Data Sharing between Public Bodies

Current project status

  • Initiation: Could include discussing scope and terms of reference with lead Government Department
  • Pre-consultation: Could include approaching interest groups and specialists, producing scoping and issues papers, finalising terms of project
  • Consultation: Likely to include consultation events and paper, making provisional proposals for comment
  • Policy development: Will include analysis of consultation responses. Could include further issues papers and consultation on draft Bill
  • Reported: Usually recommendations for law reform but can be advice to government, scoping report or other recommendations

This scoping project is complete. We laid our report before Parliament on 10 July 2014 and await Government’s response

Data sharing affects us all.  Public bodies report that they cannot always share the data they need to share and, as a result, miss out on opportunities to provide better services to citizens.  At the same time, the protection of privacy is fundamental to any data sharing regime.

The law surrounding data sharing is complex.  Powers to share data are scattered across a very large number of statutes and may be set out expressly or implied. In addition, there are common law powers.  The Data Protection Act 1998 sets the limits on data sharing and the rules for handling personal data.  The law of confidentiality protects confidential or private information.  Contract, employment and European Union law plays a part, as does the European Convention on Human Rights.  There are also professional regulations, such as those that prohibit doctors from breaching the confidentiality of their patients.

In this scoping project we considered the following questions:

  • Are there hurdles to effective data sharing between public bodies (including private bodies engaged in public service delivery)?
  • Are those hurdles inappropriate?
  • How far do problems in data sharing stem from the law?
  • How far do problems in data sharing stem from other causes, such as a lack of training or guidance, organisational incentives and disincentives?
  • Would law reform solve or mitigate the problems?

The project

The project originated from a proposal made by chief commissioners of police in response to our consultation on what projects the Law Commission should undertake.  On initial examination, we could see that there were significant problems in practice, in understanding the law relating to data sharing, and in consistent application of the law in practice, but could not see a clear problem with the law itself.  Law Commissioners approved a scoping project as part of the Eleventh Programme of law reform in July 2010 to decide whether a full law reform project should be recommended.

The project commenced in April 2013 and we published a consultation paper on 16 September 2013.  The paper outlined the law and asked 22 broad questions.  During the public consultation period, we attended some 50 meetings and events.  These events covered a wide audience, including government departments and other public bodies, the Information Commissioner, the Scottish and Welsh Governments, local government, service providers and representatives from charities, campaigning organisations, academics and lawyers.  We heard a wide range of views and gained a great deal of evidence about how data sharing operates in practice.

We received 87 written responses to the consultation paper, from a range of different individuals and organisations.  We published our report, including our analysis of consultation responses on 11 July 2014.

We have worked closely with Cabinet Office and have liaised with the Ministry of Justice throughout this project, and they will both decide whether to refer a full law reform project to the Law Commission.


We made three recommendations.

  1. We recommend that a full law reform project should be carried out in order to create a principled and clear legal structure for data sharing, which will meet the needs of society.  These needs include efficient and effective government, the delivery of public services and the protection of privacy. Data sharing law must accord with emerging European law and cope with technological advances.  The project should include work to map, modernise, simplify and clarify the statutory provisions that permit and control data sharing and review the common law.
  2. The scope of the review should extend beyond data sharing between public bodies to the disclosure of information between public bodies and other organisations carrying out public functions.
  3. The project should be conducted on a tripartite basis by the Law Commission of England and Wales, together with the Scottish Law Commission and the Northern Ireland Law Commission.

We consider that the project could usefully include consideration of the functions of the Information Commissioner in relation to data sharing, including the Commissioner’s enforcement role.  The work of other bodies providing advice and guidance should be explored to improve the consistent application of data sharing law across government and in public service delivery more widely.

The investigation should also include consideration of “soft law” solutions such as codes of practice, as well as advice and guidance, training of staff, and ways of sharing best practice in the management of data sharing between public bodies.

Documents and downloads

Project details

Area of law

Public law


Nicholas Paines KC