If approved, the amendment would pave the way for ministers to issue guidance on data processing by their own departments and other public bodies.
The proposal has already drawn criticism from privacy group MedConfidential, which argues that the clauses “legalise government using data for anything it wishes”.
In its response to the plans, the ICO stated: "Whilst [the Information Commissioner] understands the relevance of considering any guidance about the legal basis of government functions, the provision runs a real risk of creating the impression that the commissioner will not enjoy the full independence of action and freedom from external influence when deciding how to exercise her full range of functions as required by Article 52 of the GDPR.
"Introducing a statutory requirement on the commissioner to take the secretary of state’s framework guidance into account is not required as the commissioner already takes into account relevant statutory and sectoral guidance when exercising her functions. Should she fail to do so she would be open to judicial review and this failure could also be scrutinised on appeal arising from her enforcement action," the ICO said.
The watchdog said that it could provide "greater assurance" that it would take the Government's guidance into account in the wording of its own guidance that it would be obliged to produce under the Bill, as currently drafted.
The ICO also said it was concerned that the Government could issue new guidance on data processing that overlaps with guidance it has already produced on the issue of data sharing on the public sector.
"It will be important to ensure that any guidance produced by the secretary of state is consistent with this existing body of statutory guidance," the watchdog said.
Thank you for your input
Thank you for your feedback
DataIQ is a trading name of IQ Data Group Limited
10 York Road, London, SE1 7ND
Phone: +44 020 3821 5665
Registered in England: 9900834
Copyright © IQ Data Group Limited 2024