Second ICO registration queries: FOI release

Information requested

1. Why and on what (Scottish or U.K. Reserved) legal grounds or legal exemptions is a Scottish National Party MP a ‘third party’ of the SNP &/or Scottish Government (currently in governing power in Scotland).
2. What was the Data harvesting nature of this secondary Scottish Government & Ministers ICO registration number.
3. Was this new ICO registration Data harvesting SNP Scot Gov employee ‘body’ harvesting digital face images from NHS Scotland/CoVID app (which the Scottish Government Data Protection Officer Mr Gardner was reprimanded early 2022 by ICO along with NHS Scotland for breaching the Data Protection Act 2018), and further Social Security Scotland same process of recording photographs, digital (via its subcontractors) or otherwise for Disability claimants as ‘ID checks’ were these further illegal Data Protection Act image data harvesting being handled by the new ScottishGovernment/Ministers ICO Data registration number.
4. Further, what other Scottish Government public bodies or Scottish Parliament/corporate bodies were falling under the remit of this new ICO registration number and what Data was being sent or processed by the new Scottish Government/Ministers ICO registration number & address.
5. What date past this 20 day FOI review will Ms Sturgeon be publicly announcing in the ‘public interest’ the failures of her Scottish Government & Ministers with regards to the Data Protection Act breaches & staff misconduct to conceal another data protection Scottish Government failure. Further Ms S be ensuring Scotland Data Protection is above the course of the U.K. minimum standard by introducing a bill to review its own internal data protection failures to avoid other Scottish organisations & customers of such are appropriately protected from fury what failures such as this incident, NHS Scotland Covid app, NHS Scotland Trakcare 2017-2018 national data breach, Police Scotland data breach (including sharing sensitive information Databases with third Sector parties) among other Scottish Government bodies including the Judiciary own data breaches of the Data Protection Act in concealing data breaches by SPSO & SCTS & itself. Police Scotland data breaches: FOI https://www.scotland.police.uk/spa-media/ianfgal3/22-0838- foi-response.pdf

Response

1. Why and on what (Scottish or U.K. Reserved) legal grounds or legal exemptions is a Scottish National Party MP a ‘third party’ of the SNP &/or Scottish Government (currently in governing power in Scotland).

• The Scottish Ministers is the devolved government for Scotland, and was established by the Scotland Act 1998.
• The Scottish National Party is a political party which makes up the current government in Scotland in coalition with the Scottish Green Party following the 2021 Scottish Parliamentary election.
• While an MSP stands for election as a member of a specific political party, their office is considered a separate organisation from either of the above entities, and as such is a data controller in its own right.

2. What was the Data harvesting nature of this secondary Scottish Government & Ministers ICO registration number.
   The Scottish Government does not have the information you have asked for because we did not carry out the ICO registration you are referring to. This is a formal notice under section 17(1) of FOISA that the Scottish Government does not have the information you have requested.
3. Was this new ICO registration Data harvesting SNP Scot Gov employee ‘body’ harvesting digital face images from NHS Scotland/CoVID app (which the Scottish Government Data Protection Officer Mr Gardner was reprimanded early 2022 by ICO along with NHS Scotland for breaching the Data Protection Act 2018), and further Social Security Scotland same process of recording photographs, digital (via its subcontractors) or otherwise for Disability claimants as ‘ID checks’ were these further illegal Data Protection Act image data harvesting being handled by the new ScottishGovernment/Ministers ICO Data registration number.
   The Scottish Government does not have the information you have asked for because we did not carry out the ICO registration you are referring to. Information about the Covid Status App can be found here: NHS Scotland COVID Status | NHS inform. This is a formal notice under section 17(1) of FOISA that the Scottish Government does not have the information you have requested.
4. Further, what other Scottish Government public bodies or Scottish Parliament/corporate bodies were falling under the remit of this new ICO registration number and what Data was being sent or processed by the new Scottish Government/Ministers ICO registration number & address.
   The Scottish Government does not have the information you have asked for because we did not carry out the ICO registration you are referring to. This is a formal notice under section 17(1) of FOISA that the Scottish Government does not have the information you have requested.
5. What date past this 20 day FOI review will Ms Sturgeon be publicly announcing in the ‘public interest’ the failures of her Scottish Government & Ministers with regards to the Data Protection Act breaches & staff misconduct to conceal another data protection Scottish Government failure. Further Ms S be ensuring Scotland Data Protection is above the course of the U.K. minimum standard by introducing a bill to review its own internal data protection failures to avoid other Scottish organisations & customers of such are appropriately protected from fury what failures such as this incident, NHS Scotland Covid app, NHS Scotland Trakcare 2017-2018 national data breach, Police Scotland data breach (including sharing sensitive information Databases with third Sector parties) among other Scottish Government bodies including the Judiciary own data breaches of the Data Protection Act in concealing data breaches by SPSO & SCTS & itself. Police Scotland data breaches: FOI https://www.scotland.police.uk/spa-media/ianfgal3/22-0838- foi-response.pdf
   The answer to your question is that data protection is not a devolved power, so the Scottish Government does not have any powers to create legislation in this area, in relation to itself or any other organisation.

About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.