It looks as if the combined efforts of the WhatDoTheyKnow.com FOIA request submission and tracking website, together with the interest in the topic shown by the BBC Radio 4 iPM programme - Share What They Know?, has eventually resulted in the disclosure of the "missing" Statutory Code Of Practice, which is supposed to regulate the infinite powers under the Serious Crime Act 2007, for public authorities to share your personal sensitive data, with private sector "specified anti-fraud organisations".
See our resulting FOIA request via the WhatDoTheyKnow.com website:
The actual Code of Practice is available from the WhatDoTheyKnow.com website entitled:
Data Sharing for the Prevention of Fraud (.pdf 277Kb)
Code of practice for public authorities disclosing
information to a specified anti-fraud organisation under
sections 68 to 72 of the Serious Crime Act 2007
Incredibly, in spite of all the recent lost sensitive private data scandals, this Code of Practice manages not to make a single mention of strong encryption
There is no clue as to why, when the Code of Practice was presented to Parliament on their return from the Summer recess, on Monday 6th October, the accompanying Statutory Instrument came into force on 1st October.
Why could the Home Office not have made the legal powers only come into force at the same time , or after the publication of the Code of Practice ?
Were they planning to dither and prevaricate and not bother publishing this weak Code of Practice for several months longer ?