Communications Act 2003 (Disclosure of Information) Order 2024 Debate
Full Debate: Read Full DebateLord Stevenson of Balmacara
Main Page: Lord Stevenson of Balmacara (Labour - Life peer)Department Debates - View all Lord Stevenson of Balmacara's debates with the Department for Business and Trade
(3 days, 16 hours ago)
Grand CommitteeMy Lords, I begin with a comment that I hope will not be taken badly by either my noble friend the Minister or the large number of civil servants who have been involved in this Bill over the years. Colleagues may recall that the Bill took seven years to pass through the various processes and procedures of Parliament, including initial Green Papers and White Papers and then scrutiny by the Joint Select Committee, of which my noble friend opposite was also a member, and it seems slightly surprising and a bit odd that we are dealing with what seems to be an administrative oversight so late in the process. I do not expect a serious response from the Minister on that, but I wanted to put on the record that we are still very much aware of the fact that legislation has its faults and sometimes needs to be corrected, and we should perhaps be humble in expecting that the material we finally agree in Parliament is indeed the last word on things.
Having said that, I think I follow the noble Lord, Lord Clement-Jones, on this point: the subsequent legal analysis, which has identified a potential gap in provision on this instrument, tries to tidy it up but, in doing so, has left me a bit confused. I simply ask the Minister to make it clear to me when she responds that I am reading it correctly. The worry that has been exposed by this subsequent legal analysis is about the sharing of information when Ofcom is using its powers to address issues with the companies with which it has an engagement. Indeed, the whole purpose of the Bill is to ensure that companies are taking their burden of making sure that the Bill works in practice. There may be a deficiency in terms of what the Secretary of State has separate powers to do, but my confusion is that the Explanatory Memorandum says:
“The Secretary of State has several key functions relating to the implementation of the framework under the”
Online Safety Act. It is obviously sensible, therefore, that the sharing of information that Ofcom gathers is available for that. But is that all the powers of the Secretary of State or only the powers of the Secretary of State in relation to the Online Safety Act? The Explanatory Memorandum says:
“If Ofcom were not able to share business information relating to these areas”—
that is, the areas directly affected by the Online Safety Act—
“there is a risk that implementation and review of the framework could be delayed or ineffective”.
I accept the general point, but, to pull up the point made by the noble Lord, Lord Clement-Jones, is this an open invitation for Ofcom to share information that does not relate to its powers in relation to the Online Safety Act with the Secretary of State and, therefore, something for the Secretary of State to take on as a result of a slightly uncertain way of doing it? Are there are any restrictions to this power as set out in that paper? I could mention other points where it comes up, but I think my point is made.
The noble Lord, Lord Clement-Jones, also touched on the point that this is a power for Ofcom to share with the Secretary of State responsible for Ofcom, which is fair enough, but, as the Explanatory Memorandum points out:
“There are also certain functions relating to definitions conferred on Scottish and Welsh Ministers and Northern Ireland departments”—
presumably now Ministers—which may also be “relevant persons” of the Act, but we are not given much on that, except that
“these are unlikely to require business information for their exercise”.
I would like a bit more assurance on that. Again, that might be something for which the department is not prepared and I am quite happy to receive a letter on it, but my recollection from the discussions on the Online Safety Bill in this area, particularly in relation to Gaelic, was that there were quite a lot of powers that only Scottish Ministers would be able to exercise, and therefore it is quite possible that business activities which would not be UK-wide in their generality and therefore apropos of the Secretary of State might well be available to Ofcom to share with Scottish Ministers. If it is possible to get some generic points about where that is actually expected to fall, rather than simply saying that it is unlikely to require business information, I would be more satisfied with that.
My Lords, I thank the Minister for setting out this instrument so clearly. It certainly seems to make the necessary relatively simple adjustments to fill an important gap that has been identified. Although I have some questions, I will keep my remarks fairly brief.
I will reflect on the growing importance of both the Online Safety Act and the duty we have placed on Ofcom’s shoulders. The points made by the noble Lord, Lord Clement-Jones, about the long-standing consequential nature of the creation of Ofcom and the Communications Act were well made in this respect. The necessary complexity and scope of the work of Ofcom, as our online regulator, has far outgrown what I imagine was foreseeable at the time of its creation. We have given it the tasks of developing and enforcing safety standards, as well as issuing guidance and codes of practice that digital services must follow to comply with the Act. Its role includes risk assessment, compliance, monitoring and enforcement, which can of course include issuing fines or mandating changes to how services operate. Its regulatory powers now allow it to respond to emerging online risks, helping to ensure that user-protection measures keep pace with changes in the digital landscape.
In recognising the daily growing risk of online dangers and the consequent burdens on Ofcom, we of course support any measures that bring clarity and simplicity. If left unaddressed, the identified gap here clearly could lead to regulatory inefficiencies and delays in crucial processes that depend on accurate and up-to-date information. For example, setting appropriate fee thresholds for regulated entities requires detailed knowledge of platform compliance and associated risks, which would be challenging to achieve without full data access. During post-implementation reviews, a lack of access to necessary business information could hamper the ability to assess whether the Act is effectively achieving its safety objectives or whether adjustments are needed.
That said, I have some questions, and I hope that, when she rises, the Minister will set out the Government’s thinking on them. My first question very much picks up on the point made—much better than I did—by the noble Lord, Lord Stevenson of Balmacara. It is important to ensure that this instrument does not grant unrestricted access to business information but, rather, limits sharing to specific instances where it is genuinely necessary for the Secretary of State to fulfil their duties under the Act. How will the Government ensure this?
Secondly, safeguards, such as data protection laws and confidentiality obligations under the Communications Act 2003, must be in place to guarantee that any shared information is handled responsibly and securely. Do the Government believe that sufficient safeguards are already in place?
Thirdly, in an environment of rapid technology change, how do the Government plan to keep online safety regulation resilient and adaptive? I look forward to hearing the Government’s views on these questions, but, as I say, we completely welcome any measure that increases clarity and simplicity and makes it easier for Ofcom to be effective.