Privacy campaigners are threatening to take the Government to court unless it publicly commits to ensuring the safety of Test & Trace data, handed over to pubs, bars, restaurants, and cafés, amid growing concerns that it is open to abuse.
The customer information is already covered by the UK Data Protection Act 2018, which helps to ensure that the standards set by GDPR are enshrined in UK law. However, the Open Rights Group and Big Brother Watch have instructed data rights agency AWO to send a pre-action letter following a number of reports of businesses misusing the data.
Earlier this month, the Information Commissioner’s Office confirmed it had contacted 15 companies that provide contact-tracing services to hospitality venues in order to assess their approach to data protection responsibilities.
This came after The Times claimed that pub and restaurant customers’ personal details had been harvested and sold on without their consent.
At the time, the ICO confirmed that “collecting personal details for customer logs must not be a way to develop vast marketing databases by the backdoor”.
The privacy groups claim personal details of pub customers has also been used for harassment, with some women reporting they had been contacted by venue employees who had obtained their details through the Test & Trace scheme.
Big Brother Watch director Silkie Carlo said the organisation has “already had to act for young women who have been harassed by bar staff after their contact details were not safely kept”.
She added: “It was purely magical thinking for the health secretary [Matt Hancock] to believe that such extreme requirements, unmatched by the proper legal safeguards, would not put many people at risk. He must take urgent responsibility.
“Denying his proper legal responsibility puts an unfair burden on small businesses who are already struggling to survive”.
Open Rights Group executive director Jim Killock claimed the Government is “failing in its most basic and fundamental duty of care for its citizens”.
He continued: “We’ve long argued that we won’t be able to defeat a global pandemic without building and maintaining public trust in Government’s public health measures. The Government’s refusal to ensure its Test & Trace programme protects people’s data further erodes trust in arguably the most important tool in preventing a second wave of coronavirus infections.
“This is extremely concerning as we’re about to experience a possible second wave of infections across the country during the winter months.”
In a statement, the Department of Health & Social Care said: “Test & Trace is committed to the highest ethical and data governance standards and there is no evidence of data being used unlawfully.
“It is vital we do all we can to control the spread of the virus. Businesses have already stepped up to ensure they are supporting the NHS Test & Trace effort – it is essential that they keep contact logs and display NHS QR codes so there is consistency across the country and the public can seamlessly provide their details.”
Related stories
Govt-backed Covid app hit by SamCam marketing gaffe
Ex-Sainsbury’s chief to bring retail nous to Test & Trace
Oi Graham, no! IT man cuffed for PPE spam email push
DMA warns contact tracing app will flop without trust
Industry backs Covid plan and calls for targeted action
DMA calls for extra help as Covid wipe-out fears grow
Bristol firm pummelled for ‘profiteering from Covid-19’