Debates between Kate Osborne and Chris Bryant during the 2019-2024 Parliament

Data Protection and Digital Information Bill

Debate between Kate Osborne and Chris Bryant
Kate Osborne Portrait Kate Osborne (Jarrow) (Lab)
- View Speech - Hansard - -

I rise to speak to the six amendments that I have tabled to the Bill. I am grateful to Mr Speaker for selecting amendment 11, which I will press to a vote. It is an extremely important amendment that I hope will unite Members across the House, and I thank the hon. Member for Glasgow North (Patrick Grady) for confirming his party’s support for it.

Chris Bryant Portrait Sir Chris Bryant
- Hansard - - - Excerpts

I add mine and that of the Labour party, too.

Kate Osborne Portrait Kate Osborne
- Hansard - -

I thank my hon. Friend for that.

I have been contacted by many people and organisations about issues with the Bill. The British Medical Association and the National AIDS Trust have serious concerns, which I share, about the sharing of healthcare data and the failure to consider the negative impact of losing public trust in how the healthcare system manages data.

The Bill is an opportunity to adapt the UK’s data laws to strengthen accountability and data processing, but it currently fails to do so. It provides multiple Henry VIII powers that will enable future Secretaries of State to avoid parliamentary scrutiny and write their own rules. It undermines the independence of the Information Commissioner’s Office in a way that provides less protection to individuals and gives more power to the Government to restrict and interfere with the role of the commissioner.

The Government’s last-minute amendments to their own Bill, to change the rules on direct marketing in elections and give themselves extensive access to the bank accounts of benefit claimants, risk alienating people even further. I hope the House tells Ministers that it is entirely improper—in fact, it is completely unacceptable—for the Government to make those amendments, which require full parliamentary scrutiny, at this late stage.

We know people already do not trust the Government with NHS health data. The Bill must not erode public trust even more. We have seen concerns about data with GP surgeries and the recent decision to award Palantir the contract for the NHS’s federated data platform. A 2019 YouGov survey showed that only 30% of people trust the Government to use data about them ethically. I imagine that figure is much lower now. How do the Government plan to establish trust with the millions of people on pension credit, state pension, universal credit, child benefit and others whose bank accounts—millions of bank accounts—they will be able to access under the Bill? As my hon. Friend the Member for Rhondda (Sir Chris Bryant) and others have asked, legislative powers already exist where benefit fraud is suspected, so why is the amendment necessary?

My amendment 11 seeks to ensure that special category data, such as that relating to a person’s health, is adequately protected in workplace settings. As the Bill is currently worded, it could allow employers to share an employee’s personal data within their organisation without a justifiable reason. The health data of all workers will be at risk if the amendment falls. We must ensure that employees’ personal data, including health data, is adequately protected in workplace settings and not shared with individuals who do not need to process it.

The National AIDS Trust is concerned that the Bill’s current wording could mean that people’s HIV status can be shared without their consent in the workplace, using the justification that it is “necessary for administrative purposes”. That could put people living with HIV at risk of harassment and discrimination in the workplace. The sharing of individuals’ HIV status can lead to people living with HIV experiencing further discrimination and increase their risk of harassment or even violence.

I am concerned about the removal of checks on the police processing of an individual’s personal data. We must have such checks. The House has heard of previous incidents involving people living with HIV whose HIV status was shared without their consent by police officers, both internally within their police station and in the wider communities they serve. Ensuring that police officers must justify why they have accessed an individual’s personal data is vital for evidence in cases of police misconduct, including where a person’s HIV status is shared inappropriately by the police or when not relevant to an investigation into criminal activity.

The Bill is not robust enough on the transfer of data internationally. We need to ensure that there is a mandated annual review of the data protection test for each country so that the data protection regime is secure, and that people’s personal data, such as their LGBTQ+ identity or HIV status, will not be shared inappropriately. LGBTQ+ identities are criminalised in many countries, and the transfer of personal data to those countries could put an individual, their partner or their family members at real risk of harm.

I have tabled six amendments, which would clarify what an “administrative purpose” is when organisations process employees’ personal data; retain the duty on police forces to justify why they have accessed an individual’s personal data; ensure that third countries’ data protection tests are reviewed annually; and ensure that the Secretary of State seeks the views of the Information Commissioner when assessing other countries’ suitability for the international transfer of data. I urge all Members to vote for amendment 11, and I urge the Government and the other place to take on board all the points raised in today’s debate and in amendments 12 to 16 in my name.