The Value of Data

The Government faces a difficult task in balancing the effectiveness of its proposed track and trace process, with the privacy and data protection concerns of the public. Fundamentally, the public are willing to provide access to personal data information, but only on the understanding that access is essential, it is processed securely and that there is a clear and material benefit to be gained, such as addressing a public health crisis.

In this instance, the main data collection of track and trace will be undertaken manually or through an app. This was due to be launched in mid-May, with thousands of ‘tracers’ employed to speak with those at risk of infections. This was also due to be coordinated with a mobile phone app, designed to collect data from an individual’s mobile phone and identify other devices within a close proximity. Following a delay, manual contact tracing is up and running, but controversy over the app rumbles on, with the Government announcing a complete switch in its approach late last week.

Where the Government had previously favoured a centralised model, with a central server hosting and processing data, it has now decided to abandon that approach moving to the decentralised Apple/Google technology. It appears, despite claims of a successful pilot programme, that the Government’s original app was the worst of all worlds: data was transferred from the user’s phone to a central hub, raising privacy concerns, thus rendering it ineffective. Reports suggest that the centralised app failed to register a nearby iPhone over nine out ten times. It is clear that the Government failed to successfully pre-empt and navigate the privacy and accessibility concerns inherent in delivering a data-driven approach to a healthcare problem.

Learning the Lessons

To understand potential challenges when handling the issue of patient data, Ministers should look back to 2014 when the Coalition Government passed the Care Act. While much of this Act had a broader focus, a number of provisions related to the Government’s ill-fated Care.Data programme. This was a scheme that would provide access to anonymised health data to help improve care and spot trends. Whilst the public supported the principle of the NHS using their data, in practice the scheme fell apart due to a failure to build a consensus around the aims and objectives of the programme.  For instance, the BMA, patient groups and others were all critical after the Government did not provide sufficient reassurances on privacy concerns.

Whilst the use of Track and Trace in the context of a pandemic provides a different situation, there are a number of relevant lessons the Government must learn to ensure the success of the scheme.  For instance, the BMA has already expressed some concern over the Track and Trace app, calling for assurances about Data Protection in May.  The bottom line is that to be effective, Track and Trace has to collect a lot of data. How the Government collects that data and how it addresses the balance between protecting privacy whilst obtaining the granular insights will determine the success of the programme. The Government must avoid a situation where the system collects enough personalised data to be effective, but too many people opt out over privacy concerns.  Similarly, a scenario where the system collects superficial data with high compliance represents another pitfall. It’s a fine line to tread.

Efficacy, Necessity and Trust                                                                                            

How the Government addresses this central issue is ultimately a political choice and where there is political choice, there is political risk. When it comes to handing over personal data, the public is savvier and more sceptical than ever. The last thing the Government will want to do is to make downloading an app mandatory and so Ministers will have to be more open about what data will be collected from personal devices and how it will be used to build public trust.

There are two fundamental points: efficacy and trust. The app has to function and provide the service it is intended for and the public has to be able to trust that their data is secure. Without either of these in place, the programme will fall down. If it isn’t clear that the app is working, people will understandably ask why their data is required and likewise, if their data isn’t secure, individuals will simply not participate voluntarily. These trade offs are clearly apparent in the Government switching to the Apple/Google app model – data is retained on the user’s phone rather than centrally collected.

Polls show that the public is losing faith in the Government’s response with the number of people that consider the Government is doing a good job falling in recent weeks.   Too often, the Government has fallen into the trap of moving from quick wins to rushed announcements. These quick wins haven’t always materialised and the rushed announcements have left more questions than answers. Even more questions will now be raised following the Government’s decision to abandon it’s original plan for the app. History shows that the public will not accept a rushed job when it comes to personal health data. Even if it means a delay to the launch of the app, taking the time to get it right and to build public trust is critical.

If you would like to know more, please contact Lexington North’s senior consultant Ben Miller.