Liberty claims government data-sharing deals lead to rights violations
Human rights group blasts "backroom" data-sharing between public services and Home Office for immigration control
Data-sharing agreements struck between key government departments and the Home Office are violating people's most basic rights, according to a prominent human rights organisation.
Liberty has revealed in a report the scale of "backroom" deals made between major public services, such as schools and the police, and immigration authorities that allow individuals' personal data to be shared without their consent.
The Department for Education (DfE), for instance, allows the Home Office to access school records, with Liberty's Freedom of Information (FOI) requests showing a prior agreement was recently updated to take the Data Protection Act (DPA) 2018 into account.
Other data-sharing agreements have been struck with the Department for Health and Social Care (DHSC), fraud-prevention service Cifas, the DVLA, Her Majesty's Revenue and Customs (HMRC) and the Department for Work and Pensions (DWP).
Cifas' data-sharing deal concerns access to bank records, while the agreements between the Home Office and both HMRC and DWP concern employment records and welfare benefits, including child maintenance.
In light of the findings, Liberty's advocacy director Corey Stoughton accused the government of turning key public services into "de facto border control" and said departments should build "firewalls" to restore trust in public services.
"Nobody should be too frightened to report a violent crime for fear they will be targeted and detained," he said. "No child should avoid school because they or their family might be deported.
"We must be able to trust our doctors, nurses, teachers, police officers and other public sector workers. And they must be able to do their jobs without unwittingly contributing to a 'hostile environment' that splits families, harms lives, and undermines some of our most basic values as a society."
Liberty has also launched a 'Care Don't Share' campaign to mitigate the digital arm of the government's "hostile environment" policy. This coincides with the organisation's report, which was based on year-long research, interviews, and FOI requests.
The government is able to enforce these agreements legally, Liberty says, because of a crime exemption set out in the Data Protection Act 2018, coupled with the existence of a handful of criminal offences concerning immigration.
These may include entering the UK without leaving, obtaining leave to enter or remain by deception, and avoiding immigration enforcement by deception.
The report highlighted the Metropolitan Police's 'Gangs Matrix' as a particular example of a data-sharing agreement found to have breached data protection laws. The database used to track individuals with ties to gangs didn't adequately distinguish individuals between offenders and victims, according to an ICO report published in November.
Liberty's findings also focused on a data-sharing Memorandum of Understanding (MOU) struck between the Home Office and NHS Digital, which was scrapped earlier this year following a backlash.
Opponents to the agreement argued the practice would deter people with serious conditions from seeking treatment and pose a risk to illnesses spreading in communities. The MOU was suspended in May 2018, and data-sharing was stopped from November.
Liberty argues the Home Office should destroy any information obtained from DHSC or NHS Digital under the terms of the MOU, while NHS Digital should commit to a firewall, and share data only based on a court order.
"A close look at hostile environment data-sharing does more than reveal how it facilitates human rights abuses in the context of immigration enforcement it shows that it is a wider part of a concerning trend in State use of data," the report said.
"Despite ever more frequent reference to "the rise of data-driven [insert buzzword here]", governments have always processed data. However, developments in technology make the collection, retention and linkage of large datasets much easier, and increase the scale and speed at which data can be analysed and shared between different processors."
The effect of such data-sharing, the organisation added, is to "damage the very fabric of our society" and cause harm to groups and individuals beyond those primarily targeted, such as those with settled status, and people of colour.
The group has also urged the government to amend the DPA 2018 to remove an 'immigration control' exemption that allows authorities to disregard individuals privacy rights as set out under the EU's General Data Protection Regulation (GDPR).
"We are committed to a fair and humane immigration policy which tackles illegal immigration and prevents the abuse of benefits and services," a Home Office spokesperson told IT Pro.
"Information sharing between government departments is essential, not only for tackling illegal immigration, but also for safeguarding and for public protection."