Data Protection and Digital Information Bill Debate
Full Debate: Read Full DebateBaroness Young of Old Scone
Main Page: Baroness Young of Old Scone (Labour - Life peer)Department Debates - View all Baroness Young of Old Scone's debates with the Department for Science, Innovation & Technology
(11 months, 1 week ago)
Lords ChamberMy Lords, the Bill may contain some good elements in the search for a modernisation of data protection, but in overall terms it seems to tilt the balance of advantage to businesses and government authorities rather than to the individual. It has been marred in its passage by the profusion of late government amendments in the other place on Report, and an absence of scrutiny from the Joint Committee on Human Rights.
There are a number of issues that I think need to be seriously reconsidered. I will focus today on four. I also commend the passion of the noble Baroness, Lady Kidron, on the issues that she raised, some of which I will also touch on.
First, as my noble friend Lord Knight of Weymouth and the noble Lord, Lord Allan of Hallam, said—I do love the noble Lord’s name; alliterative Peers are a wonderful thing—a number of proposals appear to put at risk the free flow of data from the UK to the EU. That has already been touched on. It could even undermine the UK’s data adequacy decision. There seems to be some disconnect between what the EU Commission and the EU Parliament have begun to enunciate as a view: that the new powers of the Secretary of State to meddle with the objective and impartial functioning of the new Information Commission could result in the withdrawal of the UK adequacy decision. There seems to be a disconnect between that and the assurances that Ministers have given so far in the other place. Losing that decision, or even seeming to have that decision at risk, would be pretty disastrous for UK business, our trade and our research collaborations. Can the Minister tell the House how he intends to avoid this in the review due next year? How does he square the concerns of the EU with the assurances given by his ministerial colleagues?
My second point is about the new measures introduced at the last minute in the other place—Clauses 128 and Schedule 11—requiring the banks to monitor continuously all accounts to find welfare recipients and snitch on them if they reach certain as yet unprescribed criteria. This is not just an abstruse issue; it involves a considerable number of people. Knowing the age of the average Peer, it probably involves pretty well everybody in this House, because, of course, it includes pension recipients, so this is of personal concern to all of us. This is legitimising mass surveillance by algorithm. This seems to me to be a major intrusion into the privacy of pretty well all individuals in the UK and, to some extent, an infringement on the confidential relationship that you ought to be able to expect between a bank and its customer.
Can the Minister tell the House why he thinks this Big Brother mechanism is necessary? Why can the problem of benefit fraud not be dealt with in a way that does not mean that all customers are subject to surveillance? What alternatives were considered by Government and rejected? What safeguards will go alongside this provision to prevent it from being typified as a heavy-handed Big Brother approach?
It is strange that pension claimants are included. A pension, in my view, is a right, not a benefit; it was paid for by hard work during one’s working life. The Minister said in another place that they intend to extend this sort of surveillance process to other data areas. Can the Minister tell us what other areas and when that extension might take place?
The third issue is AI safety, an issue that has already been raised by a number of noble Lords. The Government were quite bushy tailed about their recent AI Safety Summit and the commitment to see the UK as a world leader. I am afraid that every time I hear this phrase “a world leader” I have the urge to throw up in my handbag, so you will pardon me if I wrinkle my nose at that. The fact that we want to be somewhere in the front pack on AI safety and responsible and safe AI innovation is okay, but the Bill is a missed opportunity. I agree with my noble friend Lord Knight of Weymouth that the Bill should be the place where oversight challenges posed by a very fast-moving set of AI developments, such as in biometric technologies, needs to have been gripped.
I was a victim of a biometric technology development when I was chancellor of Cranfield University. It developed a process for detecting microscopic and invisible beads of sweat above your eyebrows if you were put under pressure, and it was to be used in cases of airport security and various other areas. They decided to put me under pressure by making me stand in the main square of the university and answer mental arithmetic questions over a loudspeaker. What they had not quite grasped is that I know I am rubbish at mental arithmetic, so it put me under no pressure whatever, because this was not going to be news to anybody. It therefore failed to detect microscopic sweat. I thought you might like the day to be raised by a humorous account in this pre-Christmas process.
The Bill is a real missed opportunity to grasp those AI developments and the safeguarding that needs to go with them. In fact, you could say that it erodes further the already inadequate legal safeguards that should protect individuals from discrimination or disadvantage by AI systems making automated decisions. We have heard about job hiring and loan applications; this is, “The computer says no”, but on speed. We in your Lordships’ House deplore late additions to Bills, although we have rather grown used to it in recent months, but if the summit’s assurances are not going to seem a bit hollow, it would be good to hear whether the Minister intends to introduce additional measures on AI safety in the Bill and, if not, in what other legislation and to what timescale.
The fourth issue I want to raise is that of the role of the Information Commissioner’s Office, soon to be the Information Commission. I entirely approve of the structure of an information commission as opposed to a commissioner. We need a powerful and effective regulator. The ICO’s enforcement and prosecution record has not been sparkling, with low levels of enforcement notices, prosecutions and fines. If, when I was at the Environment Agency, I had had as low a level of those as the Information Commissioner has had, I would think I had gone to sleep somewhere along the line. Does the Minister acknowledge that improvements need to be made to the Bill to ensure that the new Information Commission has a clear statutory objective and is clearly independent and at arm’s length from government, not the sort of arm’s length that becomes very short in times of crisis, that its regulatory function at a judicial level can be effectively scrutinised, that it retains the office and surveillance camera commission rather than simply wiping them from the script, and that it is able to consider class action complaints brought by civil society organisations or the trade unions?
In my experience, all too often, Governments plural, not just the current Government, establish watchdogs, then act surprised when they bark, and go and buy a muzzle. If the public are to have trust in our digital economy, we need a robust independent watchdog with teeth that government responds to. The Bill will need a lot of work, and there are hours and hours of happy fun in front of us. I look forward to the Minister’s response to my questions and to those of other noble Lords. I also look forward to the maiden speech of the noble Lord, Lord de Clifford.