England's Test and Trace Programme 'Breaks GDPR'

upnorth

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Content source
https://www.bbc.com/news/technology-53466471
The Department of Health has conceded that the initiative to trace contacts of people infected with Covid-19 was launched without carrying out an assessment of its impact on privacy.

The Open Rights Group (ORG) says the admission means the initiative has been unlawful since it began on 28 May. It involves people being asked to share sensitive personal information. This can include:
  • their name, date of birth and postcode
  • who they live with
  • places they recently visited
  • names and contact details of people they have recently been in close contact with, including sexual partners.
The Department of Health and Social Care says there was no evidence of data being used in an unlawful way. ORG had threatened to go to court to force the government to conduct a data protection impact assessment (DPIA) - a requirement under the General Data Protection Regulation (GDPR) for projects that process personal data. A letter from the Department of Health to the group confirmed that a DPIA was a legal requirement and had not been obtained.

ORG's executive director, Jim Killock, said the government had been "reckless" in ignoring this legally-required safety step and had endangered public health. "A crucial element in the fight against the pandemic is mutual trust between the public and the government, which is undermined by their operating the programme without basic privacy safeguards," he added.
Click to expand...
www.bbc.com

Coronavirus: England's test and trace programme 'breaks GDPR data law'

The government has acknowledged the initiative was launched without a data privacy assessment.
www.bbc.com www.bbc.com
 
  • Like
  • Wow
Reactions: CyberTech, CyberPanther, Antus67 and 5 others
Brahman

Brahman

Level 17
Verified
Top Poster
Well-known
Aug 22, 2013
813
GDPR is EU regulation right? If it is, does UK needs to comply with it after Brexit? I think only UK companies continuing to do business with the EU after Brexit will need to comply with the Regulation to avoid infringements and The Department of Health and Social Care won't be counted in that as it is only an internal department/organisation.
 
  • Like
Reactions: Gandalf_The_Grey
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Welcome to backwards Country.

By the time they release any official app for the UK, it will be 2022 and wasted £12 billion on the "development".
 
  • Like
Reactions: Gandalf_The_Grey and Cortex
upnorth

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
the regulator added that, while it recognised the urgency in rolling out the programme, if the public were to have confidence in handing over their data and that of their friends, "people need to understand how their data will be safeguarded and how it will be used".
Click to expand...
Slurping up data of anyone anywhere even without consent, is absolutely something that must be more and better restricted and regulated. The ORG previously won against the UK government, as mentioned in the article.
 
  • Like
Reactions: Gandalf_The_Grey and Cortex
Cortex

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
The problem with an app if it ever gets done is few people (me too) I know would install it, lack of trust being the main one as this latest revelation shows - One work colleague pointed out issues if he was having some sort of an assignation & there were problems?
 
  • Like
Reactions: Gandalf_The_Grey and upnorth
You must log in or register to reply here.

Similar threads

enaph
    • Like
    • +Reputation
    • Thanks
Privacy News Concerns raised over UK Data Protection Bill’s impact on EU’s GDPR
Replies
1
Views
1,600
Security News
MuzzMelbourne
MuzzMelbourne
Gandalf_The_Grey
    • +Reputation
    • Like
Security News US Health Dept warns hospitals of hackers targeting IT help desks
Replies
1
Views
1,103
Security News
Practical Response
Practical Response
Gandalf_The_Grey
    • Like
    • Applause
The European Union is about to get stricter on GDPR compliance
Replies
0
Views
387
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top