The initial consultation stage around the Government’s proposals for greater data sharing between public bodies, as set out in the August 2014 publication ‘Data-Sharing and Governance: Policy Proposals’ has recently been completed. Responses to the consultation are now under consideration ahead of preparation of a general scheme (heads of draft legislation) to be presented to government, for approval to proceed, and then to the Oireachtas Committee on Finance, Public Expenditure and Reform, for pre-legislative scrutiny.
The proposed Data-Sharing and Governance Bill, which the Department of Public Expenditure and Reform (DPER) has described as “crucial legislation”, derives from a current Programme for Government commitment to undertake “anti-fraud measures … and better sharing of data across Government Departments and agencies”.
Data sharing essentially consists of two Public Service bodies sharing structured data about an entity (such as a person, business, property or event) and it requires a basis in law. DPER lists many reasons for extending data sharing, but the principal purposes for which sharing should be permitted are as follows:
• to assist ministers in exercising their statutory functions and in acting where there is a “substantial public interest”;
• the identification and prosecution of fraudulent activity and collection of debts owed to the State;
• the delivery of more streamlined services to customers and evaluation of the effectiveness of cross-cutting policies; and
• the identification of erroneous data held by public bodies and audit of the activities of public bodies.
It is envisaged that the categories of data that will be shared will be quite comprehensive and will include:
• means data contained in individual and company applications for which there is means-testing;
• pupil data (essentially student transactional records);
• information held on Public Service organisations and employees;
• contact information detailing the State’s interactions with citizens and businesses; and
• general information held about businesses.
Overall, DPER anticipates that data sharing will relate to recurring transfers of sets of records rather than once-off transfers. It will not include contract-related commercial information between public sector bodies and their contractors. It will also, generally, not extend beyond the State to public sector bodies in other jurisdictions.
Data sharing is not a new concept and already exists between some public bodies. For example, details of birth registrations with the General Register Office are automatically forwarded to the Department for Social Protection which then automatically generates a child benefit account and contacts the relevant family with details. There is similar sharing of student data between the education authorities and other public sector bodies.
Although the role of greater data sharing in countering fraud and error, particularly in such areas as social welfare or taxation are obvious, there are many wider benefits to government and individuals.
With greater data sharing, individual citizens should no longer have to provide the same detailed information again and again in all of their interactions with public bodies. The government proposals envision the creation of ‘base registers’ which contain basic details of individuals and businesses and which could be used as a single unified source of information for public bodies who need the data.
Similarly, with more data being shared, more and more public services can then be digitalised and transacted online – which is obviously quicker and more convenient for citizens.
For government, in addition to the gains in fraud and error management, there is the potential for significant efficiency gains arising out of greater sharing of data. Right across the public sector there could be much faster turnarounds, fewer meetings, fewer telephone calls and generally the ability to do things faster with fewer people and at less overall cost. In addition, the increase in the availability of good quality data across the government sector should greatly assist evidence-based policy formulation and reduce reliance on privately contracted research.
The department’s pre-legislative work on data sharing has identified four categories of obstacles to making progress on greater sharing. Firstly, there is an immediate blockage if there is no clear existing legal foundation for the sharing of information between two public bodies. Secondly, there are organisational barriers where perhaps one public body simply does not attach any priority to the work required to provide its information to another public body. Thirdly there are ‘semantic’ challenges to overcome to ensure that information being shared is provided in the right level of detail and format and using consistent common definitions and protocols. Fourthly, there are technical challenges such as aligning information technology platforms and ensuring software compatibility so that information flows reliably and without system glitches.
Importantly, the Government’s proposed Data-Sharing and Governance Bill will, when enacted, provide a ‘catch-all’ solution to the question of having a legislative basis for data sharing between two bodies. Further, it is the aim of the Government’s proposals to establish regulations and procedures that will ensure greater co-operation to overcome organisational obstacles as well as the semantic and technical challenges.
Not surprisingly in a world of much wider circulation of detailed personal and confidential information, governance and appropriate use of information becomes a policy priority. DPER makes it clear that strong all-round governance will be a key feature of the new legislation. All information shared will still be subject to the full rigours of the existing Data Protection Act. There will also be an emphasis on transparency so that owners of data will know which bodies are sharing which information and why they are doing so. In addition it is proposed that in each instance one of the bodies sharing data will be designated the ‘lead’ agency and will be responsible for maintaining full records of all data exchanged. The proposals envisage ‘privacy impact assessments’ to ensure that private material which does not need to be shared is not actually shared. And when the Government proposes to act against a citizen or a business on the basis of conclusions about default (e.g. underpaid tax or inaccurate welfare claims), the subject of that action will have prior notification before any such action occurs.
Regardless about the concerns over governance, or the belief that the data sharing is all about catching tax dodgers and welfare cheats, Public Expenditure and Reform Minister Brendan Howlin prefers to accentuate the positive, asserting that data sharing is the key “to the provision of quality public services”.
Although the initial DPER public consultation around data sharing proposals has now ended there will be further opportunities for the public to have a say. When the joint Oireachtas committee has completed its pre-legislative scrutiny of the general scheme and accompanying regulatory impact assessment, there will be further phase of public consultation before the Bill is actually drafted and presented to the Dáil.