UK program involving electronic monitoring of migrants could be unlawful, data regulator says
The UK’s data protection regulator censured the Home Office — the ministerial department responsible for immigration, security and justice — for its pilot program that required up to 600 migrants to wear electronic monitoring tags for tracking purposes.
The regulator, known as the Information Commissioner’s Office (ICO), announced Friday that it issued an “enforcement notice” ordering the Home Office to update its policies due to its failure to properly assess how its electronic monitoring program threatened migrants’ privacy.
It also formally warned the Home Office that if it repeats mistakes it made with regard to processing migrant data it will “attract enforcement action” for breaching the country’s data protection laws.
The ICO said it has been in conversations with the Home Office since August 2022 about its program placing monitoring technology on hundreds of migrants on immigration bail, and it remains unsatisfied with the answers it received.
In addition to not assessing the privacy problems raised by the monitoring, the ICO criticized the Home Office for failing to clearly explain to affected migrants what data it was collecting, why it was collecting it, how long it would be stored and who would have access to it.
The pilot was designed to test the efficacy of electronic monitoring as a way to stay in touch with migrants seeking asylum, the ICO said. It also was meant to see if monitoring could replace detention and make flight less likely.
Electronic monitoring of migrants has been used since 2004 in the U.S. and is now a widespread practice. U.S. Immigration and Customs Enforcement was electronically monitoring more than 190,000 migrants in December 2023, according to a report on the practice released by the American Bar Association last week.
“Having access to a person’s 24/7 movements is highly intrusive, as it is likely to reveal a lot of information about them, including the potential to infer sensitive information such as their religion, sexuality, or health status,” UK Information Commissioner John Edwards said in a statement. “Lack of clarity on how this information will be used can also inadvertently inhibit people’s movements and freedom to take part in day-to-day activities.”
The pilot program was not legally compliant, Edwards said, since the Home Office failed to consider the dangers of the monitoring data being mishandled.
“I'm sending a clear warning to the Home Office that they cannot take the same approach in the future,” Edwards said. “It is our duty to uphold people’s information rights, regardless of their circumstances."
The pilot program ended in December, but the Home Office continues to have access to the information gathered until the data has been deleted or anonymized, the ICO said. It said that as a result the information can still be used by both the Home Office and third parties.
Suzanne Smalley
is a reporter covering privacy, disinformation and cybersecurity policy for The Record. She was previously a cybersecurity reporter at CyberScoop and Reuters. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and two presidential campaign cycles for Newsweek. She lives in Washington with her husband and three children.