'We need to question the assumption that the imperative to share personal data can only be thought of in terms of catering to the needs of society rather than safeguarding the privacy or confidentiality of the individual,' said Professor Charles Raab, University of Edinburgh, the first of three speakers at a recent BCS Thought Leadership event in London.

'Polarising public interests in such a way is to miss the importance to society itself of securing the personal liberties or rights of the individuals who comprise it. Those who stand up for the individual's rights are often looked at negatively as merely selfish by those in power. Therefore, it is important to develop a theory of privacy that acknowledges privacy's importance to society as well as to the individual.'

Professor Raab was joined by Keith Gordon, author of BCS publication: 'Principles of Data Management: Facilitating Information Sharing' and Dr Chris Hanvey, UK director of operations, Barnardo's.


More depth of understanding surrounding the concepts of privacy, confidentiality and anonymity is required. Privacy is an extremely complex concept set within a culture, with different meanings and understandings changing according to contexts. Information sharing has a lot to do with context of use and relationships, and crosses private/public boundaries which are difficult to pin down. There is currently a naivety of use and context, and to address this issue the concepts and language of privacy need unravelling.

Under the Data Protection Act a person has to demonstrate if they have been subjected to unwarranted distress/damages through their data’s exposure in order to claim any sort of compensation. In the private sector, business is encouraged to foster trust between itself and its customers because it's good for business. It is more difficult to regain trust than to initially gain it. Hence, business appears to be making more effort to secure data sharing than the public services.

Principles such as 'proportionality' and 'need to know' are extremely important, yet hard to interpret, and there don't appear to be any formal mechanisms on how to interpret these concepts.

Control of data

Our personal data doesn't belong to us anymore it would seem. For example, our date of birth has now become public knowledge. However, individuals should be able to control their own data and record anything as long as it's not used for fraudulent purposes. The situation in the UK at present is one in which the state has control of an individual's data, rather than the individual having control. This seems to be the wrong way around.

It was felt informed consent was important, which should include children, although how this could be managed was not clear. It was noted that there are cultural/age differences in an individual’s handling of personal data. For example younger people, in particular, have little fear of giving away their personal information, via social network sites, although many are 'streetwise'. In fact some have voiced concern about too much stricture.

People of all ages actually like adopting multiple identities, for a variety of reasons, none of which may be to use them for serious crime, fraud or mischief. Having said that, many are naïve about the potential consequences of revealing personal data online and more could be done to improve general awareness of the fact that the data they've 'handed over' is likely to be publicly available to haunt them at a later date, or under different circumstances (e.g. in their careers).

The problem of data control is invariably a human one with lazy data sharing and sloppiness from individuals who should possibly know better. The data protection legislation here doesn't go far enough - for example, there is no requirement for a privacy log.

The need to share

Keith Gordon pointed out that there has always been a need for information sharing of information within and across enterprises. The question is now to achieve it in such a way that (a) the information is not distorted during the exchange and (b) that the information is held secure during the exchange.

To be of use information needs to be current, complete and accurate (or at least, sufficiently accurate for its purpose). The aim of the information system, then, should be to provide 'the right information, to the right person, at the right time' and that a focus on the system rather than the technology is paramount.

This need for information sharing is not just to achieve efficiency savings, but because technology allows rapid, real-time and remote interactions. Good information is needed to underpin this constant information exchange across all sectors. For example, in times of war information is vital to the army in maintaining supplies on the battlefield and the prevention of so-called 'friendly fire incidents'.

Citizens in their daily business would expect their bank, for example, to have information about them so that they can deal with queries more effectively and more efficiently. Patients admitted to the Accident and Emergency unit at a hospital would appreciate a doctor knowing their medical history - a lack of information in this case could prove life-threatening. This information sharing is needed regardless of whether technology is used or not - but the technology should make it feasible.

Unfortunately, the way our systems are developed today means that little, if any, attention is paid to building them so that information sharing is facilitated. Connecting two systems together is easy. Moving 1s and 0s between them is also easy. What is more difficult is ensuring that the received information is the same as the transmitted information.

IT and data sharing

Unfortunately, it is often typical for practitioners in IT not to try to find a balance between the need for security and personal privacy. And, if they did demonstrate more consideration for this balance, who would be in charge of this - human rights groups, the government, companies? If there is a tension between balancing individual liberties with social goals, what kind of resolution could be made, and would the resolution be a balance, or more accurately, a 'trade off'?

Computer specialists and IT professionals can help improve this situation by applying privacy impact assessment to everything they do. Privacy impact assessment is now a buzz term in the US and will inevitably become more prevalent over here in years to come.

The challenge in the IT industry is ensuring that the sharing of data is secure and safe guarded. Some felt that there is a need to go back and re-adopt some solid engineering principles and get rid of some of the current fads, such as the over reliance on off the shelf data information packages, agile development and XML.

Bespoke systems cost three times more than is usually budgeted for, while off the shelf products can cost up to 14 times more. Business analysts, therefore, need to take up data modelling more, to help understand the information needs of business, which include sharing data.

XML makes unambiguous data sharing harder. If systems were designed with data sharing in mind the need for ad-hoc sharing solutions (such as transfers to disks) would not arise, thus reducing the security risks. It is also likely to be technically easier to safeguard the data once it is shared than it is to share it in the first place.

An infallible system does not exist, and probably never will. There are always going to be risks, which are continually changing and evolving, hence, it's not possible to build in permanent safeguards. Planned and ongoing risk assessments are therefore essential if there is to be any kind of data security.

Unfortunately, there is always going to be a problem with internal corruption, particularly in departments where corruption is easy, such as the IT department. As long as there are people, there will be fraud. One criminologist in the group admitted that most people can't protect themselves from electronic fraud; we all just cross our fingers and hope it doesn't happen to us.

Social context

Another perspective was based on social services and information sharing, where the exchange of information can be crucial to vulnerable individuals. The focus of one presentation was on the interface that sits between the delivery of human services and IT.

It became clear that it is not the medium used for storing data that is necessarily what matters but how it is handled. The information might be in the form of paper records or in digital form, but, almost without exception, the errors occur because of the human factor. Hence, data security becomes more a question of taking account of natural human frailty.

A key example of this problem is in the field of social care for children. 80 children die each year in the UK due to neglect or abuse. Sometimes these slip through the 'net' because of problems with data sharing, or a lack of it. Electronic data sharing could reduce that statistic, although we could be deluding ourselves that that too will work.

People are ultimately responsible for the actions they take but IT makes it easier to avoid responsibility. Technology should support people policies and in a democracy it is us that should determine social policy. Ultimately, people don't experience privacy, they only experience the lack of privacy.

Some felt that issues of access to data, consent to data exchanges and the removal of data should all be governed by the moral responsibility of the individual. While others felt that stewardship of the data should be a joint responsibility between organisations and individuals.

The DNA database was discussed at length as an example of data sharing with many facets. If everybody was on the DNA database how much DNA information could / should reasonably be held to ensure the benefits while minimising the risk of misuse. Many were understandably worried about the lack of potential safeguards, wrongful use of information, and over-abstraction.

The balance of risk and reward is not one continuum but is for the individual to decide. There is a social value in privacy, therefore good guidance would be: data will not be shared unless the benefit outweighs the cost.

Of course, how these benefits and costs might be calculated, and by whom, is a moot point - as is the issue of agreement between participants. A good starting point then would be for organisations to follow the precautionary principle, and follow a policy of minimum data collection and always provide safeguards against misuse.

The role of government

The debate raised the question: can parliament be relied upon to protect the public from abuse of power and privilege? The answer was 'No'.

There is a real need for a regulation to protect the public because at the moment there is an issue of trust between the government and the public, not helped by recent data loss scandals. The government needs to be more open and ministers should not determine matters in their own areas - there needs to be a restructuring of how democracy works.

The challenge is to find out what the role of government is in the real world, a world where youngsters regularly put personal data about themselves on social networking sites, such as Facebook.

These sites should be regulated by the state, as they are in California. However, there is still an element of choice - the individual has to take responsibility for their own actions regarding putting their information up onto the site in the first place. Younger people, in particular, tend to trust the private sector more than they do the public sector, which isn't necessarily a healthy philosophy.

The governance of offshoring, particularly when it involves personal data should be more thorough, but in the private sector this is probably not possible - it could, however, be achieved in the public sector.

Some felt that we shouldn't wait for government to do anything; it should be IT professionals taking the lead on information security. Professionals should let the reason behind an application shape the way they build their frameworks.

The state won't take responsibility for everything; it has to be more on an individual basis, with people assessing their own risks. However there is a need to empower the individual to be able to do this and take control over their own information. Unfortunately, the government has removed that power.

Many felt that we can't have a situation whereby the Secretary of State draws up privacy laws, as, although the government has a duty of care to its citizens to protect their interests, it frequently fails to do just that, meaning we shouldn't allow it to have any more influence than it already does.

The government needs to start accepting responsibility for what it does or doesn't do - until then it can't be trusted with our data. The problem is that MPs often don't understand the full arguments and don't have all the relevant information, hence can't make fully reasoned decisions.

There is also a need for some form of enforcement or sanctioning when data sharing breaches are made, particularly between countries.

There was concern that we do not have privacy legislation in the UK, we have data protection legislation, which is not the same thing.  We have incoherent case law on privacy and a resulting inconsistency between case law and statute law.

The role of BCS

International laws coexist in an uneasy alliance where various countries laws require different things from their populations. This is why organisations, such as the BCS, should be promoting better professionalism within industry to bolster trust within the electronic world.

The BCS needs to make it easier for IT practitioners to make systems more secure by encouraging more thinking on the basic framework of data and privacy, and suggesting simple guidelines for codes of conduct. BCS need to work on accountable governance and look at internationalisation and the impact on data sharing in greater depth.

Final thoughts

Data security has yet to really catch up with all the other IT developments. Perhaps the industry should take that on board and learn to provide adequate security for the level of data sharing activity we're already at, instead of rushing headlong and tunnel visioned to the next big thing...

It was felt we shouldn't just be box ticking; there should be a thorough way of assessing the risks to the individual when any sharing of data is being considered. Data sharing should be taken very seriously, and proper risk assessment methodologies should reflect this. In fact, many felt it was a shame that it takes a disaster like the recent HM Customs and Revenue debacle before the subject of data sharing and security is taken seriously.

Ultimately, the value in data sharing has to reach a point where the benefits outweigh the costs. Data sharing needs to be intelligent - it's not just black and white.