UK gov faces legal action over Test and Trace data retention

Privacy campaigners urge Matt Hancock to take "urgent responsibility" to protect peoples' data

The UK government could face legal action unless it accepts its legal responsibilities for the Test and Trace data obtained by hospitality venues.

In a letter sent to health secretary Matt Hancock, the Open Rights Group and Big Brother Watch have urged the government to commit to ensuring the safety of data provided by customers of venues such as pubs, bars, restaurants, cafes, and workplace canteens.

The two privacy rights organisations have instructed data rights agency AWO to send a pre-action letter following multiple reports of businesses misusing the data collected as part of the Test and Trace scheme, such as for marketing purposes and harassment.

Earlier this month, the Information Commissioner’s Office (ICO) confirmed it had contacted 15 companies that provide contact-tracing services to hospitality venues in order to assess their approach to data protection responsibilities. This came after The Times found that the personal details of pub and restaurant customers had been allegedly harvested and sold without their consent.

An ICO spokesperson confirmed that “collecting personal details for customer logs must not be a way to develop vast marketing databases by the backdoor”.

Personal details of pub customers had also been used for harassment, with some women reporting that they had been contacted by venue employees who had obtained their details through the Test and Trace scheme.

Big Brother Watch director Silkie Carlo said that the organisation has “already had to act for young women who have been harassed by bar staff after their contact details were not safely kept”.

“It was purely magical thinking for the health secretary to believe that such extreme requirements, unmatched by the proper legal safeguards, would not put many people at risk. He must take urgent responsibility,” she said, adding that “denying his proper legal responsibility puts an unfair burden on small businesses who are already struggling to survive”.

Jim Killock, executive director of the Open Rights Group, said that the government is failing in its most basic and fundamental duty of care for its citizens”. 

“We’ve long argued that we won’t be able to defeat a global pandemic without building and maintaining public trust in Government’s public health measures. The Government’s refusal to ensure its Test and Trace programme protects people’s data further erodes trust in arguably the most important tool in preventing a second wave of coronavirus infections.

"This is extremely concerning as we’re about to experience a possible second wave of infections across the country during the winter months,” he added.

A DHSC spokesperson told IT Pro that Test and Trace “is committed to the highest ethical and data governance standards and there is no evidence of data being used unlawfully”.

“It is vital we do all we can to control the spread of the virus. Businesses have already stepped up to ensure they are supporting the NHS Test and Trace effort – it is essential that they keep contact logs and display NHS QR codes so there is consistency across the country and the public can seamlessly provide their details,” a spokesperson said.

They added that although DHSC cannot comment on ongoing or potential legal proceedings, it has been in contact with the Open Rights Group. 

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

Four tips for keeping your business secure during mass remote work
data protection

Four tips for keeping your business secure during mass remote work

19 Feb 2021
Cost of a data breach report 2020
Whitepaper

Cost of a data breach report 2020

2 Feb 2021
10 ways to protect your company from the next big data breach
data breaches

10 ways to protect your company from the next big data breach

28 Jan 2021
Misconfigured Git servers lead to Nissan data leak
hacking

Misconfigured Git servers lead to Nissan data leak

7 Jan 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
Npower shuts down app after hackers steal user data
hacking

Npower shuts down app after hackers steal user data

25 Feb 2021
New monitors for an agile new normal
Sponsored

New monitors for an agile new normal

19 Feb 2021