Many ORG supporters have received replies from SNP members of the Scottish Parliament over the ID database. The letter, no doubt drafted by civil servants, is rather shallow and fails to address the key points that the campaign has been raising.
To help both MSPs who have been asked to use this response, and our supporters, we here take the points raised in the letter and respond to them.
Thank you for taking the time to contact me regarding the consultation.
There are no proposals for ID cards or for the creation of a national database. There are also no proposals to share medical records.
How is the extension of the NHS register database to include linkage and use by 100 Scottish institutions not the creation of a national database? This is the key point. It is more or less impossible to see this dabatase as anything less than a national, Scottish Identity Database.
Compulsory cards are certainly not proposed, but the linked Entitlement Card is used to identify citizens as and when they use many Scottish services. By linking personal data to a single personal identifier, called the Unique Citizen Registration Number, it is virtually indistinguishable in its effects from Labour’s ID Card scheme. This is not that surprising, as both schemes were created by previous Labour administrations in conjunction with large IT providers and civil servants.
Nobody has suggested that the changes to the NHS register would lead to sharing medical records. It may however dissuade people from using the Scottish NHS, if they are worried about other people finding their identity and address, such as abusive relatives who work in other institutions.
This consultation is on specific proposals to enable organisations to verify data and to do so in a safe and controlled manner.
Is verification via a single national identity database needed or appropriate? It would be highly surprising if it operated unsafely or in an uncontrolled fashion. The lack of safety comes with future policy decisions.
The purpose of the proposed change is to:
- ensure that public bodies when providing public services are able to correctly identify the individual they are dealing with;
- trace overseas visitors who should pay for NHS treatment.
These are current purposes, but data sharing that is enabled could run very much further, as over 100 institutions are expected to be involved. This needs to be recognised and discussed.
This proposal does not mean creating a single public sector record. It will simply allow those providing public services to have their name and address data checked against administrative data in the NHS Central Register to ensure they are dealing with the right person. This does not involve access to any medical data.
It will link everyone’s data together through the database, for checking address details, but also potentially to link data sets together. In modern computing terms, the effect is to link all data all of the time, as the government of the day requires. The use of a Unique Citizen Registration Number is the means by which this would be enabled. This is obvious in the examples give so far, including this one below:
We are also consulting on whether HMRC should be able to use the same information to help them identify who should pay Scottish taxes and who should continue to pay tax to the UK. No decisions have been made on this.
I appreciate your concerns over privacy, and the Scottish Government and Scottish public bodies already operate under strict rules on the use of data to ensure privacy and protect the individual. There are no proposals to change this.
Much the same was said about the UK’s ID system … but it is the architecture and capabilities that should worry us, rather than whether strict rules can be pointed to or whether assurances are made. Concerns over the reuse and combining of personal data for government policy profiling, targeted identification of individuals for attention, or reducing benefits, all need a full debate. Once a Scottish Identity database is in place, arguing against these policies will get ever harder.
Similarly, there is a lazy assumption from the civil service that a centralised identity database for the whole of government is the only way to know who and where citizens are when they interact with a service. This needs full scrutiny.
No decisions have been made on this issue as yet. There is an ongoing consultation which closes 25th February 2015. This is a consultation on a statutory instrument which will be duly scrutinised by the Scottish Parliament.
I hope this answers your concerns regarding the consultation.
I expect not. Please remain concerned. The consultation itself is highly flawed, with very many key legal topics missed out and skipped over. But most concerning is the absence of any debate about the shift from NHS register to national registration system, and the denial of civil servants to ministers and MSPs that this is happening.
While the MSPs who are being given this letter to use to talk to their constituents are no doubt well meaning, they are being told only part of the truth by the people they are trusting to run the Scottish state: the civil service.
Fundamentally, a debate about the emerging Scottish Identity system needs to take place. The objectives—particularly to make it easy for citizens to use Scottish services—are reasonable, but much more freedom-preserving means to achieve them are available. Please keep emailing!