Data acquisition policy

This policy covers the acquisition of data from external organisations for statistical and research use by the Office for National Statistics (ONS). Access to data for accredited researchers on behalf of other organisations is covered by a separate policy (please see the Supporting documents section). Data covered by this policy may include, among other things, administrative data, survey data, customer data, safeguarded data, open data and licenced data.

The acquisition of administrative data is undertaken by the ONS for the production and publication of statistics that benefit society and the economy, helping the UK to make better decisions.

All employees of the UK Statistics Authority and the ONS engaged in the acquisition of data, including contractors, must comply with this policy.

One of the main recommendations of the independent review of UK economic statistics, led by Professor Sir Charles Bean, and published in March 2016 was for the ONS to make better use of administrative data.

The legal provision for the ONS to acquire such data was enhanced by the introduction of the Digital Economy Act in 2017. The ONS has responded to the recommendation, in part, through the formation of the Data Acquisition and Operations (DAO) directorate. The ONS collects, acquires, matches, and links a wide range of data sources to undertake statistical research and to produce meaningful, timely and engaging statistics for the public good.

Data acquisition supports the ONS in carrying out its core functions. When acquiring administrative data, we will ensure that we:

• exercise our statutory responsibilities in a fair, proportionate and accountable way, with due regard for principles of privacy and appropriate degrees of internal and external scrutiny

• work in a collaborative, transparent and fair manner with data suppliers, civil society and the general public, responding to any concerns or opportunities as they arise

• be accountable to Parliament and the devolved administrations in exercising our statutory responsibilities

This policy and the ONS process and procedures for data acquisition, ensure that effective, accountable, and transparent arrangements are in place to manage the acquisition of data. These arrangements are underpinned by well-established governance, with clear roles and responsibilities, and accountabilities at the right decision level.

As part of the ONS statutory reporting obligations, we are committed to publishing information on how we exercise our statutory responsibilities and obligations in respect of access to sources of data for statistical and statistical research purposes. Building on the information we currently provide through our Statement of Administrative Sources, we will publish regular reports setting out details of the data we are receiving under these powers, the duration of data supply, and how we use the data. These reports will include links to published statistical and research outputs.

The ONS will consult with, and consider the views of, data suppliers before issuing a statutory notice or requesting access to data. We commit to exploring collaborative solutions and negotiated data arrangements in preference to issuing requests or notices to enable this access.

The acquisition of data into the ONS environment follows a process:

• incorporating requirements and scoping

• supplier contact

• negotiation

• approving and signing relevant agreements

• delivery management

• the receiving and verification of data

• the preparation, access and exploitation of data

• the maintenance of the business relationship

Where the ONS acquires data through means of web scraping, it will do so in line with the ONS Web Scraping Policy. The Data Acquisition team will continuously monitor compliance of web scraping activities and will consult the ONS' legal team for advice on projects involving scraping sensitive data and for monitoring the evolving legal situation.

Upon receipt, data are stored, processed and curated in secure ONS platforms for the production of statistics and statistical research. All acquired data are held proportionately to their sensitivity and in line with legal agreements with data owners.

When requesting data from suppliers, the ONS will provide a full justification for the request, including intended uses, public benefits and sufficient reassurances around security and confidentiality and refrainment from further onward sharing.

The ONS will maintain all relevant administrative records and documents including:

• Data Sharing Agreements

• Memoranda of Understanding

• Data Protection Impact Assessments

• Ethical Self Assessments

Those involved in data acquisition must comply with the UK Statistics Authority’s ethical principles through use of the Ethics Self-Assessment Tool and/or consultation with the National Statistician’s Data Ethics Advisory Committee. The Data Ethics team will provide support in accessing these services.

The ONS acquisition of data will uphold ONS Security Policy. This will ensure supplier agreement for data use includes appropriate provision within ONS security parameters.

ONS staff engaged in data acquisition process

Accountable to the Chief Data Officer and responsible for:

• complying with the data acquisition policy

• following best practice when acquiring data

• requirements and scoping

• supplier contact

• negotiation

• delivery management

• receipt and verification

• preparation, access and exploitation

• maintaining the relationship with external data supplier

• collation of new data project requests

• review of requests

• feasibility triage of all requests

Chief Data Officer

Accountable to the Data Governance Committee and responsible for:

• ensuring that all staff involved in data acquisition comply with the acquisition policy

• implementing systems and metrics to monitor data acquisitions across the ONS data estate

• escalating any risks and incidents related to the acquisition of data

UK Statistics Authority - Data Governance Legislation and Policy team

Accountable to the Data Governance Committee and responsible for:

• providing independent scrutiny and assurance against the policy

• provide independent scrutiny of ethical self-assessments

• ensuring that data acquisition activities remain transparent

• collating and quality assuring information for the transparency registers (third screening)

• setting out, monitoring and assessing the requirements for the transparency register

The ONS Legal Services

Responsible for:

• providing legal advice and approving all agreements.

Data Protection Officer

Responsible for:

• providing advice and scrutiny to Data Protection Impact Assessments, and the application and interpretation of Data Protection legislation, when personal information is involved

The ONS Communications and Digital Publishing

Responsible for:

• reviewing the suitability and accessibility of the information published on transparency registers and assist in the publication of the transparency registers.

Data Governance Committee

Accountable to the National Statistician and responsible for:

• monitoring and reviewing how this policy is implemented, offering assurance that no gaps or lapses of controls exist

• approval of complex data acquisition as and when required

• mitigating risks and assessing the mitigating actions for incidents related to the sharing of data

Security and Information Management Team (SaIM)

Accountable to the Chief Security Officer and responsible for:

• Oversight of all data management activities.

Data Ethics Policy

Data Protection Act 2018

Digital Economy Act Code of Practice

Digital Economy Act 2017

Ethics Self-Assessment Tool

Information Commissioner Office Code of Practice

National Statistician's Data Ethics Advisory Committee

The ONS Sources of data

The ONS SRS research and data access policy

Statistics and Registration Service Act 2007

UK Statistics Authority's Ethical Principles

Web scraping policy