Data (Use and Access) Bill [HL]
Debate between Lord Lucas and Lord Arbuthnot of EdromTuesday 28th January 2025
(2 months, 1 week ago)
Lords ChamberRead Full debate Data (Use and Access) Bill [HL] 2024-26 View all Data (Use and Access) Bill [HL] 2024-26 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: HL Bill 57-II Second marshalled list for Report - (24 Jan 2025)
Lord Lucas (Con)
My Lords, if we are to live in a data-rich world, we really need a set of well-understood, good definitions for the basic information we are collecting. At the moment, age is about the only stable personal characteristic, in that we generally know where it comes from, where it is recorded and can trust it. Name has become unstable: people are using name changing to hide previous criminal convictions, because we do not have a system of linking one name with another. Residence is widely abused by people who want to get their kids into the school of their preference.
Disability, ethnicity, sexuality and religion are all self-identified. We really need to understand why we are basing policy on something that is self-identified and whether we are collecting the right information for the policy uses we are making of it, particularly when, in areas such as employment, we are encouraging people to make particular choices because they are favoured in the employment advertisements. There is a collection of information there which we really ought to make an effort to be clear about if we are to make proper use of it and understand data going down the decades.
The definition we ought to do something about now is the protected characteristic of sex, because the misuse of sex and its conflation with gender has caused a whole suite of disadvantages and corruptions in the system. Basically, sex is simple: there are only two sexes. For the huge majority of humans, you can easily determine which sex they are. There are some for whom it is harder, but there are still only two sexes. We are in a situation where we record sex and use it to provide safe spaces for women, to have female sports, to know which prison to put someone in, to know how to record crime and, presumably, to know what action to take as a result of it.
Sex and knowing how women are doing is a really important thing to collect accurately, because there is a whole suite of areas in which women have been historically disadvantaged, such as in employment. It is well known that the standards in medical care have been set on men, not women, which has led to a series of disadvantages. We need accurate data. To my mind, rules based on reality and truth that are then adapted to people are much better than rules based on the way we wished things were, then trying to reconcile that with the truth.
We would do better for everybody—women in particular, but also people who identify as trans—if we based our description of them, when it comes to sex, on the truth. We would provide better healthcare, better protection, a much easier attitude to integration into society and proper provision for them. We should seek to do this. Truth should be the base of how we collect data; we should really insist on that. We should not corrupt our data but adapt our practice. I beg to move.
Lord Arbuthnot of Edrom (Con)
My Lords, this one should be easy. Last week, we passed amendments that said that the public authorities, in recording data on matters including sex, should do so accurately. Some might think that that should not be particularly controversial. This amendment says that the Government “may make regulations” about definitions of that sort of thing—that is “may”, not must. It is a negative resolution, not a positive one. It is not difficult, so let us do it.
Data Protection Bill [HL]
Debate between Lord Lucas and Lord Arbuthnot of Edrom(7 years, 5 months ago)
Lords ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Lord Arbuthnot of Edrom (Con)
My Lords, I declare my interests as a chairman of a charity and of a not-for-profit organisation, and as a director of some small businesses. Having said that, I agree with every word that my noble friend Lady Neville-Rolfe said.
The Association of Accounting Technicians has said that the notion that the GDPR will lead to a €2.3 billion cost saving for the European Union is absurd. I agree. The Federation of Small Businesses has said how a sole trader might have to pay £1,500 for the work needed, and someone with 25 employees might have to pay £20,000. In the Second Reading debate my noble friend Lord Marlesford talked about his parish council rather poignantly. It might be impossible to exempt organisations such as those from European Union regulations. But if that is so, I hope that my noble friend the Minister will say, first, why it is impossible; and, secondly, what we can do to get round and to ameliorate the various different issues raised.
On the duty to advise Parliament of the consequences of the Bill, I said at Second Reading that the regulator cannot issue guidance until the European Data Protection Board issues its guidance. That may not be until spring next year. This leaves businesses, charities and parish councils very little time, first, to make representations to Parliament; secondly, to bring in new procedures; and thirdly, to train the staff they will need. In that short time, organisations will all be competing for very skilled staff. That must push the price of those skilled staff up at a time when these small businesses will find it very difficult to pay.
I look forward with interest to hearing what my noble friend says, and I hope that he will be able to agree to the meeting that my noble friend asked for.
Lord Lucas (Con)
My Lords, I declare an interest as the editor of the Good Schools Guide. We have three employees and we certainly should come under this Act in terms of the data on people and schools that we have in our charge. It is very difficult to find any measure that describes the importance of data that a business holds other than, “How important is the data that you hold?”. Therefore, I look to my noble friend to explain how the Information Commissioner will not take sledgehammers to crack nuts and how they will genuinely look at how important the data you have under your control is and, given that, what efforts you ought to have made. That seems the right criterion to get a system that operates in a human way, where there is a wide element of giving people time to get up to speed and being human in the way you approach people, rather than immediately reaching for the fine.
However, this is important. This is our data. Just because I am dealing with someone small, I do not want them to be free from this. I want to be secure in the thought that if I am dealing with a small company my data is just as safe as if I had been dealing with someone big. I want to encourage small businesses to grow and to be able to reassure their customers that they are every bit as good. They would have terrible trouble having contracts with the NHS and others if they are not up to speed on this.
I do not think that is the way, but I do think we have to understand that this will be very difficult for small businesses. We have to look at how we might construct a set of resources that small businesses can use not only to get up to speed but to stay up to speed, because this is a constant issue. I draw your Lordships’ attention again to what is going on in Plymouth, where both universities, the FE colleges, the schools and the local authority, and a lot of the big businesses, have got together to construct apprenticeships in cybersecurity tailored to small businesses. Expert cybersecurity advice has been made available to small businesses in small chunks, while young people are trained in how to take the right path in cybersecurity rather than wandering off to the point where they get arrested if they visit the United States. There is scope for extending that in areas such as social marketing but also in data protection, where expertise tends to be concentrated in large organisations and a structure is needed that enables small businesses to have ready access to it. We could greatly enhance the employment prospects of a lot of young people, and improve life for our small businesses, if we talked to BEIS and the DfE about tweaking the requirements for apprenticeships to make it rather easier to run them in small businesses.