Britain's data regulator has revealed that a Home Office pilot which tested GPS electronic monitoring on migrants broke UK data protection law.

The trial, which ended in December last year, tracked the GPS location of up to 600 migrants on immigration bail via ankle tags.

Immigrants held on immigration-related issues can apply for bail whilst they wait for an appeal, review or removal.

The pilot aimed to work out whether electronic monitoring is an effective method of staying in regular contact with asylum claimants and reducing the risk of absconding.

The Information Commissioner’s Office (ICO) has been in talks with the government department since August 2022 about its the trial after concerns were raised by non-profit Privacy International.

The watchdog issued an enforcement notice and a warning after it found that the Home Office had failed to assess the "privacy intrusion" associated with the continuous collection of the migrants’ location information.

Given that tracing people is "highly intrusive", it said, any organisation planning to use the technology must have a strong justification for doing so.

But the Home Office couldn’t explain why it felt it was proportionate to collect people’s information by using electronic monitoring and did not provide evidence that it had looked at less invasive methods.

The Home Office also did not explore the potential impact on vulnerable migrants who may have had difficult journeys to the UK or struggled because English isn't their first language.

“Having access to a person’s 24/7 movements is highly intrusive, as it is likely to reveal a lot of information about them, including the potential to infer sensitive information such as their religion, sexuality, or health status," said John Edwards, UK information commissioner. "Lack of clarity on how this information will be used can also inadvertently inhibit people’s movements and freedom to take part in day-to-day activities."

Edwards warned that if this type of information was mishandled or misinterpreted, it could have harmful impacts on people.

While the pilot scheme has already ended, the Home Office can still access the personal information collected until it has been deleted or anonymised.

The ICO warned that there is therefore still potential for the information collected to be accessed and used, not just by the Home Office but other third-party organisations.

“It is interesting - and encouraging in many ways - to see the ICO taking formal enforcement action in this area," said Jon Baines, senior data protection specialist at law firm Mishcon de Reya. "Although data protection law gives rights to all individuals, there’s a strong argument for saying that regulatory action should be focused in particular on respecting and enforcing the rights of the most vulnerable in society."

Baines praised the ICO's decision to use an enforcement notice, rather than a reprimand, suggesting that the latter does not force recipients to carry out any action.

He said that an enforcement notice instead can require a recipient to stop all activities, with the matter potentially being treated like contempt of court if an organisation fails to comply.

---