I am about to send a submission to the Home Office next Monday/Tuesday re Entitlement Cards, which I can share with the rest of the group. So if you respond, I will send you the submission when I send it to the Home Office. I want the week-end for a last look at, but as far as I am concerned the main conclusions are established. 

The objective is, if you so wish, to send a message to the Home Office endorsing the analysis (or not as the case might be).

Those who have not yet made up their mind could look at my main comments below. The analysis I am sending to the Home Office substantiates the MAIN COMMENTS below. The important ones are 1, 4, 5, 8, 9, 10

Those who have not looked at the Entitlement Card proposals should do so.

Chris P

_----------------------------------------------------------------------------------------------------------

MAIN COMMENTS


1. The consultation document "Entitlement Cards and Identity Fraud" does not lead a properly constructed and informed public debate on the privacy implications of the Entitlement Card Scheme.

2. We are not persuaded by the argument that a card which has 60% of its emphasis on purposes associated with identity and 40% of its emphasis on entitlement should be called an "Entitlement Card".

3. The consultation document states that the Data Protection Principles will apply to the scheme but does not address what this means in practice. The Document is therefore limited in its analysis of the Data Protection Act 1998 and has serious omissions in relation to the privacy protection offered by this legislation.

4. Our analysis, presented here, shows the Government's proposals amount to the granting of an exemption from major elements of the Data Protection Act 1998 for the Entitlement Card scheme. This "exemption" negates the protection afforded by the first five data protection principles, leaves all existing disclosure gateways fully open (and unknown to the public), provides for new statutory disclosure gateways and permits the transfers of personal data from the scheme outside the European Economic Area (EEA).

5. The consultation document downplays its relationship with the PIU Report on Privacy and Data Sharing, yet the "exemption" mentioned above seriously changes the nature of the recommendations in that Report. The result is that members of the public are presented with an incomplete picture in relation to the whole range data sharing possibilities and are unlikely to be in a position to make an informed choice as to whether they wish to consent to data sharing (as envisaged in the PIU Report).

6. It is disappointing that the consultation document does not commit the databases associated with the Entitlement Card to the minimum security protection offered by adherence to BS7799, the base-line security standard identified in the PIU Report.

7. Given the many statutory disclosures envisaged in scheme, it is surprising that the impact of the exemptions from non-disclosure provisions in the Act are not discussed. The effect of these provisions is also to negate the application of the first five data protection principles in relation to many disclosures of personal data to the public authorities named in the consultation document. The provisions will also apply to many of the disclosures to those bodies which are not identified in the consultation document.

8. We cannot support the introduction of an Entitlement Card scheme unless there is an informed debate on privacy matters or a substantial statutory improvement to the level of privacy protection associated with the scheme.

9. It is possible that the Government may ultimately oblige citizens to obtain an Entitlement Card and press ahead on the basis of the consultation document, without an informed debate on privacy matters. In such circumstances, it is likely that any future Government (whatever its political hue) will loose the trust of many its citizens, when it is realised that every interaction with the public and private sector which requires production of this card, will be electronically tagged as to date, time location etc, and made available to numerous public authorities for a variety of purposes. This is especially the case in ethnic communities.

10. If the Entitlement Card scheme goes ahead with the current level of privacy protection, the authors of this document do not recommend readers who value their private and family life to consent to any data sharing as proposed in the PIU Report on Data Sharing.



Dr. Chris Pounder
Consultant & Editor of Data Protection & Privacy  Practice
Information & Technology  Group
Masons - International Law Firm
DDI: +44(0)20 7490 6605
Fax: +44(0)20 7490 2545
E-mail:[log in to unmask]
Post-mail: 30 Aylesbury Street, London EC1R 0ER, UK

www.masons.com

www.out-law.com
______________________________E-mail confidentiality notice__________________________________

This message is intended for the addressee only. It is private, confidential and may be covered by legal professional privilege or other legal or attorney/client privilege. If you have received this message in error, please notify us and remove it from your system. If you require assistance, please contact our London office (telephone +44 (0) 20 7490 4000). Masons is an international law firm with offices in London, Bristol, Edinburgh, Glasgow, Leeds, Manchester, Brussels, Dublin, Hong Kong, Guangzhou and Singapore. Further information about the firm and a list of partners is available for inspection at 30 Aylesbury Street, London EC1R OER or from our Web site at www.masons.com


******************** E-mail confidentiality notice ********************

This message is intended for the addressee only.  It is private, confidential and may be covered by legal professional privilege or other legal or attorney/client privilege. If you have received this message in error, please notify us and remove it from your system.

If you require assistance, please contact our London office (telephone
+44 (0) 20 7490 4000).

OUT-LAW.COM is a service of Masons, an international law firm with offices in London, Bristol, Edinburgh, Glasgow, Leeds, Manchester, Brussels, Dublin, Hong Kong, Guangzhou and Singapore.

Further information about Masons and a list of partners is available for inspection at 30 Aylesbury Street, London EC1R OER or from the firm's web site at www.masons.com

***********************************************************************


This e-mail has been scanned for all viruses by Star Internet using MessageLabs SkyScan services. For more information visit: www.star.net.uk.
_________________________________________________________________________________________

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
    www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^