In a special turn of events, the UK government has just admitted that it ran the nationwide Test and Trace program unlawfully! This was revealed by the Department of Health and Social Care (DHSC) in a letter filed by privacy campaigner, Open Rights Group. The program was launched without going through regular data privacy checks.
UK Government Admits Skipping the Law
UK is one of the first European countries to hit worse by the COVID-19 breakout. Since then, the government has fast-paced any step that deemed important to contain the spreading. One such step was the introduction of Test and Trace program, where the newly diagnosed COVID-19 person was regularly monitored. This is through contacting them and knowing his recent moves, and informing those who may have passed nearby to him.
The program was introduced at the end of May, by equipping about 27,000 personnel as contact tracers. This included hiring third-party companies to equip a call centre staff, train them and contact citizens. While the whole program seemed necessary, it was implemented immediately without going through the legitimate process! And this what made privacy activists question the government about this program.
The Open Rights Group has filed a lawsuit against the government alleging it skipped the important Data Protection Impact Assessment (DPIA), which is a part of GDPR where any authority that’s subject to process highly sensitive data should go through the checks and make sure it’s safe. Jim Killock, the executive director of Open Rights Group (ORG) said, “We have a ‘world-beating’ unlawful test-and-trace programme.”
Though the government defended saying it had to rush for public safety, it has still crossed the law. Boris Johnson’s government claimed there’s no proof that the data pooled was used unlawfully, petitioners press on executing it without proper checks. On another note, The Guardian reports they have found three instances of the garnered data being mishandled!