(7 years, 8 months ago)
Lords ChamberMy Lords, I want to comment on Amendment 25D and to thank the Government for proposing new subsection (2B). One thing that worried those of us who had been thinking about how to make age verification work was the definition of “commercial basis”, which was a potential loophole for some websites to get round the provision. This proposed new subsection seems to close that loophole in that, even if material is free, it can still be provided on a commercial basis. Therefore, I congratulate the Government and support this amendment.
My Lords, I am grateful to the Minister for explaining the thinking behind these many amendments. I have read them and think that I understand them but I am sure that he will correct me if my interpretation is wrong. They underline the considerable amount of additional work that is still to be done if we are to get a comprehensive age verification scheme properly up and running.
The Minister will know that the Delegated Powers and Regulatory Reform Committee was of the view that many of the details should be spelled out on the face of the Bill. For example, it expected details such as the definition of “commercial basis” and the identity of the regulator or regulators to be specified at this stage. However, the provision of this information, like many other details, has been put off by the Government to a later date, to be included in the guidelines to which the noble Lord has referred and to be discussed in further debates that will be taken under their auspices.
The DPRRC also requested that guidelines on how the financial penalties should operate should be brought before this House as an affirmative resolution. I remind the House of a particularly stark criticism that it wrote at the time. It said:
“We consider it objectionable as a matter of principle that a regulator, who is to be clothed with extensive powers to impose fines and take other enforcement action, should itself be able to specify how key concepts used in clause 15(1) are to be interpreted”.
I would be grateful if the Minister could justify why what seems to be a rather straightforward piece of advice from that committee has once again been rejected. As I understand the noble Lord’s amendment, it is the offer of a negative procedure that is now being put before us, which of course does not carry the same weight.
The amendments deal also with the provision for appeals, which again were debated at length in Committee. The Minister will know that the DPRRC recommended that a statutory right of appeal should be placed in the Bill. Again this advice seems to have been rejected by the Government and, instead, they are relying on a new formulation of words specifying that those hearing any appeal should be “sufficiently independent” of the age verification regulator. As we have heard, the detail of this “sufficiently independent” regime is spelled out in the draft guidance.
I have to say that we share the view of the noble Lord, Lord Paddick, that this really is not good enough. The guidelines specify that the independent appeals panel will effectively be appointed and funded by the regulator. However, we have tabled a separate amendment—Amendment 25P, which will come up in a later group—that specifies our belief that the appeals process should indeed be fully independent of the regulator. We believe that our amendment is more appropriate than that of the noble Lord, Lord Paddick. It would be helpful if the Minister could explain why the DPRRC’s advice on this matter has been rejected.
I return now to the overall package of government amendments in the group. As I have said, they seem to flag up a great deal of further work that will need to carry on outside the Bill. As it is worded, the Secretary of State will issue guidance to the regulator and the regulator will, in turn, issue guidance for approval to the Secretary of State. That seems a rather cosy arrangement of swapping guidelines back and forth, but it is not quite clear to me at what point Parliament will have the final say in all these matters.
Some of the outcomes will come before the House in the form of affirmative regulations but others will not. We do not yet know who the regulators will be, how the age verification regime will work, how the privacy checks will work, what the definition of “commercial activities” will be, how ancillary services will be defined and, crucially, we do not know how the internet service blocking system will work or what kind of fines will be imposed on those who fail to comply. Without wishing to overlay this, it all feels like a rather unsatisfactory piece of legislation. The amendments before us today and the guidelines that have recently been issued do little to reassure us that the Government really have got the detail of this in hand.
Regrettably, we feel that the Government are in danger of delegating far too many powers to the as yet unspecified regulator. This is an issue that we will return to in the next group of amendments. In the meantime, I look forward to hearing the Minister’s response on the points I have raised.
My Lords, I will say a few words on this very quickly. I thoroughly approve of the premise of the amendment, which is to ensure that some websites do not try to cheat; in fact it would not be a bad idea to put it in the Bill.
I ought to declare an interest: I have been chairing a steering group working on British Standards Institute Publicly Available Specification 1296 on age checking. The whole idea is that this could be used in order to test the procedures and organisations doing age checking. One of the things that it mandates is privacy; it mandates that age checking must be general data protection regulation compliant. The real purpose behind this is that at the point when someone thinks of visiting a pornographic website there should be no requirement for that person to identify themselves to that website. It is perfectly possible at that point to bounce off the website with a token from that website to someone outside who may know about the person and can check their age, and then they can send back an encrypted token that can be stored saying, “This person, whose name I am not going to reveal to you, is over 18”. That is all it does. That can then be data checked and unwound by someone with proper judicial authorisation, if something goes wrong. However, it could be that some websites will try to get around that. That is why the amendment is good: they would have to comply. I do not know whether that is somewhere else in the regulations, but having it in the Bill would be a good thing.
Some people say, “How can you stay anonymous?”. The simple answer is that if you then wish to subscribe to the website and buy some of its product, and you freely give up your credit card, I am afraid that you will not be anonymous. However, that is your choice once you are in. The initial stage of just wanting to view the site should be anonymous, and we should reinforce that.
My Lords, I echo many of the concerns raised by the noble Lord, Lord Paddick. We added our name to a similar amendment in Committee and there was a broad degree of support for the principles that were expressed. The amendment returns to the essential need to protect the identity of those who are over 18 and legitimately want to access pornographic sites without having their personal details compromised in the age verification process.
The noble Earl, Lord Erroll, has been very helpful in explaining how the privacy systems would work, using a two-stage process to prove someone’s age and then giving them an encrypted token to use on adult sites. We agree with this model and would like to see it widely adopted. It assumes that age verification would be carried out by a separate age verification provider who has the specific technical skills to carry out these checks securely. However, we also agree that technology is moving on apace and that it would be a mistake to be too prescriptive. We believe that a code of practice, as set out in the amendment, would deliver the protections while allowing that to happen.
That brings us to the draft guidance on the regulator, which the Government published last week and which addresses the issue of privacy. We believe that of all the parts of the draft guidance, the section on privacy is indeed a step forward. It puts the onus on the regulator to work with the Information Commissioner’s Office to ensure that systems are in place to check a user’s privacy while having regard to the Data Protection Act. While we welcome that, we would also like it to address the need for users to have a choice of provider. Again, that is something that we debated at an earlier stage.
In addition, we have a continuing concern that the only provision for data protection breaches is for the ICO to be informed, rather than necessarily for it to act. I hope that the Minister will be able to reassure us that, if there are such breaches, they will indeed be followed up by action.
I hope that the Minister will be able to reassure us on these points. However, we feel that progress is being made on this subject. Depending on what the Minister is able to say in response, it may well be that we will ask the noble Lord, Lord Paddick, not to press the issue at this time.