Councillors accuse Glasgow City Council of breaching data protection law

Glasgow city councillors have alleged that their communications with their constituencies are being shared with third parties in a possible breach of the data protection law.

Following the COVID-19 outbreak, multiple changes are being implemented by many organisations to cope with the crisis. One such attempt was recently made by the Glasgow City Council to change the process of communications to and from local councillors in order to streamline communications.

However, Glasgow city councillors are now worried that their communications are being shared with third parties without their consent, thereby breaching the Data Protection Act. Councillors are alleging that their communications are being shared with the local councillor’s business manager, who would then direct the query to the Chief Executive’s department and that the business managers will act as a “funnel for information and enquiries from elected members.”

According to Glasgow Times, this change has now got the councillors worried as they fear that private and confidential information from their constituents would be shared with unauthorised third parties without their permission and that that board might not have taken any legal advice regarding this change.

A Glasgow City Council spokesman told Glasgow Times that “in order to fulfil their duties as elected members, councillors may be required to share personal data with the council, arms-length external organisations or other third parties. As data controllers, all elected members must publish a privacy statement explaining this and they have been given advice by the council’s lawyers on how to do this.

“Having followed that advice, it is appropriate for them in the current unusual circumstances to pass enquiries to the chief executive through their business manager rather than directly,” he added.

Shettleston ward’s councillor Thomas Kerr told the Glasgow Times that “this practice was recommended to councillors in a paper brought to the Emergency Committee. As with all such policies concerning personal data, I trust that it was cleared by council lawyers prior to being brought before elected members.

“Revelations that this may have not been the case are deeply concerning,” he added. He also stated that as soon as he got to know about this incident, he instructed Conservative councillors to stop forwarding details of constituent casework until they were satisfied the data protection rules were followed.

“Let me make this crystal clear – if this is indeed the case, I do not blame the officer for this; the blame for this lies at the door of the minority administration. They presented a paper without, in my opinion, seeking legal advice on it. As a matter of urgency, we need to follow other councils in Scotland and get some form of full council up and running, similar to what other councils and both parliaments have already done.” Said Paul Carey, Labour councillor of the Drumchapel and Anniesland ward.

ALSO READ: Ceredigion Council’s website exposed medical info of citizens for 11 years

MORE ABOUT: