Data Protection Register: Is it over-protected?
The British state has lots of databases full of information about everything from cars to companies. The government it is going to open up such databases, making them publicly accessible as much as possible, in ways which would allow others to reuse the valuable information they contain. Naturally the Information Commissioner, Chris Graham, is to have an important role in this process.
One of these publicly owned databases is the , which contains details of companies and public bodies who process the personal information of individuals, what kind of material they hold, and for what purposes (as in ).
You can by certain selected fields such as name, postcode and organisational category. But you can't obtain more than 100 entries in response to one search. And, more importantly, you can't consult the register online in browsable form, nor can it be downloaded. In short, as a way of providing data, this isn't very useful.
And as it happens the official responsible for the Data Protection Register is actually the Information Commissioner himself.
I have to say that I have found the cumbersome nature of searching the database, rather than being able to browse it, very inconvenient. Perhaps those who have better web-scraping skills than I do might manage to get more out of the current setup.
It seems that I'm not the only person to be frustrated by this. Last year someone else made a freedom of information request to the Information Commissioner's Office (ICO), asking for a copy of the register "in any usable format".
The ICO dismissed the FOI application, stating that there is no legal requirement "that the register is provided as a usable database".
After an equally unsuccessful internal review of this rejection, the applicant took advantage of his right to complain to the person who decides whether FOI requests have been correctly handled by public bodies - the Information Commissioner.
Last week the ICO issued its - and it turns out that the ICO agrees with the ICO's arguments that the ICO dealt with the case in accordance with the law. The judgment maintains that the information is reasonably accessible to the requester by other means, ie by searching the database one step at a time.
This is not an entirely comfortable position for the Information Commissioner to be in. Whatever the technical legal situation, it is clearly a long way from the spirit of the transparency rhetoric that has emanated from the government and from Mr Graham himself.
And in fact the ICO has recently been running a on the possibility of making the entire register available to be downloaded in a reusable format. The closing date for responses is this coming Friday.
I expect that in due course the Data Protection Register will become much more usefully accessible than it is at the moment. Just like other public authorities, the Information Commissioner's Office itself is being forced to change its processes by the drive towards openness.
Comment number 1.
At 4th Apr 2011, Tom W wrote:Simple question: Why did the ICO choose not to make its database downloadable? Any chance you can find out?
Complain about this comment (Comment number 1)
Comment number 2.
At 4th Apr 2011, BluesBerry wrote:The ICO has recently been running a consultation exercise on the possibility of making the entire register available to be downloaded in a reusable format. The entire register? Excuse me but this seems like passing the buck, and the buck stops with the poor user. If you provide the entire reguster, most compuers will freeze and search times will be totally unreasonable.
I expect that in due course the Data Protection Register will become much more usefully accessible than it is at the moment. Usefuly accessible means, I put in a search word or name, and something usable comes up - not the entire registry.
Just like other public authorities, the Information Commissioner's Office itself is being forced to change its processes by the drive towards openness. You cannot hide openness by passing the buck and providing the entire registry. Openess must be "open" to a reasonable search.
It is because of complexity of data, the inability to quickly find the information that one seeks, that systems like wikileaks become so instantly popular.
Even the name "Data Protection Register" bespeaks the lack of clarity and transparency.
Why must have it all. So either
a) cost save and eliminate the cumbersome thing, or
b) redesign for efficient and effective utilization.
Complain about this comment (Comment number 2)
Comment number 3.
At 5th Apr 2011, Martin Rosenbaum wrote:The ICO says: 鈥淎 number of entries on the register relate to individuals, such as sole traders, and there are therefore data protection considerations鈥.
Complain about this comment (Comment number 3)