Final Report to the Office of the Data Protection

Registrar by J.E. Davies and C. Oppenheim. Loughborough University:

Department of Information Science

The Report documents a comprehensive overview of the availability and

use of personal information in public registers, which was undertaken

for the Office of the Data Protection Registrar in 1999.

The study relates to concerns regarding the possible abuse of

personal information that can readily be found in 'public registers'

or lists that are required to be made available to the public under

statute or regulation. Examples of such possible abuse range from a

recent murder case where the victim was allegedly identified as a

'target' by the murderer by means of the Electoral Register (which

shows details of people living alone) to directors of pharmaceutical

companies being targeted by animal rights activists.

The limited amount of published research that was available on public

registers was studied. The published literature covered three broad

themes. Firstly, there were guides to obtaining personal information

in which public registers were often recommended and even the

potential dangers of such lists were sometimes mentioned. Secondly,

some material on specific public registers such as the voters' list,

lists of company secretaries and directors, and shareholders'

registers drew attention, with examples, to the way in which they

could be misused and the risks that were involved. There was however

the recognition that the public interest was served by the

availability of information. Finally, some material originating from

the United States and New Zealand relating to issues of open

government and freedom of information included consideration of

public register information and how it might be used and misused. The

publication, availability and right of access to government

publications and information, without appropriate safeguards, brought

with it the risk that a profile on an individual might be

constructed, or data on individuals could be pieced together to

convey extensive insights into households. In all these examples it

should be stressed that the volume of published material containing

criticisms and real examples of misuse was relatively low.

The major part of the study entailed a detailed scrutiny of a wide

range of public registers. There are many public registers and they

vary greatly in terms of size, sensitivity and enabling legislation.

The study identified the many different kinds of public register in

existence and the Statute(s) under which they were created and

maintained. They ranged from The Annual Returns of Companies through

The Disqualified Directors Register and The Register of County Court

Judgements to The Register of Veterinary Surgeons. The scale of

public registers, the nature of the information held within them, and

the use to which they were put (often in addition to their intended

function) were established. Two types of register in particular were

given detailed attention because of their size and importance; these

were the Electoral Register, or voters' list, and the Register of

Members or shareholders lists.

First hand information was gathered through discussions with various

interested parties who either managed, or controlled registers, or

used the information in them. Information, both factual and

subjective, was gathered from a selection of controllers of registers

through telephone interviews. The basic information acquired

included:

- how is the list compiled?

- what is in it?

- how is it made available?

- how is it distributed?

- how is it used?

- by whom is it used?

- how 'sensitive' is it?

Other information was received through unsolicited communications

from interested parties who use data from Registers whether as

individuals, or as representatives of trade associations and other

groups. In some cases, meetings were held with representatives or

individuals, and these sometimes extended to in-depth interviews.

Detailed information was received from:

- Lloyds TSB Registrars

- Direct Marketing Association UK Ltd.

- Ex Police Officers in Industry and Commerce, [E.P.I.C.]

- Consumer Credit Trade Association, [CCTA]

- Institute of Professional Investigators.

Preliminary findings suggested that the issue of public registers

gives rise to a not inconsiderable amount of controversy in some

quarters. There was evidence of some polarisation between those who

seek freedom to use openly [and legally] available personal data for

their professional business and those who see pitfalls in unfettered

application of register data for functions other than that for which

the contents of registers are primarily produced. The primary concern

came from those users of the public Registers who employ the

information to track down fraud and other illegal activities.

Considerable anxiety was expressed by these 'stakeholders' that

restrictions on access could hamper or disable such tracking.

A good deal of support was found for a scheme of licensing or

registering organisations for permission to use major public

registers. Such organisations would have to agree to abide by

certain principles and practices imposed by the regulating body as

well as, of course, abiding by the Data Protection Principles.

Some aspects regarding the open availability for consultation and

purchase of the Electoral Roll were of particular concern especially

as there is a statutory obligation for those eligible to vote to be

included in it. People living alone and those who are fugitives from

domestic violence were but two examples where it might not always be

prudent to make information entirely open. The very positive

recommendations for protecting privacy whilst maintaining

enfranchisement, from the Home Office Working Party on Electoral

Procedures, were identified as a basis for a useful approach to these

issues.

Appendices to the Report contain; a list of relevant references, text

of the Privacy Principles and other related sections of the New

Zealand Privacy Act and templates containing the questions for

interview data gathering.

The Data Protection Act works in two ways, giving individuals rights

about the way their information is used and ensuring those who use it

have corresponding obligations. It also gives the Commissioner a key

role in promoting good practice.

The 1998 Act replaces the 1984 Data Protection Act. Its scope is much

broader than that of the earlier Act. The definition of processing

shows this clearly. Almost any activity involving personal data is

covered by its provisions. It also extends to some paper records

requirements which previously applied only to information held on

computer.

While the implementation date is later than had been expected

Elizabeth France said: 'I am pleased to welcome the implementation of the 1998 Data Protection Act. Some of the statutory instruments necessary to make it work are complex and the home office was right to allow time for detailed discussion of their proposals. We look forward now to promoting wide spread understanding of the provisions.'

The Data Protection Commissioner added: 'Although the Act has been

brought into effect 18 months later than expected data controllers

must understand that there will be no corresponding slippage in the

date when transitional relief will cease. They will still have to

comply fully with the 1998 Act from October 2001 for most of their

processing. They should use this time to review the way they handle

personal data so that they are ready to meet their new obligations.'

  • Comment

Have your say

You must sign in to make a comment

Please remember that the submission of any material is governed by our Terms and Conditions and by submitting material you confirm your agreement to these Terms and Conditions.

Links may be included in your comments but HTML is not permitted.