icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm

'Reckless': Privacy rights group lashes out at UK govt after it admits Covid-19 Test and Trace program didn't follow legal rules

'Reckless': Privacy rights group lashes out at UK govt after it admits Covid-19 Test and Trace program didn't follow legal rules
The UK government – facing a threat of court action – has conceded that its self-described "world beating" Covid-19 Test and Trace program has not been abiding by a crucial data protection legal requirement.

Following a legal challenge brought by Open Rights Group (ORG), the UK Department of Health and Social Care (DHSC) has admitted that it has been running the Test and Trace program without a Data Protection Impact Assessment (DPIA). This is a requirement under the General Data Protection Regulation (GDPR) for projects that handle personal data.

Without such a legal safeguard, there is a risk of personal data protection breaches.

Also on rt.com Forget Russian hackers: Real danger is the US hoarding UK vaccines, says head of Imperial College study

Ravi Naik, legal director of the new data rights agency AWO, who was instructed to act on behalf of ORG, said that the UK government has now "admitted Test and Trace was deployed unlawfully."

According to him, the initiative has been illegal ever since its launch on May 28."This is significant. It is a legal requirement to conduct an impact assessment before data processing takes place," he explained.

The UK government has not explicitly conceded that it has broken any privacy laws, but it has admitted operating without a DPIA. A spokesperson for the Department of Health and Social Care claimed the NHS program was committed to the "highest ethical and data governance standards."

They added that it was important to draw a distinction between the initiative itself being unlawful and the way it was processing NHS patients' data, which they say has been handled lawfully.

Also on rt.com British researchers say steroid treatment reduces coronavirus death rate by a third

Prime Minister Boris Johnson's administration insisted that there was "no evidence of data being used unlawfully." The DHSC made its admission after ORG threatened to take the government to court unless it agreed to carry out a DPIA immediately.

Jim Killock, ORG's executive director, hit out at the government, branding its behavior "reckless" in ignoring the legally-required safety step, and thereby had "endangered public health."

Killock suggested that mutual trust between the government and the public – a critical element in any successful fight against the deadly disease – had been undermined by operating a program without basic privacy safeguards.

The government bears responsibility for the public health consequences.

The DHSC spokesperson would not confirm whether a report in the Sunday Times – which found Test and Trace staff were sharing patients' confidential data on various social media platforms – was evidence of data being used unlawfully.

The NHS Test and Trace system requires people who have tested positive for coronavirus to self-isolate and share personal details – such as home addresses and phone numbers – of those with whom they have come into close contact. Contact must have taken place within a nine-day timeframe, starting 48 hours before symptoms first appeared.

Think your friends would be interested? Share this story!

Dear readers and commenters,

We have implemented a new engine for our comment section. We hope the transition goes smoothly for all of you. Unfortunately, the comments made before the change have been lost due to a technical problem. We are working on restoring them, and hoping to see you fill up the comment section with new ones. You should still be able to log in to comment using your social-media profiles, but if you signed up under an RT profile before, you are invited to create a new profile with the new commenting system.

Sorry for the inconvenience, and looking forward to your future comments,

RT Team.