Former data commissioner to lead external review
Review to examine use of mobile messaging apps and non-corporate devices.
An externally-led review into the Scottish Government’s use of mobile messaging apps and non-corporate devices is to be led by former Channel Islands data protection commissioner Emma Martins.
The review, which was commissioned by First Minister Humza Yousaf, will also explore if updates are required to both the Ministerial Code and Scottish Civil Service Guidance with a particular focus on the government’s interaction with statutory Public Inquiries.
The scope will extend to whether the use of apps is relevant in a government setting and where and how relevant data should be stored and retained. Ms Martins will also examine the value of messaging apps to Ministers in emergency situations and draw on best practices used in other jurisdictions to inform her work.
Minister for Parliamentary Business George Adam said:
“We are committed to openness and transparency and constantly seek to maintain and improve our performance in this area which is why the First Minister commissioned this important external review.
“It will consider how mobile messaging apps and personal devices are used in government in line with the principles of digital ethics, records management, freedom of information, and human rights. It is hugely significant then that someone with Ms Martins' impeccable credentials has been appointed to lead this independent, externally-led review which will further enhance our robust processes.
“She will bring a wealth of experience to the review process and has worked in the data protection field for 25 years. I have no doubt her impartial expertise will prove vital in further strengthening our approach to the use of informal communications as technology increasingly integrates into all our lives.”
Emma Martins said:
“I am grateful for this opportunity to support the Scottish Government as they reflect on recent events and seek to learn from them. In delivering this external review, I will look carefully at the current practices of government with the objective of producing appropriate, meaningful and deliverable recommendations for them going forward.”
Background
Ms Martins will explore the following:
Area of Review | Areas for consideration | Other considerations |
Use of Mobile messaging apps in Scottish Government |
Should Ministers and officials use mobile messaging apps (including WhatsApp, text messaging and others) in relation to the conduct of Scottish Government business? What is the value of mobile messaging apps in emergency and emergent situations? If mobile messaging apps are to be used, what information from these apps should be retained, beyond that which is required to meet the requirements of records management policy? Further, how should that information be retained (for example, should the saving of this information require the source of information be retained)? Given that the UK Covid-19 Inquiry has adopted the approach that all texts and mobile messages are potentially relevant to its investigations, is there a change needed to the definition of corporate value in relation to mobile messages and texts? What is the position on use of mobile messaging apps in the rest of the UK (including other devolved administrations), and in selected other countries across the world considered best practice in this area. |
Statutory duties of Ministers and officials: do these require specific types of communication? If so, what type and by what means? Does the use of mobile messaging apps or non-corporate technology interfere with the discharge of these functions? The private lives of Ministers and officials – where do human rights considerations interact with formal, professional duties? Where applicable and outwith the terms of the Intervention or possible Keeper involvement, the interaction with existing legislation in relation to records management, freedom of information and data protection. What issues are raised and is use of mobile messaging apps practicable? Should the Keeper be invited to review practice, these terms would require to be adjusted further. The business of government – and how to undertake this efficiently and effectively. Active versus passive choices on communication styles (telephone call versus message). |
Non-corporate technology |
Should non-corporate devices be used in relation to the conduct of Scottish Government business by Ministers and officials? What is the value of non-corporate technology in emergency and emergent situations? In relation to devices, both corporate and non-corporate, is there adequate process in relation to changing devices, both for reason of updates and in case of accident? What is the position on use of mobile messaging apps in the rest of the UK (including other devolved administrations), and in selected other countries across the world who are considered to follow best practice in this area? |
Data security and data sovereignty. National security. Device support and data recovery. |
Scottish Ministerial Code and Scottish Civil Service Guidance |
Are updates required to the code? Are the Principles of Public Life sufficiently considered in the use of mobile messaging apps and non-corporate technology? Should separate guidance on interactions with Ministers and others on mobile messaging apps and non-corporate technology be developed? |
Ms Martins began her career as a data protection officer in the public sector, before moving to work in the regulatory office for Jersey in 2002. She has no previous links to the Scottish Government. Ms Martins has been appointed on a three-month contract initially with scope for this to be extended. She will be supported to access all relevant documentation by civil servants and information generated by the review will be saved and retained as part of the Scottish Government’s corporate record.
There is a problem
Thanks for your feedback