U.K.’s Top Adviser Pushed Agencies to Ignore EU Data Laws
(Bloomberg) -- The U.K.’s former top government adviser told agencies to ignore European data protection laws to coordinate the country’s response to the coronavirus pandemic.
Dominic Cummings said in a parliamentary hearing on Wednesday that he told the Information Commissioner’s Office, the country’s data regulator, to put out a notice that agencies working on the response to the coronavirus shouldn’t worry about the rules because “if someone, somewhere in the system didn’t say ignore GDPR, thousands of people were going to die.”
Cummings, the former adviser to Prime Minister Boris Johnson, said while the step was “almost definitely” illegal, it was necessary to help connect different sources of information to find out more about how and where the virus was spreading and integrate testing. The government was warned that the proposed use of data risked breaking the General Data Protection Regulation and “a whole bunch of things around the European Convention of Human Rights, right to privacy, etc.”
“What I wanted to do was essentially the same as what had happened in South Korea and Taiwan and places where you start using bank data, you start using mobile phone data, to triangulate where people are,” Cummings said. “It wasn’t just the testing system we had to get built up, it was also the whole data architecture as well.”
The government has come under fire for how it handled sensitive data during the pandemic. Britain’s National Health Service allowed U.S. technology company Palantir Technologies Inc. access to sensitive personal data of patients, employees and members of the public under a deal to help it cope with the Covid-19 outbreak, though the agreement required that the data be stripped of personal identifiers or aggregated before being shared. The details were revealed by politics website OpenDemocracy and law firm Foxglove last year.
©2021 Bloomberg L.P.