Data provided by people through the new test-and-trace programme to defeat coronavirus will be kept for 20 years, it has been revealed.
The disclosure – coming after ministers rejected a plea from MPs and peers to pass an emergency law to set out clear rules – will heighten privacy fears, on the day the scheme finally got underway.
Information including name, address, date of birth, phone numbers and email addresses, will be collected and stored by the NHS for people with Covid-19, or with symptoms.
Download the new Independent Premium app
Sharing the full story, not just the headlines
Individuals will be able to “ask” for their information to be deleted, but Public Health England has warned “this is not an absolute right” and that it might “need to continue to use your information”.
A new privacy notice states that a private firm, Amazon Web Services, “is providing the secure storage location for the information collected by NHS test-and-trace”.
And it adds: “This information needs to be kept for this long because Covid-19 is a new disease and it may be necessary to know who has been infected, or been in close contact with someone with symptoms, to help control any future outbreaks or to provide any new treatments.”
Data from people with symptoms will be retained “for 20 years”, while information from those without symptoms will be kept “for 5 years”.
The notice reassures people that the data will be “held on PHE’s secure cloud environment, which is kept up-to-date to protect it from viruses and hacking”.
“It can only be seen by those who have a specific and legitimate role in the response and who are working on the NHS test-and-trace. All these staff have been trained to protect people’s confidentiality.”
1/23
Nancy holds hands with Nichollette and Ryan as she experiences contractions in a birthing tub
Reuters
2/23
Nancy Pedroza, 27, who is pregnant, sits next to Ryan Morgan, 30, her partner and father to their unborn child, as they relax at Pedroza’s parent’s house in Forth Worth, Texas, where they currently live, during the coronavirus outbreak
Reuters
3/23
Nancy Pedroza attends an appointment with her licensed midwives Susan Taylor, 40, who checks her stomach, and Amanda Prouty, 39, in Taylor’s home office at her house
Reuters
4/23
Nancy takes a brisk walk to try and speed up her contractions with Ryan and her midwives near Taylor’s home where Pedroza plans to give birth
Reuters
5/23
Nancy receives support from Nichollette Jones, her doula
Reuters
6/23
Nancy experiences contractions
Reuters
7/23
Nancy is supported by Ryan and Nichollette as she experiences contractions while labouring at the home of Pedroza’s licensed midwife, Susan Taylor
Reuters
8/23
Nancy lies on a bed in front of Ryan as he helps to pump her breastmilk to try and speed up her contractions
Reuters
9/23
Nancy experiences contractions as Susan lies on a bed
Reuters
10/23
Nancy embraces Ryan
Reuters
11/23
Nancy is supported by Ryan as she experiences contractions in a birthing tub
Reuters
12/23
Nancy experiences contractions
Reuters
13/23
Nancy in a birthing tub
Reuters
14/23
Nancy is placed onto an ambulance stretcher to be taken to hospital by paramedics, after her unborn child’s heartbeat dropped from 130 beats per minute to 30
Reuters
15/23
Nancy is carried on an ambulance stretcher to be taken to hospital by paramedics
Reuters
16/23
Nancy is carried into an ambulance on a stretcher
Reuters
17/23
Nancy holds her one-day old newborn son, Kai Rohan Morgan
Reuters
18/23
Nancy breastfeeds her newborn son at the house of her parents, where they are currently living
Reuters
19/23
Susan Taylor positions Kai for a photograph at his newborn screening
Reuters
20/23
Amanda Prouty and Susan Taylor conduct a newborn screening for Kai at Kai’s maternal grandparents’ house
Reuters
21/23
Susan takes two-day old Kai’s temperature while checking if he has tongue tie, an oral condition that can potentially cause issues with feeding
Reuters
22/23
Nancy and Ryan clip the fingernails of their two-day old son
Reuters
23/23
Kai, who is two days old and is experiencing jaundice, is positioned in the sunlight by his mother Nancy
Reuters
1/23
Nancy holds hands with Nichollette and Ryan as she experiences contractions in a birthing tub
Reuters
2/23
Nancy Pedroza, 27, who is pregnant, sits next to Ryan Morgan, 30, her partner and father to their unborn child, as they relax at Pedroza’s parent’s house in Forth Worth, Texas, where they currently live, during the coronavirus outbreak
Reuters
3/23
Nancy Pedroza attends an appointment with her licensed midwives Susan Taylor, 40, who checks her stomach, and Amanda Prouty, 39, in Taylor’s home office at her house
Reuters
4/23
Nancy takes a brisk walk to try and speed up her contractions with Ryan and her midwives near Taylor’s home where Pedroza plans to give birth
Reuters
5/23
Nancy receives support from Nichollette Jones, her doula
Reuters
6/23
Nancy experiences contractions
Reuters
7/23
Nancy is supported by Ryan and Nichollette as she experiences contractions while labouring at the home of Pedroza’s licensed midwife, Susan Taylor
Reuters
8/23
Nancy lies on a bed in front of Ryan as he helps to pump her breastmilk to try and speed up her contractions
Reuters
9/23
Nancy experiences contractions as Susan lies on a bed
Reuters
10/23
Nancy embraces Ryan
Reuters
11/23
Nancy is supported by Ryan as she experiences contractions in a birthing tub
Reuters
12/23
Nancy experiences contractions
Reuters
13/23
Nancy in a birthing tub
Reuters
14/23
Nancy is placed onto an ambulance stretcher to be taken to hospital by paramedics, after her unborn child’s heartbeat dropped from 130 beats per minute to 30
Reuters
15/23
Nancy is carried on an ambulance stretcher to be taken to hospital by paramedics
Reuters
16/23
Nancy is carried into an ambulance on a stretcher
Reuters
17/23
Nancy holds her one-day old newborn son, Kai Rohan Morgan
Reuters
18/23
Nancy breastfeeds her newborn son at the house of her parents, where they are currently living
Reuters
19/23
Susan Taylor positions Kai for a photograph at his newborn screening
Reuters
20/23
Amanda Prouty and Susan Taylor conduct a newborn screening for Kai at Kai’s maternal grandparents’ house
Reuters
21/23
Susan takes two-day old Kai’s temperature while checking if he has tongue tie, an oral condition that can potentially cause issues with feeding
Reuters
22/23
Nancy and Ryan clip the fingernails of their two-day old son
Reuters
23/23
Kai, who is two days old and is experiencing jaundice, is positioned in the sunlight by his mother Nancy
Reuters
However, the notice triggered a warning that the long period of data-retention risked people refusing to use the smartphone app, when it is finally launched as part of test-and-trace.
The latest news on Brexit, politics and beyond direct to your inbox
“The length of time the data is being stored for, and the lack of personal control on how the data is being used and kept are bound to cause privacy concerns,” said David Grout, of information security company FireEye.
“This might not be too much of a headache for the government while manual tracking is the norm, but it will become more of an issue when NHSX’s contact tracing app is launched, as this will rely on the public opting in for the project to work.”
Last week, Harriet Harman, Labour’s former deputy Labour leader who chairs Westminster’s human rights committee, attacked the failure to pass a privacy law.
“The data gathered for this purpose should be protected. That is the responsibility on the state,” she told ministers.
“It’s also important in terms of ensuring there’s confidence in it such that people are prepared to download and stick with the app.”
A Public Health England spokesperson declined to discuss why data would be retained for 20 years, but said: “It is important that Public Health England is able to retain information about these cases and their contacts to help control any future outbreaks or to provide any new treatments.”
