The Scottish Government plans to reduce the amount of information on citizens held by large public databases and curb the collection and use of personal data by public authorities.
A consultation on its plans has just begun. The Scottish Government, run by the Scottish National Party in a minority administration, has the backing of the UK Information Commissioner’s Office (ICO) for its plans.
It has proposed a set of Identity Management and Privacy Principles with which public bodies will have to comply. The principles move the Scottish Government away from the trend of building very large public databases of personal information.
Read more on Out-Law.com
According to a news release on the government’s web site, the draft principles include:
- Proving identity or entitlement: people should only be asked for identity when necessary and they should be asked for as little information as possible
- Governance and accountability: private and voluntary sectors which deliver public services should be contractually bound to adhere to the principles
- Risk management: Privacy Impact Assessments should be carried out to ensure new initiatives identify and address privacy issues
- Data and data sharing: Organisations should avoid creating large centralised databases of personal information and store personal and transactional data separately
- Education and engagement: Public bodies must explain why information is needed and where and why it is shared