Age Assurance (Minimum Standards) Bill [HL] Debate
Full Debate: Read Full DebateLord Parkinson of Whitley Bay
Main Page: Lord Parkinson of Whitley Bay (Conservative - Life peer)Department Debates - View all Lord Parkinson of Whitley Bay's debates with the Department for Digital, Culture, Media & Sport
(3 years ago)
Lords ChamberMy Lords, I thank the noble Baroness, Lady Kidron, for bringing forward this Bill, as I thank all noble Lords who have taken part in this morning’s debate. We have heard from campaigners, lawyers, educators, scientists, parents and grandparents. We all share the same goal: protecting children online and ensuring that the tools used to do so are effective and can be trusted. The Government share that goal; child online safety is a priority for Her Majesty’s Government and our online safety legislation is designed to make the UK the safest place in the world to be a child online. Protecting children is at the heart of that legislation and the strongest protections in the regulatory framework that we wish to set up will be for children.
Let me speak first about the scope of the noble Baroness’s Bill, which proposes setting mandatory standards for age-assurance technologies, if or when they are used by companies. It particularly focuses on user privacy and data security. As my noble friends Lady Harding of Winscombe and Lord Gilbert of Panteg, and others, have rightly highlighted, it does not introduce new requirements on companies to use age assurance for the purposes of child safety or for other age-gating purposes. I think we are all in agreement that children should be protected from experiencing harm online and provided with age-appropriate environments. This will be delivered through the Government’s new online safety legislation, which is currently going through pre-legislative scrutiny and benefits from the expertise of the noble Baroness, Lady Kidron, my noble friend Lord Gilbert, the noble Lord, Lord Clement-Jones, and others.
We fully agree with the objectives of the noble Baroness’s Bill. Age-assurance technologies must be privacy preserving, secure, effective and inclusive. This is needed to ensure that children are appropriately protected and that the public have trust in the solutions that protect them. Standards are key to this. Importantly, they will provide regulators with agreed benchmarks so that they can regulate with confidence. However, as the noble Baroness rightly anticipated, the Government are not supporting her Bill. As I have said, while we strongly agree with its aims, we have reservations about whether this is the right vehicle to deliver them, and I will set out why.
The Government believe that the online safety Bill is the better route to deliver these objectives, through the regulator’s codes of practice. As the online safety regulator, Ofcom will set out in codes of practice the steps that companies can take to deliver their safety duties. Given the importance of age-assurance technologies to the Bill’s higher level of protection for children, we expect Ofcom to include steps on age assurance in its regulatory codes, as part of which Ofcom can include specific standards and name them. Companies will be required to follow the code or demonstrate that they have achieved equivalent outcomes, or they will face enforcement action.
The noble Baroness and others asked why age verification is not required in the online safety Bill. I am mindful that this draft Bill is undergoing pre-legislative scrutiny at the moment, but I will say a little bit about it, as drafted, and the approach that we have taken to it. It is important that it is future-proofed, because what is most effective today may not be so effective in the future. To ensure the future-proofing approach, the Bill will not mandate that companies use specific technologies for protecting children online. However, in its codes of practice, Ofcom will set out the steps that companies need to take to comply with their duties, which will include the use of age-assurance technologies. Companies would need to put in place these technologies or demonstrate that the approach they are taking delivers the same level of protection for children. Ofcom will also be able to take action against companies that fail to take action to protect children from online pornography.
My noble friend Lord Gilbert and the noble Baroness, Lady Merron, asked about protecting children from online pornography on services that do not currently fall within the scope of the draft online safety Bill. Again, I am mindful of the work that the Joint Committee is doing to scrutinise it, and we are grateful for its work on this issue. As my right honourable friend the Secretary of State mentioned during her evidence session to the Joint Committee, we are exploring ways to provide wider protections for children from accessing online pornography through the Bill, including on sites not currently within the draft Bill’s scope.
DCMS already has a programme of work under way to develop an international standard for age-assurance solutions. This includes the development of an international standard, through work with the British Standards Institution and the International Organization for Standardization. A specific objective of this work is to provide regulators with a robust standard to refer to in their codes of practice and guidance.
I return to the noble Baroness’s Bill, which is our focus today. It rightly highlights the importance of data protection and safeguarding users’ privacy. I certainly do not criticise her for including that in her Bill. This was an issue that the noble Baroness, Lady Kennedy of The Shaws, and others picked up on. The Government also take privacy very seriously.
Under the online safety Bill, companies will be required to have regard to the importance of protecting users’ privacy when putting in place measures, including age-assurance technologies. In addition, Ofcom will be required to set out safeguards for privacy in the codes of practice. Where relevant, we expect Ofcom to draw on the ICO’s existing expertise in developing its codes. Here I highlight that companies are already required to protect users’ data privacy via regulations under the remit of the Information Commissioner’s Office.
A number of standards in the noble Baroness’s Bill duplicate existing data-protection regulations. For example, providing “sufficient and meaningful information” for users in an accessible way is already addressed in the age-appropriate design code. Existing data-protection regulation also sets out how data should be securely used. The Government are keen to work closely with the Information Commissioner’s Office to ensure that this is clear to companies. Ofcom and the ICO are working closely on the issues of user privacy and age-assurance technologies to deliver clarity to companies.
So it is understandable that the noble Baroness’s Bill focuses on user privacy, but it duplicates existing regulation and gives Ofcom responsibility for regulation in areas already overseen by the Information Commissioner’s Office. We think that this risks creating a confusing regulatory landscape for companies and regulators and may undermine the Bill’s central intention.
It is also important that Ofcom is able confidently and robustly to enforce expectations relating to age assurance, regardless of where a company is based. I am sure that that is something with which all noble Lords would agree. The Government believe that the online safety Bill will achieve this more effectively than the Bill before us. First, it gives Ofcom the power to develop mandatory risk assessments for companies, which is essential for supporting the proportionate use of age assurance. Secondly, the online safety Bill considers the global nature of the internet and the companies in scope. It provides Ofcom with additional business-disruption powers, which will allow it to prevent services based abroad from disregarding UK requirements in relation to age assurance.
So we fear that seeking to deliver those objectives through the noble Baroness’s Bill risks being less effective than delivering them through the online safety Bill, which will ensure that all companies in scope adhere to high standards and are held to account when using age-assurance technologies.
I hear the anxiety of noble Lords and the urgency that many underlined. I also hear the challenge that the noble Baroness set me in her opening speech about what we are doing today. The Government are clear that companies should take steps now to improve user safety, particularly for children, and not wait for legislation to protect them. That is why we as a Government are taking action now, in advance of the online safety Bill, to help bring about change.
I will give some examples of that. The Government have published the interim codes of practice on terrorist content and child sexual exploitation and abuse online, which companies can follow now to remove illegal content and behaviour from their services. Earlier this year, we also published safety by design guidance, which sets out clearly for companies how to design and build safer online platforms. As the noble Baroness said, age assurance is not a silver bullet; it is just as critical that companies design safe and age-appropriate online environments for their users.
Published alongside this was a one-stop shop for companies on protecting children online that sets out their current legal requirements, making it easier for them to understand precisely what is expected of them. In July this year, the Government published the Online Media Literacy Strategy, which sets out our approach for supporting the empowerment of users of all ages with the key skills and knowledge that they need to make informed and safe choices online. So we are acting, even as we await the report of the Joint Committee on the draft online safety Bill.
That is why the Government believe that the approach that I have outlined today, delivering robust standards for age-assurance technologies through the online safety Bill, is the right one. We think that this will achieve the same objectives as the noble Baroness’s Bill and be appropriate for Ofcom’s regulatory remit. So, while I know that this will be disappointing to the noble Baroness today and to all the noble Lords who have spoken, I echo the tributes that have been paid to her for her industry, urgency and passion in this hugely important area.
My honourable friend the Minister for Technology and the Digital Economy and I have spoken to the noble Baroness about our shared objectives in this area and, importantly, our shared desire to move quickly, and we are very grateful for her time and engagement. At their appearance before the Joint Committee on the draft online safety Bill, my honourable friend and my right honourable friend the Secretary of State said that they were interested in exploring whether it would be possible to expedite key parts of the online safety Bill, including work relating to age assurance.
I stress that the Government welcome open discussion and are keen to continue our conversations with the noble Baroness and all noble Lords who have raised issues today on this vital subject. The Government have been clear that they do not hold all the answers, which is why the online safety Bill is currently going through pre-legislative scrutiny. I am very grateful to the noble Baroness and others for their work on that. I look forward to the debates that we will have on it—it is a very important piece of legislation—but I am afraid that we cannot support the noble Baroness’s Bill today.