Astute British citizens (90% of adults are now aware of the Data Protection Act) has expressed an alarming loss of trust in established institutions, including government departments, to safeguard their personal data. According to a new survey from the British Computer Society (BCS), two thirds of British adults have reported a decrease in their level of trust in these institutions to correctly or securely manage their personal details, in the light of recent stories about data breaches or data being lost.
The BCS Data Guardianship Survey 2008, published on the 14 of March, coincides with a dedicated BCS seminar on Building Trust in eGovernment to which representatives from other professional institutions, charities and government have been invited. The survey reveals that issues relating to data protection and guardianship are now deemed to be "very important" by well over half of British adults.
The survey focused on public awareness of the Data Protection Act (DPA) and sought to see if people knew its provisions. Individuals were also asked if they had used subject access requests under the DPA, or an internet or credit search to check data held about them, and, if they had, what their experience had been. In spite of a high awareness of the DPA, and that one quarter of people have made internet or credit searches about themselves, only 4% were subject access requests under the DPA.
Yet the most important issue of those raised amongst adults questioned about the DPA was having the automatic right to correct data about oneself if it is incorrect: 77% said this is very important to them. 71% also indicated that it is very important to them to be asked for their consent if other organisations or Government departments want access to their data originally collected for another purpose. While two thirds claimed that it was very important to them to be aware of the names of organisations or Government departments that hold information about them and what it is.
In the wake of recent publicity regarding government held data loss, 57% of British adults indicated that it is very important to them that the handling of data by Government employees should be on a sliding scale of seniority - the more sensitive the information, the more senior the employee should be.
Speaking on behalf of the BCS in response to the publication of the survey today, chief executive David Clarke said, "Our survey forcibly demonstrates that the public do care about accountability, visibility, consent, access and the stewardship of personal information that is collected about them.
"In the BCS Position Statement on data guardianship principles issued to support our seminar on Building Trust in eGovernment, we have suggested that one way of ensuring the principles are considered is to include a more citizen focused impact statement in the risk assessments that government is already required to do in connection with the assurance of the information it holds.
"Risk is the combination of the likelihood of an event and its impact in one or more dimensions. In risk management there is a widely used concept of ALARP - (As Low As Reasonably Practicable) referring to both of these dimensions. When handling other people's personal data, we should all ask ourselves if ALARP means the same thing to Ministers considering their reputation, government Departments considering their efficiency target and citizens considering their privacy or financial security.
"Many of the failures that have driven this loss of public trust are actually not pure technology, but are related to the much wider issue of information management. The level of professionalism needed in the IT sector to help address this is at the heart of the BCS work with government and others to build a world-class IT Profession."