The UK government has presented the Data Use and Access Bill, aiming to boost the economy by £10 billion and improve public services, especially in healthcare and law enforcement. The bill will allow NHS trusts, GP surgeries, and ambulance services to access patient records across various systems, which is expected to reduce NHS administrative tasks significantly, saving around 140,000 hours per year.
The government claims this streamlined access could expedite treatments, potentially saving lives, and plans to mandate technology suppliers to comply with standards that ensure health record interoperability across systems.
In law enforcement, the bill proposes reforms that would enable police to access personal data without logging the “justification” each time, potentially saving 1.5 million hours of police time and around £43 million in taxpayer money.
Supporters argue that this time saved on administrative work can instead be allocated to core policing activities that protect public safety. Technology Secretary Peter Kyle stated the bill will reduce administrative work across sectors, increasing productivity and supporting the economy.
Yet, digital rights campaigners are concerned about potential data privacy issues in the bill, particularly regarding the role of artificial intelligence and automated decision-making.
They fear that automated decisions in sensitive areas like immigration and welfare could occur without sufficient human oversight, potentially affecting people’s lives in significant ways. Concerns include possible misuse of data, as individuals’ information collected for one purpose might be used for another, like policing or immigration control, without their consent.
UK’s Data Use and Access Bill Aims to Boost Economy and Streamline Services, But Sparks Privacy Concerns
To address online identity verification needs, the bill also introduces a framework for digital IDs, proposing a government-certified “trust mark” for digital ID providers to enhance security and trust in these services. This initiative could simplify daily tasks for citizens, such as verifying identities when applying for jobs or renting homes.
While supporters like Yoti’s Julie Dawson believe digital IDs will simplify life for many, they also caution that the UK could lag behind countries with more advanced digital ID systems unless it develops a cohesive digital ID strategy.
Further, the bill seeks to foster open banking and smart data initiatives, enabling citizens to share data with third-party financial advisors for more personalized services. This could provide tailored financial guidance and help consumers make informed financial decisions.
However, privacy advocates worry about the potential for personal data to be used for unintended commercial purposes, underscoring the need for strict data protection protocols in financial data-sharing initiatives.
Complementing the Online Safety Bill, the Data Use and Access Bill also includes provisions for researchers to study online safety by accessing data from social media platforms. Another reform involves an electronic birth and death registration system in England and Wales, giving people the option to register deaths remotely.
Additionally, the bill makes it mandatory for water, telecom, and energy companies to register underground assets on the National Underground Asset Register, aiming to reduce the risk of accidental infrastructure damage.
The bill also revisits prior data protection reform proposals, modifying elements that might have risked the UK’s data-sharing relationship with the EU. Legal experts note the bill now strikes a balance between maintaining EU-aligned data standards and introducing efficiencies.
Other reforms include setting time limits on data protection investigations and closing regulatory loopholes for online tracking technologies. Additionally, the Secretary of State will gain authority to determine the adequacy of foreign data protection standards, influencing UK data transfer policies.
Despite these changes, advocacy groups have voiced concerns about the bill’s potential impact on transparency and accountability in data regulation. They oppose removing police data-access logging, fearing this could conflict with the EU’s Law Enforcement Directive.
The Open Rights Group also cautions against the government’s expanded role in appointing members of the Information Commissioner’s Office (ICO), citing risks to the regulator’s independence. They argue the bill may limit public recourse to challenge ICO decisions, stressing the need for more robust oversight mechanisms to safeguard individual rights.
