Developments In European Data Protection Law In The Context - Part 2

93. The Joint Committee's concerns applied even more so to the proposed amendments to the Data Protection Act 1998, now embodied by clause 66. In the words of the Committee, this clause "contemplates disclosure of sensitive personal data to any person to whom the arrangements of any anti-fraud organisation happen to provide for disclosure." The Committee went on:
    
    

    In our view this amounts to an inappropriate delegation of discretion to anti-fraud organisations to decide to whom they will disclose sensitive personal data. Moreover, any anti-fraud organisation can make such disclosures, not merely those specified by order by the Secretary of State. The concerns we have expressed above about the lack of proper safeguards against improper disclosure on the face of the Bill therefore apply with even greater force in relation to this provision.

94. The Joint Committee appeared to have fewer concerns over data matching, and these may conceivably receive further amelioration by amendments subsequently made to the Bill. These amendments include a requirement on the Audit Commission (and analogous bodies in Wales and Northern Ireland) to publish a code of practice on data sharing which it would be under a statutory duty to prepare. In addition, a government amendment, moved at report, inserted the following condition attaching to data matching exercises:
    
    

    A data matching exercise may not be used to identify patterns and trends in an individual's characteristics or behaviour which suggest nothing more than his potential to commit fraud in the future.

95. Finally, the Information Vision Sharing Statement published by the Department of Constitutional Affairs in September 2006. This document identified the benefits of information sharing as reducing fraud but also improving opportunities for the most disadvantaged (!) and better, more effective and targeted policy implementation. The report exhorted public authorities to stop using the DPA to justify unnecessary barriers to sharing information' and suggested that the policy would ensure that rights under the DPA would be fully respected'. Unsurprisingly the report lent its support to the proposal that public authorities should be allowed to join CIFAS.
    
    
96. Opponents of the current drive are concerned about the amendments being made to the DPA to allow the sharing to take place but in the absence of any Code of Practice being issued or the jurisdiction of the Information Commissioner being established. Liberty argues that the Government treats our privacy as an inconvenience rather than a fundamental right'. For his part, the Information Commissioner says he wants to see more public sector data sharing (having presided over the Bichard Enquiry and pensioners freezing to death) but says that privacy must be carefully guarded.
    
    
97. It is also interesting to note at the same time this debate has been going on the Information Commissioner has been lobbying for an increased penalty for the offence under section 55 of the DPA (obtaining data without consent). These calls materialised in clause 75 of the Criminal Justice and Immigration Bill placed before parliament yesterday, which provides for an increase from the current maximum of a fine only to 12 months following summary trial and two years on indictment.
    
    
98. There is also concern that the proposals do not pay any respect to the finality principle, which underpins the European legislation upon which the DPA is based. The principle requires that information gathered for a particular purpose must only be processed for that purpose. It is a little hard to see how that squares with the governments proposals; perhaps a European challenge will be the only way to find out.
    
    
99. As is common with this sort of debate, the government has used the carrot of the better and more efficient provision of public services' and the stick of detecting and preventing crime. However, whilst one cannot (literally) argue with the carrot, do we all wish to be treated as though we are fraudsters or criminals. And what happens when data is inaccurate, out of date or just plain wrong? I am sure all of us have experience of trying to persuade a public authority that its data is wrong.
    
    

Assessing The Kent Pharmaceuticals Litigation

100. This is a case brought by the Department of Health against suppliers of generic drugs who had a long standing price fixing cartel between them. The SFO began an investigation in early 2002 following allegations that drug companies (of which Kent Pharmaceuticals Ltd) which were selling generic drugs, including penicillin-based antibiotics and warfarin to the National Health Service at artificially sustained prices. This included warrants to search premises which led to a search at KP premises and a large volume of material and documentation.
     
     
101. Independently the relevant investigative branch with the Department of Health, the Counter Fraud and Security Management Service (CFSMS) had itself obtained evidence to suggest that anti-competitive arrangements in respect of warfarin had been put in place by pharmaceutical companies to take effect from January 1997 onwards.
     
     
102. On 20 December 2002 civil proceedings were commenced in relation to warfarin against three groups of companies. They did not include KP because at that stage the Secretary of State did not have sufficient evidence to justify joining KP as a defendant. The Secretary of State also sought from the SFO urgent disclosure of any warfarin-related documents obtained when the warrants had been executed in April 2002.
     
     
103. On 16 January 2003 the Director of the SFO wrote to Kent Pharmaceutical's solicitors indicating that on 14 January 2003 documents obtained on the searches had been disclosed to the Department of Health pursuant to the statutory power to do so under section 3(5) of the Criminal Justice Act 1967.
     
     
104. The use of parallel sanctions: the Department of Health vigorously pursued civil litigation to recover monies which it had been overcharged (it recovered at a rate of return of 12 times its investment in the litigation). Criminal trial is contemplated although recent set back given ruling in House of Lords (connected to the Norris case) that prior to the commencement of the Enterprise Act 2002 in price fixing did not amount to an offence (the argument had been that it amounted to conspiracy to defraud).
     
     
105. The passing of information by the SFO to the DOH was challenged in the courts: R (on the application of Kent Pharmaceuticals Ltd v Director of the Serious Fraud Office [2004] EWCA Civ 1494 - ruling re section 188 Enterprise Act 2002 versus conspiracy to defraud (commenced 20 June 2003).
     
     

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.