It feels so wrong starting an article with the words “you need to hear about this” when it doesn’t concern things Gwyneth Paltrow wants you to put up your vagina, or 20 of the world’s most important kitchen islands. Even so, would you … could you possibly consider listening to this?
Eight years ago the government had a plan so good it couldn’t tell you about it. It wanted to scrape everyone in England’s entire GP records and put them on one central database, where they would be anonymised – well, sort of! – then made available for research purposes to third parties, including private corporations. And called it Care.data, which is precisely the sort of name you’d give to either (a) a plan to grab everyone’s health data and let commercial firms like Google use it without their explicit consent, or (b) a desktop folder with pictures of everyone in your workplace using the second-floor toilets. But it’s OK, because you don’t show their heads. You set the camera up so it’s just neck-down.
Naturally, this stuff is worth a fortune to private corporations. We’re back on the data now, not the notional pictures of everyone in your workplace on the loo. Which is a shame, in a way, because the data is arguably a whole lot more personal, spanning everything from mental and sexual health, abuse, criminal records, ethnicity, gender, drug and alcohol history … you get it. Anyway, Care.data failed, because a ragtag band of privacy campaigners, worried doctors and MPs like David Davis campaigned their arses off, meaning that there was public debate and enough people learned about it in time to opt out. Post its collapse, the Care.data plan was described by one statistics professor as “disastrously incompetent – both ethically and technically”. Which sounds like the sort of review Mary Berry would give on Bake Off to a roulade made entirely of human ears, but which arguably has even wider implications.
And hey, the government learned its lesson. Which is to say that eight years on – literally right now – it’s doing the same thing, only in less time, without a public awareness campaign, with a trickier opt-out, and in the middle of a global pandemic. Have you, at some level, got to admire the work?
SPOILER: no. Hand on heart, it’s difficult to summon anything other than deep suspicion, born of bitter experience, about the fact that NHS Digital has barely informed GPs, waiting till the last minute to order them to submit the records of every patient under their care, where they will become a permanent and irreversible part of the new database. Neither the British Medical Association nor the Royal College of GPs have endorsed this process. Patients have until 23 June to opt out, and most don’t even know about it.
Once again, a ragtag band of privacy campaigners, concerned doctors and David Davis MP are mounting a rearguard action, with legal threats sent to the government today.
Why are experts are so worried, then, when Matt Hancock and friends only want to heal the world? Before we even answer that, do be aware that there is ALREADY a safe, secure way for researchers to access genuinely anonymised data on Covid – the Trusted Research Environment. The data NHS Digital will store is pseudonymised, and it says it’ll only be shared with commercial third parties for “research and planning purposes”. But it would be relatively simple to re-identify that data – particularly for those with cross-referencing access to other databases, to say nothing of the risk of the third-party breaches it opens up. According to the very much un-promoted page on the NHS website, the NHS will be able to unlock the pseudonymisation codes “in certain circumstances, and where there is a valid legal reason”. (You might assume they’ve called the new data grab Honestlywhat’stheworstthatcouldhappen.data, but have instead they’ve gone with GPDPR.)
As for why they’re effectively rebooting a failed plan now, with GPs already drowning in a backlog of pandemic-delayed care, it does feel like the perfect moment for the famously competent department of health to do a teeny-tiny thing they in no way need cover for.
In fact, this approach is really now so endemic in Boris Johnson’s government that it must be regarded as the official playbook: withholding vital information from the public, transparency-free procurement, secretive contracts, a pathological aversion to any kind of scrutiny – then telling anyone that finds out about it that it’s in their best interests and that they absolutely refuse to apologise for that. After the past 14 months, it would take a very big database indeed to store all the things for which the government absolutely refuses to apologise. Should you feel you’d like to opt out, if only to buy time and transparency, here’s where to go. If there’s nothing for us to worry our pretty little heads about, perhaps the government would at least do us the courtesy of openly explaining why.
Marina Hyde is a Guardian columnist