Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
The U.K. government has revealed the coronavirus test and trace system violates data protection laws in both the U.K. and Europe.
After the global spread of the coronavirus began, the National Health Service (NHS) test and trace system was set up in a hurry to slow the advancement of the virus, Forbes reported. Due to the hasty implementation of the programme, a proper assessment of the system was not completed.
NHS test and trace has been operative since late May, and yet it has not been subject to the Data Protection Impact Assessment (DPIA).
The DPIA is an assessment that determines whether or not the system directly violates the public’s data privacy. Therefore, the test and trace has been illegally functioning since its initiation on 28 May 2020.
The test and trace system was established to slow the spread of coronavirus by pinpointing and staying in communication with anyone who might have been in contact with an affected individual.
There are 27,000 NHS staff members and their job is to obtain patient data, including names, addresses, gender and other contact information, according to Tech Radar.
The personal information that is gathered may be used for research activities. Under the guidelines of the General Data Protection Regulation (GDPR) individuals are permitted to have their information deleted, but this right is somewhat ineffectual under the rules of the programme.
In light of the government’s admittance of personal information violations, there have been more revelations showing that personal privacy has been exposed.
Allegedly, NHS staff members have posted the personal information of individuals on public platforms like Facebook and WhatsApp, according to Forbes.
Staff members have posted personal information in social media groups when reaching out to colleagues, in the hopes of finding a specific individual that has been in contact with the virus. People who have tested positive for coronavirus have had their names, NHS numbers, contact information and case identifications posted.
Although the test and trace system was set up quickly to safeguard the public from the virus, many say privacy rights have been trampled on.
The Open Rights Group (ORG) is pushing for a DPIA to be initiated, although the best practise would have been to assess the programme before it was launched, Silicon reported.
However, due to the urgency of the situation, The Department of Health and Social Care (DHSC) set up the system without a DPIA. Although launching the test and trace system took priority over putting it through the DPIA, the DHSC says one will be administered soon, according to Tech Radar.
According to a letter from DHSC, the test and trace programme was quickly set up during the start of the COVID-19 pandemic, and the main priority was to protect the public from the virus, Tech Radar reported.
The DHSC took steps to reduce the risks to the public and lessen the overwhelm of the NHS by setting up the test and trace system. The letter continues addressing that the programme is evolving and the DHSC does not argue that the programme is amassing large amounts of personal data. The department concludes by explaining its responsibility to manage the data in compliance with the GDPR.
The government is in agreement that the DPIA should have been initiated before the test and trace system was implemented.
The government has also changed the period of time coronavirus personal data will be kept, from 20 years to an eight years. The law only demands information to be kept as long as needed to perform necessary work.
Do you think the test and trace system being implemented prior to performing a DPIA was just a shortcut to protect the public’s health or a big misstep in the government’s obligation to protect our personal data? Let us know in the comments.
ATTORNEY ADVERTISING
Top Class Actions is a Proud Member of the American Bar Association
LEGAL INFORMATION IS NOT LEGAL ADVICE
Top Class Actions Legal Statement
©2008 – 2024 Top Class Actions® LLC
Various Trademarks held by their respective owners
This website is not intended for viewing or usage by European Union citizens.
One thought on UK Admits Test and Trace Programme Violates Privacy Law
The pandemic is simply a cover for introducing a tyrannical system of surveillance, utilising Digital IDs and the populations biometric data (DNA, Facial Recognition etc.).
The fake urgency has allowed cover for the Government ignoring existing so called protections, like GDPR. They are ignoring all of our human rights regarding Informed Consent too. If the public don’t stop complying we will end up in a very dark place.