UK gov faces legal action over Test and Trace data retention

Privacy campaigners urge Matt Hancock to take "urgent responsibility" to protect peoples' data

The UK government could face legal action unless it accepts its legal responsibilities for the Test and Trace data obtained by hospitality venues.

In a letter sent to health secretary Matt Hancock, the Open Rights Group and Big Brother Watch have urged the government to commit to ensuring the safety of data provided by customers of venues such as pubs, bars, restaurants, cafes, and workplace canteens.

The two privacy rights organisations have instructed data rights agency AWO to send a pre-action letter following multiple reports of businesses misusing the data collected as part of the Test and Trace scheme, such as for marketing purposes and harassment.

Earlier this month, the Information Commissioner’s Office (ICO) confirmed it had contacted 15 companies that provide contact-tracing services to hospitality venues in order to assess their approach to data protection responsibilities. This came after The Times found that the personal details of pub and restaurant customers had been allegedly harvested and sold without their consent.

An ICO spokesperson confirmed that “collecting personal details for customer logs must not be a way to develop vast marketing databases by the backdoor”.

Personal details of pub customers had also been used for harassment, with some women reporting that they had been contacted by venue employees who had obtained their details through the Test and Trace scheme.

Big Brother Watch director Silkie Carlo said that the organisation has “already had to act for young women who have been harassed by bar staff after their contact details were not safely kept”.

“It was purely magical thinking for the health secretary to believe that such extreme requirements, unmatched by the proper legal safeguards, would not put many people at risk. He must take urgent responsibility,” she said, adding that “denying his proper legal responsibility puts an unfair burden on small businesses who are already struggling to survive”.

Jim Killock, executive director of the Open Rights Group, said that the government is failing in its most basic and fundamental duty of care for its citizens”. 

“We’ve long argued that we won’t be able to defeat a global pandemic without building and maintaining public trust in Government’s public health measures. The Government’s refusal to ensure its Test and Trace programme protects people’s data further erodes trust in arguably the most important tool in preventing a second wave of coronavirus infections.

"This is extremely concerning as we’re about to experience a possible second wave of infections across the country during the winter months,” he added.

A DHSC spokesperson told IT Pro that Test and Trace “is committed to the highest ethical and data governance standards and there is no evidence of data being used unlawfully”.

“It is vital we do all we can to control the spread of the virus. Businesses have already stepped up to ensure they are supporting the NHS Test and Trace effort – it is essential that they keep contact logs and display NHS QR codes so there is consistency across the country and the public can seamlessly provide their details,” a spokesperson said.

They added that although DHSC cannot comment on ongoing or potential legal proceedings, it has been in contact with the Open Rights Group. 

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

Four tips for keeping your business secure during mass remote work
data protection

Four tips for keeping your business secure during mass remote work

19 Feb 2021
Cost of a data breach report 2020
Whitepaper

Cost of a data breach report 2020

2 Feb 2021
10 ways to protect your company from the next big data breach
data breaches

10 ways to protect your company from the next big data breach

28 Jan 2021
Misconfigured Git servers lead to Nissan data leak
hacking

Misconfigured Git servers lead to Nissan data leak

7 Jan 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021