Privacy & Information Security Law Blog

Demos, an independent UK-based think tank, has published a report describing the views of a cross-section of British people on how their personal data are used by the public and private sectors.  Private Lives: A People’s Inquiry Into Personal Information (the “Report”) was researched in the context of the UK Information Commissioner’s Office’s consultation on the Personal Information Online Code of Practice.  The Information Commissioner called for industry and research groups to provide context for the new Code of Practice. “What emerges from the study is a fascinating picture of a public who certainly care about information rights, but who are by no means hysterical about perceived threats to liberty or privacy,” observed UK Information Commissioner Christopher Graham.

Demos created a deliberative process during which they asked 40 members of the British public to discuss their views on how their personal information is used.  Demos recruited participants from a range of socio-economic backgrounds.  During three sessions, the participants heard from data protection and privacy experts from the National Health Service, search engines and mobile phone companies, as well as lawyers and consumer advocates.  In small groups, the participants then explored data protection in the context of (1) communications data; (2) targeted advertising; and (3) medical data and e-health records.

The Report highlights the fact that democratizing personal information means not only giving people a voice in the privacy debate, but also finding better ways of listening to their views.  In this study, participants demanded transparency, security and the means by which they may exercise informed and meaningful choice.

Transparency concerning the protection, use and management of information is identified in the Report as a critical requirement for enhancing public trust in the way the public and private sectors process personal data and derive benefits from it.  Participants felt that those who collect and control their data often are not open about the purposes for which the data are collected and used.  They also considered that their data were shared with too many third parties, without their knowledge and outside their control.  Participants expressed a desire for data controllers and data handlers to take more responsibility, and for tools to give individuals greater control over their data.  On this issue, the Report recognizes the tension between a stated desire to control the use of personal information and the reality that most people lack the time and inclination to manage their data proactively.

The “Calls to Action” section of the Report captures participants’ proposals for better data protection, which participants felt currently are not being met.  The Report concluded that participants largely are demanding the robust application of existing principles of data protection.

The full report, published on March 21, 2010, is available on the Demos website.