5 Lord Sikka debates involving the Department for Science, Innovation & Technology

King’s Speech (4th Day)

Lord Sikka Excerpts
Monday 22nd July 2024

(3 months, 4 weeks ago)

Lords Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
Lord Sikka Portrait Lord Sikka (Lab)
- Hansard - -

My Lords, I welcome new Ministers and Peers to this House and I look forward to working with them. There is much to admire in the King’s Speech, but I have a few questions.

I support bringing passenger rail services into public ownership. Can the Minister explain what will happen to those franchise agreements which do not expire within the next five years? These include contracts with East Midlands Railway, CrossCountry and the west coast operator. Will the Minister say something about the cost to the public purse of leaving freight and rolling stock companies, commonly known as roscos, in private hands? Just three companies, Angel Trains, Eversholt Rail and Porterbrook, own 87% of the rolling stock, which is leased out to train companies. All three have complex corporate structures, controlled from an entity in Luxembourg, which obviously means tax dodges, and 100% of their income is derived from the public purse. In the last decade, roscos have paid £2.7 billion in dividends; they have a profit margin of 41.6%; and no UK tax is paid on any of their dividends. I am sure the Minister will find this abuse unacceptable and will act very swiftly. The profiteering by roscos can be ended by purchasing rolling stock directly from manufacturers, or by setting up a new publicly owned entity to replace the existing roscos. I hope the Minister will give us a timetable for ending this abuse.

The £7.3 billion national wealth fund to boost investment is welcome, but it is not really enough to fuel the economic revival that the Government seek. The Government hope to secure £3 of private sector investment for every £1 of public money. Can the Minister please explain what returns the Government are guaranteeing to the private sector for that investment? The Government are effectively resuscitating the private finance initiative, which ran from 1992 to 2018 and secured investment of £60 billion in return for repayments of £306 billion from the public purse. Successive Governments effectively acted as guarantors of corporate profits. Inevitably, each £1 of private investment through the national wealth fund will result in repayment of £5 to £6 from the public purse but, happily, there are alternatives. These include creating new money, as modern monetary theorists suggest; engaging in quantitative easing; borrowing, especially as the cost of borrowing by government is always lower than the cost incurred by the private sector; and the Government can also eliminate tax anomalies and tax the ultra-rich. Will the Minister publish data showing how the Government evaluated these alternatives? That would be very helpful.

It is also very disappointing, at least from my perspective, that the Tory Government’s two-child benefit cap, which affects 1.6 million children, has not been abolished. There is no shortage of money. Just last week, the Government promised to increase military spending and promised £3 billion a year in military support to Ukraine. They are also ready to hand new money to Tata Steel as well. The formation of the child poverty task force should not preclude removal of this cap. There is no point in prolonging the misery for millions of children. If the Government are looking for new resources, I can help. They can raise about £14 billion by taxing capital gains at the same rates as wages and levying national insurance on the same. This one change alone would enable them to finance the national wealth fund, without private money, in one go, in one year; abolish the two-child benefit cap; and provide free school meals for all children. What objection could the Minister have to this suggestion?

Deepfakes: General Election

Lord Sikka Excerpts
Wednesday 8th May 2024

(6 months, 1 week ago)

Lords Chamber
Read Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Viscount Camrose Portrait Viscount Camrose (Con)
- View Speech - Hansard - - - Excerpts

In the regrettable scenario mentioned by the noble Lord, such actions would generally fall to the Joint Election Security and Preparedness Unit and the election cell that will have been set up for the duration of the election to conduct rapid operational rebuttal and other responses to such things. We would not necessarily look to Ofcom until after the event because of the speed at which things would have to move.

Lord Sikka Portrait Lord Sikka (Lab)
- View Speech - Hansard - -

My Lords, it is not just technology that can undermine the outcome of general elections; the Government are facilitating it, too. Jacob Rees-Mogg, former Business Secretary, famously said that voter ID rules were an attempt to “gerrymander” the electoral system. Does the Minister have any empirical evidence to show that the introduction of the voter ID system has reduced alleged fraud or encouraged more people to vote?

Viscount Camrose Portrait Viscount Camrose (Con)
- View Speech - Hansard - - - Excerpts

It is a very interesting question, but I am afraid I have no information on that as it is not DSIT’s area at all. I will be very happy to find out and write to the noble Lord if that would help.

Baroness Jones of Whitchurch Portrait Baroness Jones of Whitchurch (Lab)
- Hansard - - - Excerpts

My Lords, in moving Amendment 24, I will speak also to Amendment 26. I welcome the amendments in the name of the noble Lord, Lord Clement-Jones.

Together, these amendments go to the heart of questioning why the Government have found it necessary to change the grounds for the refusal of a subject access request from “manifestly unfounded” to “vexatious or excessive”. At the moment, Article 15 of the UK GDPR gives data subjects a right of access to find out what personal information an organisation hold on them, how it is using it and whether it is sharing it. This right of access is key to transparency and often underpins people’s ability to exercise other data rights and human rights; for example, it impacts on an individual’s right to privacy in Article 8 of the ECHR and their right to non-discrimination in Article 40 of the same.

The Equality and Human Rights Commission has raised specific concerns about these proposals, arguing that subject access requests

“are a vital mechanism for data subjects to exercise their fundamental rights to privacy and freedom from discrimination”.

It argues that these rights will be even more vital as AI systems are rolled out, using personal information

“in ways that may be less than transparent to data subjects”.

So we must be suspicious as to why these changes are being made and whether they are likely to reduce the legitimate opportunities for data subjects to access their personal information.

This comes back to the mantra of the noble Lord, Lord Clement-Jones, regarding a number of the clauses we have dealt with and, I am sure, ones we have yet to deal with: why are these changes necessary? That is the question we pose as well. Is it simply to give greater clarity, as the Minister in the Commons claimed; or is it to lighten the burden on business—the so-called Brexit dividend—which would result in fewer applications being processed by data controllers? Perhaps the Minister could clarify whether data subject rights will be weakened by these changes.

In the Commons, the Minister, John Whittingdale, also argued that some data search requests are dispro-portionate when the information is of low importance or low relevance to the data subject. However, who has the right to make that decision? How is a data controller in a position to judge how important the information is to an individual? Can the Minister clarify whether the data controller would have the right to ask the data subject their reasons for requesting the information? This is not permitted under the current regime.

A number of stakeholders have argued that the new wording is too subjective and is open to abuse by data controllers who find responding to such requests, by their very nature, vexatious or excessive. For a busy data operator, any extra work could be seen as excessive. Although the Information Commissioner has said that he is clear how these words should be applied, he has also said that they are open to numerous interpretations. Therefore, there is a rather urgent need for the Information Commissioner to provide clear statutory guidance on the application of the terms, so that only truly disruptive requests can be rejected. Perhaps the Minister can clarify whether this is the intention.

In the meantime, our Amendment 24 aims to remove the easy get-out clause for refusing a request by making it clear that the resources available to the controller should not, by itself, be a reason for rejecting an application for information. There is an inevitable cost involved in processing requests, and we need to ensure that it does not become the standard excuse for denying data subjects their rights. Our Amendment 26 would require the data controller to produce evidence of why a request is considered vexatious or excessive if it is being denied. It should not be possible to assert this as a reason without providing the data subject with a clear and justifiable explanation. Amendment 25, from the noble Lord, Lord Clement-Jones, has a similar intent.

We remain concerned about the changes and the impact they will have on established data and human rights. As a number of stakeholders have argued, access to personal data and its uses underpins so many other rights that can be enforced by law. We should not give these rights away easily or without proper justification. I look forward to hearing what the Minister has to say, but without further clarification in the Bill, I doubt whether our concerns will be assuaged. I beg to move.

Lord Sikka Portrait Lord Sikka (Lab)
- Hansard - -

My Lords, I will say a little bit about my intention to delete this clause altogether. Clause 9 significantly changes the data and privacy landscape, and for the worse. The Constitution Committee’s report on the Bill, published on 25 January, noted:

“Clause 9 amends Article 12 of the UK GDPR to broaden the basis for refusal”—


not for enhancing, but for refusal—

“of a data access request by providing more leeway to ‘data controllers’”.

In the world we live in, there is a huge imbalance of power between corporations, governments, public bodies and individuals. People must have a right to know what information is held about them, and how and when it is used. It is vital in order to check abuses and hold powerful elites to account.

The request for information can, at the moment, be wholly or partly denied, depending on the circumstances. It can be refused if it is considered to be manifestly unfounded or manifestly excessive. These phrases, “manifestly unfounded” and “manifestly excessive”, are fairly well understood. There is already a lot of case law on that. Clause 9, however, lowers the threshold for refusing information from “manifestly unfounded or excessive” to “vexatious or excessive”.

--- Later in debate ---
Lord Clement-Jones Portrait Lord Clement-Jones (LD)
- Hansard - - - Excerpts

If that is the case and this is a dilution, is this where the Government think they will get the savings identified in the impact assessment? It was alleged in the Public Bill Committee that this is where a lot of the savings would come from—we all have rather different views. My first information was that every SME might save about £80 a year then, suddenly, the Secretary of State started talking about £10 billion of benefit from the Bill. Clarification of that would be extremely helpful. There seems to be a dichotomy between the noble Lord, Lord Bassam, saying that this is a way to reduce the burdens on business and the Minister saying that it is all about confident refusal and confidence. He has used that word twice, which is worrying.

Lord Sikka Portrait Lord Sikka (Lab)
- Hansard - -

I apologise for intervening, but the Minister referred to resources. By that, he means the resources for the controller but, as I said earlier, there is no consideration of what the social cost may be. If this Bill had already become law, how would the victims of the Post Office scandal have been able to secure any information? Under this Bill, the threshold for providing information will be much lower than it is under the current legislation. Can the Minister say something about how the controllers will take social cost into account or how the Government have taken that into account?

Viscount Camrose Portrait Viscount Camrose (Con)
- Hansard - - - Excerpts

First, on the point made by the noble Lord, Lord Bassam, it is not to be argumentative—I am sure that there is much discussion to be had—but the intention is absolutely not to lower the standard for a well-intended request.

Sadly, a number of requests that are not well intended are made, with purposes of cynicism and an aim to disrupt. I can give a few examples. For instance, some requests are deliberately made with minimal time between them. Some are made to circumvent the process of legal disclosure in a trial. Some are made for other reasons designed to disrupt an organisation. The intent of using “vexatious” is not in any way to reduce well-founded, or even partially well-founded, attempts to secure information; it is to reduce less desirable, more cynical attempts to work in this way.

--- Later in debate ---
Viscount Camrose Portrait Viscount Camrose (Con)
- Hansard - - - Excerpts

Which I will be delighted to answer. With this interesting exchange, I have lost in my mind the specific questions that the noble Lord, Lord Sikka, asked but I am coming on to some of his other ones; if I do not give satisfactory answers, no doubt he will intervene and ask again.

I appreciate the further comments made by the noble Lord, Lord Sikka, about the Freedom of Information Act. I hope he will be relieved to know that this Bill does nothing to amend that Act. On his accounting questions, he will be aware that most SARs are made by private individuals to private companies. The Government are therefore not involved in that process and do not collect the kind of information that he described.

Following the DPDI Bill, the Government will work with the ICO to update guidance on subject access requests. Guidance plays an important role in clarifying what a controller should consider when relying on the new “vexatious or excessive” provision. The Government are also exploring whether a code of practice on subject access requests can best address the needs of controllers and data subjects.

On whether Clause 12 should stand part of the Bill, Clause 12 is only putting on a statutory footing what has already been established—

Lord Sikka Portrait Lord Sikka (Lab)
- Hansard - -

My apologies. The Minister just said that the Government do not collect the data. Therefore, what is the basis for changing the threshold? No data, no reasonable case.

Viscount Camrose Portrait Viscount Camrose (Con)
- Hansard - - - Excerpts

The Government do not collect details of private interactions between those raising SARs and the companies they raise them with. The business case is based on extensive consultation—

Lord Sikka Portrait Lord Sikka (Lab)
- Hansard - -

I hope that the Government have some data about government departments and the public bodies over which they have influence. Can he provide us with a glimpse of how many requests are received, how many are rejected at the outset, how many go to the commissioners, what the cost is and how the cost is computed? At the moment, it sounds like the Government want to lower the threshold without any justification.

Viscount Camrose Portrait Viscount Camrose (Con)
- Hansard - - - Excerpts

As I say, I do not accept that the threshold is being lowered. On the other hand, I will undertake to find out what information can be reasonably provided. Again, as I said, the independent regulatory committee gave the business case set out a green rating; that is a high standard and gives credibility to the business case calculations, which I will share.

The reforms keep reasonable requests free of charge and instead seek to ensure that controllers can refuse or charge a reasonable fee for requests that are “vexatious or excessive”, which can consume a significant amount of time and resources. However, the scope of the current provision is unclear and, as I said, there are a variety of circumstances where controllers would benefit from being able confidently to refuse or charge the fee.

Lord Sikka Portrait Lord Sikka (Lab)
- Hansard - -

The Minister used the phrase “reasonable fee”. Can he provide some clues on that, especially for the people who may request information? We have around 17.8 million individuals living on less than £12,570. So, from what perspective is the fee reasonable and how is it determined?

Viscount Camrose Portrait Viscount Camrose (Con)
- Hansard - - - Excerpts

“Reasonable” would be set out in the guidance to be created by the ICO but it would need to reflect the costs and affordability. The right of access remains of paramount importance in the data protection framework.

Lastly, as I said before on EU data adequacy, the Government maintain an ongoing dialogue with the EU and believe that our reforms are compatible with maintaining our data adequacy decisions.

For the reasons I have set out, I am not able to accept these amendments. I hope that noble Lords will therefore agree to withdraw or not press them.

Lord Sikka Portrait Lord Sikka (Lab)
- View Speech - Hansard - -

My Lords, I join others in welcoming the noble Lord, Lord de Clifford, to this House. I look forward to hearing him in future debates.

This Bill is a large Bill, written in an utterly arcane language which normal people will struggle to understand and follow. Hopefully, the Government will try to write Bills in a better way, otherwise it is hard for people to understand the laws and follow them. I have grave misgivings about some parts of this Bill and I will touch on a couple of these issues, which have already been identified by a number of noble Lords.

George Orwell’s iconic novel Nineteen Eighty-Four, published in 1949, raised the spectre of Big Brother. That nightmare has now been brought to reality by a Conservative Government supposedly rolling back the state. The Government have already undermined the people’s right to protest and to withdraw labour. Now comes snooping and 24/7 surveillance of the bank, building society and other accounts of the sick, disabled, poor, elderly and unfortunate, all without a court order. Over 22.4 million people would be targeted by that surveillance, but the account holders will not be told anything about the frequency and depth of this organised snooping.

In true Orwellian doublespeak, the Government claim that the Bill will

“allow the country to realise new post-Brexit freedoms”.

They link the surveillance to, and are stirring up, people’s fears about benefit fraud, while there is absolutely no surveillance of those receiving public subsidies, those mis-selling financial products, those accused of PPE fraud or even a former Chancellor who abused the tax system. Numerous court judgments have condemned the big accounting firms for selling illegal tax-dodge schemes and robbing the public purse, but despite those judgments no major accounting firm has, under this Government, ever been investigated, fined or prosecuted. None of the accounts of those partners or firms is under surveillance. The Bill is part of a class war: it targets only low-income and middle-income people, while big beasts get government contracts.

Currently, the Department for Work and Pensions can request details of bank accounts and transactions on a case-by-case basis on suspicion of fraudulent activity, but Clause 128 and Schedule 11 give the Government unrestrained powers to snoop. The Government say that the Bill

“would allow regular checks to be carried out on the bank accounts held by benefit claimants to spot increases in their savings which push them over the benefit eligibility threshold, or when people spend more time overseas than the benefit rules allow for. This will help identify fraud”

and

“take action more quickly”.

How prevalent is the benefit fraud that the Government wish to tackle? The Government estimate that, in 2023, they lost £8.3 billion to welfare fraud and errors, 80% of which is attributed to fraud. A government statement issued on 23 November said that, as a result of mass surveillance, benefit fraud would save the public purse

“£600 million over the next five years”.

On 29 November, in a debate in the other place, the Minister mentioned the figure of £500 million and, despite a number of challenges, did not correct that estimate. The Government are hoping that mass snooping will generate savings of £100 million to £120 million a year, but we do not have a breakdown of this saving and do not know how they have arrived at that number. I hope that the number is more reliable than the Government’s estimates of the HS2 costs. To put this into context, the Government are spending nearly £1,200 billion this year and they are introducing snooping to save about £100 million a year.

The snooping of bank accounts suggests that the Government are looking for unusual cash-flow patterns. What that means is that, if anyone gives a lump sum to a loved one for Christmas, a birthday, a holiday or home repairs, and it passes through their bank account, the Government could seize on that as evidence of excess resources and reduce or stop their benefits. Suppose that a poor person pawns some household items for a few pounds and temporarily boosts his or her bank balance. Would that person now be labelled a fraudster and lose benefits? The Government have not looked at the details of what would happen.

Many retirees have a joint bank account with another member of the family or with a friend. Under the Government’s crazy plans, the third party would also be put under surveillance because they happen to have a joint account. Can the Minister explain why people not receiving any social security benefits are to be snooped upon, because they would be caught in this trap?

How will the snoopers distinguish temporary and easily explainable boosts in bank balances from others? My background is that I am an accountant and I have investigated things over the years; I helped the Work and Pensions Committee investigate the collapses of BHS and Carillion. So I hope that the Minister can enlighten me on how all this will be done.

I hope that the Minister can also clarify the scope of the Bill as it applies to recipients of the state pension. The Government have classified it as a benefit, so can the Minister explain why? After all, the amount one gets is determined by the number of years of national insurance contributions. So why is it actually a benefit? The Minister in the other place said:

“I agree, to the extent that levels of fraud in state pensions being currently nearly zero, the power is not needed in that case. However, the Government wish to retain an option should the position change in the future”.—[Official Report, Commons, 29/11/23; col. 912.]


Why do the Government want to snoop on the bank accounts of OAPs when there is hardly any fraud? Do they have some sinister plan to treat the state pension as a means-tested benefit? Perhaps the Minister could confirm or deny that. If he wishes to deny it, can he explain why the Government are targeting retirees? What have they done?

In this House, we have more than our fair share of senior citizens who receive a state pension, and their bank accounts would also be under surveillance. How long before a Government abuse that information to blackmail Members of this House and erode possibilities of scrutinising the Government of the day? It is opening us all up to blackmail, now or in the future.

In the past, the Government assured us that health data would not be sold—but then sold it to corporations, as we heard earlier. How can we trust the Government not to do the same with data collected via snooping on bank accounts? What will they be selling?

The mass surveillance is not subject to any court order. Concerned citizens will not be told, as their right to know will be further eroded by Clause 9. It is for the courts, not Ministers, to decide whether requests for data are vexatious or excessive. Can the Minister provide us with some data on how many requests for information are received by departments each year and what proportion have been declared to be vexatious and excessive by the courts? The Government cannot just say that they are vexatious—I would rather trust the courts.

Clause 9 obstructs government accountability and further erodes the Nolan principles. As a personal example, I fought a five and a half-year battle against the Treasury to learn about the closure of the Bank of Credit and Commerce International in 1991. It was the biggest banking fraud of the 20th century, which has yet to be investigated. I asked the Treasury for some information and was totally fobbed off. I went to the Information Commissioner, who sided with the Treasury. So I went to the courts to get some information, with the possibility that the judges might declare my attempts to learn the truth vexatious and might even impose legal costs on me. Fortunately, that did not happen—I won the case and the Treasury had to release some documents to me.

The information showed that the Conservative Government were covering up money laundering, frauds, the secret funding of al-Qaeda, Saudi intelligence, arms smugglers, murderers and others. The information given to me has never been put on public record by this Government. Can you imagine what will happen now if quests to learn something about banking fraud are simply labelled vexatious and excessive? How will we hold the Government to account? The Bill makes it harder to shine some light on the secret state and I urge the Government to rethink Clause 9.

Finally, I urge the Minister to answer the questions I have raised, so that we can have a better Bill.

--- Later in debate ---
Viscount Camrose Portrait Viscount Camrose (Con)
- View Speech - Hansard - - - Excerpts

My Lords, I sincerely thank all of today’s speakers for their powerful and learned contributions to a fascinating and productive debate. I very much welcome the engagement in this legislation that has been shown from across the House and such a clear setting out, at this early stage, of the important issues and caveats.

As I said, the Bill reflects the extensive process of consultation that the Government have undertaken, with almost 3,000 responses to the document Data: A New Direction, and the support it enjoys from both the ICO and industry groups. The debate in which we have engaged is a demonstration of noble Lords’ desire to ensure that our data protection regime evolves and works more effectively, while maintaining the highest standards of data protection for all.

I will respond to as many of the questions and points raised as I can. I hope noble Lords will forgive me if, in the interests of time and clarity, I do not name every noble Lord who spoke to every issue. A number of noble Lords expressed the wish that the Government remain open to any and all conversations. Should I inadvertently fail to address any problem satisfactorily, I affirm that I am very willing to engage with all noble Lords throughout the Bill’s passage, recognising its importance and, as the noble Lord, Lord Bassam, said, the opportunity it presents to do great good.

Many noble Lords raised concerns that the Bill does not go far enough to protect personal data rights. This is certainly not our intent. The fundamental data protection principles set out in the UK GDPR—as my noble friend Lord Kirkhope pointed out, they include lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, security and accountability—remain at the heart of the UK’s data protection regime. Certain kinds of data, such as health data, remain special categories to which extra protections rightly apply. Changes such as requiring a senior responsible individual, rather than a data protection officer, mean that organisations still need to be accountable for how they process personal data but will have more flexibility about how they manage the data protection risks within their organisations.

On other specific points raised on the data protection framework, I agree that the right of access is key to ensuring transparency in data processing. The proposals do not restrict the right of access for reasonable requests for information and keep reasonable requests free of charge. On the creation of the new recognised legitimate interests lawful grounds, evidence from our consultation indicated that some organisations worried about getting the balancing test wrong, while others said that the need to document the outcome of their assessment could slow down important processing activities.

To promote responsible data sharing in relation to a limited number of public interest tasks, the Bill acknowledges the importance of these activities, which include safeguarding, crime prevention and national security, responding to emergencies and democratic engagement, but data controllers should not be required to do a case-by-case balancing test.

On cookies, the Bill will allow the Secretary of State to remove the need for data controllers to seek consent for other purposes in future, when the appropriate technologies to do so are readily available. The aim is to offer the user a clear, meaningful choice that can be made once and respected throughout their use of the internet. However, before any such powers are used, we will consult further to make sure that people are more effectively enabled to use different technology to set their online preferences.

On democratic engagement, extending the exemption allows a limited number of individuals, such as elected representatives and referendum campaigners, to process political opinions data without consent where this is necessary for their political activities. In a healthy democracy, it is not just registered political parties that may need to process political opinions data, and these amendments reflect that reality. This amendment does not remove existing rights. If people do not want their data processed for these purposes, they can ask the controller to stop doing so at any time. Before laying any regulations under this clause, the Government would need to consult the Information Commissioner and other interested parties, as well as gaining parliamentary approval.

I turn now to concerns raised by many about the independence of the regulator, the Information Commissioner. The ICO remains an independent regulator, accountable to Parliament, not the Government, in its delivery of data protection regulation. The Bill ensures it has the powers it needs to remain the guardian of people’s personal data. It can and does produce guidance on what it deems necessary. The Government welcome this and will work closely with it ahead of and throughout the implementation of this legislation.

New powers will also help to ensure that the Information Commissioner is able to access the evidence he needs to inform investigations and has the time needed to discover and respond to representations. This will result in more informed investigations and better outcomes. The commissioner will be able to require individuals to attend interviews only if he suspects that an organisation has failed to comply with or has committed an offence under data protection legislation. This power is based on existing comparable powers for the Financial Conduct Authority and the Competition and Markets Authority. A person is not required to answer a question if it would breach legal professional privilege or reveal evidence of an offence.

As the noble Lord, Lord Clement-Jones, pointed out, EU adequacy was mentioned by almost everybody, and concerns were raised that the Bill would impact our adequacy agreement with the EU. The Government believe that our reforms are compatible with maintaining our data adequacy decisions from the EU. While the Bill removes the more prescriptive elements of the GDPR, the UK will maintain its high standards of data protection and continue to have one of the closest regimes to the EU in the world after our reform. The test for EU adequacy set out by the Court of Justice of the European Union in the cases relating to UK adequacy decisions requires essential equivalence to the level of protection under the GDPR. It does not require a third country to have exactly the same rules as the EU in order to be considered inadequate. Indeed, 14 countries have EU adequacy, including Japan, New Zealand and Canada. All of these nations pursue independent and often more divergent approaches to data protection.

Regarding our national security practices, in 2020 and 2021, the European Commission carried out a thorough assessment of the UK’s legislation and regulatory framework for personal data, including access by public authorities for national security purposes. It assessed that the UK provides an adequate level of data protection. We maintain an ongoing dialogue with the EU and have a positive, constructive relationship. We will continue to engage regularly with the EU to ensure our reforms are understood.

A great many noble Lords rightly commented on AI regulation, or the lack of it, in the Bill. Existing data protection legislation—the UK GDPR and the Data Protection Act 2018—regulate the development of AI systems and other technologies to the extent that there is personal data involved. This means that the ICO will continue to play an important role in applying the AI principles as they relate to matters of privacy and data protection. The Government’s view is that it would not be effective to regulate the use of AI in this context solely through the lens of data protection.

Article 22 of the UK GDPR is currently the primary piece of UK law setting out the requirements related to automated decision-making, and this Bill sets out the rights that data subjects have to be informed about significant decisions that are taken about them through solely automated means, to seek human review of those decisions and to have them corrected. This type of activity is, of course, increasingly AI-driven, and so it is important to align these reforms with the UK’s wider approach to AI governance that has been published in the White Paper developed by the Office for Artificial Intelligence. This includes ensuring terms such as “meaningful human involvement” remain up to date and relevant, and the Bill includes regulation-making powers to that effect. The White Paper on the regulation of AI commits to a principles-based approach that supports innovation, and we are considering how the framework will apply to the various actors in the AI development and deployment life cycle, with a particular focus on foundation models. We are analysing the views we heard during the White Paper consultation. We will publish a response imminently, and we do not want to get ahead of that process at this point.

I turn to the protection of children. Once again, I thank noble Lords across the House for their powerful comments on the importance of protecting children’s data, including in particular the noble Baroness, Lady Kidron. On the very serious issue of data preservation orders, the Government continue to make it clear—both in public, at the Dispatch Box, and in private discussions—that we are firmly on the side of the bereaved parents. We consider that we have acted in good faith, and we all want the same outcomes for these families struck by tragedy. We are focused on ensuring that no parent is put through the same ordeal as these families in the future.

I recognise the need to give families the answers they require and to ensure there is no gap in the law. Giving families the answers they need remains the Government’s motivation for the amendment in the other place; it is the reason we will ensure that the amendment is comprehensive and is viewed as such by the families. I reassure the House that the Government have heard and understand the concerns raised on this issue, and that is why the Secretary of State, along with Justice Ministers, will work with noble Lords ahead of Committee and carefully listen to their arguments on potential amendments.

I also hear the concerns of the right reverend Prelate the Bishop of St Albans, the noble Lord, Lord Vaux, and the noble Baroness, Lady Young, on surveillance, police powers and police access to data. Abolishing the Surveillance Camera Commissioner will not reduce data protection. The role overlaps with other oversight bodies, which is inefficient and confusing for police and the public. The Bill addresses the duplication, which means that the ICO will continue to regulate data processing across all sectors, including policing. The aim is to improve effective independent oversight, which is key to public confidence. Simplification through consolidation improves consistency and guidance on oversight, makes the most of the available expertise, improves organisational resilience, and ends confusing and inefficient duplication.

The Government also have a responsibility to safeguard national security. The reports into events such as the Manchester Arena and Fishmongers’ Hall terrorist incidents have clearly noted that better joined-up working between the intelligence services and law enforcement supports that responsibility. This is why the Bill creates the power for designation notices to be issued, enabling joint controllerships between the intelligence services and law enforcement. The Secretary of State must consider the processing contained in the notice to be required for the purpose of safeguarding national security to grant it. This mirrors the high threshold for interference with the right to privacy under Article 8 of the Human Rights Act, which requires that such interference be in accordance with the law and necessary in a democratic society.

Concerns were raised by, among others, the noble Baronesses, Lady Young and Lady Bennett, and the noble Lords, Lord Sikka and Lord Bassam, on the proportionality of the measure helping the Government to tackle both fraud and error. Despite taking positive steps to reduce these losses, the DWP remains reliant on powers derived from legislation that is in part over 20 years old. The DWP published the fraud plan in May 2022. It set out clearly a number of new powers that it would seek to secure when parliamentary time allowed. Tackling fraud and error in the DWP is a priority for the Government but parliamentary time is tight. In the time available, the DWP has prioritised our key third-party data-gathering measure which will help to tackle one of the largest causes of fraud and error in the welfare system. We remain committed to delivering all the legislation outlined in the DWP’s fraud plan when parliamentary time allows.

To develop and test these new proposals, the DWP has been working closely with the industry, which recognises the importance of modernising and strengthening these powers to enable us to better detect fraud and error in the benefit system. This includes collaboration on the practical design, implementation and delivery of this measure, including establishing a working group with banks and the financial industry. The DWP has also regularly engaged with UK finance as well as individual banks, building societies and fintechs during the development of this measure, and continues to do so. It is of course important that where personal data is involved there are appropriate checks and balances. Organisations have a right to appeal against the requirement to comply with a data notice issued by the DWP.

Through our appeal process, the Government would first seek to resolve all disputes by DWP internal review. If this failed, the appeal would be referred to the First-tier Tax Tribunal, as currently is used in similar circumstances by HMRC. The third-party data-gathering powers that the DWP is taking are only broad to the extent that this ensures that they can be future-proofed. This is because the nature of fraud has changed significantly in recent years and continues to change significantly. The current powers that the DWP has are not sufficient to tackle the new kinds of fraud that we are now seeing in the welfare system. We are including all benefits to ensure that benefits such as state pension retain low rates of fraud. The DWP will of course want to focus this measure on addressing areas with a significant fraud or error challenge. The DWP has set out in its fraud plan how it plans to focus the new powers, which in the first instance will be on fraud in universal credit.

I thank noble Lords, particularly the noble Lord, Lord Vaux, for the attention paid to the department’s impact assessment, which sets out the details of this measure and all the others in the Bill. As he notes, it is substantive and thorough and was found to be such by the Regulatory Policy Committee, which gave it a green rating.

I hope that I have responded to most of the points raised by noble Lords today. I look forward to continuing to discuss these and other items raised.

Lord Sikka Portrait Lord Sikka (Lab)
- Hansard - -

I would like some clarification. The Minister in the other place said:

“I agree, to the extent that levels of fraud in state pensions being currently nearly zero, the power is not needed in that case. However, the Government wish to retain an option should the position change in the future”.—[Official Report, Commons, 29/11/23; col. 912.]


Can the noble Viscount explain why the Government still want to focus on recipients of state pension given that there is virtually no fraud? That is about 12.6 million people, so why?

Viscount Camrose Portrait Viscount Camrose (Con)
- Hansard - - - Excerpts

Although proportionately fraud in the state pension is very low, it is still there. That will not be the initial focus, but the purpose is to future-proof the legislation rather than to have to keep coming back to your Lordships’ House.

Let me once again thank all noble Lords for their contributions and engagement. I look forward to further and more detailed debates on these matters and more besides in Committee. I recognise that there are strong views and it is a wide-ranging Bill, so there will be a lot of meat in our sandwich.

I congratulate the noble Lord, Lord de Clifford, on his perfectly judged maiden speech. I thoroughly enjoyed his description of his background and his valuable contributions on the Bill, and I welcome him to this House.

Finally, on a lighter note, I take this opportunity to wish all noble Lords—both those who have spoken in this debate and others—a very happy Christmas and a productive new year, during which I very much look forward to working with them on the Bill.

Semiconductors Manufacturing

Lord Sikka Excerpts
Monday 18th September 2023

(1 year, 2 months ago)

Lords Chamber
Read Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Viscount Camrose Portrait Viscount Camrose (Con)
- View Speech - Hansard - - - Excerpts

What Minister Scully clearly meant was that there is no point attempting to construct an advanced silicon manufactory at the cost of tens of billions of pounds at considerable risk to both investors and the taxpayer when all those who have tried to mimic TSMC have failed at great expense. It is far better to focus on our strengths and on the compound semiconductor strategy that Minister Scully will have spoken about on that occasion. Again, Newport Wafer Fab is under judicial review and I cannot comment further.

Lord Sikka Portrait Lord Sikka (Lab)
- View Speech - Hansard - -

My Lords, with regard to semiconductor investment, the US has tabled a package of $50 billion, China a package of $40 billion and India $10 billion, while the UK has put forward just £1 billion, or $1.2 billion, which is 1/13th of the subsidy given to railway companies. Can the Minister explain why the Government show so little ambition? Will he now publish all emails and minutes relating to the national semiconductor strategy document so that we can get some insights into its neglect of this vital field?

Viscount Camrose Portrait Viscount Camrose (Con)
- View Speech - Hansard - - - Excerpts

In respect of the first point, as I say, it is a highly risky undertaking to construct advanced silicon fabs in the way that those countries are setting out to do. That is not the right strategy for the UK. With regard to publishing all the emails written by the department, perhaps the noble Lord could write to me and set out his reasons for wanting them and I will be happy to talk to him.