Sir John Whittingdale

- Hansard -

Copy Link

- - Excerpts

Although the hon. Gentleman and I had a robust but nevertheless amicable exchange on Report, it was in fact his colleague, the hon. Member for Barnsley South (Stephanie Peacock), who took that Bill through Committee. It was not until Report that the Conservative Government decided to add measures to the Bill—measures that I fully supported, of course, but which nevertheless made the task a little more difficult, as they resulted in a lack of agreement across the Chamber, which had previously pertained throughout the passage of the Bill. It is a pleasure to debate these matters again, and, indeed, to see not just the hon. Gentleman but some of the officials who laboured to take that Bill through Committee with me, and are now tasked with doing it all over again.

One point about the Bill that the Secretary of State did not refer to is that a lot of it seeks to improve the working of data protection law in this country and make data more accessible while safeguarding important privacy rights. However, the fact that we are able to make changes to improve our data protection laws is a consequence of Britain no longer being a member of the European Union—otherwise, we were trapped by the GDPR requirements. This is an example of where we can draft legislation to benefit people in this country and not have to accept top-down imposed legislation from Brussels—another reason why I was an enthusiastic supporter of the previous Bill.

One issue that featured a lot during the previous debate, and which I am slightly surprised has not been mentioned so far, is whether the changes made in the Bill would in any way jeopardise data adequacy recognition by the EU. [Interruption.] I am sorry; the hon. Member for Harpenden and Berkhamsted (Victoria Collins) did mention it, but the Secretary of State did not. Data adequacy is an important issue, and concern has been expressed outside the House that the Bill might put it at risk. We were very keen to ensure that that was not the case, and we worked closely—as I am sure the Minister continues to do—with the Information Commissioner, John Edwards, who has a lot of experience in this field, having previously overseen the data protection regime in New Zealand, which enjoys data adequacy but is not identical to GDPR. I am sure, given that this Bill is so similar, that there is no risk to data adequacy, which is of importance to many large firms.

The Bill covers a lot of other areas that we regarded as important and which have remained largely unchanged, such as the operation of the Information Commissioner’s Office, digital identification, the national underground asset register, the electronic use of the register of births and marriages, the extension of smart data use, automated decision making, and the retention of information where required by coroners after child deaths. All those areas were included in the previous Bill, and I am delighted that they are still there in this one.

Sir John Whittingdale

- Hansard -

Copy Link

- - Excerpts

If my hon. Friend is referring to data protection, it is a careful balance. People are rightly concerned that their data is protected and that they should have privacy rights, and there are campaigning organisations out there that have examined the Bill and expressed concern. We were careful to ensure that the standards of data protection required were maintained, and I am sure this Government take the same view.

At the same time—this is where there are small differences between the previous Bill and this Government’s Bill—we were keen to ensure that data protection did not impose unnecessary burdens, particularly on small businesses. There were one or two areas where we were able to slightly relax the definitions and to reduce the burden on business, but this Government have taken a different view. They are relatively minor and relatively technical areas, but there are things such as the definition of “vexatious and excessive”, which was an issue that occupied a lot of discussion. The Government have now removed that and reverted to the previous definition, which we felt was unnecessarily burdensome. There is also the whole area of subject access requests that would occupy a huge amount of firms’ time in trying to respond to them. We felt there needed to be at least some safeguard to prevent those becoming, as we defined it, vexatious, so I regret the fact that the Government have not proceeded with that element.

However, those are relatively minor areas, and in large part the Bill is one that previously enjoyed cross-party consensus when it went through this Chamber in the last Parliament and that I suspect will continue to enjoy cross-party consensus as it moves into Committee in this Parliament. The Secretary of State is no longer with us, but I hasten to add that I am not volunteering to serve on the Public Bill Committee. Having previously endured many hours doing so, I do not particularly want to repeat that experience.

Perhaps in part because the Bill enjoys a lot of support across the House, there is inevitably a particular element about which there is real concern, and that is the area of copyright protection and artificial intelligence. It is worth saying that that was not originally in the Bill at all, and I congratulate Baroness Kidron, who managed to persuade the Clerks in the other place to allow her to move the amendments to insert it into the Bill, and it is now part of the Bill. I think those amendments are very important, and I very much welcome them.

The hon. Member for Bury North (Mr Frith) referred to the fact that the previous Government had not acted in this area, and he is right. The Conservatives did not act because we felt, and continue to feel, that the law on copyright is clear and does not need changing. This Government have proposed to change the law to bring in the text and data mining exception. That will create the opportunity for AI to take, scrape and ingest creative content, of the kind the hon. Member for Scarborough and Whitby mentioned, using an exception that the Government are bringing in. It was proposed under the last Government, but I can tell the House that the last Government rejected it precisely because we felt it would drive a coach and horses through copyright law and do real damage to the creative industries.

Dr Spencer

- Hansard -

Copy Link

- - Excerpts

What is the point of politics if we do not have a debate? We strongly disagree with the interpretation that the provisions are somehow incompatible with ECHR rights. They totally support people’s privacy rights under article 8 regarding proportionate disclosures. If somebody needs to have someone’s sex data, they need sex data. They do not need gender data. The provisions allow for it, and if somebody does not need sex data, they should not be collecting it in the first place.

Chris Bryant

- Hansard -

Copy Link

- - Excerpts

I need to make it absolutely clear, for a start, that the element of clause 45 that we are removing—subsection (6)—makes no reference to sex or gender at all. The words do not appear on the face of the Bill at all. Subsection (6) refers to accuracy and inaccuracy, but it says

“the public authority is able to attest that it…has been corrected through a lawfully made correction,”

and that is obviously aiming at a particular form of lawfully made correction.

Public authorities are already bound in law by data protection legislation—this goes to the point that the hon. Member for Isle of Wight East just made—to ensure that the personal data they process is accurate and, importantly, that it is accurate for the purpose for which it is being processed, and that it is kept up to date where necessary. In essence, what the noble Lords’ amendments to the Bill did was say that we should also be keeping, in every instance, a history of what the data had been. That, I think, is problematic.

The hon. Member is absolutely right about wanting to preserve women-only spaces, which is why public authorities are required to process information that is accurate for the purpose for which it is being processed. In the delivery of healthcare, for instance, when it comes to health screening for transgender and non-binary individuals, the Department of Health and Social Care has comprehensive guidance that sets out the NHS default adult screening programmes that are available in England and lays out who is invited. In England, it is up to GPs to ensure that, as part of processing gender change, the individual is correctly registered for relevant screenings in relation to their sex.

I simply do not buy this argument that we need to make this provision in relation to all digital verification services. Although it is of course right that, in the delivery of prison services or in the health service, or in so many other areas, simple common sense should apply in relation to female-only spaces and wanting to make sure that women are safe, I do not think that this Bill on digital verification services benefits from the introduction of a measure that would effectively mean that in the provision of every digital verification service—whether in regard to the provision of some sensitive service or not—you should make this provision. That is why we tabled amendments 10 and 11, and I urge all hon. Members to support them.