My Lords, online providers now have a legal duty to protect children from harmful content. As I said earlier, VPNs are here to stay, and people use VPNs for entirely legitimate purposes. It does not negate the protections which the Online Safety Act has put in place. Those duties prevent children accessing the most dangerous material online, such as pornography and content promoting self-harm or eating disorders. They also protect children from other harmful content, including bullying, abuse or material that encourages dangerous stunts or risky behaviour. The Government will hold services to account. The era of platforms turning a blind eye to the risks that children face online is over.
My Lords, while the introduction of age checking has increased the use of VPNs, we must not automatically assume that the increase is entirely attributable to under-18s. On the contrary, Ofcom’s research suggests that only one in 10 VPN users is a child. The vast majority of children are benefiting from the protection from unwanted and unasked-for pornography that has hitherto been sent to them routinely.
However, it is likely that at least some of the increased use of VPNs by adults is the result of a legitimate concern that the introduction of age checks has not been accompanied by a rigorous focus on user privacy. Until privacy is central to Ofcom’s concern, it will always meet resistance to age checking. How many services have been referred by Ofcom to the ICO for failing to uphold users’ privacy rights while performing age checks? If the Minister does not have that information, will he commit to asking Ofcom to provide it and write to noble Lords who have an interest?
My Lords, Ofcom has clear enforcement powers against platforms that fail to implement highly effective age assurance. This includes issuing fines of up to £18 million or 10% of global revenue, whichever is greater. Ofcom is already using these powers, with investigations opened into at least 47 sites and apps that are suspected of non-compliance.
I will provide the noble Baroness the figures. On false communication offences, Ofcom has proceeded against 17 cases, of which 14 were convicted and sentenced. On the offence of threatening communication, Ofcom has taken action in 462 cases, of which 294 were convicted and 239 were sentenced. Platforms have legal duties under the Online Safety Act. If they fall short, particularly in protecting children, they will face serious consequences. We will not allow safety standards to be ignored.
(8 months, 2 weeks ago)
Lords ChamberMy Lords, I rise to speak to Amendments 2, 3, 4, 25, 42 and 43. I thank the noble Baroness, Lady Kidron, and the noble Lord, Lord Clement-Jones, for these amendments on data communities, which were previously tabled in Committee, and for the new clauses linking these with the Bill’s clauses on smart data.
As my noble friend Lady Jones noted in Committee, the Government support giving individuals greater agency over their data. The Government are strongly supportive of a robust regime of data subject rights and believe strongly in the opportunity presented by data for innovation and economic growth. UK GDPR does not prevent data subjects authorising third parties to exercise certain rights on their behalf. Stakeholders have, however, said that there may be barriers to this in practice.
I reassure noble Lords that the Government are actively exploring how we can support data intermediaries while maintaining the highest data protection standards. It is our intention to publish a call for evidence in the coming weeks on the activities of data intermediaries and the exercise of data subject rights by third parties. This will enable us to ensure that the policy settings on this topic are right.
In the context of smart data specifically, Part 1 of the Bill does not limit who the regulations may allow customers to authorise. Bearing in mind the IT and security-related requirements inherent in smart data schemes, provisions on who a customer may authorise are best determined in the context of a specific scheme, when the regulations are made following appropriate consultation. I hope to provide some additional reassurance that exercise of the smart data powers is subject to data protection legislation and does not displace data rights under that legislation.
There will be appropriate consultation, including with the Information Commissioner’s Office, before smart data schemes are introduced. This year, the Department for Business and Trade will be publishing a strategy on future uses of these powers.
While the smart data schemes and digital verification services are initial examples of government action to facilitate data portability and innovative uses of data, my noble friend Lady Jones previously offered a meeting with officials and the noble Baroness, Lady Kidron, to discuss these proposals, which I know my officials have arranged for next week—as the noble Baroness indicated earlier. I hope she is therefore content to withdraw her amendment.
Before the Minister sits down, may I ask whether there is a definition of “customer” and whether that includes a user in the broader sense, or means worker or any citizen? Is it a customer relationship?
My understanding is that “customer” reflects an individual, but I am sure that the Minister will give a better explanation at the meeting with officials next week.
I thank the noble Lord for that request, and I am sure my officials would be willing to do that.
My Lords, I do not intend to detain the House on this for very long, but I want to say that holding meetings after the discussion on Report is not adequate. “Certain rights” and “customer” are exactly the sort of terms that I am trying to address here. To the noble Viscount—and my noble friend—Lord Camrose, I say that it is not adequate, and we have an academic history going back a long way. I hope that the meeting next week is fruitful and that the Government’s enthusiasm for this benefits workers, citizens and customers. I beg leave to withdraw the amendment.