ID Card database could contain medical and criminal records

This prospect reverses the position stated in the Government's public consultation documents in which it confirmed that none of the information in the ID Card database falls within the category of sensitive personal data as defined by the Data Protection Act.

The amendment is to be debated tomorrow.

Details of how the amendment works

The ID Card database content is specified in the Bill. There are around 50 data classes which could be stored in a central register. These “registrable facts” fall within nine categories which in relation to an individual ID Card holder means:

"(a) his identity;

(b) where he resides in the United Kingdom;

(c) where he has previously resided in the United Kingdom and elsewhere;

(d) the times at which he was resident at different places in the United Kingdom or elsewhere;

(e) his current residential status;

(f) residential statuses previously held by him;

(g) information about numbers allocated to him for identification purposes and about the documents to which they relate;

(h) information about occasions on which information recorded about him in the Register has been provided to any person; and

(i) information recorded in the Register at his request."

The technical amendment tabled by the Home Secretary states that the registrable facts falling within category (g) above "do not include any sensitive personal data (within the meaning of the Data Protection Act 1998) or anything the disclosure of which would tend to reveal such data." By inference, this limitation automatically implies all the other items in the above list – except item (g) – can be linked to sensitive personal data.

This subtle change has to be considered in conjunction with powers in the Bill which permit the Secretary of State to modify the information in the ID Card database. This power, if exercised, combined with the implication that the database can now legimately include items of sensitive personal data completes the reversal in policy that OUT-LAW has identified (i.e. the legal infrastructure is in place to permit details of criminal and medical records to be held in the database in future).

The items of sensitive personal data which are currently held

At the moment the items of sensitive personal data in the ID Card database are very limited. For example, the central database will include a photograph of the ID card holder. If that photograph reveals a certain medical condition, for instance, Downs Syndrome or blindness, then clearly these photographic data reveal sensitive personal data. Additionally, sensitive personal data would be processed if photographic identity data were used in a racial context – for example, if the authorities searched the database to distinguish, say, an Afro-Caribbean Fred Bloggs from a Caucasian Fred Bloggs. Sensitive personal data could also be revealed if the address of the Cardholder relates to a mental hospital or a prison.

Sensitive personal data will also be contained as the central registry database is to contain "access records". The Bill states that these "access records" include "particulars of every occasion on which a person has accessed an individual's entry and of the person who accessed it". Thus if an individual with an ID card uses an NHS service which requires a check on entitlement for free treatment, there will be a record in the ID Card database which describes that check – in particular 'first outpatient clinics' which has been identified by Health Ministers.

The record of which clinic the patient attends, however, can give inferential detail of the individual's medical condition. After all, patients who attend at a sexually transmitted diseases outpatient clinic or a pre-natal maternity clinic are not queuing for a flu jab.