Regulation of personal data in the Covid era

11 May 2020

Right now, as you read this, there is a debate going on in the information and data regulation world.
In the blue corner we have the rights of individuals to have their data protected. In the red corner is Covid 19 and the demands of governments to test and monitor the populations of their nation states.
So you can see, the problem is a simple one to define. It is less simple to answer.
At the heart of the storm is the Information Commissioner’s Office. On the one hand, Liberty and the campaign groups championing civil liberties. On the other hand are those seeking to use data monitoring as a means of getting UK PLC back on her feet.
Elizabeth Denham CBE is the current Information Commissioner and she is highly respected in the field. To her it falls to hold the ring between the blue and red corners. From the outset she has sought to strike a pragmatic and proportionate regulator. One of the means of defeating C19 is to use Apps and monitoring  of data.  
With this in mind, the ICO has set out some basic principles:
  • Continuing to recognise the rights of individuals.
  • Focussing on the most serious threats to the public
  • Providing ‘front line organisations’ advice on data regulations.
  • Cracking down on those seeking to take advantage of the current emergency 
One of the more important jobs for the ICO will be to give rapid guidance to public authorities on the suitability of Apps currently under development or being tested (in the Isle of Wight) and the safeguards in those Apps. At the risk of being frivolous, there are reported cases of Apps in other countries, leading to the discovery of extra marital affairs. All rather awkward, I think you will agree. More seriously are the problems we have so often seen in the past few years of data misuse and security.
More prosaically, the ICO has sent out a clear message on their day to day business: if data processors and controllers make innocent mistakes because of staff shortages or changes in working practice caused by C19 and make a clean breast of it, they will be treated reasonably and pragmatically. If they seek to cover up, they will be treated less reasonably. If they behaved cynically and tried to take advantage of the C19 emergency, will be treated harshly.

The ICO will have been consulted in respect of the geo spatial and geo location Apps currently being tested in the isle of Wight. The App, developed by NHSX (the IT arm of the NHS) uses Bluetooth. The Bluetooth pings continuously in the phone in which it is downloaded. It stores  anonymised identifiers from other phones in which the App is installed. So, if I am infected, the app will have a record of every phone it has come within range of. These phones (and their owners) can then be messaged.
Now, the NHSX team have opted for a ‘centralised system’. A centralised approach means that data and messages are uploaded to and from a central server within the NHS. This differs somewhat from the Apple and Google’s system. In their case, there is no uploading or downloading or messaging from a central server. The messages are sent direct between phones. The problem here though is simply this - leaving aside the need to identify clusters and allocate resources or implement measures/ warnings accordingly- do you trust Apple or Google anymore than you trust the NHS? Ticklish, isn’t it?
In this writer’s view, people are dying, the economy is crashing, the physical and mental health of the nation are under pressure. The NHS centralised system uses anonymised identifiers. The data will be erased when it is no longer needed. The data collected in the meantime will be used to mitigate risk and save lives, and to model future outbreaks. Data is a tool in this struggle and for the future. Safeguards are in place. Insofar as there are risks to civil liberties, these may have to take a back seat for a while.

Further reading

Good Divorce Week - divorce and financial matters FAQs

In recognition of 'Good Divorce Week', we answer some frequently asked questions relating to divorce and financial matters
Read more Read

Choosing the right Family lawyer for you

DMH Stallard’s Family law experts, Natasha Slabas and Samantha Jago, talk to John Young about how we can help you if you are struggling with a legal issue and looking for a lawyer
Read more Read

The trials and tribulations of extortionate credit transactions

Frank Bouette explains the Court considerations when deciding whether a credit transaction should be set aside as extortionate
Read more Read

When does a director owe a primary duty to creditors?

The Supreme Court recently confirmed when a director’s duty to creditors comes into effect, if their company is in the ‘twilight’ zone of potential insolvency
Read more Read
  • Brighton - Jubilee St

    1 Jubilee Street


    East Sussex

    BN1 1GE

  • Brighton - Old Steine

    47 Old Steine


    East Sussex

    BN1 1NW

  • Gatwick

    Griffin House

    135 High Street


    West Sussex

    RH10 1DQ

  • Guildford

    Wonersh House

    The Guildway

    Old Portsmouth Road



    GU3 1LR

  • Hassocks

    32 Keymer Road


    West Sussex

    BN6 8AL

  • Horsham

    Ridgeland House

    15 Carfax


    West Sussex

    RH12 1DY

  • London

    6 New Street Square

    New Fetter Lane


    EC4A 3BF

  • Make an enquiry

    Make an enquiry


    Or head to our Contact us page