Public dialogue on the use of data by the public sector in Scotland

Ethical guidelines

Themes underpinning the guidelines

The public dialogue raised a number of themes that were important for participants when considering past and future projects. These were reflected in the ethical guidelines formed by the panel and are summarised here for further context.

Purpose

Participants felt that use of data by the public sector should have a clearly defined purpose and scope, to avoid misuse of individuals’ data.

Throughout the public dialogue, participants expressed an interest in understanding the reasons for public sector use of data about citizens, how that data would be used, and who it would be used by. Participants generally trusted the public sector in Scotland to use their data appropriately, but felt that having these elements clearly defined and explained would provide the public with further reassurance that data were not being used inappropriately or without limit.

Underlying this need for reassurance was a broader concern about privacy, and a desire to avoid personal information about individuals being accessed unnecessarily. In the first session, questions such as “what information do they have about us?” and “why do they think they need it?” were raised, reflecting a need for greater understanding of the existing procedures in place for use of and protection of data. In line with previous public engagement research, participants were not fundamentally against their data being used, but wanted to know that it was being well-managed and protected.

“I am interested in the way data is used, and slightly concerned about the awful lot of data out there. It might be misused and there might be misinterpretation of data.” (Session one)

Transparency

Participants wanted to see openness, honesty and clear information being made available about the use of data about citizens by the public sector.

Transparency has been an issue raised in previous public engagements on data use (as noted in the introduction) and this public dialogue was no exception. The need for transparency went hand-in-hand with the need for a clearly defined purpose and agreed scope. Participants felt that there should be openness about these aspects of a data-led project, with the public having the opportunity to find out more if they wanted to. Again, this came back to a desire for reassurance about data being well-managed and there being a degree of control over who can use their data.

“It comes back to that purpose. How clear are the reasons for [using data]? What will you then use it for? Is it just for that piece of work or is it being kept in use for lots of other things? It’s all linked back to transparency. It’s about being really clear about what it’s for.” (Session six)

Public benefit

The panel agreed that the use of data were only acceptable if there was a clear public benefit, or public good.

It is first worth noting that the terms public benefit, public good and public interest were used interchangeably by participants (though they mostly referred to public benefit). In session one, all three terms were introduced by one of the specialists as possible justifications for using data, but participants were not given detailed definitions and the distinctions between them were not outlined.

The concept of public benefit was difficult for participants to articulate. When asked how they interpreted this term, participants used fairly broad statements such as “something that benefits society”, “something that improves the lives of individuals” and contributes to “a happy society.” They felt that benefits could be wide-ranging, but suggested they would include improved quality of life, health and wellbeing, safety and security, and a reduction in harm. It was stressed, however, that public benefit or public good were subjective concepts, dependent on an individual’s values and ethics.

“Public good is never the same for everybody. What’s good for one might not be for another. It’s very difficult to tie down… I look at how it’s going to benefit me and my family.” (Session five)

There were differing views on whether public benefit applied to the whole population, or whether it could apply to a small section of society. On balance, after deliberation, it was felt that public benefit could apply to a smaller group as long as this was not at the detriment or harm of other people.

“Not every project will have benefits for every member of the public. That’ll never happen. But if it’s targeting minorities, it’ll definitely benefit those individuals, so it is still public good.” (Session five)

Public benefit and private sector involvement were not seen as mutually exclusive. While there were some concerns about private sector use of data, generally it was accepted that use of data by private sector organisations may contribute to a wider benefit to society. However, where the use of data were solely motivated by private sector profit, participants felt that this would not pass a public benefit test.

Ultimately, in developing their guidelines, participants did not give a specific interpretation of what public benefit means. They instead suggested that each data-led project should include an explanation of how public benefit has been interpreted and how the project meets that definition.

The issues relating to private sector involvement and public benefit were explored further in additional workshops. A separate report of the findings can be found on the Scottish Government website.

Data quality

Participants stressed the need for decisions to be made on the best possible information available, meaning data should be as up to date and accurate as possible.

The quality of data was raised in the first session and continued to be a theme throughout the deliberations. Quality was linked with confidence in decision-making, with the feeling that data-driven decisions could only be reliably made if the data was accurate. This was a theme in participants’ review of past projects. For example, they felt that inaccurate data might have led to people being left on the shielding list, or that gaps in equalities data might lead to policy decisions that do not adequately reflect the needs of those groups. Participants therefore wanted reassurance about quality assurance systems being in place, particularly if a data-led project involved multiple organisations that may have different quality standards.

“One aspect that stood out to me is the quality of data. You can have a mass quantity of data, but the usefulness could be zero. Quality over quantity.” (Session six)

There was also some scepticism about the quality of data being held by public sector bodies. For example, participants gave examples of receiving communications about their health conditions during COVID-19 which were not accurate. They therefore emphasised the importance of the public sector using up-to-date information, particularly when making decisions that could impact on health and wellbeing. This led to the suggestion that data sharing projects should be required to meet a minimum quality threshold before they go ahead.

Linked to data quality was a concern that data could be misinterpreted. It was felt that, even when data are up to date, it can be interpreted differently. While it was acknowledged that there may always be a risk of different interpretations of information, it was suggested that future data quality mechanisms should include some guidance on how to interpret data.

Accountability

While there was recognition that legislation was in place to govern the use of data, participants felt that an independent body should oversee decisions about data use and hold organisations accountable for any misuse of data.

Much of the discussion around accountability related to the need for a system of governance and oversight of the public sector use of data. While participants were generally reassured by existing systems in place via GDPR and data protection legislation, they nonetheless stressed that organisations should be required to meet these standards and held accountable for any misuse. They therefore wanted assurance that there was oversight of organisations’ adherence to these existing legislative conditions.

A clear process of governance and accountability was seen as particularly important when there were multiple organisations involved in sharing or using data, as there was a perception that data being passed between organisations would introduce a risk to data security. Having an independent body to oversee this process was therefore seen as an important way of minimising this risk. This led to the suggestion of an independent panel to help make decisions on whether public sector use of data should go ahead or not.

There was some confusion about the role of the DIN itself, and the extent to which it already fulfilled this oversight function. The information provided about the DIN gave some reassurance that there was a system in place to oversee public sector use of data, in particular the ethical framework that the DIN expects members to adhere to when running data projects. However, there was also confusion about what the exact role of the DIN was, and for some this persisted throughout the deliberations.

Overall, the emphasis was on a need for independent oversight of the use of data and clear sanctions for the misuse of data.

Public involvement

Participants felt it was important for the public to be involved in decisions about public sector use of data but there were different views on the nature of this role.

One view was that the public should be involved in forming principles around acceptable use of data, much like the process used in this public dialogue, but that decisions about whether or not a project goes ahead should be confined to specialists with expertise in data. Another view was that the public may not be “data experts” but that they should still have a say on whether or not use of their data should go ahead.

Participant 1: “The public need to be there to say, ‘these are the objective principles I want you to adhere to for any [data] project.’ But when it comes down to judging a project on its merit, at that point you have to be confident that experts are in place to judge the project in line with the principles given by the public…”(Session six)

Participant 2: “At the end of the day, it’s public data so the public should decide if data is used for that project and every project should be the same.” (Session six)

Urgency

There was an understanding that context can have an impact on whether data use is deemed acceptable or unacceptable. In an emergency situation, the panel felt that some flexibility in the guidelines surrounding data use may be needed.

When participants considered the different examples of public sector use of data, it became clear that there was no single, one-size-fits-all approach to deciding on whether and how data should be used. Participants acknowledged that during COVID-19, data needed to be accessed quickly and that it may not have been possible to consider all the potential ethical implications at the time. For instance, there was one view that it would not be appropriate to seek approval from a panel involving members of the public for the use of data in an emergency or urgent situation, as this would place an unreasonable burden on them to make decisions under pressure without time for them to understand the issues fully.

There was an understanding that, in an emergency situation where there is a threat to life, there may need to be flexibility in some of the ethical guidelines to ensure decisions can be made quickly by those in an appropriate position.

They therefore felt that each data-led project needed to be judged on a case-by-case basis. To help clarify whether guidelines might need to be flexed, participants felt it was important that there was an agreed definition of what constitutes an emergency. They felt this could refer to situations where there was a threat to life, but felt a more widely agreed definition was needed.

“It completely depends on the circumstances. An emergency, like COVID and the shielding list, is completely different to [a project about] the use of transport…we can’t really treat it all the same.” (Session six)

Guidelines produced by the panel

The core question that the panel was asked to consider was “What guidelines should the public sector follow when using citizens’ data?” The guidelines developed by the panel are presented in this section, grouped under five key themes.

The guidelines were developed iteratively by participants over the course of the public dialogue. The wording of the guidelines largely came from participants themselves and reflect the language they used. Where any edits to wording were made by Ipsos, this was to correct repetition or duplication, to reorder points into a more logical flow, or to correct any minor points of fact.

When using citizen’s data, the public sector should manage the scope by:

• Ensuring the purpose for using the data is clearly defined and the data is used only for that purpose. Timescales for use should be clearly defined.
• Having a clearly agreed justification for using citizen’s data (i.e. if there is a clear public benefit) and ensuring that only data that is necessary for the project is used.
• Ensuring that data are not used solely (directly or indirectly) for profit by private sector organisations. The public sector should ensure that private sector partners only use data proportionate to the specific purpose it was collected for.
• Not using data outside the scope of any consent that applies to the data.
• Not sharing data beyond the agreed organisations. If more organisations are included later in a project, they should go through an ethical assessment.

When using citizens’ data, the public sector should ensure there is transparency by:

• Making clear what data are being used and for what purpose.
• Making clear which organisations can access the data, and why.
• Specifying how long data will be stored for before deletion.
• Ensuring an ethical assessment is carried out once the scope of the project is known.
• Ensuring the public can easily access information about the project, including: what data are being used and for what purpose, how long data are stored before they are deleted, and a summary of findings or impact of project (where it is legally possible to do so and where individuals are not identified).

The public sector should ensure the use of citizens’ data is in the public benefit by:

• Clearly defining and explaining what the public benefit is.
• Considering whether the public benefits of using the data clearly outweigh the risks. Any potential harms from use of the data need to be analysed and weighed against benefits.
• Considering negative impacts to the public and/or the environment or economy, with possible longer term impacts also considered. Projects that benefit or make a positive impact on a small number of people can be in the public benefit, provided they do not negatively impact others, the environment or the economy.
• Ensuring that identifiable data are only used if it meets the standard of achieving public benefit.

When using citizens’ data, the public sector should ensure data quality by:

• Establishing and publishing a minimum quality standard for data projects (that includes consideration of how much data is needed). The extent to which data projects meet the threshold for data quality must be checked and continually assessed by the team delivering the project. If there is involvement from the private sector, these checks should be made by someone from government/public sector.
• Using up to date data that matches the agreed purpose and specific scope.
• Ensuring data are held securely for an agreed period after a project to allow for quality checking.
• Determining who can access the data and monitoring who has accessed the data.

When using citizens’ data, the public sector should ensure there is accountability by:

• Clearly documenting the process used to decide whether the project should go ahead (to an agreed formal structure).
• Ensuring there is a hierarchical organisation chart to show who is responsible/accountable for each aspect/stage of the project.
• Seeking approval and oversight from an independent panel on whether a data project should go ahead or not, including whether public benefits outweigh risks. The panel should make decisions based on what is in the best interests of the public and there should be no declared conflicts of interest on the panel.
• Consulting members of the public on the acceptability of the use of the data (for determining principles but not to decide if a project should go ahead or not – this is the role of the independent panel).
• Ensuring an ethical assessment is carried out once the scope of the project is known.
• Taking responsibility when something goes wrong and stopping the project if necessary.
• Ensuring there is independent oversight from a third party (e.g. ICO and DIN) for projects involving the private sector, with clear sanctions for misuse (criminal and civil).

When using citizens’ data, the context should be considered, by:

• Defining what constitutes an emergency. Any impacts of flexing guidelines in this context should be assessed continually, as far as practical, and after the fact (including any lessons learned).
• In an emergency situation, such as where there is threat to life, it may be necessary for data to be used that was not part of the original scope.
• In the event of an emergency the use of identifiable data can be justified. If the private sector is involved, there should be clear rules about what private sector organisations do with data after an emergency including when they are deleted.
• In an emergency situation, it may be necessary for the timescales for data retention and deletion to be reviewed and extended.