Data Protection Bill [HL] Debate
Full Debate: Read Full DebateDepartment: Department for Digital, Culture, Media & Sport
Lord Ashton of Hyde
Main Page: Lord Ashton of Hyde (Conservative - Excepted Hereditary)Department Debates - View all Lord Ashton of Hyde's debates with the Department for Digital, Culture, Media & Sport
Monday 6th November 2017
(6 years, 5 months ago)
Lords ChamberRead Full debate Data Protection Act 2018 View all Data Protection Act 2018 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: HL Bill 66-II(Rev)(a) Amendment for Committee, supplementary to the revised second marshalled list (PDF, 55KB) - (6 Nov 2017)
Lord Stevenson of Balmacara (Lab)
My Lords, this has been a terrific debate on an important subject. We probably all agree that of all the issues that will come up on the Bill, we care about this one the most and would like to see it settled in a way that balances, as has been said, the wish for people to enjoy the use of the internet—which brings so much in so many different ways—with an appropriate regulatory structure that means that harm is prevented where it is appropriate to do so.
I was struck by what the noble Baroness, Lady Harding, said. Obviously, she is in a difficult position, speaking against her Government on a matter about which she has so much expertise and knowledge. However, she made the case so well that it is worth paying tribute to her for that. If we find a situation in any aspect of our public life where those responsible for an issue are unwilling or unable to deal with it appropriately, the public authorities have to take that step. We are in that situation—she made that clear so well.
Other arguments have been used today that were knocked back by the noble Baroness, Lady Kidron, when she spoke, but it is important to bear this in mind. There is no question here about us affecting our adequacy issues. This is definitely left to the government agencies in the countries involved to act on, and there is no issue here with regard to what we would say to the European Union should that be required in terms of adequacy, so we should not be dissuaded by that. As the recitals attached to the GDPR say, it is still a question of needing to balance the lower age of consent with the appropriate safeguards required. Age is one of those—it is important, but not the only one; capacity has also been raised before. However, we have the issue here about age, and there is a need for guidance around that.
The Government will not address the issue in any future sense. The internet strategy, which was referred to, is a bit of a red herring here, and, as we have heard, self-regulation, on which it is largely based, does not work. Therefore, action is probably required. As I said, if the industry will not do it, the public authorities should. We want this country to be the best place in the world to be online, and we want it to be safe to do so. If it is possible to design an age-appropriate environment, we should look very hard at that. The case that has been made today is incredibly important. The Government have a good sense of that from all around the Committee, as was said, and I hope they will be able to respond positively to it.
I will speak briefly to Amendment 20A, which picks up points made by the noble Baroness, Lady Howe. One issue that affects all those who wish to work in this area is the lack of information about what is happening on the ground: who is using what and how, with regard to time, effort and use of the internet? Amendment 20A, in my name, suggests to the Government that there is need at some point for a proper review which will require the companies to divest the information they currently have but which they do not share on information society services. Only then will the evidence of which the noble Baroness, Lady Howe, spoke, which will inform us as we go forward, be available. However, it should not stand in the way of the need to act in this way in this amendment, which I fully support.
The Parliamentary Under-Secretary of State, Department for Digital, Culture, Media and Sport (Lord Ashton of Hyde) (Con)
My Lords, the noble Lord, Lord Stevenson, said that he hoped I had a sense of where the Committee is coming from. I very much have a sense of that. I know that child online safety is an issue that is taken seriously by all noble Lords in the House, and it has been the subject of much debate apart from today. I am therefore grateful to the noble Baroness and to all who contributed for introducing this important subject. I assure all noble Lords that we have an open mind. However, I will pour a bit of cold water because some issues, to which we may well come back, need to be thought about. I apologise to the noble Baroness, Lady Kidron, for the fact that we have not met. I thought that we were arranging a meeting. I have certainly talked to my noble friend Lady Harding about these amendments. However, I repeat not only to her but to every noble Lord that I am very happy to talk to anyone about these matters before Report, and I have no doubt that I will be talking to the noble Baroness before too long.
At Second Reading we heard a good deal about the need to improve online safety and concerns about the role that social media companies play in young people’s lives. The Government are fully committed to this cause. Our approach has been laid out in the Internet Safety Strategy Green Paper, published earlier this month. In that strategy, the Government detailed a number of commitments to improve online safety for all users and issued a consultation on further work, including the social media code of practice, the social media levy and transparency reporting. Although the Government are currently promoting a voluntary approach to work with industry, we have clearly stated in the strategy—and I repeat it now—that legislation will be introduced if necessary, and this will be taken forward in the digital charter.
The Government’s clear intention is to educate all users on the safe use of online sites such as social media sites. Again, this is set out in the strategy. This includes efforts targeted at children, comprising working with civil society groups to support peer-to-peer programmes and revised national curriculums. We believe that education is fundamental to safe use of the internet because it enables users to build the skills and resilience needed to navigate the online world and to be capable of adapting to the continuous changes and innovations that we see in this space.
The aim of these amendments is to allow information society services to make use of the derogation in the GDPR to set the age threshold at 13 only if sites comply with guidance on the minimum standards of age-appropriate design as set out by the Information Commissioner. Although the Government are sympathetic to their goal to raise the level of safety online, we have some questions about how it would work in practice and some fundamental concerns about its possible unintended consequences.
The noble Lord, Lord Storey, said that we should not rest our case on EU law. That is an enticing argument, especially from a Liberal Democrat, but I think that there is a sense of frustration there and I would not hold him to that. However, the fact is that, as we discussed last week, we are determined to ensure that we preserve the free flow of data once the UK leaves the EU.
I have to raise the issue of compliance with the GDPR, because we have a very real concern that these amendments are not compatible with it. The GDPR was designed as a regulation to ensure harmonisation of data protection laws across the EU. The nature of the internet and the transnational flow of data that it entails mean that effective regulations need international agreement. However, these amendments would create additional burdens for data controllers. Article 8 of the GDPR says that member states may provide by law for a lower age but it does not indicate that exercising this derogation should be conditional on other requirements. These amendments go further than permitted, creating a risk for our future trading relationships.
The noble Baroness mentioned that she had advice from a prominent QC. If she would care to share that with us, I would be happy to discuss it with her, and we will put that in front of our lawyers as well. I have an open mind on this but we think that there is an issue as far as the GDPR’s compatibility is concerned.
Amendment 155 would require the Information Commissioner to produce guidance on standards and design. The Information Commissioner will already be providing guidance on minimum standards to comply with the requirement not to offer services to under-13s without parental consent. Indeed, it will be the role of the commissioner to enforce the new law on consent. Although the guidance will not include details on age-appropriate design, this is not something that should be overlooked by government. However, tackling the problem of age-appropriate design is not just a data protection issue, and we should be very cautious about using this age threshold as a tool to keep children off certain sites. This is about their data and not the more fundamental question of the age at which children should be able to use these sites.
We need to educate children and work with internet companies to keep them safe and allow them to benefit from being online. Where there is clearly harmful material, such as online pornography, we have acted to protect children through a requirement for age verification in the Digital Economy Act 2017. The Government’s Internet Safety Strategy addresses a wide range of ways to protect the public online. While online safety, particularly for children, is very important, we should not be confusing this with the age at which parental consent is no longer required for the processing of personal data by online services. The Government have a clear plan of action.
Lord Knight of Weymouth
I apologise to the Minister for interrupting. I am just interested in that confusion that he talks about. Perhaps I am incorrect, but I understand that images, for example, are data. There is a lot of concern about sexting and about platforms such as Snapchat and the sharing of data. Where is the confusion? Is it in the Government, or in the Chamber?
Lord Ashton of Hyde
I do not think I mentioned confusion. What we are talking about in the Bill is purely data protection. We are talking about the age at which children can consent to information society services handling their data. What I think the noble Baroness, and a lot of Peers in the House, are talking about is keeping children safe online, which is more than just protection of their personal data.
Baroness Kidron
I also apologise for interrupting but I have to support the noble Lord, Lord Knight. When I read out the list, I said that Instagram takes information such as your phone number, your birthday and who you are chatting with. That is data, so I come at this from a very clear position on children’s rights. I am very keen for children to be online. I agree with the noble Lord, Lord Knight, that we are beyond an age of consent, as he said on Second Reading. Consent is meaningless if you do not change the service on the other side of that consent. It is not simply about the bad things that happen. It is about abusing the entire data of a child when they are online. I hope that is helpful to put it back into scope of the Bill.
Lord Ashton of Hyde
There may be some confusion now. I am not saying that children’s data is not important or that data protection for children is not important: clearly they are. However, the internet safety strategy addresses an overall, comprehensive range of measures that is about more than just data protection. We want to have a comprehensive strategy, which I am going to come to, to talk about safety. Nobody in their right mind is saying that we should not protect children, not only on the domestic front but internationally, as the noble Baroness, Lady Jay, said. Let me continue and I am sure all will become clear. If it does not, I am sure that the noble Baroness and others will cross-question me. If I have misunderstood what the noble Lord, Lord Knight, is getting at, I will look at Hansard and get back to him. I am sure we will come to this again.
We have a clear plan of action to raise the level of safety online for all users, as set out in the internet safety strategy. We are consulting on a new code of practice for the providers of online social media platforms, as required by the Digital Economy Act. That will set best practice for platform providers in offering adequate online protection policies, including minimum standards. Approaching the problem in this way as a safety matter, rather than a data protection matter, ensures we can tackle the problem while avoiding a debate over whether we are compliant with the GDPR. The internet safety strategy also outlines the Government’s promotion of “Think safety first” for online services. This will aim to educate and encourage new start-ups and developers to ensure that safety and privacy are built into their products from the design phase. Examples of this type of approach include having robust reporting mechanisms for users. We are looking at whether extra considerations should be in place on devices that are registered as being used by a child.
It is essential that we take a careful and considered approach to affecting the design standard of online services. Making overly complex or demanding requirements may result in negative consequences. Let me explain why. Amendments 18 and 19 essentially offer website operators a stark choice. Websites will need to either invest in upgrading standards and design or withdraw their services for use by under-16s. This is dangerous for the following reasons.
First, it could cause a displacement effect where children move to less popular platforms that would potentially not comply with such requirements—the noble Baroness, Lady Jay, talked about foreign sites. It is often more difficult to monitor these services and to ensure they have the basic protections that we expect from more legitimate sites. Platforms comply either because they are responsible or because they believe that the regulator will take enforcement action against them. Platforms hosted overseas may not always comply, because to do so would reduce the volume of users and potential monetisation, and the risk of enforcement action may be low.
Secondly, it is likely that young people, particularly those who already use these sites, may lie about their age to circumvent restrictions. This could have negative consequences for the prosecution of online grooming and underage sex: teenagers would be vulnerable to the assumption that they are over 16; adults could use this as a defence for their conduct; and sites may not be as accountable for the content that children are exposed to. This is not an imaginary problem. There have been cases of acquittal at trial, where men have had sexual relations with underage girls after meeting them on sites for over-18s only, using their presence on the site as a defence for believing them to be adults.
Thirdly, circumvention may be sought through the use of mechanisms to anonymise—I am having a problem with my pronunciation too—the use of the internet. Young people may adopt anonymising tools such as VPNs to access non-UK versions of the sites. This would make it more difficult for law enforcement to investigate, should they be exploited or subject to crime.
Fourthly, there is already in place a variety of legislation to safeguard children. Any change brought in through this Bill would have potential ramifications for other statutes. Altering how children make use of online service providers would need to be carefully worked through with law enforcement agencies to ensure that it did not damage the effectiveness of safeguarding vulnerable people.
Fifthly, these amendments do not just apply to social media services. A broad range of online services would be affected by this proposal, from media players to commerce sites. The kinds of services that would be caught by this amendment include many that develop content specifically for young people, including educational materials, not to mention the wider impact on digital skills if children are forced offline.
I move on now to more practical considerations. I am concerned that the amendments as drafted, while an elegant proposal, could serve to create confusion about what sites have to do. We know that the GDPR will apply from 25 May, and I am not convinced that this will allow enough time for the commissioner to consult on the guidance, prepare it, agree it and lay it before Parliament, and for companies to be compliant with it. Online service providers will need to adhere to the new requirements from May 2018, and may have existing customers that the new provisions will apply to. They will need some time to make any necessary changes in advance. Even with the transition period available in the amendment, this would lead to considerable uncertainty and confusion from online services about the rules they will have to follow come May. This could result in the problems that I have already laid out.
Finally, the Information Commissioner has raised a technical point. These amendments would apply only where consent is the lawful basis for processing data. Children also have access to online services where the data controller relies on a contractual basis or vital interests to offer services, rather than reliance on consent. Therefore, the amendments may have less reach than seems to be envisaged and are likely to lead to confusion as to which services the requirements apply to.
In summary, in spite of our appreciation of the aims of these amendments, we have concerns. They may prove dangerous to the online safety of children and young people. Creating unnecessary and isolated requirements runs the risk of being counterproductive to other work in this space. There needs to be some serious and detailed discussion on this before any changes are made. Furthermore, the technical and legal drafting of the amendments remains in question.
There is no doubt that further work needs to be done in the online safety space to ensure the robust and sustainable protection of our children and young people online. We have demonstrated commitment to this through the work on the internet safety strategy and the Digital Economy Act. We are working on these issues as a matter of priority, but strongly believe that it is better to address them as a whole rather than pursue them through the narrow lens of data protection. We need to work collaboratively with a wide range of stakeholders to ensure that we get the right approach. The noble Baroness, Lady Kidron, for example, was among those who attended the parliamentarians’ round table on the internet safety strategy, which she mentioned, hosted by the Secretary of State last week. We are engaged on this issue and are not pursuing the work behind locked doors. These specific amendments, however, are not the right course of action to take at this time.
Lord Alton of Liverpool
My Lords, the Minister has just referred to the round table. He will recall that I mentioned in my remarks the issue of definitions and suicide sites that were raised during that round table last week. Can he tell the House any more about that?
Lord Ashton of Hyde
I was not at the round table, and I am afraid that I would require some notice to answer that question. I am certainly happy to write to the Committee about that. I had not forgotten; I just do not have an answer.
Given the arguments that I have laid out, I would like to reassure the House that this issue remains high priority. The noble Lord, Lord Knight, asked whether GOV.UK’s Verify site could be used for age verification. Verify confirms identity against records held by mobile phone companies, HM Passport Office, the DVLA and credit agencies, so it is not designed for use by children. We will continue to work with interested parties to improve internet safety, but in a coherent and systematic way. For the moment, and in anticipation of further discussions, I ask the noble Baroness to withdraw her amendment.
I now move to Amendment 20A from the noble Lords, Lord Stevenson and Lord Kennedy, on the requirement for a review of Clause 8. Again, the Government agree with the spirit of this amendment in ensuring that the legislation we are creating offers the protections that we desire. However, there are a few issues that we would like to address.
First, it is government practice to review and report in cases of new legislation like this. Bringing about a mandatory report in this case is therefore unnecessary. Furthermore, prescribing the specific content of such a report at this stage is counterproductive. This is especially true given the complex and wide-ranging nature of child online safety and the work being conducted by the Government in this space.
Secondly, on timings, as noble Lords are aware, we must comply with the GDPR from 25 May next year, by which time the Bill must be passed. I am concerned, therefore, that to require a review to be published within 12 months of the Bill passing would not leave sufficient time to produce a meaningful report. Companies need the time to bring in new mechanisms to be compliant with the regulation. For data to be created and collected, time must be given for the sites to be tested and used following the new regulations. This will allow for the comparison of robust data and that which will reflect other work around online safety, which is still being developed. For those reasons, I ask the noble Lords not to press their amendments.
Lord Stevenson of Balmacara
I do not think that the Minister answered the point made by my noble friend Lady Jay on extraterritoriality—a word that I know he will want to use. Also, before the noble Baroness, Lady Kidron, replies, the main thrust of the Minister’s points was that government action on a code and on the digital charter would take most of the issues away. He relied on that in terms of his main argument. But am I right in saying that the code that has been consulted on is voluntary and that there will be no statutory basis for the digital charter? I would be grateful if he could help us on those two points.
Lord Ashton of Hyde
I am happy to confirm those two points. On extraterritoriality, I agree with the noble Baroness that it is difficult to control. Commercial sites are easier—an example of which is gambling. We can control the payments, so if they are commercial and cannot pay people, they may well lose their attractiveness. Of course, the only way to solve this is through international agreement, and the Government are working on that. Part of my point is that, if you drive children away to sites located abroad, there is a risk in that. The big, well-known sites are by and large responsible. They may not do what we want, but they will work with the Government. That is the thrust of our argument. We are working with the well-known companies and, by and large, they act responsibly, even if they do not do exactly what we want. As I say, however, we are working on that. The noble Baroness is right to say that, if we drive children on to less responsible sites based in jurisdictions with less sensible and acceptable regimes, that is a problem.
Lord Knight of Weymouth
Could the Minister help me with any information he might have about when the GDPR was drawn up? It must have been envisaged when Article 8 was put together that some member states would go with something different—be it 13, 16, or whatever. The issue of foreign powers must have been thought about, as well as verifying age, parental consent, or the verification of parental identity to verify age. Article 8 just talks about having to have parental sign-off. These issues of verification and going off to foreign powers must have been thought about when the article was being put together in Europe. Does he have any advice on what they thought would be done about this problem?
Lord Ashton of Hyde
I cannot give the noble Lord chapter and verse on what the European bureaucrats were thinking when they produced the article, but age verification is not really the issue on this one, because it is extremely difficult to verify ages below 18 anyway. Although one can get a driving licence at 17, it is at the age of 18 when you can have a credit card. As I say, the issue here is not age verification—rather, it is about how, when we make things too onerous, that has the potential to drive people away on to other sites which take their responsibilities less seriously. That was the point I was trying to make.
Baroness Jay of Paddington
My Lords, the Minister was kind enough to respond to the point I sought to make about the extraterritorial nature of all this, which of course goes way beyond individual sites to corporate ownership, the issue that I am most concerned about. I am glad that the Government are having conversations with, or at least dealing with, what he describes as the most responsible players in this market. None the less, we are dealing with a global environment in which most countries, not just a few rogue countries, have a very different environment and understanding of the culture and nature of the regulation of broadcasting than we do in this country. We have had a very particular and sophisticated way of dealing with terrestrial broadcasting for several generations. The real problem lies in addressing how we can translate some of those values and regulatory formats into the global internet age.
Lord Ashton of Hyde
I take that point completely. So that I get it right, it would be best if I write to the noble Baroness about what we are doing. I am afraid that I cannot recall whether it is the G8, the G20 or whatever. Ownership is obviously a key point as well, so I will write to the noble Baroness on those points.
Lord Stevenson of Balmacara
My Lords, I am very sorry for interrupting the noble Lord, Lord McNally, as what he had to say was very apposite and appropriate. I thought at one stage that he was going to say that he had been around for the passing of the first reform Act as well as everything else he was talking about, but I must have misheard him.
This has been a good debate, which has tended to range rather widely, mainly because it is so important we get this right. I confidently expect the Minister to respond by saying that this is a very good idea but he lacks the power to be able to give any response one way or another because it lies in the hands of one of his noble friends. That of course is the problem here, that we have another linked issue. Whitehall is useless at trying to take a broader issue that arises in one area and apply it in another. Education seems to be one of the worst departments in that respect. I mean that, as it has come up time and again: good ideas about how we need to radicalise our curriculum never get implemented because there seems to be an innate inability in the department to go along with it. It may well be that the changes to the structure of education in recent years have something to do with that. It is good to see in the second line of this amendment that this would apply to “all children” irrespective of the type of school or type of organisational structure that school is in, so that it applies to everyone. We support that.
However, two worries remain that still need to be looked at very hard, and the noble Lord who just spoke was on the point here. Do we have the skills in the schools to teach to the level of understanding that we are talking about? I suspect that we do not. If so, what are we going to do about that? Thirdly, I suspect that our kids are way ahead of us on this. They have already moved across into a knowledge and understanding of this technology that we cannot possibly match. Teaching them to go back to basics, as has been the case in previous restructuring of the curriculum, is not the right way. We need a radical rethink of the overall curriculum, something which is urgent and pressing. It is raised, interestingly enough, in a number of publications that are now appearing around the industrial strategy. If we do not get this right, we will never have a strategy for our industries that will resolve all the issues we have with improving productivity. I hope the Minister will take this away.
Lord Ashton of Hyde
My Lords, I am grateful to the noble Lord, Lord Storey, whose long experience in education I acknowledge, and to all noble Lords who have contributed. I could not agree more about the importance of children and young people fully understanding how their data is collected, stored and used. That is why the Government have already taken steps to ensure that key aspects of data protection are taught in maintained schools. In 2014 we established a new and more rigorous national computing curriculum covering ages five to 16. It is compulsory in maintained schools in England and sets an ambitious benchmark that autonomous academies and free schools can use and improve on.
The new computing curriculum was developed by industry experts and includes safety, which helps to give children the tools that they need to make sensible choices online. I say to the noble Lord, Lord Puttnam, and my noble friend Lord Lucas that they were a bit pessimistic about what we are doing; we are certainly not doing nothing, as my noble friend implied. Children are taught how to use technology safely, respectfully and responsibly; how to recognise unacceptable behaviour; and how to report concerns about content and contact. Importantly, the curriculum also includes keeping personal information private and protecting their online identity and privacy, both of which are important parts of data protection. All schools can choose to teach children about data collection, storage and usage as part of these topics.
I also say to the noble Lord, Lord Puttnam, that the digital economy is actually not doing too badly; it is growing at twice the rate of the rest of the economy. The Government are spending to improve skills at all levels, including at PhD level, to prevent social exclusion. So we get the issues that he is talking about, and in my answer to the debate of the noble Baroness, Lady Lane-Fox, I outlined some of the things that we are doing.
Lord Puttnam
I accept entirely that the economic drivers for the digital economy are being handled quite well. I am suggesting that the societal end of that debate is not keeping pace with the commercial and that, if we allow too great a disconnect to occur between societal impacts and commercial success, we will reap a very unfortunate harvest. The Minister was good enough to see me last week, together with an official from the Department for Education. I am not pretending for a moment that nothing is being done, but I am suggesting that there is nothing like enough urgency in trying to correct the societal aspects of this issue.
Lord Ashton of Hyde
I take that point. I also understand the difference that the noble Baroness, Lady Lane-Fox, highlighted between digital skills and digital understanding, and we need to address that. One of the issues that the data ethics body is going to look at is how society deals with these technical problems, albeit that they are changing incredibly fast.
I have talked about younger pupils. Older pupils are also taught citizenship as part of the national curriculum. That equips pupils to take their place in society as active and responsible citizens, including providing them with the knowledge and skills that they need to think critically and to research and interrogate evidence. These vital skills help our children understand how their data can be used and why data protection is important.
Amendment 20 would require the Secretary of State for Education to make changes to the current maintained schools national curriculum, and would create new requirements for independent schools and academies. In our view, now is not the time to make further changes to these subjects. We need to allow schools to fully embed the new curriculum in order to provide a period of stability for schools so that they can focus on ensuring that pupils are taught this new curriculum well, including the new aspects on data protection.
Having said that, we are not complacent. We realise that companies’ use of data in the online world is increasingly complex and that we need to support children to understand that. The changes introduced in the Children and Social Work Act 2017 represent a step change in education on online safety. For the first time it will be compulsory for all primary-aged children at school in England to be taught relationships education, and all secondary-school children will be taught relationships and sex education. In addition, we will carefully consider whether also to make personal, social, health and economic education compulsory in all schools.
The noble Lord, Lord Knight, took my lines to a certain extent. I was going to confirm that the Department for Education confirmed today that it has begun its engagement with stakeholders. This is a point that has come up before: that will help it reach evidence-based decisions on the content. I can tell the noble Lord that the head teacher who is running it will advise the Department for Education on what will be included in relationships and sex education and PSHE, whether it should be compulsory and, if so, what content may be included. It will be live to online issues and include what children need to know to be safe online, beyond what is already in the computing curriculum.
The Government will ensure that these new compulsory subjects in England address the challenges experienced by young people online and are seeking views to work out exactly what this should cover and how best to do so. The Department for Education will support schools to ensure that content is pitched at the right level for each school year and builds knowledge as children grow up. Engagement and consultation will help us to get the detail right.
My department, DCMS, and the Department for Education are working together on the online safety aspects of these subjects. We will work with partners, including social media and technology companies, subject experts, law enforcement—
Baroness O'Neill of Bengarve (CB)
I thank the Minister for giving way. Is he suggesting that the aim should be to adapt children to the realities of the online world and the internet service providers, rather than to adapt the providers to the needs of children?
Lord Ashton of Hyde
I am not an expert on education, but I do not think that “adapting” children is a recognised educational aspiration. We are trying to make children aware of the issues involved in the online world. We all accept that they are technically skilful, but they may not have the maturity to make the right decisions at certain times in their lives. As I said, we are trying to pitch it so that, as children develop, they are introduced to different things along the way. I hope that that answers the noble Baroness.
We are working with social media and technology companies, subject experts, law enforcement, English schools and teaching bodies to ensure these subjects are up to date with how children and young people access content online and the risks they face. We will also consider how best to support schools in the delivery of these new subjects. It is important to note that education on data processing does not exist in a vacuum but is viewed as a part of a wider programme of digital learning being promoted to improve user awareness of online safety and build digital capability. As such, we think that legislation focusing solely on data processing would risk detracting from the broader issues being tackled.
I am grateful to noble Lords for their amendment: it has prompted an interesting debate and raised issues which have gone beyond data protection, on which of course we are concentrating in the Bill. I hope that I have reassured the noble Lord that the Government take the issue of educating young people seriously, particularly in data protection matters. Not only do they already feature in the curriculum but we are considering how we might strengthen this teaching as a key part of our wider online safety work. With that reassurance, I hope that the noble Lord will feel able to withdraw the amendment.
Lord Storey
I am very grateful for the Minister’s helpful reply and to noble Lords who have contributed to this debate. I do not particularly like the phrase “digital literacy”: I much prefer “digital understanding”. I always understood that the fourth “r” was religion, so perhaps, with a small “r”, this is a religion for some of these large tech companies.
I can accept everything the Minister said, with the exception of two points. He said that these things are happening in the maintained sector. However, over 70% of our secondary schools are no longer in the maintained sector and they can choose whether or not to follow the programmes that he has suggested. Free schools are also increasing in number and, again, they do not have to take any part in this activity if they do not want to.
I agree with the Minister that this is not a discrete package where you tick the box when you have done it. It has to be part of a wider programme which goes through all aspects of learning. I also agree with the noble Lord, Lord Stevenson, who raised the question of whether we have the skills in our schools. It is not just digital issues: we do not have teachers for A-level maths or physics but we do not stop doing maths or physics. This might ensure that we actually started training teachers to work in this area.
I am grateful for the Minister’s helpful reply and look forward to considering this again on Report. I beg leave to withdraw the amendment.