Government privacy advisor quits after officials ‘repeatedly ignored’ guidance
Cabinet Office slammed by departing privacy advisor for lack of support - Photo credit: PA
Technologist Jerry Fishenden has resigned from the Cabinet Office’s Privacy and Consumer Advisory Group, which aims to offer advice and scrutiny to government on technology and privacy issues, after six years on the group.
Fishenden, who was chair and then more recently co-chair of the group, said it had been set up by the former minister for the Cabinet Office Francis Maude to act as “a canary that could detect and help fix policy and technology issues before they got too far down the policy process”.
The group - whose members include vocal critics of government policies on security as well as various academics - offered advice and comment on initiatives such as the now scrapped patient data-sharing project Care.data and the identity assurance programme GOV.UK Verify.
However, in a searing blogpost announcing his resignation, Fishenden said that there had been less ministerial support and backing for the group since Maude left government in 2015, and that officials were choosing to ignore some of the group’s comments.
“Without such backing, those officials who find the group’s expert reviews and analyses ‘challenging’ have found it easier to ignore, attempting instead to smuggle their often half-baked proposals past ministers without the benefit of the group’s independent assistance,” the post read.
Civil service chief John Manzoni laments NHS care.data "misstep" – and sets out Whitehall's vision for big data
Government turns to big tech firms to help deliver long-awaited Digital Strategy
Why the public sector needs data champions
Fishenden also said that there had been only one meeting with either of Maude’s successors in the role of minister for the Cabinet Office, in December 2015 when the role was held by Matt Hancock.
“PCAG has worked hard to ensure the continued full engagement, backing and enthusiasm of subsequent MCOs,” Fishenden said. This, he added, included writing to both Hancock and the current minister, Ben Gummer, but that “despite repeated attempts”, there had been no acknowledgement or response to either letter.
“I can only assume from this lack of engagement that PCAG’s canary function is either no longer understood, or no longer valued,” Fishenden said. “If the group is no longer wanted – well, surely it would be much better all round if someone just said so openly?”
Guy Herbert of the anti-ID card campaign group NO2ID, another of the group’s members backed up Fishenden’s critcisims of the Cabinet Office, saying on Twitter that cancelled meetings were becoming “increasingly frustrating”.
Among Fishenden’s criticisms was the way the government had dealt with problems identified with the section of the Digital Economy Bill that sets out measures for increasing data sharing, and that were widely criticised for lacking detail or clarity.
“Part 5 of the Digital Economy Bill seems to me a classic example of what happens when the group’s advice and offers of help are repeatedly ignored by officials who should know better,” Fishenden wrote.
“Worse, in the case of Part 5 the group was repeatedly misled and misinformed by the team that drafted the core of the proposals and the related ‘codes of practice’. Once again it was ministers and parliament left to deal with the consequences.”
He continued to say that, in the past, the problems would have been highlighted earlier on and the group would have helped fix them, “rather than causing ministerial embarrassment and confusion when they were published in a disappointingly amateurish and technically-illiterate state”.
Fishenden concluded his post by thanking “the many civil servants, ministers and MPs who have engaged constructively with the group and its members over the years” and saying he hoped the value of the group would be “rediscovered” after next month’s election.
A Cabinet Office spokesperson said: "Views from many groups, including the Privacy and Consumer Advisory Group, were taken into account when establishing the Digital Economy Act 2017."