Thursday 20th June 2019

(5 years, 5 months ago)

Lords Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
Lord Clement-Jones Portrait Lord Clement-Jones (LD)
- Hansard - -

My Lords, I too thank the Minister for repeating the Statement. This is unfortunate to say the least, and it means these AV requirements will be put in place nearly three years after the original Digital Economy Act was passed. If the Minister does the maths, he will find it has been three years since they were incorporated into the Act.

The noble Lord, Lord Stevenson, asked all the right questions and made a comment about the professionalism of our Civil Service. But I find it staggering that, if you recall, we had exactly the same situation with the Video Recordings Act when notification did not take place. We all had to come back here and re-pass aspects of that Act because that notification had not taken place. I do not understand why that experience was not engraved on every heart in the DCMS or Home Office. I think it was a Home Office requirement at the time, but I dare say the people themselves transferred to the DCMS subsequently. In those circumstances, will compensation be available to companies that have developed age-verification solutions and gone through the voluntary certification and assessment process in anticipation of the guidance going live this July? I would expect nothing less.

During the passage of the Digital Economy Act, we on these Benches agreed in principle with the concept of age verification for pornographic sites for the purposes of child protection, but we wanted greater safeguards in the Bill in terms of third-party verification and privacy. Sadly, that did not happen. My noble friend Lord Paddick and I argued in 2017 for statutory third-party age verification and queried that last year when the regulator was nominated as the BBFC.

What is the current level of voluntary operation of age-verification methods, in response to the guidance or as an independent action? Does any site operate a voluntary age-verification process? If so, are such processes now exclusively third party, which was the essence of our original amendment and why we felt that that was an important privacy aspect? Explicitly, what will be the procedure for the re-approval of the guidance? Will it be by the negative or the affirmative procedure?

My noble friend Lord Paddick argued last year for a much greater commitment to compulsory age-appropriate sex and relationship education for all children, including telling children what they should do if they encounter online pornography. That is an important other side of the coin. What resource is devoted to this increasingly important aspect of sex education? What difference will the new DNS over HTTPS protocol make to the eventual ability of the BBFC to enforce these requirements or to force internet service providers to comply?

The Secretary of State refers in the Statement to the implementation of the online harms White Paper, which is strongly related to the age-verification agenda. The Minister knows that we have reservations about over-hasty legislation; we believe that pre-legislative scrutiny would be wise and would iron out some of the scope and definitional problems. There are conflicting views about the width of the duty of care and, on the other hand, the dangers of being over-prescriptive. There are many voices still to be heard before we can be sure that the legislation will be sound. Is not a draft Bill the way forward?

There is no reason, however, why Ofcom should not be designated early after the end of the consultation—after all, it has the clout, the technological understanding, and experience in regulating content where it converges with technology, in using enforcement and information-gathering powers and in co-operating with other regulators. It could draw up the first code of practice on online safety, mentioned in the Statement.

There is some concern that current policies are driving us into a world where age verification will be required for all kinds of access other than to pornography. That seems to be the implication of the Secretary of State’s remarks about technical challenges associated with identifying the specific age of companies’ users. Is that the intention? We need to be extremely wary of the consequences of that. That must be fully debated before we go further on age-verification requirements.

Lord Ashton of Hyde Portrait Lord Ashton of Hyde
- Hansard - - - Excerpts

My Lords, I thank both noble Lords for their sensible comments and repeat our apology. The noble Lord, Lord Stevenson, commented on the memorial service for Lord Heywood and the quality of the Civil Service, so I agree that it is unfortunate that we are today bringing forward this Statement. I want to make it clear that Ministers, not civil servants, are responsible for the department. Both the Secretary of State and I take our responsibilities seriously. I take this opportunity to pay tribute to the civil servants—nearly all the time, though not in this case—and to say that they work extremely hard to protect children. They are absolutely committed and work flat out—I shall come to the online harms White Paper—so the responsibility lies fairly and squarely with Ministers.

The noble Lord, Lord Stevenson, asked how we learned and when. We were informed early last week—on 11 June, I think. A letter from the BBFC was written on 11 June; the Secretary of State was informed on Friday 14 June. Earlier this week he asked civil servants to tell him what the implications were and whether we could do anything to get age verification in place earlier. He then came before the other House today, as soon as possible, to apologise and explain what had happened.

The noble Lord rightly said that we have had experience of the technical standards and regulations directive. The department notified the Act but not the regulations that fell under it. Again, it was a mistake and we are making sure that it will not happen again.

In connection with making sure that it does not happen again, the noble Lord asked about “external elements”. By that, we mean that the review will include people from outside the department to make sure that there is an independent view. I cannot confirm whether it will be published—I will have to go back to the department to ask that.

As for technology, there have been delays. We need to make sure that the technology is effective and that privacy is taken into account. Obviously, the third-party age verifiers are subject to the new privacy law under the GDPR. One reason for the delay was to make sure that the additional voluntary certification scheme is up and running. I say in answer to the noble Lord, Lord Clement-Jones, that sites were expecting to have to be ready to comply with the requirement on 15 July. There has been no voluntary compliance before that; I am not surprised by that. With sites having been prepared to do it on 15 July, we would expect them to bring it in within the timescale of roughly six months—to which I shall come in a minute. We do not anticipate any compensation being paid, because sites were expected to do it on 15 July. They may have a little more time, but our intention is that they should do it as soon as possible. We will bring back the same regulations, because we have to bear in mind that this is about protecting children who accidentally stumble on pornography that they would not be able to stumble on in the offline world. We are concerned to get this in place as soon as possible, which is why we are very disappointed with our mistake.

The broader point made by both noble Lords was that this is a limited measure. We have always acknowledged that; it is for commercial sites. There are other areas in which children can come across pornography, such as social media sites, even though that is not their primary business. That is where online harms will come in. The noble Lord, Lord Clement-Jones, asked about pre-legislative scrutiny. We are very much in a cleft stick here. We of course understand the benefits of pre-legislative scrutiny, but we have to move as quickly as we can to correct some of the problems, particularly in respect of things that are already illegal such as child sexual exploitation and terrorism. However, the noble Lord would not expect me to make a commitment on that when the consultation has not even finished; no doubt, he will respond to the consultation to make his point.

The noble Lord, Lord Clement-Jones, mentioned the Video Recordings Act, where it is true that notification did not place under the old technical services directive. That was 25 years ago, in 1984, and it was corrected in 2010. So the noble Lord is right that there was a similar mistake 25 years ago. We will take measures to ensure that, whether in 25 years, two years, or one year, it will not happen again. I acknowledge that this has happened before, albeit some time ago.

The procedure on the guidance now is that it has to be laid before the EU for three months in draft form. If the EU makes some comments on it, it may have to stay for another month. After that period, it will have to be laid before the House, under the negative procedure, as the House has already agreed. That means we have to allow 40 days for any noble Lord to pray against it. It will take roughly six months to get through both Houses at the end of the up-to-four-month period.

There are several technical issues about the enforceability of the policy—not the policy itself. We also have to take this into account for the online harms White Paper. A suite of enforcement options is available. For example, the regulator can use payment providers and ancillary service providers to enforce the regulations, but these have to come in first and that is what we have had to delay.