Our Data Futures
Influencing UK data policy
Over the next year the UK government will be looking at how it replaces GDPR following Brexit, through the Data Protection and Digital Information Bill. At the same time all the major political parties will be developing their manifestos in the run up to the next General Election, scheduled for 2024 if not before.
We think this means there is a unique opportunity to influence the democratic and participatory governance of data, to ensure it works for us all, as part of the UK’s post-GDPR future.
However, we are also clear that there are real risks that future changes or possible policy directions could do the opposite: reducing individual citizens’ control and influence; removing transparency and key safeguards; limiting opportunities for engagement and ignoring evidence about the collective and equality impacts of data processing and AI.
That’s why for the next 12 months we will be focusing on campaigning to make sure communities get a powerful say in how the data that affects them is collected and used now and in the future by influencing this legislation to:
- ensure risk assessments, balancing tests, the design of codes of conduct factor in collective, societal, equality and environmental impacts
- protect the rights of the direct, indirect and group subjects of automated decision making
- increase democratic accountability on data decisions through better transparency, greater participation, and collective complaint and redress mechanism
We’ll also be working to bring together a group of diverse friends and partners to create an even stronger voice for change - including organisations from across data, tech and civil society, as well as the communities who are directly affected themselves.
Alongside this we’ll be connecting with MPs, Lords, advisors and civil servants to support them to better understand the issues involved and ensure they are informed and able to speak up, so data is both collectively and democratically governed in all our interests.
We are particularly grateful to the Joseph Rowntree Reform Trust for their generous help and support for this work.
Events
Jeni spoke on this panel, organised by the Joseph Rowntree Reform Trust and chaired by Cllr Lisa Smart, at the Liberal Democrat Spring Party Conference 2023, alongside Silkie Carlo from Big Brother Watch and Martha Dark from Foxglove Legal.
I wasn’t sure where this panel on the “democratic challenges of AI” would end up focusing. Would we be narrowly exploring the role of AI – particularly generative AI and adtech – in generating and amplifying misinformation, for example? In the end, it was a wide-ranging discussion about the role of data, digital and technology in our society, particularly its deployment by the government, and the lack of transparency and scrutiny over it.
Silkie talked about the deployment of facial recognition; Martha about the lack of transparency and public consultation around the Palantir’s involvement in the NHS. I focused on the wider issues around gaining democratic control over data and AI, and of course the role of powerful public participation in asserting that control.
As the Data Protection and Digital Information Bill continues its erratic legislative journey, we convened an open call for interested parties to share, discuss and maybe act together. In this open Zoom meeting, Gavin Freeguard chaired an open discussion of first reactions and thoughts in a confidential and trusted space.
On Thursday 9 March 2023, CONNECTED BY DATA, working with Labour Together, convened a workshop with experts from civil society (and Labour advisers) to consider:
- what principles should underpin progressive data, digital and technology policy
- what some specific policies could look like
On 5th December 2022, CONNECTED BY DATA organised an event in parliament, hosted and chaired by Lord Tim Clement-Jones, to explore three key areas around the future of data governance: automated decision-making, data at work and data in schools.
These are all areas that could be affected by the Data Protection and Digital Information Bill, expected to return to parliament for its second reading at some point in 2023. We think the Bill represents an opportunity to influence how data is governed in a more democratic and participatory way, but worry that – in its present form – it undermines existing safeguards and misses the chance to extend democratic data governance.
The three areas under discussion also represent domains where growing data collection and use could have both significant benefits and harms in the future, regardless of what happens to the Bill. The event invited opening contributions from civil society and academic experts on each topic before opening up to a wider discussion. The experts were on the record unless they requested otherwise, with everyone else being unattributed under the Chatham House Rule.
On 30th September 2022, CONNECTED BY DATA organised a civil society workshop to explore the Data Protection and Digital Information Bill.
As we wait for the date for the second reading of the Data Protection and Digital Information Bill, many civil society organisations have different concerns and interests, and can see different opportunities and risks.
Here at CONNECTED BY DATA, for example, we think the Bill presents a real opportunity to influence how data is democratically and participatively governed, to ensure it works for us all, as part of the UK’s post-GDPR future. However, we also fear that, in its present form, the Bill reduces individual citizens’ control and influence, removes transparency and key safeguards, limits opportunities for engagement and ignores evidence about the collective and equality impacts of data processing and AI.
Opinion
Michelle Donelan, the Secretary of State for the Department of Digital, Culture, Media and Sport (DCMS), announced a new, British, approach to data protection at the October 2022 Conservative Party Conference. It seems the Johnson government’s new direction for data, which culminated in the Data Protection and Digital Information Bill introduced in Parliament in July, is to be revised through more consultation, though it appears not a public one.
GDPR isn’t perfect and it would be great if the UK could be bold in changing data protection laws to build on and move beyond GDPR. Unfortunately, the Bill as it stands takes backwards steps rather than confronting future – or even current – challenges. Its focus on simply reducing regulation, especially for small businesses, is misplaced and out of step with the kind of regulation the modern data economy needs.
Weeknotes