Digital activists sound the alarm over UK's 'coronavirus datastore' plans

A dozen groups including Liberty and medConfidential have written to Matt Hancock demanding answers

A broad coalition of privacy and digital rights activists have demanded answers to pertinent questions regarding the government's plans to build a COVID-19 datastore, in partnership with several major tech giants.

NHSX revealed plans in March to aggregate thousands of data points into a unified dataset in order to monitor and fight the spread of COVID-19 across the UK. The project would involve consolidating information to help decision-makers gain more visibility into the state of the virus, and how successful the response may be.

The datastore, which is being developed in partnership with Amazon Web Services (AWS), Microsoft, Google, AI firm Faculty, and Palantir, would be managed by NHSX. Moreover, in light of data protection concerns, the Department for Health and Social Care (DHSC) originally pledged that data will either be destroyed or returned in line with the law once the public health emergency has ended. 

Anxieties have swelled, however, over reports that the companies involved would be well-positioned to continue providing services based on a very similar model once the coronavirus pandemic has regressed. A report in the New Statesman, for example, suggested the project is likely to outlive COVID-19.

In light of these concerns, a dozen organisations and a string of individuals, including campaigners from openDemocracy, the Open Rights Group, medConfidential and Liberty, have penned a letter addressed to health secretary Matt Hancock

In it, the signatories urge the NHS to provide the public with more information, as well as take measures to reduce the risk of data sharing and keep the aggregated data under “democratic control”.

The letter cites a report in the Guardian suggesting the companies involved are processing large volumes of confidential patient data in a data-mining operation. One NHS document, for example, suggested Faculty had considered using the data to run a simulation to assess the impact of “targeted herd immunity”, although the company denies any such simulation took place.

“Emergencies require rapid responses, but these responses should also be appropriate, lawful and just,” the letter reads. “It’s unlikely that the NHS’s current plan to build a large-scale Covid-19 datastore meets those principles. 

“We understand the need for better health information, but maintain that the public should be consulted throughout the development of the datastore and be able to obtain adequate information about the data-sharing agreements in place.”

Points the letter requests clarification on include what problems the NHS aims to solve by building a datastore, how it's being financed, whether the NHS has considered any tradeoffs, and which agreements are in place with private partners.

The letter also wants the government to reveal who is conducting risk assessments, which specific data points each partner will have access to, and to what extent data access by partners will be audited.

Answers to the questions being put forward are fundamental to maintaining public trust in the NHS and to help keep high-risk personal data safe, the signatories added. 

Questions of data protection and privacy have arisen not just in the development of the datastore, but in the development of a contact-tracing app. The COVID-19 app, which is due to be released over the coming weeks, is thought to be key to easing lockdown measures. 

The centralised model pursued by the UK government, however, has raised concerns over whether gathering data into a single hub may lead to violations of privacy and data protection principles. As a result, the NHS has even reportedly begun work on a second NHS app, which follows a decentralised model based on an API developed by Google and Apple.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

The IT Pro Podcast: What COVID-19 can teach us about open data
Data & insights

The IT Pro Podcast: What COVID-19 can teach us about open data

30 Oct 2020
The future tech helping battle the pandemic
Technology

The future tech helping battle the pandemic

20 Oct 2020
Transforming training with virtual reality
Careers & training

Transforming training with virtual reality

20 Oct 2020
Webhose and Signal Corp boost data breach detection
Security

Webhose and Signal Corp boost data breach detection

7 Oct 2020

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020
What is Neuralink?
Technology

What is Neuralink?

24 Oct 2020