Read Bill Ministerial Extracts
Digital Economy Bill (First sitting) Debate
Full Debate: Read Full DebateLouise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)Department Debates - View all Louise Haigh's debates with the Cabinet Office
(8 years, 1 month ago)
Public Bill CommitteesQ That is now on the record. Does anyone else wish to declare an interest? No. Could the witnesses please introduce themselves for the record?
David Dyson: David Dyson. I am the CEO of Three UK.
Baroness Harding: Dido Harding, chief executive of TalkTalk.
Sean Williams: Sean Williams, chief strategy officer at BT Group.
Q Thank you for coming to give evidence today. May I start with you, Sean? First, do you think that 2020 and 10 megabits per second are sufficiently ambitious targets for the universal service obligation?
Sean Williams: Yes, I do. We have made clear our willingness to deliver 10 megabits to every premises in the country by the end of 2020 without any further public funding and without even really progressing the USO regulations. On the way to doing that, we will be building on the fact that by the end of next year we should have fibre broadband coverage to 95% of the country.
As we get towards 2020, we will be building further fibre networks, so we expect to be getting more than 24 megabits to 97% or 98% of the country, and then fixed broadband of 10 megabits to 99%. We think that the last 1% needs to be done by 4G and satellite. Although we think about the issue as getting 10 megabits by 2020, in our view the vast majority will actually be getting a lot more than 10 megabits by then.
Q Baroness Harding, should the USO not have been an open tender process? If it had been, would it not have been right for it to have gone to more than one contractor, given the differences between the problems in inner city areas and those in rural areas?
Baroness Harding: Yes, maybe. I presume that you refer to the BDUK process that has taken place. I am actually very supportive of a universal service obligation. I do not agree with Sean Williams that 10 megabits will be sufficient as we look forward; it is very dangerous to try to set that number through primary legislation because technology is moving so fast. I fear that the rural communities who are furious that they do not have 10 meg today will be furious that they do not have 1 gigabit in three or four years’ time. I think you should be more ambitious, otherwise the political problem will never go away.
In terms of how then to get value for money for any form of Government subsidy, taxpayers’ money or levy going towards the final few per cent., I agree with the premise of your question. The more competition there is, the better, and it is a huge shame that there was none in the last process. To be fair to the Government of the time, I do not think that was because of how it was designed. The good news is that the market has changed quite a lot since then, and there are now a number of quite small providers building proper fibre-to-the-premises 1 gig services in rural areas, such as Gigaclear. I would be much more hopeful that, looking forward, it will be possible to design a process that is not reliant on one large incumbent.
Q As you know, I represent a very rural constituency. I support what has happened; it is clearly far better than it was five years ago. However, what happens if no USO provider is willing to come forward to deal with the last 500 houses in the Devizes constituency? What should happen then?
Welcome to this session of the Digital Economy Bill Committee. We will now hear oral evidence from Sky, Virgin Media and Vodafone. We will finish this session at 10.30 am. The time is very tight. May I ask the witnesses to identify themselves?
Paul Morris: I am Paul Morris, head of government affairs and sustainability at Vodafone.
Daniel Butler: I am Dan Butler, head of public affairs and policy at Virgin Media.
David Wheeldon: I am David Wheeldon, group director of policy and public affairs at Sky.
Q I will start with the question that I asked the last panel. Do you think that 10 megabits per second by 2020 is ambitious enough?
David Wheeldon: That is a very hard question to answer. The flexibility within the Bill for the universal service obligation threshold to change makes sense, in order to address the likely customer needs. Our view—we have said it very publicly—is that we have to be much more ambitious in terms of connectivity in this country.
We would like to see ubiquitous fibre to the premise, and we believe ultimately that the economy is going to depend on that. The USO will be a useful interim measure until we can get there, but one might hope that, over time, a USO will not be necessary if we have full connectivity across the country.
Q Are you saying fibre to 100% of premises?
David Wheeldon: Eventually, that is the ambition we should aim for.
Q How would that be achievable?
David Wheeldon: We believe there is an opportunity to create the right market structure to bring a lot more investment into the industry. We are being held back at the moment by relying on the copper network. There is an argument we have made, as you know, about Ofcom’s communications review with regard to the structure of Openreach. That is not directly relevant to this Bill, but ultimately, as far as the USO is concerned, it makes a lot of sense to be able to set a threshold that you may want to vary over time.
Daniel Butler: Virgin Media’s starting point is to ask what the purpose of a USO is and what it is designed to achieve. The definition is quite clear: it is to underpin a series of activities that produce some economic and social externalities that are to the broader benefit of society. Ofcom defines those as email, web browsing, maybe a little bit of video streaming and maybe some IP voice. Its use case for a four-person household is that 10 megabits is sufficient to enable all those activities to happen simultaneously.
We view 10 megabits as appropriate for that definition of a universal service obligation. We think that more bandwidth-intensive activities, such as HD streaming and real-time gaming, have a looser connection to the underlying principles of a universal service obligation, because the benefits of those types of activity are primarily to the individual, not to society as a whole, so why should they be subsidised?
I will make one final point, which is that the debate around future-proofing the USO lacks one crucial bit of analysis. Bandwidth requirements might increase over time, but so too does the sophistication of networks in processing higher bandwidth applications. Video streaming is a case in point. When video streaming became ubiquitous, companies started investing in better video compression, and as a result video compression rates have halved every seven years. Networks are getting better at dealing with higher bandwidth applications.
Q Why should we be limiting ourselves to something that is barely sufficient now? What changes could we see in the Bill that would give us anything like the connectivity that Mr Wheeldon just mentioned?
Paul Morris: You have to make sure that the USO does not get in the way of future ambition. We have to think about how we move from what we have today, which is largely a copper and fibre mix, with the exception of Virgin. We still have telephone lines running broadband, essentially; as David says, we have to move on and be more ambitious. The point is to make sure that the USO does not get in the way of that ambition to do better and to use fibre for homes and businesses. We should make sure that the smaller networks have an option to be involved in the USO, and, if they have the ambition, that they know that a USO provider is not going to over-build them.
There is lots to be done outside the legislation, and clearly we do not need to repeat the mistakes of BDUK. We need to know where the assets are, who can do the work and where the green cabinets are. It needs to make sense and we need to have some kind of register. We need a practical approach and money needs to follow results—not the other way round, which was the other issue with BDUK. We can learn from some issues from the past, and we need to make sure that this USO does not get in the way of what we need to do next, which is to have much more fibre in the ground across the whole country.
Q I represent a fairly rural constituency and I was interested to know what would happen if no USO provider came forward to do the right thing. What should happen in that case? How will the Government be able to mandate that provision?
Daniel Butler: We are not convinced that that situation will arise. What Mr Williams from BT just outlined was that BT was willing to enter into a legal obligation in which it would be the national provider for a universal service obligation. That is how it works today under the fixed telephony USO. Up to a relatively high cost threshold, BT is not allowed to pick and choose which areas and premises it connects and which it does not; it has a legal obligation to fulfil. The model does not need to radically change as we move to a broadband USO.
Paul Morris: Basically, you have to remember that most of these premises will have a telephone line—although not all, I grant you. That is a good start. It is about how we use what is already there well, and how we upgrade it.
We will now hear evidence from Which? and the Countryside Alliance. We have until 11 am for this session. Would the witnesses please introduce themselves for the record?
James Legge: I am James Legge, and I am head of political at the Countryside Alliance.
Pete Moorey: I am Pete Moorey, and I am head of campaigns at Which?
Q Should this Bill not contain a USO for mobile coverage?
James Legge: Yes, we think that it should.
Q What should that USO be?
James Legge: I think that a minimum at the moment should probably be about 3G but, a little like the USO for broadband, we need to be a bit more ambitious. We also have to realise that there is a big infrastructure problem for about 50% of rural premises. The infrastructure is not there to carry more than 10 megabits per second, and for one in five premises it will not carry more than 5 megabits. So there is not only the level at which the USO is set to begin with, but also the issue of upgrading infrastructure.
Q Do you think that there is potential for the USO to actually limit the investment for infrastructure in the future?
James Legge: It is important that it is seen in addition to the Government’s ambition to deliver superfast broadband at—at the moment—a speed of 24 megabits to 90% to 95% of premises. In my opinion it should really be seen as a safety net, as opposed to a situation in which we say, “Well, we’ve reached 10 megabits, we can leave it there.” If you take into consideration that universal access in the EU is being set at 30 megabits by 2020, and Sweden is looking at 100 megabits in the same timeframe, where we are is good but we have a way to go yet.
Pete Moorey: There is clearly a big issue in terms of mobile coverage. You may have seen the research we did with OpenSignal last week which pointed to the fact that in many parts of the country you can get access to a 4G signal only 50% of the time, while in London it is 70% of the time. Obviously, that is way behind countries such as the US and Canada where it is 80% of the time, and countries such as South Korea and Japan where it is 90% of the time. We have not specifically taken a position on a USO for mobile, but it is definitely something that needs consideration.
The other issue here is around what mobile operators themselves are doing with customers when they are in the phone shop and choosing a package. This includes the information that operators are providing to customers about the signal that they can expect, and indeed the opportunity that customers have to be able to get out of the contract when they are unable to get a signal.
Q What could the Bill do to achieve the level of investment in infrastructure that is necessary? Is separation of BT from Openreach absolutely vital for this?
Pete Moorey: We are satisfied with the position that Ofcom is taking on Openreach at this stage. One area where we are more concerned is around the way that Ofcom is seeking to regulate the standards for Openreach. We think there is a danger that actually regulators are not often well placed to do that and, as they set very prescriptive rules that operators have to achieve, operators are driven by those rules rather than good consumer outcomes. We would like to see Ofcom flip the way that they are looking at the new standards for Openreach and ensure that they are much more focused around consumer outcomes. That would drive the business to achieve against those measures rather than a set of prescriptive standards, which Openreach or others can say that they have achieved but actually has not resulted in a better service for customers.
Q Mike, to what extent do you think the Government have achieved their stated objective of open policy making by default?
Mike Bracken: I do not have a strong opinion on that. You would have to ask the person responsible overall for policy in Government or the Minister responsible.
Q Do the proposals on Government data sharing give you assurance that the Government have sufficiently considered safeguards on privacy, personal data and criteria for data sharing and time limitations?
Mike Bracken: In short, no. The sentiment behind many aspects of the Bill is to be applauded. The Co-op is a big supporter of open data and we see it as the catalyst of a digital economy. There are many complicated issues in this space, privacy and security being highest among them. While we applaud the sentiments of the Bill, there is much detail in the operational management of how data can and should be shared around Government Departments.
While we, of course, are looking for our members’ interests in accessing open sets of public data, it is not yet clear that the current sharing agreements of data within Government are appropriate and it would appear that the move away from open registers of data may hamper the appropriate levels of sharing data in Government. It also may be the case that the friction that our members and members of society feel in dealing with duplicate sets of data, inconsistent sets of data and so on, which lead to substantial problems in accessing Government and their services, may not be improved by the current sharing policies as set out.
Q Do you think it is a backward step in public trust in Government data handling?
Mike Bracken: We think the Bill is a positive forward step in terms of the sentiment behind it—
Q But in terms of public trust in Government data handling?
Mike Bracken: I could not comment on that. The sentiment of the Bill overall is a positive one, but there is not enough detail on the sharing arrangements within Government and within Government Departments.
Q Jeni, my first two questions to you, please.
Jeni Tennison: I agree with much of what Mike has said. The important thing for securing public trust in the measures in the Bill is to have them clearly communicated to the public. Currently, the way they are written is quite complicated and it is quite hard to understand what they really mean.
It is also hard to understand the measures in the Bill in the context of the existing data-sharing agreements in the public sector. We would like to see a lot more transparency around what existing measures there are within Government for data sharing and how the Bill fits with those existing measures so that people can really get to grips with the way in which data are flowing through Government.
Mike Bracken: May I add to that? I completely support what Jeni has said. The issue is that, while we agree that making services and data better and easier to access—the current sharing arrangements are opaque at best—we question the sentiment behind widening those sharing arrangements when they are currently not fully understood. It would appear that that sentiment is driven more by the operational structures of Whitehall and Government agencies than by the needs of users accessing that data.
Q Jeni, do you mind giving us some specific examples that I can explain to my constituents about where increased use of data sharing can help their lives, and where public services can be improved, especially for those who are more vulnerable and benefit from public services? Where will data sharing help them to get the right policies to them?
Jeni Tennison: I tend to work in the open data area rather than around data sharing so many of the examples I tend to use are around data that are openly available for anyone to access using Share. The example I tend to use, which helps people to get to grips with it, is Citymapper, which makes data available to us to enable us to navigate around cities very easily.
When you look at the public sector and the kind of decisions it needs to make, such as planning decisions about where to place schools or transport links, where to put more infrastructure, such as physical infrastructure like mobile masts, for example, you can see that having better access to data about people’s needs—who they are and what their requirements are—might enable it to make better decisions about where those facilities are needed.
Q Thangam Debbonaire: This is for Jeni Tennison about the evidence in the Open Rights Group’s submission. In points 37 and 38 in your objections to the definition of pornographic material, you objected to the inclusion of all 18 materials.
I am sorry. I mixed you up with someone else. I withdraw my question.
Q And in terms of the data measures to tackle fraud?
Jeni Tennison: I have not looked at the detail of the individual measures for those kinds of benefits.
Q Is the point not that these benefits cannot be achieved unless the risks are tackled head-on, which is exactly what happened with the care.data issue in the last Parliament? That health data could not be shared because the public did not trust the Government or insurers with that risk. I worked in insurance at the time and that came as quite a blow. Is the point not that the Government need to take on the issues around transparency and trust in this Committee? Mike, on your point about data access, do you think Government are currently geared up to allow that, rather than bulk data sharing?
Mike Bracken: “Government” is a very broad organisation. There are promising moves around registers of data and around reinstating an address register. I do not know quite where that is now. There was a promising move but that now seems to be a little on the backburner—I am not sure. The point is that that question needs to be asked to 20-plus Government Departments and more than 300 agencies and non-departmental public bodies, each of which has a different answer. It is hard to summarise where “government” is at any one point without any open standards between those and without any clear framework under which Government data are already being shared.
Order. That brings us to the end of the time allotted to the Committee to ask questions. On behalf of the Committee, I thank the witnesses for their evidence.
Digital Economy Bill (Second sitting) Debate
Full Debate: Read Full DebateLouise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)Department Debates - View all Louise Haigh's debates with the Cabinet Office
(8 years, 1 month ago)
Public Bill CommitteesQ 83 For this session we have until 2.45 pm. Will the witnesses please introduce themselves for the record?
David Austin: My name is David Austin. I am the chief executive of the British Board of Film Classification.
Alan Wardle: I am Alan Wardle, head of policy and public affairs at the National Society for the Prevention of Cruelty to Children.
Q David, am I right in interpreting the amendments that the Government tabled last night as meaning that you are intended to be the age verification regulator?
David Austin: That is correct. We reached heads of agreement with the Government last week to take on stages 1 to 3 of the regulation.
Q Are you sufficiently resourced to take on that role?
David Austin: We will be, yes. We have plenty of time to gear up, and we will have sufficient resource.
Q Will it involve a levy on the porn industry?
David Austin: It will involve the Government paying us the money to do the job on our usual not-for-profit basis.
Q What risks do you envisage in people handing over their personal data to the pornographic industry?
David Austin: Privacy is one of the most important things to get right in relation to this regime. As a regulator, we are not interested in identity at all. The only thing that we are interested in is age, and the only thing that a porn website should be interested in is age. The simple question that should be returned to the pornographic website or app is, “Is this person 18 or over?” The answer should be either yes or no. No other personal details are necessary.
We should bear in mind that this is not a new system. Age verification already exists, and we have experience of it in our work with the mobile network operators, where it works quite effectively—you can age verify your mobile phone, for example. It is also worth bearing in mind that an entire industry is developing around improving age verification. Research conducted by a UK adult company in relation to age verification on their online content shows that the public is becoming much more accepting of age verification.
Back in July 2015, for example, this company found that more than 50% of users were deterred when they were asked to age verify. As of September, so just a few weeks ago, that figure had gone down to 2.3%. It is established technology, it is getting better and people are getting used to it, but you are absolutely right that privacy is paramount.
Q Are you suggesting that it will literally just be a question—“Is the user aged 18?”—and their ticking a box to say yes or no? How else could you disaggregate identity from age verification?
David Austin: There are a number of third-party organisations. I have experience with mobile phones. When you take out a mobile phone contract, the adult filters are automatically turned on and the BBFC’s role is to regulate what content goes in front of or behind the adult filters. If you want to access adult content—and it is not just pornography; it could be depictions of self-harm or the promotion of other things that are inappropriate for children—you can go to your operator, such as EE, O2 or Vodafone, with proof that you are 18 or over. It is then on the record that that phone is age verified. That phone can then be used in other contexts to access content.
Q But how can that be disaggregated from identity? That person’s personal data is associated with that phone and is still going to be part of the contract.
David Austin: It is known by the mobile network operator, but beyond that it does not need to be known at all.
Q And is that the only form of age verification that you have so far looked into?
David Austin: The only form of age verification that we, as the BBFC, have experience of is age verification on mobile phones, but there are other methods and there are new methods coming on line. The Digital Policy Alliance, which I believe had a meeting here yesterday to demonstrate new types of age verification, is working on a number of initiatives.
Q May I say what great comfort it is to know that the BBFC will be involved in the regulatory role? It suggests that this will move in the right direction. We all feel very strongly that the Bill is a brilliant step in the right direction: things that were considered inconceivable four or five years ago can now be debated and legislated for.
The fundamental question for me comes down to enforcement. We know that it is difficult to enforce anything against offshore content providers; that is why in the original campaign we went for internet service providers that were British companies, for whom enforcement could work. What reassurance can you give us that enforcement, if you have the role of enforcement, could be carried out against foreign entities? Would it not be more appropriate to have a mandatory take-down regime if we found that a company was breaking British law by not asking for age verification, as defined in the Bill?
David Austin: The BBFC heads of agreement with the Government does not cover enforcement. We made clear that we would not be prepared to enforce the legislation in clauses 20 and 21 as they currently stand. Our role is focused much more on notification; we think we can use the notification process and get some quite significant results.
We would notify any commercially-operated pornographic website or app if we found them acting in contravention of the law and ask them to comply. We believe that some will and some, probably, will not, so as a second backstop we would then be able to contact and notify payment providers and ancillary service providers and request that they withdraw services from those pornographic websites. So it is a two-tier process.
We have indications from some major players in the adult industry that they want to comply—PornHub, for instance, is on record on the BBC News as having said that it is prepared to comply. But you are quite right that there will still be gaps in the regime, I imagine, after we have been through the notification process, no matter how much we can achieve that way, so the power to fine is essentially the only real power the regulator will have, whoever the regulator is for stage 4.
For UK-based websites and apps, that is fine, but it would be extremely challenging for any UK regulator to pursue foreign-based websites or apps through a foreign jurisdiction to uphold a UK law. So we suggested, in our submission of evidence to the consultation back in the spring, that ISP blocking ought to be part of the regulator’s arsenal. We think that that would be effective.
Q Yes. Given that there is a big problem that is hard to tackle and complicated, I was just trying to get a feel for how much of the problem you think, with your expertise and the Bill, we can fix.
David Austin: We can fix a great deal of the problem. We cannot fix everything. The Bill is not a panacea but it can achieve a great deal, and we believe we can achieve a great deal working as the regulator for stages 1 to 3.
Q My question follows on neatly from that. While I am sure that the regulation will tackle those top 50 sites, it obviously comes nowhere near tackling the problems that Mr Wardle outlined, and the crimes, such as grooming, that can flow from those problems. There was a lot of discussion on Second Reading about peer-to-peer and social media sites that you have called “ancillary”. No regulation in the world is going to stop that. Surely, the most important way to tackle that is compulsory sex education at school.
Alan Wardle: Yes. In terms of online safety, a whole range of things are needed and a whole lot of players. This will help the problem. We would agree and want to work with BBFC about a proportionality test and identifying where the biggest risks are to children, and for that to be developing. That is not the only solution.
Yes, we believe that statutory personal, social and health education and sexual relationships education is an important part of that. Giving parents the skills and understanding of how to keep their children safe is also really important. But there is a role for industry. Any time I have a conversation with an MP or parliamentarian about this and they have a child in their lives—whether their own, or nieces or nephews—we quickly come to the point that it is a bit of a nightmare. They say, “We try our best to keep our children safe but there is so much, we don’t know who they are speaking to” and all the rest of it.
How do we ensure that when children are online they are as safe as they are when offline? Of course, things happen in the real world as well and no solution is going to be perfect. Just as, in terms of content, we would not let a seven-year-old walk into the multiplex and say, “Here is ‘Finding Nemo’ over here and here is hard core porn—off you go.”
We need to build those protections in online so we know what children are seeing and to whom they speaking and also skilling up children themselves through school and helping parents. But we believe the industry has an important part to play in Government, in terms of regulating and ensuring that spaces where children are online are as safe as they can be.
Q To follow on from the Minister’s question, you feel you are able to tackle roughly the top 50 most visited sites. Is there a danger that you then replace those with the next top 50 that are perhaps less regulated and less co-operative? How might we deal with that particular problem, if it exists?
David Austin: When I said “the top 50”, I was talking in terms of the statistics showing that 70% of people go to the top 50. We would start with the top 50 and work our way through those, but we would not stop there. We would look to get new data every quarter, for example. As you say, sites will come in and out of popularity. We will keep up to date and focus on those most popular sites for children.
We would also create something that we have, again, done with the mobile operators. We would create an ability for members of the public—a parent, for example—to contact us about a particular website if that is concerning them. If an organisation such as the NSPCC is getting information about a particular website or app that is causing problems in terms of under-age access, we would take a look at that as well. In creating this proportionality test what we must not do is be as explicit as to say that we will look only at the top 50.
First, that is not what we would do. Secondly, we do not want anyone to think, “Okay, we don’t need to worry about the regulator because we are not on their radar screen.” It is very important to keep up to date with what are the most popular sites and, therefore, the most effective in dealing with under-age regulation, dealing with complaints from members of the public and organisations such as the NSPCC.
Alan Wardle: I think that is why the enforcement part is so important as well, so that people know that if they do not put these mechanisms in place there will be fines and enforcement notices, the flow of money will be stopped and, crucially, there is that backstop power to block if they do not operate as we think they should in this country. The enforcement mechanisms are really important to ensure that the BBFC can do their job properly and people are not just slipping from one place to the next.
Q We have roughly 45 minutes for this group of witnesses, if necessary. Will the witnesses please introduce themselves?
Dr Whitley: My name is Dr Edgar Whitley. I am an academic at the London School of Economics. Of particular importance for this session is the fact that I am the co-chair of the privacy and consumer advisory group of the Government Digital Service.
Scott Coates: Good afternoon. My name is Scott Coates and I am the CEO of the Wireless Infrastructure Group, an independent British wireless infrastructure company that builds and operates communication towers and fibre networks.
Q In your written evidence, Mr Coates, you talked about the need for greater diversity in the ownership of mobile infrastructure. Does the Bill go far enough on that?
Scott Coates: We welcome the measures in the Bill to improve the speed at which infrastructure can be deployed and to improve the economics of deploying the infrastructure. It is critical to understand that there are different ways of deploying infrastructure. There are different ownership models, for which the Bill could have different impacts. When I say “infrastructure”, I mean the kind of mobile and fixed infrastructure that you see in the field, whether that is cables, ducts, cabinets or communication tower facilities.
There are two different types of owners of those types of infrastructure. First, the vertically integrated players are effectively building and operating that infrastructure for their own networks, primarily, and their business case is based on their economic use of that infrastructure. Secondly, you have a growing pool of independent infrastructure companies, of which we are one. We are very different from the traditional, vertically integrated players in that we are investing in infrastructure not for our own network, but to provide access, on a shared basis, to all other networks.
Q What are the current proportions for ownership?
Scott Coates: If I talk about mobile infrastructure, around a third of the UK’s communications towers—of which we think there are around 27,000 in the UK—are independently operated. It is really interesting that, globally, there has been a very firm shift over the past decade towards more independent operation of such upstream digital infrastructure.
Currently, more than 60% of all communication towers globally are held in an entity separate from the networks that use them. In countries such as India or the US, that figure is somewhere between 80% and 90%. There are real benefits that flow from the independent ownership of infrastructure. We are trying to do more in the UK, but the UK currently lags behind in the global statistics I mentioned.
Q Does the Bill do anything to address that?
Scott Coates: One of the things that we acknowledge and welcome in the Bill is that it is very clear about maintaining investment incentives—not just for the vertically integrated players, but for the independent infrastructure players such as ourselves—
Q It will not do anything to address the proportion, will it? It will only entrench the division already there.
Scott Coates: I do not think that the Bill does anything to encourage more independent infrastructure. The Government’s policy position at the moment is very clear: they want to maintain investment incentives for independent infrastructure. To achieve clarity on this requires that the Bill is worded very carefully.
When we deploy our tariff facilities and infrastructure on or adjacent to land, as things are now one of the definitions of UK land often covers things that sit on that land. One of the potential risks is that if the activities we engage in and the facilities that we deploy are not carefully carved out, they risk being treated as land. Under the new valuations principles in the communications code, that potentially risks giving them no value or low value, which would obviously be devastating to investment appetite. The consequence of that would be further concentration of infrastructure ownership in the hands of the larger, vertically integrated players who have different incentives from us when they approach this.
Q So there is potential for this to get worse, but what could be done to actually encourage more independently owned infrastructure?
Scott Coates: We would like to see a carve-out that is as clear as possible for the activities that we are engaged in. We would like to see it made absolutely clear that the communications code, which is a compulsory purchase tool to bring land into the telecoms sector, does not drift beyond that focus and risk entering into what is really Ofcom’s territory, which is to govern the relationships between telecoms companies.
Q Dr Whitley, if I may jump to part 5 of the Bill, we heard earlier that there were concerns that the Government have not taken sufficiently into account safeguards around privacy and personal data. Do you think that this strikes the right balance between open policy-making and privacy?
Dr Whitley: My main concern with part 5 is that the detail is just not there. The codes of practice that one would expect to have there, which would give the details about how privacy might be protected, are not present. We have been involved with the privacy and consumer advisory group. As far as I can tell, we had our first meeting with the team who were developing these proposals back in July 2013. We said from the very beginning that we want detail, because when we have specific details we can give advice and suggestions and review it, but we have never had that level of specific detail.
Q So the proposals do not reflect at all the three years of consultation that have taken place?
Dr Whitley: Obviously, that is reflected in some parts of the proposals, but we asked for more details specifically on how privacy will be protected regarding the data-sharing proposals, and that is still not there.
Q Should that detail be in primary legislation?
Dr Whitley: Whether it is in primary legislation or in codes of practice, my personal view is that you need a certain level of detail to be able to make an informed decision. Otherwise there will be some vague position of, “We will share some data with other people within Government. Trust us, because we are going to develop some codes of practice that will be consulted on and will then be put in front of Parliament. There will be protections and it will all be fine”. We are saying that there are lots of different ways of doing that. The earlier you give us at least a first attempt at those details, the better we can improve it.
Q In that period of consultation, was the detail around transparency never discussed?
Dr Whitley: It depends. There has been talk along the lines of there being codes of practice and liaison with the Information Commissioner’s Office, so at a very high level there has obviously been some discussion. But at the very specific level—for example, the civil registration clauses talk both about allowing a yes/no check around whether there is a birth certificate associated with a family, while on the other hand there will be bulk data sharing within Government so that different Departments can know stuff and possibly make things better for society.
One half of that seems to be quite specific, and you can see how it could well be designed as a simple “Does a birth certificate exist for this person?” and the answer is yes or no. The privacy protections around that are reasonably well known and not very much data is being shared. Then the other illustration just says, “we will share these data with other bits of Government” and there is nothing there about what kind of privacy protections might be put in place. There are many different ways in which that can be done, but until we have some specific details, we cannot give you sensible reviews as to whether that is a good or not so good way of doing it.
Q Mr Coates, what role should wireless technologies play in achieving the universal service obligation?
Scott Coates: There is no doubt that for the last 5%, maybe a greater proportion than that, wireless technologies have a significant role to play. Six of the seven trials run by the Department for Culture, Media and Sport earlier this year were of a wireless-based structure. I think there is a role for it. It is also interesting, as you look beyond 10 megabits to the future when universal service means something far more substantial than that, that a new disruptive technology is coming.
Everyone is talking about 5G; it does not really exist at this stage, but we know it is going to be ultra-high bandwidth, ultra-low latency, with the potential to be a disruptive technology and replace fixed line to the home. Some countries around the world that have not had the wave of fixed line technology roll-out will be moving straight to wireless as their domestic broadband service.
Q Once we work that out, which I am confident we will, where are the opportunities? Where is the up side? Where is the positive stuff coming out of this? How can Government be better as a result of this? I am always an optimist.
Dr Whitley: Done right, there are fantastic opportunities. Government is digitising. The GDS has got lots of experience about how to manage and handle and do attributes checking, which is what most of this is. There are definitely opportunities and the skills, but somehow something has gone wrong with regard to these proposals.
It is not as if the proposals have been rushed through in the past few minutes. We have been looking at these and asking for more details since July 2013 and we are still here without even a resemblance of a code of practice. Part 5 has six codes of practice that need to be developed and none of them is here. Yes, please, but some detail. I am academic; I want to see the detail.
Q As you say, it is an enormous shift in terms of data sharing within Government. Clause 29 would allow personal data on citizens to be shared if there is a
“contribution made by them to society”
or wellbeing to be gained. That basically covers anything, doesn’t it? Why have the Government not produced even a draft code of practice at this stage? How can we possibly be expected to vote on this while plainly placing blind faith in the Government?
Dr Whitley: You are basically saying what I was going to say. If you compare the comprehensive replies that Mr Coates has been able to give, talking about very specific details, with the vague “we don’t know anything” comments that I have made, you see that it is a real problem and also an issue for more general scrutiny of technological issues. If you do not have details about the different mobile phone frequencies that you are talking about, you cannot make detailed policy. Yet when it comes to data sharing, there is a sense that it will all work out in the end because we have the right people to do it.
Q How would you advise the Government to achieve that code of practice?
Dr Whitley: We have consistently said—the Privacy and Consumer Advisory Group particularly, because we have this existing relationship with Government, but civil society and experts more generally—that we are more than happy to engage. We have repeatedly said, “Give us some detail. Don’t just come and talk about high-level stuff. Give us the detail and we will give you detailed comments to improve the process.”
That has worked very well in relation to the Verify scheme; that is privacy friendly and has a lot of support from the kinds of people who are very concerned about privacy. So the expertise is there and the working relationships are there. Give us an opportunity to help; we want to. It is just that we need something to work on.
Thank you very much to Mr Coates and Dr Whitley for some excellent evidence. We are very grateful. We will now move on to our next set of witnesses.
Examination of Witnesses
Jim Killock and Renate Samson gave evidence.
Q I will pick up where we left off, if that is okay. You were both involved in the consultation process for part 5 of the Bill. Did the proposals come as a surprise to you? Do they make sense to you as data experts?
Renate Samson: No, they do not make very much sense, if I am honest. As I said, we were a member of the open policy making process and we also submitted to the consultation. I am genuinely surprised that after a two-year process, all of a sudden it felt very rushed. There were conversations and meetings happening right up to the Queen’s Speech; there was still a general lack of clarity, particularly on safeguards, and many questions were still being asked, such as how, why, when and so on. The next thing we knew, it was in the Queen’s Speech and the Bill was published.
Reading through part 5—and I have read through it a lot and scratched my head a great deal, mainly for the reasons given in evidence earlier today—you see that the codes of practice, which would explain an awful lot of what we imagine is meant or may not be meant, just have not been published. I have repeatedly asked for them and been given various expected dates, and we are sitting here today without them but with the Bill already having been laid before Parliament.
We have also done a lot of work on the Investigatory Powers Bill, for which the codes of practice were there right from the start. There was clarity as to what was intended and what was going to be legislated for, straight up. So, I am profoundly disappointed, because data sharing and digital government are hugely important and we seem to be very far away after a very long process.
Jim Killock: It is worth considering why the open policy making process was put in place. Data sharing is known to be potentially controversial. It was knocked out of at least one previous Bill a few years back when proposed by Labour because of the lack of privacy safeguards. Everyone understood that something more solid was needed. Then the Cabinet Office was very keen to ensure it did not raise hackles, that it got the privacy and the safeguards right, that trust was in place. It was therefore a surprise, after that intense process, to get something back that lacked the safeguards everybody had been saying were needed.
We are particularly concerned not only about the lack of codes of practice, but the fact that a lot of these things should be in the Bill. Codes of practice are going to develop over years. We need to know about things like sunsetting, for instance—that these things are brought to a close, that you do not just have zombie data sharing arrangements in place, where everyone has half-forgotten about them and then suddenly they are revived. You need to have Parliament involved in the specifics.
As we have heard, data sharing has a huge range of possibilities, starting with the benign and the relatively uncontroversial: statistics and understanding what is happening to society and Government policy, where privacy is relatively easy to protect. You use the data once, you do the research and that is it. It ranges from that through to the very intrusive: profiling families for particular policy goals might be legitimate, but it also might be highly discriminatory. Getting to the specifics is important.
You need the safeguards in place to say, “These are the kinds of things we will be bringing back; these are the purposes that we may or may not share data for.” That way, you know there is a process in place. At the moment, it feels like once this has passed, the gate is opened and it is not necessarily for Parliament to scrutinise further.
Q We talked earlier about the bulk transfer and bulk sharing of data, and an earlier witness talked about providing data access, rather than data sharing. Should the Government not be pursuing trials on that basis, rather than these enormous powers without any kind of assurances to the public or parliamentarians about how they will be using them?
Renate Samson: It was very specific at the end of the open policy making process that, for example—put the bulk to one side for a moment—but regarding the fraud and debt aspect of the Bill, it had been agreed that three-year pilot projects would take place with subsequent review and scrutiny potentially by the OPM or by another group. They are in the Bill as a piece of legislation with the Minister deciding whether or not it is okay and potentially asking other groups, which are not defined. That is half an answer to half your question. Pilots are an excellent idea if they are pilots, not immediate legislation.
With regards to the bulk powers in the Bill, civil registration documents were a late addition. We are still not clear as to their purpose. The purpose given in the consultation to the OPM process, but also in the background documents relating to the Bill, is a whole mix of different reasons, none of which, I would argue, are clear and compelling or, indeed, necessary and proportionate. But again, as you have heard a lot today, without detail, how can we properly answer your question?
Jim Killock: I have a quick observation on this. We currently have a data protection framework. The European Union is revising its data protection laws; they are somewhat tougher, which is quite a good thing, but we do not know what the future of data protection legislation is in the UK. It might be the same or it might be entirely different in a few years’ time.
That is a very good reason for ensuring that privacy safeguards are quite specific and quite high in some of these sensitive areas, because we do not know whether the more general rules can be relied on and whether they are going to be the same. That is not to say that we do not need higher safeguards in any case here, because you are not dealing with a consent regime. People have to use Government and Government have to look at the data, so it is not a mutual agreement between people; you have to have higher safeguards around that.
Q My questions are directed at Mr Killock and relate to paragraphs 37 and 38 of your submission, “Definition of pornographic material”. We heard earlier that both the NSPCC and the British Board of Film Classification support a provision to require ISPs to block websites that are non-compliant. There was also discussion of widening the scope to apply the restrictions to other harmful material that we would not allow children access to in the offline world. Here, you seem to be questioning the value of that:
“This extension of the definition…also raises questions as to why violent—but not sexual—materials rated as 18 should then be accessible online.”
I also question this consistency but the solution, to me, seems to be that we should include other material, such as violent material and pro-anorexic websites, as we talked about earlier. Will you tell us a bit more about what your objection is to creating a framework to keep children as safe online as they are offline?
Jim Killock: We have no objection; it is a laudable aim and something we should all be trying to do. The question is, what is effective and what will work and not impinge on people’s general rights? As soon as you look a little beyond pornography, you are talking about much more clear speech issues.
There will be a need to look at any given website and make a judgment about whether it should or should not be legally accessed by various people. That starts needing things like legal processes to be valid. Some of the things you are talking about are things that might not be viewed by anybody, potentially. The problem with all these systems is that they just do not work like that. They are working on bulk numbers of websites, potentially tens of thousands, all automatically identified, as a general rule, when people are trying to restrict this information. That poses a lot of problems.
I also query what is the measure of success here. Because I feel, I suspect, that the number of teenagers accessing pornography will probably not be greatly affected by these measures. There is more of an argument that small numbers of children who are, perhaps, under 12 may be less likely to stumble on pornographic material, but I doubt that the number of teenage boys, for instance, accessing pornographic material will be materially changed. If that is the case, what is the measure of success here? What harm is really being reduced? I just feel that, probably, these are rather expensive and difficult policies which are likely to have impacts on adults. People are saying it is not likely to affect them, but I rather suspect it might, and for what gain?
Q Paul, the Government have delayed by a year outlining their digital strategy. Could you give the Ministers a hand here? What would you like to see in a digital industrial strategy?
Paul Nowak: There are a number of points in the Bill where we think there are positive steps forward: things like the universal service obligation. I am happy to talk about some of those points. The missed opportunity for us is really getting a handle on what the emerging digital economy means for working people. Tomorrow, we will have the outcome of the court decision on Uber. That is just one example of where changing technology potentially affects working people’s lives. We believe there should be a proper framework and employment law should properly reflect the change in the world of work. The point was made by a number of MPs on Second Reading that the Bill missed a trick in terms of that new framework of rights and responsibilities for people who work.
Q What would that framework look like?
Paul Nowak: It would tackle issues around, for example, employment status. We have this curious interface between the new, emerging digital economy and what I would characterise as some old-fashioned exploitative employment practices. It is great that we can all order new goods and services online via eBay, but often the person who delivers that package will be working so-called to an app and they will be so-called self-employed, driving their own vehicle and with no rights to paid holidays, maternity or paternity leave and so on.
So a framework of laws that is fit for the digital age. It is welcome that the Government have announced that Matthew Taylor will be looking at some of these issues, but I would have thought that for a Digital Economy Bill there is a gap in the Bill itself.
Q Has the TUC been consulted on that by the Government?
Paul Nowak: We have had no engagement in terms of the process I described with Matthew Taylor and, as far as I am aware, we have had no input in terms of the Bill and the thinking around what a decent framework of employment rights will look like to respond to that emerging digital economy.
Q What about the digital skills gap—where could the Bill go further there?
Paul Nowak: That is not something that we have looked at particularly, but I think it goes without saying that the need for digital skills will go well beyond those core digital industries. The proof of the pudding will be in the eating. We are pleased that the Government are now talking about industrial strategy, and we think that the digital economy should play a key role at the heart of that industrial strategy. It is not just about digital industries themselves; it is about how those digital industries can support jobs in our manufacturing, engineering and creative industries, but you need to make sure that people have the skills—not just at one moment in time, but ongoing skills throughout their working lives—to enable them to adapt to the changing world of work. For example, one of the things that we have pushed heavily through our Unionlearn arm is equipping people with those skills, but making the case that people should have access to careers advice and guidance all the way through their working lives rather than just at the point at which they leave school, college or university.
Q Sarah and Chris, I do not know whether you were here for the earlier sessions, but we have heard quite a few concerns about the data-sharing proposals in part 5 of the Bill. Do you share the concerns about the lack of privacy safeguards in those proposals?
Sarah Gold: I do. There are quite a few pieces of information missing that I would like to see in the Bill to protect individuals’ privacy. I think I heard Jeni Tennison talk earlier about openness and transparency, and I agree with her that one of the major pieces that is missing from the Bill is transparency about how people’s information will be used.
For me, this is also a missed opportunity to talk about consent, which is increasingly becoming a design issue, not necessarily just one of policy. That means making sure that there are steps in place to ensure that people understand how their data will be used, by whom, for how long and for what purpose. That is really important, because currently, the only models of consent we seem to default to are terms and conditions, and I have to ask the Committee: when was the last time any of you read or understood a set of terms and conditions?
Q Claire Perry brought up the poor standards in the private sector earlier. Presumably you agree that the Bill misses an opportunity to deal with consent for the private sector’s use of data as well.
Sarah Gold: It does, because I think the Government should set best standards on this. There is a real opportunity to do that, and I cannot see that on the face of the Bill.
Chris Taggart: I broadly agree. There was a comment in one of the submissions that despite this being a Digital Economy Bill, it felt like it was from almost 10 years ago. We have the ability to treat data in a much more granular way—dealing with permissions, rights and so on; having things selectively anonymised; having things almost time-boxed, and so on. It struck me that it felt like the Bill was using the broad brush of how we used to exchange data 10 years ago. That seemed like a missed opportunity, particularly given that what we are talking about here is Government to Government. While it is very difficult for the private sector—or even between the Government and the private sector—to come up with some of those solutions, when you are talking essentially about one organisation, particularly one where there is the ability to legislate that everything should happen in the right way, it seems to be a missed opportunity.
I was asked a couple of years ago to be on the Tax Transparency Sector Board, which talked about opening up some of the tax data. Of course, pretty much no data were actually opened up, but some of the discussions were interesting. For example, the Bill talks a lot about individuals, which is absolutely right—I believe that we have innate human rights—but from a tax point of view, individuals and companies are exactly the same thing. There is no difference. HMRC was saying, “Hey, look, whatever we think and whatever we would like to do, we have no ability to treat individuals and companies as the same.” The idea of allowing companies to tick a box and say, “Yes, we’d like our tax to be reported and to be open about it,” or saying, “These offenders will be treated differently if they are corporate offenders,” for example—many countries do report tax offences by companies—was not even possible because of the underlying legislation. There is a sense that that sort of attitude slightly pervades some of this. Again, I am extremely in favour of the Government being more effective and efficient and using information sharing for that, but I would like the Bill to be as good as it possibly can be.
Finally, there are little things—I used to be a journalist but now I am a full-time geek—such as what is being reported? What things have been shared? How are those organisations being identified? The Government do not even have a coherent way of identifying Government Departments or non-departmental public bodies. Those sorts of things. There is a lot more that could be done to make this a genuinely effective Bill.
Q Mr Taggart, you mentioned something about its feeling like it is 10 years out of date. I want to bring us bang up to date by chucking in a Brexit question. Is there anything that the three of you could very quickly add to the discussion about what might need to be in the Bill given that we are now in Brexit? Brexit has implications for the digital economy, about which I am sure you know more than me.
Chris Taggart: I will try to be brief. One is to do with policy aspects of what happens. I believe you are hearing from the Information Commissioner later. What happens to data protection in a post-EU UK? From our perspective, the UK has generally taken a slightly different perspective on data protection from the information commissioners in some other countries and is generally taking things like public interest into account and treating paid-for and free information the same, which we welcome. We have some concerns about the general data protection regulations because of that sort of stuff and some of the stuff that is coming from the EU. There are some potential benefits, but there are also some downsides about whether people’s rights will be defended. I think the digital economy becomes much, much more important, and my position here is as an advocate of open data and the potential for open data in driving a thriving digital economy. As a digital entrepreneur, I think we are missing some significant opportunities for that. If you were to sit down today and do a digital economy Bill with the knowledge that in a couple of years we perhaps would not be part of the EU, I think we would be doing something quite different.
Paul Nowak: May I pick up the point about post-Brexit? I think there is growing political consensus that one of the implications of the decision on 23 June is that we need to think seriously about how we invest in our national infrastructure. For the TUC that goes beyond Heathrow, Hinkley, High Speed Rail. It talks to issues around, for example, high-speed broadband. It is about thinking about how this Bill would interface with, for example, announcements that might come in the autumn statement about investment in high-speed broadband. I note that the Chair of the Committee talked about the interface between rail and high-speed broadband, which is something that should be borne in mind. Again, valid points were made on Second Reading about requirements for developers to incorporate high-speed broadband into new housing developments, which is absolutely essential. I reiterate the point I made earlier about seeing this in the context of the wider approach to industrial strategy and how the digital economy can support other parts of the economy that are going to be even more important as we move forward post-Brexit.
Sarah Gold: For me, particularly looking at privacy, security and personal data, it is about the age of some of the language used in the Bill. Even talking about data sharing feels to me like the wrong language. We should be talking about data access. Data sharing suggests duplication of databases, with data being slopped around different Departments, whereas data access suggests accessing minimum data via APIs or by using the canonical Government registers, which is an excellent project that is not mentioned in the Bill but should be.
Q Thinking about algorithms beyond the workplace, we know that Uber, for example, will charge more if your battery is low. Having worked for an insurer before I was elected, I know that the amount of data that is available to insurers to set prices would make your hair curl. How much transparency should there be around the algorithms that companies use to set prices, while protecting the intellectual property of those algorithms?
Chris Taggart: That is a fantastic question, and it comes to the heart of our ability to understand our world and influence it. I take quite strong, almost like democratic first principles with this: you need to be able to understand the world and have the ability to understand the world, and then to be able to influence it. That is what democracy is about. If we do not understand the world—if we do not understand that we are being given this particular news story in this particular way; that we are being given this particular price; that we are being influenced to walk down this street rather than that street in order to do this—then we really do not have that possibility. A question that is not asked often enough but that is starting to be asked more in academic circles is: what are the algorithms on which our lives depend? If we do not understand that we are being driven by algorithms, still less what those algorithms are, how do we have agency? How do we have free will, if you like? I think it is a really important question.
I think that increasingly we will see that we need transparency around that, and that with transparency there is always the ability for there to be negative downsides. You could argue that, by having courts open, people can just walk in off the street and see that this person over there is being prosecuted; some neighbour, or whatever. But if we are not starting to ask those sorts of questions and staring to come up with some informed answers, we will be in a world where we have lost the ability to ask those sorts of questions.
Paul Nowak: I am not particularly well versed in this area, but I suppose that it is a little bit like the terms and conditions question. You could provide so much transparency that it would give the illusion of people being informed, and I think what you want to do is to allow people to understand what are the potential implications of those algorithms. So, if you are using Uber you know that if there is a spike in demand or a lack of supply, you are likely to pay more, and what the implications of that might be, and what the parameters of that are. I do not think that means that Uber needs to make all of its software open source—frankly, that would mean nothing to me—but I want to know when I get in what the fair contractual exchange is between me and the company that is providing the service.
Sarah Gold: I am very well versed in this area but I have very little time to talk about it, which is very frustrating. However, I think that looking at how individuals can question algorithms is very important; I agree with both of your comments. Particularly in GDPR, there is a clear piece that is about people being able to question automated decisions that are made about them.
As a design problem, that is really fascinating. For instance, if you think about when you buy flights on browsers, I think that everyone has probably seen that when you go back to book the flight again, your IP address has been tracked, you are a cookie, and so you see the same flight booked for—it costs you more. So you go into kind of incognito mode to check that.
What I am quite interested in at the moment is that sort of incognito testing of algorithms, so that you can see how your inputs might change an output. In the context of Uber and insurance, I am very interested in this emergence of insurance for, say, a single day of driving or for a particular route, and being insured—say, it costs you far more to go down the M1 than just the A1. And you should be able to understand why that decision has been made about you, because it has a significant consequence for your life.
However, that comes down to the quality of the training data, too, and that comes back to some of the terms of the Bill—we should be working towards greater data minimisation, I think, and also the ability for people to be able to audit not only those data, to correct those when they go wrong, but to provide an audit of data access. While it may not mean everything to all of us, because not all of us are developers, I think that for those individuals who are able to scrutinise the code and check for digital rights management or security vulnerabilities, or biases in data sets, that information is really crucial, because it is those individuals who are our greatest defence against data misuse or fraud.
Thank you very much indeed; that is a high note on which to conclude. I thank our three witnesses for your evidence. We may now release you and we will call our final two witnesses for the afternoon to come forward.
Examination of Witnesses
Professor Sir Charles Bean and Hetan Shah gave evidence.
Welcome to our two final witnesses today; I am sure you will keep us on our toes in our final session. Could you please introduce yourselves for the record?
Hetan Shah: I am Hetan Shah, Executive Director of the Royal Statistical Society.
Professor Sir Charles Bean: Charlie Bean, London School of Economics and soon to be Office for Budget Responsibility.
Q We have heard from witnesses today about a lot of the negatives and potential pitfalls of data sharing across Government. I have nothing against the Government’s intentions here, but do you share the concerns of previous witnesses about the lack of safeguards for privacy in part 5 of the Bill?
Professor Sir Charles Bean: You will have to excuse me; since I was not here for your earlier discussions, I am obviously not aware of what earlier witnesses have said and what their reservations are. My interest obviously is in the use of the information for statistical purposes. It is important that there is a clear and well understood framework that governs that, and there clearly need to be limitations around it.
I have to say that I think the current version of the Bill strikes a reasonably sensible balance, but there are bits that will clearly need to be filled in. The Office for National Statistics will need to spell out a set of principles that govern the way it will access administrative data, and so forth.
Q Do you think there is any framework in part 5 around the sharing of data?
Professor Sir Charles Bean: Sorry—
You said you are satisfied that it strikes the right balance. Do you believe there is any framework in terms of the principles for data sharing in part 5?
Professor Sir Charles Bean: By “appropriate balance”, I mean in terms of the statistical authority having in-principle access to the administrative data that it needs to do its work, subject to certain limitations.
Q Do you believe there should be transparency for—
Professor Sir Charles Bean: I certainly believe in transparency. I am a big fan of transparency. Anyone who has worked at the Bank of England would like transparency.
Hetan Shah: May I come in and build on this? Privacy is absolutely critical to maintaining public trust, and in a sense we think the Bill has missed a trick here. On the research side, the framework is embedded on the face of the Bill. In our view, the ONS has a very good track record—it has maintained 200 years of census data, it has the best transparency, it publishes all the usage of the data and it has already criminalised the proceedings of misuse of data—but that has not been put on the face of the Bill. A tremendous amount could be done to reassure by taking what is already good practice and putting it on the face of the Bill, and I think that will answer the issue for the statistics and research purposes.
Q My full question was not, “Do you believe in transparency?” It was going to be: do you believe in transparency in terms of how citizens’ data will be shared with the Government and between Government agencies? That principle, as you say, is not only not on the face of the Bill but not anywhere in the Bill. We have been asked by the Government to rely on codes of practice that have not even been drafted yet.
Professor Sir Charles Bean: I agree that transparency about the principles that will govern sharing of information makes a lot of sense.
Q As you say, Mr Shah, for Government data sharing to work requires public trust, and digital government and the use of your statistics absolutely requires trust that the Government will handle data with due purpose and cause.
Hetan Shah: Another thing is that the UK Statistics Authority is directly accountable to Parliament, not the Government. That actually makes the statistics and research strand more accountable compared with other parts of the Bill. I remind you of that, which is very important.
Q I would be interested if you could explain and put on the record some of the consequences you see of having this Bill and the underlying secondary legislation on the statute book. What impact will that have on the areas in which you are experts?
Professor Sir Charles Bean: The key thing is that it greatly improves the gateways that enable the Office for National Statistics to use administrative data—tax data and the like—in the construction of official economic statistics. We are well off the pace compared with many other countries. Scandinavian countries, Canada, the Irish and the Dutch make very heavy reliance on administrative data and only use surveys to fill in the gaps. Here, the Office for National Statistics is essentially an organisation that turns the handle, sending out 1.5 million paper forms a year and processing those. Essentially, you are acquiring the same information again that you have already got in some other part of the public sector, where the information is being collected for other purposes.
The key gains here I see as twofold. First, because you access something close to the universe of the sample population rather than just a subset, which would normally be the case with a survey, you potentially get more accurate information. It is potentially also more timely, which for economic policy purposes is important.
The other side of the coin is that by enabling you to cut back on the number of surveys you do, there is a cost gain, which I should say would probably not mainly be a gain to the ONS, because they have to do the processing of the administrative data, but a gain to the businesses and households who are currently spending time filling in forms that they would not need to do if more use was made of administrative data.
Q Mr Shah, you keep mentioning access to data, but the problem we heard earlier is that the Bill talks not about access to data but about data sharing, which implies duplication. We should really be moving towards data minimisation. Do you think that the language of the Bill should reflect access to data, rather than data sharing?
Hetan Shah: My view is that for the clauses on statistics and research the Bill is pretty clear that it is about data access.
Q It discusses the transfer of data. It does not talk about your accessing data. It does not mention the technology through which you would do it. There are no codes of practice alongside how it would happen. It is very broad and explicitly talks about data sharing in certain areas.
Hetan Shah: I think I said this earlier, but in case I was not clear I shall repeat it. For statistical and research purposes, statisticians and researchers are interested only in aggregates; they are not interested in us as individuals. It is a key point that the relevant clauses are quite different from some of the other parts of the Bill. Others have indicated in their evidence that this area should be seen as slightly different.
It is also worth noting that there are safeguards that have been tried and tested over many years. There is the security surrounding the data—the ONS will not even let me into the vault where they hold the data. You need to be accredited and to sign something saying that you will not misuse the data. If you do, you will go to jail. The trick that has been missed has been not saying all that, because it is almost assumed that that is how the ONS works. My suggestion is that if you want to strengthen that part of the Bill, you should just lay out the safeguards that are already common practice in the ONS.
Q Thank you both for setting out some very factual and helpful arguments as to why the provisions are a good thing, particularly when it comes to aggregate statistics. I was struck by a quote in your report published in March, Professor Sir Charles. You mentioned the
“cumbersome nature of the present legal framework”,
which the Bill will clearly help to solve, and you also said that there was a
“cultural reluctance on the part of some departments and officials to data sharing”
and, in many ways, to working together, as we know from experience. How do we solve that problem and get Departments to realise how helpful some of these datasets might be?
Professor Sir Charles Bean: A key thing about the Bill is that it shifts the onus of presumption. There is a presumption of access unless there is a good reason not to comply or explain, if you like, as opposed to the current arrangement, which is that the data owner has the data and you say, “Can you please let us have a look at it?” There is civil service caution. I was a civil servant very early on in my career, so I am aware of how civil servants think. Inevitably, you are always worried about something going wrong or being misused or whatever. That plays into this, as well.
In the review I said there are really three elements and I think they are mutually reinforcing. There is the current legal framework, which is not as conducive as it could be; there is this innate caution on the part of some civil service Departments, or even perhaps on the part of their Ministers on occasion; and then the ONS has not been as pushy as it might have been. It is partly that if you know it is very difficult to get in—people are not very co-operative at the other end and the legal frameworks are very cumbersome—you are less inclined to put the effort in, and you think, “Oh, well, let’s just use the surveys, as we’ve always done.” So I think you need to act on the three things together, but they are potentially mutually reinforcing if you get the change right.
Hetan Shah: This is one area where I think the Bill could be strengthened. At the moment, the ONS has the right to request data; similarly, the researchers have the right to request data. The Department can still say, “No”, and in a sense the only comeback is that there is a sort of name-and-shame element of, “Parliament will note this”, as it were. My worry, given the cultural problems that have been seen in the past, is that that may not be enough. So why do we not do what Canada does? It just says, “The ONS requests”, and the Department gives.
Digital Economy Bill (Third sitting) Debate
Full Debate: Read Full DebateLouise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)Department Debates - View all Louise Haigh's debates with the Cabinet Office
(8 years, 1 month ago)
Public Bill CommitteesWe will hear oral evidence first from StepChange, Citizens Advice and Dr Jerry Fishenden from the Cabinet Office’s privacy and consumer advisory group. Before I call Louise Haigh to ask the first question, I remind all hon. Members that questions should be limited to matters within the scope of the Bill and that we must stick to the timings in the programme motion that the Committee agreed to. For this session, we have until 12 o’clock. Will the witnesses please introduce themselves for the record?
Peter Tutton: Hello everybody. My name is Peter Tutton and I am from StepChange Debt Charity.
Dr Fishenden: Good morning. My name is Jerry Fishenden. I am a technologist working with private and public sector clients. Today, I am here in my capacity as co-chair of the Cabinet Office’s privacy and consumer advisory group.
Alistair Chisholm: Hello. My name is Alistair Chisholm and I am here from Citizens Advice.
Q 214 I will start with part 5 and ask about debt collection. My questions are particularly aimed at StepChange and Citizens Advice. What concerns do you have about the principles of public authority debt collectors when dealing with their creditees?
Peter Tutton: Sorry, did you say local authorities?
No, just the public sector.
Peter Tutton: We recently did a poll of our clients and asked them which of the different types of creditor they face treats them the most unfairly. Our clients are all people in heavy financial difficulty; they are really struggling and under pressure. Of the top five creditors that treated them the most unfairly, four were Government Departments or agents collecting Government debt.
We are concerned that the way in which public debt is collected is not subject to the same sort of oversight and scrutiny as private sector debt. Organisations from banks to payday lenders are part of a regulated sector that still has problems, but those problems can be addressed. In the public sector, we do not see the same kind of control and oversight, or even any sense of regulation about how that should be done. As a result, we see a lot of problems, with the sort of debt collection practices that we might have seen 20 years ago from banks now coming from the collection of public debt.
Q Can you give us an example of those kinds of problems?
Peter Tutton: With central Government debt, it will be things such as persistent aggressive phone calls; old debts suddenly popping up with no explanation; and people trying to arrange affordable payment, getting short shrift and being told, “Pay this or else.” With local government debts, bailiffs are used and there is a lack of any kind of mechanism to make affordable, sustainable payments, which are at the core of what people need.
Our clients typically have six debts. They are often in difficulty because they have lost their job or become ill, and they need a period to recover control of their finances. We need creditors to show some forbearance and help people to make affordable, sustainable repayments. When that happens, about 60% of people say that their finances start to recover straight away. When that does not happen, none say that.
If people get shouted at and told to pay money they cannot afford, they actually go and borrow somewhere else—about a third of our clients went to a payday lender when they received an aggressive payment demand that they could not afford—or they do not pay another bill. The financial chaos continues, and gets worse and worse.
Alistair Chisholm: There is a particular issue around the way in which debts can be disputed. There is a difference between the way in which that is dealt with in the public sector and in the private sector. I certainly agree that the Government need to apply to their own collection activities the standards and protections they have asked financial, energy and water services to offer to consumers. The Bill is an opportunity to make that change and, if they do, sharing data can be helpful.
We see a lot of cases in which bad data sharing has a wasteful effect on Government and a detrimental effect on our clients. For example, in a survey of our advisers last year, 55% of them had seen more than one case the previous 12 months in which a debt was sent to a bailiff but in which the debtor’s council tax benefit had actually not been processed. It is a common, systemic problem that bits of Government do not use their own data to try to resolve people’s problems. That is an opportunity for the Government, but there are big risks.
Take the recent debacle with Concentrix and Her Majesty’s Revenue and Customs, in which the Government were using credit reference data and, it seems to me, tracing data to find people who were guilty of cohabiting. They were accusing those people of having a tax credit debt and it turned out they were not guilty of that at all. If mistakes like that are ricocheting around public sector debt collectors, the detriment could be much worse. For this power to work we need a shift in the way the Government collect debt. It needs to be allied with the best practices in the private sector, particularly—
Q Sorry, but what precisely could the Bill do to address that?
Alistair Chisholm: The Bill says that people who are sharing data should “have regard to” a statement of good practice, but we do not have that statement of good practice and “have regard to” does not seem to me to be very forceful. There are three particular things I think would help to change Government debt collection so they could use data sharing more safely. They could set affordable payments in the way the private sector does; the Government could introduce the standard financial statement that the banks, energy and water companies and the advice sector are going to be using from March next year. They could introduce fair dispute resolution; if the debt is reasonably disputed, stop collecting it until the complaint is investigated. Banks are not allowed to collect it then but public sector creditors routinely do it.
Finally, the big shift we have seen in commercial credit in recent years is the decision to place the legitimate interests of the consumer at the centre of debt collection activities, which means to help them rather than to have an unnecessary adversarial relationship. So, fair payments, fair disputes and being helpful could transform debt collection from being aggressive, adversarial and often wasteful to being helpful and to helping people to rehabilitate themselves.
Q Dr Fishenden, if we can move on to you in relation to part 5, specifically the measures on data sharing. Do the proposals reassure you that the Government have given sufficient consideration to privacy, data security and data ethics?
Dr Fishenden: The policy intent is clear and I suspect you will not hear much disagreement with that. The consultation did not find that either; people were broadly in agreement. The measures described in part 5 are fairly general and vague. There is a lot of reference to the codes of practice, which have still not have appeared.
In general, given that it is about seven years since the previous data sharing proposals were withdrawn for being too wide-ranging and vague and for work to be done on them to make them more specific and build in protections and controls, I am quite surprised that we are back with a Bill that seems aspirationally in the right place but that has none of the detail that allows us to check the sort of security, data protection and controls that will be needed.
There is not even any definition in the Bill of what data sharing means, which gives me a problem. Some people seem to assume it means people copying data around, and I guess that is implied in the bulk data provisions—it seems to imply movement of data between parties. Good cyber-security practice would be to leave the data with their original owner, who can gate access to those data or, as I described in my written submission, can confirm aspects of them.
A specific example could be applying for a blue badge. All that is needed to process that claim is to confirm with the DVLA that a person is a registered driver, that they have a legitimate driving licence and that they own the vehicle for which they are applying for the blue badge; to know from the DWP that they are registered disabled; and the local authority undertaking that process needs to check that person is a resident. There is not actually a flow of data going on there; it is merely a process whereby, to get a blue badge, you confirm the person is disabled, is a registered driver and is living within the local authority boundaries.
I find it quite surprising that the Bill does not have a definition of what data sharing is, either legally or technically. In the absence of the codes of practice, it is very hard to know what it actually means.
Q In your experience, is it unusual for the Government not to have published at least draft codes of practice alongside legislation of this nature?
Dr Fishenden: I would have assumed that they would be drafted in concert with the Bill, because to test the provisions in the Bill, you would need to run them back past the codes of practice to check that the two work together. I am a bit confused about why they have not appeared, because I cannot see how the Bill would have been drafted without them.
Q I have a question for Mr Chisholm. I put on record my thanks to your organisation for the wonderful work that it does in my constituency—and in everyone else’s, I am sure—in helping some of the more vulnerable people in society. It is a fantastic organisation. We hear a lot about the big picture of how technology can help people and make their lives better, but you guys are at the coalface, helping vulnerable people. Will you explain how some of the measures in the Bill on data sharing are going to make your life easier and deliver tangible benefits to vulnerable people?
Alistair Chisholm: As I said before, there are definitely cases in which the Government or local authorities do not use their own data to help people when they could. For example, when somebody is paying their magistrate’s fine directly from their benefits, sometimes the benefits change, so the flow is disrupted and the payments stop.
We often see cases in which somebody then has a bailiff at their door and they are threatened with imprisonment when, in fact, they want to pay. The Government actually know that there has been a temporary interruption to their benefits, or that somebody is shifting from jobseeker’s allowance to employment and support allowance. If those data were joined up—obviously in a way that protected consumers as they need to be protected—the debt would continue to be paid, the problem would not be escalated, and the person would have a stable financial arrangement that enables them to meet their obligations. There are opportunities like that.
It is really important to say that it is now time for the Government to do what they have asked the private sector to do in the way they collect data. They need to adapt their systems so that payments are affordable and debts can be reasonably disputed, and so that people are helped.
Q I have a final question. We have touched, in previous evidence hearings, on the nature of consent and individual knowledge about data sharing. What are the challenges with using consent-based data-sharing models? Do you accept that there is a necessity for data sharing to be used for the benefit of particular vulnerable groups in society without the need for consent?
Elizabeth Denham: The provision in part 5—the kind of data sharing that is envisioned—is not a consent regime. In many cases, citizens do not have a choice. There is one provider and the data need to be shared for good public interest purposes. Consent is not a silver bullet.
If, as is the case here, you are not using consent as a basis for sharing information, the other obligations rise. The need for transparency, safeguards, parliamentary scrutiny and independent oversight are even more important when you are not relying on consent. Those other obligations need to be strengthened.
Q Apologies for my brief absence from the Committee. Ms Denham, do you believe that the proposals in part 5 comply with the EU’s general data protection regulation?
Elizabeth Denham: There may be some challenges between the provisions and the GDPR. Obviously the GDPR will come into effect in 2018 unless we leave Europe before that date. There are some new controls for individuals that are built into the GDPR. There would be a need to carefully review the provisions of this Bill against the GDPR to ensure that individuals could have the right to be forgotten, for example, so that they could ask for the deletion of certain types of data, as long as that was not integral to a service. That is one example.
Steve Wood: To build on those points, the GDPR will strengthen the rights of individuals, particularly in the area of transparency that the commissioner has mentioned already. Article 12 talks about the importance of clear and accessible information to individuals. This Bill will need to operate alongside the GDPR’s enhanced and strong requirements to make sure that the key concepts in that legislation are upheld. The other key concepts we take from European data protection more generally are the those of necessity and proportionality, which is where there will be some important areas to measure the intention of the Bill against the GDPR.
Q We have heard your concerns about the draft codes of practice, which I also find very concerning. Of course, we do not know because we have not seen any draft codes of practice. Would you advise Members to vote on Government powers of that nature without seeing such draft codes of practice? Who else should be consulted on such codes before they are made law?
Elizabeth Denham: We have seen some of the draft codes of practice, and we have been making comments, but I think it would be preferable for Parliament to review all the codes of practice so that they can see and discuss the entire framework before the passage of the Bill. The codes are an important part of the framework.
Q To follow up on that, do you believe that we ought to see the draft codes of practice prior to consideration of these parts of the Bill in Committee?
Elizabeth Denham: That is my view, yes.
Q In your first speech as Information Commissioner you made much of the need for businesses to establish trust in relation to data sharing, with which I obviously completely agree. Do you think this Bill could have done more to put safeguards around data sharing in the commercial space?
Elizabeth Denham: Again, I think that trust and transparency go hand in hand. Part 5 is about Government data sharing and sharing with Government providers, so the focus there needs to be on transparency and trust. All Governments are really struggling with this issue, especially in the face of new technologies. How can you make transparency easy and understandable? We have just issued a privacy notice code of practice, which we introduced last Friday. What would help this Bill is if there was a reference to following our privacy notice code of practice, which again is across the public and the private sector and would lend more trust among the public.
Q The UK is one of the most advanced digital economies in the world, yet we heard from witnesses on Tuesday that, in terms of Government data sharing, we are well behind the curve, well behind other countries—that is partly because they are probably more focused on the opportunities. Does this Bill, in your experience, bring us more in line with the best practice you are seeing in other countries?
Elizabeth Denham: I think the approach that the UK is taking in this Bill is a responsible approach. My recommendations are to up the safeguards and improve the transparency. Breaking down the data sharing by type, function and purpose of data is a good way forward. There are some draconian data-sharing regimes in other parts of the world, which are concerning to data protection commissioners. I generally think that the approach here is right, but there could still be some strengthening of the Bill. That would go a long way to assuring more public trust and therefore more buy-in and participation in the digital economy and digital services.
Louise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)(8 years, 1 month ago)
Public Bill CommitteesI welcome the opportunity as a new boy in the Bill Committee process to go first. This is the first time I have spoken in this place with my jacket off.
We support the universal service obligation and think it is a positive move, but one of our concerns is the lack of detail on it. The document put out by the Government last week was welcome and provided more context. However, something that is continually missing when talking about speed is that speed is about not just download but upload. We are trying to make that more explicit. The amendment is a small word change, but it is required as we start to recognise what broadband and connectivity is all about. It is more than just the headline speed at which we can download at certain times of the day.
I rise to support amendment 83, which stands in the name of my hon. Friend the Member for Cardiff West and I, and amendment 56, tabled by the hon. Member for Berwickshire, Roxburgh and Selkirk.
All members of the Committee agree that we must do everything we can to ensure that individuals have access to superfast and, soon, ultrafast broadband. It is not only important but, in an ever more connected age, an absolute necessity for both businesses and residences. That is why we support the Government’s tacit aim to designate broadband effectively as a utility in the same way that water and energy are classed as a must-have in the modern world.
We will speak later about our concerns about the universal service obligation, but broadly we believe that there is coalition of support for a much more ambitious USO. That is why we were pleased to hear that the USO can be amended in secondary legislation later when it becomes outdated. However, I fear that, by the time it is introduced, it will already be becoming seriously outdated and, indeed, by 2020, it may feel like a relic of a bygone age when superfast and ultrafast broadband, even in rural areas, will be readily accessible. That is the subject of our new clause, which we will consider shortly.
On amendment 56, it is absolutely right to specify upload and download in the Bill. As we have seen all too often, businesses and residences see a particular speed advertised with no correlation between what they can download and upload. For someone with a business and working from home, accessing online services and transferring files to them can take a lot of time if the upload speed is not up to scratch. That is an obvious cost to businesses. It is not merely an irritant, but a loss in pounds and pence, and in productivity to the UK economy.
There is no mention in the Bill of upload speeds in the USO. That leads to a broader problem of lack of ambition throughout the Bill. Factors such as distance from the telephone exchange and other considerations such as old household wiring can slow down speed. That is why the USO, although welcome, will seem extraordinarily dated in just half a decade, when the roll-out of the USO will have been completed and there will be little appetite for providers or the Government to return to those hard-to-reach places for some time.
On tackling upload and download speeds, we would have preferred the USO to be under the superfast designations from the beginning. An example of the impact of superfast roll-out on one small business demonstrates this perfectly. Within the first year of having superfast broadband, the business reported a 30% increase in sales. We should be ambitious for our small businesses. Instead, this USO potentially condemns them to distinctly average speeds for a decade.
Amendment 83 is a probing amendment to test the Government’s ambition, which certainly needs to be tested throughout the Bill. It is based on a simple principle. We are at the start of a digital revolution that will transform how we work and how we communicate and interact with one another. Access to water and electricity in the home bookmarked our evolution to a more civilised society, so the essentials of the modern era should be similarly guaranteed. The Bill does that in part for broadband and we strongly believe it should cement further ways to roll out universal or near universal coverage for mobile communication.
We broadly support the changes to clause 2 and the amendments to the electronic communications code. Assisting mobile network operators in some of the challenges facing them is obviously important. That includes access to land and knocking down some of the absurd hurdles they must jump through to make what most people would consider sensible adjustments to infrastructure to update existing technology with little visual impact.
The Bill contains changes to a highly complex piece of legislation, which the industry has been seeking to change for some time. Indeed, the Law Commission commented that the legislation is not one of Parliament’s finest efforts. We recognise that. It clearly is not. However, although simplification and amendments to the code are important, there can be little doubt that mobile network operators will receive a substantial boon. That is why this amendment is so important and it is puzzling that the Government did not include it.
Evidence to the Committee suggested that the Bill could reduce the cost of site rental for mobile network operators, which make up a substantial portion of their costs at 40%. With the operators receiving effectively all they have asked for—no one blames them with such a complex and restrictive code—it is clear that our sights must be set firmly on delivery and the Government should not set their ambitions too low. That is what our probing amendment covers and why it is important that, during the passage of the Bill, we receive at least some commitment to improved targets on mobile network coverage.
We are slightly dismayed that the industry will benefit from such a clearly beneficial piece of legislation and that the Government will impose few or no conditions on them beyond what has already been agreed. We are aware that the £5 billion investment and the statutory target were tied to changes to the code, but we are not convinced that the benefits for consumers are greater than the benefits that are being approved for mobile network operators and we would certainly welcome greater reassurance on that from the Minister.
Let us look quickly at the targets set out in the binding agreement in 2014, signed by the then Culture Secretary, the right hon. Member for Bromsgrove (Sajid Javid). They were: guaranteed voice and text coverage by each operator to 90% of the population and full coverage to 85% by 2017. Currently, only 46% of premises have access to 4G from all mobile network operators and a substantial 7% of the population—1.5 million homes nationwide—do not have basic voice or text coverage across the three networks.
The failed Mobile Infrastructure Project, supposed to reach the final notspots, closed in 2015-16. It had erected only 76 of 100 masts, leaving a substantial number of homes without the prospect of having complete voice and text coverage. Given that 71% of businesses rated mobile network access as “critical” or “very important” to their business we believe that mobile network coverage, as broadband is tacitly designated in this Bill, should also be considered a utility. That is what our probing amendment seeks to test.
Clearly, everyone in the country, if asked, would agree. Businesses that rely on mobile networks, local authorities and individuals that use them to communicate would welcome a right to have mobile network coverage within their place of work or at home. This is extremely achievable but the Opposition are concerned that institutional defensiveness from the major network operators is getting in the way of full or near universal coverage for consumers. More than 99% of residents in the UK have access to 2G or 3G of some kind and 90% have access to 4G of one kind. However, for all operators, the figure drops to just 46%.
The infrastructure is in place and it understandably infuriates people working in an office or at home when their colleagues can get network coverage and access to data services while they cannot. While we recognise the concerns around commercial incentive, surely it is right that, once the current phase of the roll-out is complete and significant gaps in full coverage across all mobile network providers still remain, we at least reconsider the case for national roaming and national infrastructure, as is commonplace on the continent.
We are a relatively small island and it should not be the case that commercial defensiveness makes the aspiration of near universal coverage far from a reality. That is why we will table another new clause relating to this part of the Bill to test it before the whole House. It will establish a review of the roll-out of mobile network coverage, which is a critical piece of infrastructure for businesses, residents, and emergency services. As yet, due to what appears to be institutional wrangling and commercial defensiveness, this coverage is not being extended to the entire population in a way they would expect.
As we know from evidence given to the Committee last week, currently more than 60% of communications towers globally are held in an entity separate from the networks that use them. The review will have to take another look at greater diversity in mobile infrastructure and national roaming in order to deliver a universal service. In countries such as the United States, the figure for independent infrastructure is more like 90%. In the United Kingdom, as the Committee knows, it is more likely that that infrastructure is erected on an economic case for the network and operated for the benefit of the network that makes the investment. That is fine up to a point, in that it undoubtedly encourages competition among network providers in areas where they can receive a substantial return, but it makes universal network coverage more difficult to achieve when there is 90% of coverage for 4G of some kind, but only 46% for all kinds.
Our review will also look at open data and how, by routinely publishing costs, location of masts, service quality and plans for roll-out, consumers, particularly in rural areas, but also in urban “nearly and notspots” can make better decisions about which network operator to use.
Throughout the Bill, Labour Members will look to the Government to turn the £l billion concession, however welcome, for the mobile industry into something approaching a near universal service for the country. We should be ambitious about the kind of mobile network coverage we can deliver and not shy away from the challenge.
It is a pleasure to get going on the Bill proper and to respond to the first amendments. It is undoubtedly true that reliable fast broadband is now seen as the norm and not the nice-to-have—that unites the whole Committee. We are committed to ensuring that everyone can enjoy the benefits of decent broadband connectivity. It was in our manifesto and it is one of the core purposes of the Bill.
Amendment 56 seeks to ensure that the guidance around the characteristics of the connection is in the Bill—for instance, that the USO can include both upload and download speeds. I entirely understand the intent and the clause as drafted is sufficiently flexible to allow for that. The statement of intent that the hon. Member for Berwickshire, Roxburgh and Selkirk referred to, which was shared with the Committee last week, outlines a broad range of factors that need to be considered in designing the USO, including the level of service. That includes not just download and upload speeds, but the appropriateness and level of other parameters such as latency and capacity—and potentially customer service.
Ofcom has been commissioned to provide detailed technical analysis and recommendations to support decision making on the design of the broadband USO. Allowing Ofcom to do that work and ensuring that it is specified in detail is better than putting that on the face of the Bill, because it will allow us precisely to future-proof the design of the USO in the way that the hon. Gentleman demands. The decisions on the scope of the USO, the technical specifications, including download and upload speeds, and any service standards need to be taken in the light of Ofcom’s advice, which is to be provided by the end of this year, before the Bill concludes all its stages.
Amendment 83 seeks to include mobile coverage within the scope of the guidance on the broadband USO. The hon. Member for Sheffield, Heeley made many good points and put them eloquently and powerfully. The position is that the universal service directive, which currently provides the regulatory framework for the broadband USO, is about the provision of a fixed internet connection of an appropriate speed to a fixed location. Depending on who is designated as the universal service provider or providers, and on the specification of the USO, there is scope for the USO connection to be provided using mobile technology. However, the directive does not require the USO to include mobile geographic coverage.
In any event, as the hon. Lady said, through the use of licence conditions we have delivered on a commitment to near universal mobile coverage. I would question, therefore, whether there is a case for a USO for mobile, because of those commitments. The licence obligations to which the hon. Lady correctly referred are part and parcel of a deal that included the reform to the electronic communications code—so everything that she asks for was covered in that deal. It is precisely because the two are linked that they are fair, both to the industry and, more importantly, to consumers. As she said, the mobile network operator roll-out plans provide for £5 billion of investment, as a result of that deal and commitment.
We have discussed the USO and what it could mean, particularly in last week’s evidence sessions, but there is an opportunity to go further. If the USO is simply passed over to BT because it is willing to provide 10 megabits to everybody by 2020, I am afraid that 10 megabits will be the ceiling rather than the floor. We should be considering how we facilitate a USO that empowers communities and devolved Administrations to go further. The Scottish Government have made a commitment to reach 30 megabits over the course of the Parliament, by 2021, and a flexible USO—particularly a voucher scheme, rather than a monetary or contractual agreement with the likes of BT—could help them to deliver.
Through our amendment we seek to ensure proper consultation and the involvement of not only the Scottish Government but all the devolved Administrations. Previous dialogue has been largely tokenistic, so we need to set it out in the Bill and insist that there is proper consultation that empowers the regions of the UK to take the USO as a platform, as a floor of their ambition, rather than as a ceiling.
New clause 10 would require the Secretary of State to ensure that there is a completely open procurement process, and an alternative dispute resolution role to arbitrate in instances of disagreement over the designation.
We welcome the Minister’s clarification last Wednesday about the statement of intent in relation to the USO. However, we want to mention—I am sure it will not be the first time in this Committee—how rushed and unsatisfactory the publication of Bill documents has been. Some of the documents that should accompany the Bill are yet to be published. I know from talking to people in the industry that that is their concern as well.
I was pleased to note from the statement of intent that the Minister intends the USO to act as an effective complement to commercial, community and publicly-funded roll-outs of broadband, and that it will not displace any planned roll-out of higher speed broadband. There is an argument that there should be a combination of the USO and Broadband Delivery UK to fulfil the last 5%, given that the work of BDUK is still ongoing.
The industry has raised concerns that a USO could risk distorting the UK’s broadband market and potentially hamper the goal of universally available good quality broadband access, if it is not designed in the right way, with the industry and consumers in mind. I note what the Minister said earlier about Ofcom’s being better situated for future-proofing, and I agree. I will discuss that on clause 1 stand part if that is acceptable, Mr Streeter. It is important that there should be parliamentary scrutiny of Ofcom’s role in the consultation.
The USO should not displace any planned roll-out of higher speed broadband. I mentioned the industry’s concerns that it could distort the UK broadband market. If it is done badly, there is a risk that it will undermine commercial investment, in hard-to-reach areas where industry is able profitably to deliver good quality broadband at competitive prices, or by passing on to existing users any rising costs that come about as a result of the USO.
For example, TechUK has argued that the Government should strictly limit the USO to the most remote areas of the UK. Failure to limit the availability of a USO tightly means there is a risk that commercial investment will be diverted, and that there will be wasteful intervention. It is suggested that urban areas, and any rural areas where there is a prospect of market investment, should be explicitly excluded from the USO. It would be helpful to hear the Minister’s thoughts on that and on how Ofcom will take forward the consultation.
Furthermore, satellite connectivity should be considered in scope for the most remote households. It is already available to virtually all households in the UK, and it can be the most cost-effective route to providing superfast broadband. Essentially, we believe—and I hope that this is the Government’s intention—that the USO should be seen as a safety net to prevent social exclusion, facilitate access to online public services, and encourage social and economic development.
The question is whether we need a more transparent and competitive regime for that to happen. Smaller providers are currently put off, because they do not know whether BT currently has plans for, or is working in, any place at any given time. There are allegations from other players in the industry that when smaller providers move into areas where BT is not investing or working, it swoops in, purely to crowd out the competition.
The Government’s statement of intent cites thinkbroadband estimates that suggest about 4% of premises are unable to receive speeds above 10 megabits per second. That really should be open data available to the public and all service providers. We clearly need to know where the assets are, who can do the work and where the cabinets are. There should be a register that contains all that information and is available to make the market more competitive and efficient.
For the process to be trusted, transparent and fair, all the information should be in the open and part of the procurement process, allowing as many providers as possible to participate to ensure that the playing field is as level as possible. It was therefore also welcome that the Government’s statement of intent included consideration of different types of providers, such as regional providers and smaller ones using innovative technologies.
Clearly, it was less than desirable that the BDUK process ended up with only one contractor. We do not believe that we can lay the blame for that entirely on the design of the contracting process, but we think that much greater care needs to be given in the future to ensuring that a richer diversity of providers is catered for in the process.
We should also ensure that the Government are not effectively blackmailed by providers to protect their market position. The mess-up around the procurement process for the roll-out of the broadband framework in 2012 left BT as the only supplier, after Fujitsu pulled out. That was condemned by the Public Accounts Committee for failing to deliver meaningful competition or value for money.
It is also important that the Government consider different tenders for the different problems we are faced with in the last few per cent. For example, we could have one contractor for the rural areas and another for the inner-city areas, as they obviously present different challenges. We could do with some further clarity from the Minister on that.
The amendment is merely designed to be probing. Does the Minister genuinely envisage that anyone other than BT will implement the universal service obligation? How will the tender process be designed? Given the Government’s commitment to encouraging SMEs and community providers to tender, will the likes of Broadband for the Rural North be considered? If the Minister can provide some clarity on that either now or later in writing, I will not press the new clause to a vote.
I will try to respond to all the points as briefly as I can, because the hon. Lady in particular raised a huge number of pertinent points. The two Front Bench teams are very much on the same side on this matter, so I want to give her the reassurance I can, but as quickly as I can, given that she asked a huge number of very good questions.
First, amendment 57 is about ensuring that devolved Administrations are consulted. Section 65(4) of the Communications Act 2003 already imposes a requirement to consult with Ofcom and other such persons as the Secretary of State considers appropriate. Since the broadband USO is an extremely important consumer measure that will benefit all parts of the United Kingdom, I cannot conceive of a situation where the devolved Administrations would not be consulted as plans to introduce a broadband USO are put in place, so I do not think the amendment is necessary. We would expect wide and extensive consultation across a wide cross-section of stakeholders.
We will consult on proposals for secondary legislation once we have considered Ofcom’s report. The second consultation will cover the detail of the USO and provide an opportunity to comment on the design of the USO and how it is implemented. I hope that that takes into account the concerns of the hon. Member for Berwickshire, Roxburgh and Selkirk.
New clause 10 would require the Secretary of State to ensure that there is an open procurement process for the designation of universal service providers. Again, that is covered under section 66 of the 2003 Act, which enables Ofcom to set out the procedure for designation in regulations and requires that the procedure
“be efficient, objective and transparent; and…not to involve, or to tend to give rise to, any undue discrimination against any person”.
I think that addresses the concerns as directly set out in the new clause.
It was music to my ears to hear a Labour Front Bencher talk about the need for a competitive regime, which clearly puts her at odds with her leadership. I agree in principle that the USO is designed as a safety net. Some people want much greater broadband speeds and connectivity, and it is not unreasonable for people to pay if they want very high connectivity speeds, but we believe there is a public service in having a universal service so that everyone is given the opportunity to have decent connectivity on which to live their lives. As the hon. Lady said, that could involve communicating with the Government, which is increasingly done online, or engaging in communications around healthcare and basic banking, and 10 megabits per second allows for that.
The hon. Lady mentioned satellite technology. Satellite is in scope—in fact, all technologies are in scope. The legislation is purposely designed to be technology blind. What people care about is connectivity. The technology is for the implementation, the policy makers and the engineers. Citizens care about how good, reliable and quick their connectivity is.
The hon. Lady made one error and I want to bring her up to speed. It is not true that there is just one contract in BDUK. Its open competitions have now been won by BT, Gigaclear, Call Flow Solutions, Airband, UK Broadband and Cotswolds Broadband. There has been progress since the Public Accounts Committee report that she mentioned and a whole plethora of providers have now successfully bid into the BDUK contracts.
I am aware that in phase 2 other providers have been successful in tendering, but in phase 1, as the Minister is well aware, there were problems and Fujitsu pulled out, leaving BT as the only contractor. That is why our new clause goes further than the law currently enables Ofcom to go, by ensuring the appointment of a body to undertake an alternative dispute resolution role, so that we can learn the lessons from BDUK. I appreciate that the Minister may not be able to commit to that today, but will he at least take it away and consider it for the USO?
That Division was rather exciting; it woke everybody up and got them away from their iPhones and iPads.
Inevitably, the focus of this first part of the Bill is on the USO, trying to make it fit for purpose and ensuring that we get the outcome that I believe we all want: better connectivity all across the country.
Amendments 58 and 59 would put into the Bill something ensuring a proper evaluation of how this USO is implemented and how it is borne out. There is a real concern that, as I have heard, the USO could follow similar lines to the telephony USO. If we remember what the telephony USO is, people have the right to demand a phone line up to a certain cost; I think it is £3,400, but I stand to be corrected if that is wrong. Thereafter, they pay the difference.
If we really mean universal broadband, what we must not have is a scenario whereby, although there is a USO, people in rural areas still end up paying more for a lesser service, which is what we have today. I am sure that we have all had complaints from constituents that, “I pay the same amount per month as someone else in an urban area for an on-the-surface 10 meg service, but I get only 1.5 or 2 meg.”
Let us accept that that is the reality on the ground—that people pay different amounts for different levels of service—but let us also put something in the Bill that actually means that stock is taken and a review is conducted. It should seek to ensure that in the future such problems do not happen and that people in rural areas—in fact, any people with a poor broadband service—get a fair speed with a fair price and all the other measures that the Government are introducing, as a result of the USO.
I should say at this point that we also support amendment 82, which puts rather more meat on those bones that I have just outlined.
We have had quite an exciting start to the Committee. The Minister turned up late; one Government Member went astray; and we nearly had a Government rebellion from the new PPS in the voting. [Laughter.] I hope that we continue in this vein. I also hope that the Minister is sensitive with his brand new PPS; I hope that she is not up for the chop this early in their relationship.
I will speak to amendment 82 and new clause 9, which would place a requirement on the Secretary of State to lay an annual report before Parliament on progress of the USO and to commission an independent review of the progress of BDUK respectively. As we have said, we very much welcome the USO. It could be somewhat more ambitious and it should extend to mobile, but we believe that it is an important step in the right direction. The purpose of these amendments is for Parliament to be kept abreast of progress, both on the USO and on the continued roll-out by BDUK.
Clearly, there have been issues with the roll-out of BDUK, not least the fact that, as we have just discussed, BT was the sole beneficiary of the contract in phase 1. If we are to avoid a repeat of that, we need to ensure not only that the procurement process is right but that Parliament takes a proper oversight role in assessing the performance and whether it is on target.
For example, we heard on multiple occasions last week about the problems around the fact that business parks have not been connected to superfast broadband, let alone ultrafast broadband. Similarly, we have heard of issues around local authorities being threatened with legal action should they so much as discuss procurement with a supplier other than the official one.
MPs’ mailbags are full of correspondence on issues about Openreach and about broadband more generally, so it is only right that they should have full disclosure on progress on an annual basis.
The first phase of the procurement process for BDUK included a mandatory requirement for copper local loop access rather than fibre, which meant old and outdated technology was being used and paid for with taxpayers’ money, entrenching the problems with existing infrastructure and holding back the future-proofing of the network.
There was also a requirement in that procurement process for the use of open access networks, which are the slowest option available, as opposed to local access networks which are much faster. It is good to see Ofcom consulting on the design of the USO over the next couple of months, and I am sure that they will learn from these mistakes. It is vital that this process is as transparent as possible, to ensure the best structure and outcome for consumers across the country.
On Second Reading the Minister called on Members to promote the take-up of broadband in areas where BDUK is providing access to broadband, so that local communities could benefit from the gainshare. That is absolutely right, and I am confident that relevant Members will be doing just that, but what are the Government doing to promote this? Are they, for example, paying for advertising and promotional materials? Is the Minister confident that access is the same as capacity, and that there is sufficient capacity in the cabinets in those areas where BDUK has been rolled out to allow take-up?
A very compelling case was put forward on Second Reading by the hon. Member for North Swindon, who described the problems he had with his local council and the lack of availability for his constituents even after BT had ticked all the boxes in that area under the BDUK contract. It seems to us that common sense dictates that BDUK should be measured on take-up rather than simply access to broadband. This is so that areas can be assured of their return from the gainshare, and also so that we can be absolutely sure that residents are able to use the broadband in practice rather than having access to it only in theory.
It is also important that we have a review of the progress of BDUK to consider whether they should be given any further direction or powers in relation to accessing land or infrastructure, for example. The statement of intent published last week references the question of how often, and on what basis, a USO may need to be reviewed. Again, we would have liked to see that in the Bill. I hope we can have clarity from the Minister on that because, as we all know, the minimum speed and quality of access that we all require are travelling in one direction only and at an exponential rate. It is difficult to imagine that 10 megabits will still be considered acceptable in 2020, let alone 2025, given that superfast is now defined as 24 megabits. The European Commission is hoping to set a new target for broadband and mobile coverage, which will aim to ensure that all European households can get a minimum internet download speed of 100 megabits per second by 2025.
The existing digital agenda for Europe programme currently seeks to ensure that every home in the EU can access a 30 megabits-plus capable, next generation access, superfast broadband connection, with 50% subscribed to a 100 megabits-plus service by the year 2020. At present it is widely expected that BT’s commercial G.fast roll-out, which will commence from next summer, and Virgin Media’s ongoing cable network expansion should bring broadband speeds of around 100 to 300 megabits to most of the UK, around 60% to 70%.
The hon. Lady is making some excellent points. The EU, which has apparently been holding us back for so long, is now leaving us behind as they run off to 100 megabits by 2025 while we set our ambition at 10 megabits by 2020. That is an excellent point. It comes back to the critical importance of how this USO is designed. Simply allowing BT to continue with more of the same, stretching their copper assets further, is not going to hit the long-term vision that is required. That is what this Government need to do. They need to set a target for fibre. I hope that when the Minister speaks tomorrow morning at the broadband convention he will say more about that, because we need to show far more ambition.
I absolutely agree with the hon. Member for Berwickshire, Roxburgh and Selkirk. Several issues relating to our withdrawal from the European Union will affect not only the measures in the Bill—particularly on spectrum divergence—but the UK digital economy as a whole. I know that the industry is extremely concerned about the implications of Brexit.
BT has also promised to extend G.fast to most UK homes by 2025, but this is unlikely to push the overall coverage figure much beyond 60% to 70% as by then Virgin Media will have already been able to deliver into much of the same areas. That goes to the point made by the hon. Gentleman, because it leaves the final third who are still out of the loop. On top of that, 5G-based mobile broadband should also be able to deliver 100 megabits-plus, and that will play a role, although mobile performance is notoriously variable and delivers much slower speeds outside urban areas. Once again, the challenge will be to bring ultrafast speeds to the final third, which would probably require a repeat of the Broadband Delivery UK programme, albeit with G.fast instead of VDSL as the main technology, and another round of public funding. That is why we need those commitments to fibre and other technologies. The former Digital Economy Minister has already hinted at that.
Exactly, absolutely right. We are seeing the long-feared Labour-SNP alliance in action. The hon. Gentleman is right that G.fast is a useful technology but it is not a full fibre technology and is, by physics, distance-constrained, although BT continues to do important work on driving as much delivery out of copper as possible.
There is one other point that it is important for the Committee to consider: there was a simultaneous call from the Opposition for the statement of intent to be included in the Bill and for there to be flexibility in the speed of the USO. These two things are inconsistent; it takes time to change primary legislation. It is incredibly important that we can revise the USO potentially—and hopefully—upwards. It is wrong to set a USO speed now for several years hence. I think we agree on that. We should not, therefore, put the speed on the face of the Bill.
The Scottish Government have said they want 30 megabits per second by 2021. We, of course, want the USO before then and we want the speed to reflect the reality of the time. Demands are increasing very quickly, so I would not want to put a figure on it for five years hence, as the Scottish Government have done. That is a mistake and it is far better to do it as we are planning in this Bill.
The Minister is slightly misinterpreting what I said, which is particularly cruel given that I have only been a week in the job. I did not say G.fast was equivalent to fibre. I said that BT would be pushing it out to 60% to 70% and that was why we need much more ambitious targets from the Government on fibre for that final third, in order to deliver coverage for the entire UK.
With regard to the statement of intent, I have said several times that we support its being in secondary legislation, but we want to see elements of it, including the design of the USO, the procurement process and review, to be in the Bill, to avoid being asked to vote blindly on details we do not yet have.
I am delighted to have that clarification. I am also glad that the hon. Lady welcomed the fact that Ofcom is doing the consultation, which is necessary before we can put those details in place. The way the provisions are structured in the Bill is the right way to proceed.
In ensuring that we get the best possible broadband connectivity, we must make sure that we have both a vision of the future with high-speed and superfast—and then ultrafast—connectivity, and flexibility to get there in the most cost-efficient way possible. That unites the Committee in purpose, and the Bill as it stands provides for it.
Finally, following the mention of the Labour Government by the Opposition, I will not rise to any partisan points other than to note that in 2003, the then Labour Government legislated to set a USO. They set the USO in stone in legislation and instead of including a review clause, they set it at 28 kilobits per second. Let that be a lesson to anyone who wants to put more on the face of the Bill. It is far better to ensure that we can constantly keep pace with technology, as the Bill does.
We have heard support for the spirit of the amendment and for the Select Committee to review the progress of the USO. The amendment certainly does not specify to which element of Parliament the report should go. We would be satisfied with progress being reported to the Select Committee. Government Committee members will be interested in, and their mailbags will be full of concerns on the progress of the USO, so they should have the ability to review that. Also, I was not old enough to vote in 2003, so I do not think I can be held responsible for decisions made then.
I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
Amendment proposed: 82, in clause 1, page 2, line 21, at end insert—
“72B Universal service order: annual report
(1) The Secretary of State must lay before each House of Parliament an annual report about the implementation of the universal service order for all areas pursuant to the provisions of this Act.
(2) The annual report must include information on—
(a) the number of premises that have been supplied with the minimum download speed as specified in the USO secondary legislation
(b) the number of premises that have been required to cover some of the cost of connection,
(c) of the premises in (b) the average cost of connection per premises covered by residents, disaggregated by local authority area,
(d) the number of premises that have chosen not to be connected via the universal service order after being provided with an estimate, and
(e) the amount of time on average it takes to provide an estimate and connect a premise, disaggregated by local authority area.
(3) The annual report must be laid before each House of Parliament as soon as practicable after 31 March each year.”—(Louise Haigh.)
Question put, That the amendment be made.
I know that we covered this issue on Second Reading, but I was not the shadow Minister at the time. This legislation is not a Bill for the digital economy. The tech sector has been waiting for some time for the Government’s digital strategy and vision for this crucial area of our economy; to say that it is disappointed with the lack of ambition and strategic direction in the Bill would be a gross understatement.
We heard a damning indictment from one witness last week. He described his business as a tech start-up in Canary Wharf, and said that the Bill would do absolutely nothing to help it. To call it the “Digital Economy Bill” is quite insulting given that it is actually a collection of disparate measures—a mixture of amendments from across a range of Departments vaguely tied together using the word “digital”. Over the next few sittings we will focus on where the Bill could be improved, and I am sure that on Report we will return to what the Bill requires if it is genuinely to aid, boost and improve the digital economy.
On clause 1, we need to do much more than produce a mere headline USO. If we are talking about access to digital services, what are we prepared to do to support that access? Does that support simply cover subsidies on infrastructure in more remote areas, or should it also cover education? If it is more than just enabling access, we need to make sure digital skills and knowledge are embedded in our education system as well as providing for the older generation.
Similarly, as we discussed earlier, we need to think beyond mere access and ask ourselves what sort of targets we want on usage. What goals follow the strategy of the USO? It is brilliant if everyone has 10 megabits per second, but how many people are able to use the internet? How many young people are studying IT or related classes? What percentage of the workforce are in technical-related roles? The fact is that not only is the USO unambiguous, but it is long overdue. As I said earlier, Labour left fully costed plans to deliver superfast by 2012.
In 50% of rural premises the infrastructure is simply not there to carry more than 10 megabits, and for one in five premises it will not carry more than 5 megabits. It was suggested to us by a couple of witnesses that the USO was simply in line with BT’s proposed business plan. The chief executive of BT confirmed this to us: they can implement the USO by 2020 without any further public money, with 24 megabits to 97% or 98% of the country, fixed broadband of 10 megabits to 99%, and the last 1% likely to be done by 4G or satellite. The question is, therefore, why this legislation is necessary. One witness explicitly said:
“I think you should be very worried when you hear large incumbents saying, “Set up a universal service obligation but don’t let it get too far ahead of what we’ve got in our business case.” That is not what business should be doing. Businesses will invest more if they are scared their customers will go elsewhere, not because they have been given a promise by Government”.––[Official Report, Digital Economy Bill Public Bill Committee, 11 October 2016; c. 10, Q14.]
If we are really to tackle the issues in our broadband market, the evidence we have seen suggests that the USO is—at best—nice to have, but at worst it is a serious market distortion. In fact, the Government should be considering much deeper issues such as the structure of the market, much-needed investment in infrastructure, the need for planning reform to enable the roll-out of 5G and the need to be much more imaginative around future licence auctions. For example, as we have heard time and again, there is the German model to license outwards-in so that those who are missed out on previous rounds are serviced first.
Furthermore, we have heard in one form or another that all roads lead back to Openreach, and the Bill really could have been an opportunity to reflect on that. Baroness Harding believed that
“competition will do the majority of this, and we should try our damnedest to make the private sector fund most of this through competition”.
She concluded that,
“the solution is to separate Openreach completely and put a universal service obligation on an independent Openreach”. ––[Official Report, Digital Economy Bill Public Bill Committee, 11 October 2016; c. 6, Q4.]
We heard in evidence that Openreach could and should be much more ambitious, deliver a better service and be in control of its own board, but evidence was given that, to achieve that, Openreach needs to be completely independent. It was argued that we have not been able to see how far a competitive commercial roll-out can go because we do not currently have a competitive commercial market, and we cannot have that market reform until, at the very least, we separate out Openreach.
One witness said:
“if we are going to be ambitious, to enable companies like ours to continue to grow, invest and innovate, we need a national solution, and a national solution will depend upon the national network owner, which is Openreach...That is why the structure of the industry does matter; the ability to get capital into the industry to invest in the kinds of future networks we need is critical”.––[Official Report, Digital Economy Bill Public Bill Committee, 11 October 2016; c. 19, Q31.]
Ofcom has been unambiguous in saying that network competition—having multiple network operators on the ground and available to consumers—is the best driver of investment incentives, of superfast broadband penetration and of consumer outcomes. We would like the Minister to set a clear timeframe today for the response to the Ofcom consultation on Openreach. The consultation closed two weeks ago and, as I understand it, Ofcom are now in private consultation with BT. The public and Parliament need to know when we can expect the Ofcom response and what the next steps in the process will be.
Does my hon. Friend agree that one of the problems with Openreach is that, because it does not have a customer-facing aspect, its customer service and consequently its reputation have been extremely poor?
That is certainly one of the issues. I personally have poor experience with Openreach and I am sure many members of the Committee and their constituents will have, too. Public satisfaction with Openreach customer service is incredibly low and needs urgent investigation. However, we need more detail on some areas that have not been put in the Bill, but which were included in the statement of intent, as mentioned earlier.
An example is the fact that connections will be subject to a cost threshold, above which consumers will still have the right to fast, reliable broadband, but may have to contribute to the cost of connection. That is not much of a surprise, as it happens with the USO for telephone lines. There, the cost threshold is £3,400. Is it possible for the Minister to provide any guesstimate about the threshold for the broadband USO? Once again, we are being asked to vote on legislation that does not include vital details that could make the entire proposal almost completely useless. If the threshold is set too low, the right will essentially be meaningless for the vast majority of consumers, who already miss out, are on unacceptably low broadband speeds and are forced to pay unacceptably high prices. Will the threshold have any form of parliamentary scrutiny, or is this really enabling legislation that will allow the Minister to get his head around the details after the fact?
As we have discussed, we do not believe that the headline figure of 10 megabits is sufficiently ambitious, and nor is a headline speed sufficient when considering the quality of broadband available to the population as a whole. That point was raised by several hon. Members on Second Reading, and by the hon. Member for Mid Worcestershire in evidence sittings. It is a source of great frustration in rural areas, in particular when customers are promised mobile coverage or broadband speed that are not delivered. The Bill does little to correct that. Yes, it provides for automatic compensation, but I am confident that customers would much rather have coverage—and reliability of coverage—than recompense.
The Minister did not answer questions about BDUK earlier, so I will put them again, if that is all right, Mr Streeter. Is the Minister confident that access is the same as capacity, and that there is sufficient capacity in the cabinets in areas where BDUK has been rolled out to allow take-up? Does he believe that BDUK should be measured on take-up rather than access to broadband? I should be grateful if the Minister also updated the Committee on conversations with the Advertising Standards Authority about its code, so that companies can advertise a certain speed only when a certain percentage of their customers in that area get that speed. The ASA and its committees have been looking at that issue for some time, but surely the Bill is the perfect opportunity to speed up the process and provide much needed certainty and lower prices for rural customers.
Finally, we welcome plans to deliver superfast broadband connection to sites with more than 100 homes from January. That was raised time and again on Second Reading. It is absurd not to have minimum levels of broadband in new homes when we would never consider not connecting water or electricity to any new home, regardless of the numbers on the site. As the Countryside Alliance pointed out, the figure of 100 is too urban-centric, as rural areas are moving towards small-scale developments. I hope that the Government will keep the commitment under review and ensure that the figure is reduced in future, if necessary.
We must absolutely not let the USO get in the way of investment in developing super and ultrafast capabilities across the whole UK. We heard evidence stressing the threat that communities that might be pleased with 10 megabits today will be furious about not having 1 gigabit in three or four, or potentially 10 years’ time. Indeed, providers such as Virgin, and even smaller ones, such as Gigaclear, are now building proper fibre to the premises, providing up to 1 gig in extremely rural areas; so I fear that the target will quickly become completely outdated, even given the flexibility built into secondary legislation.
Overall, the Opposition support the commitment, with all the caveats I have outlined, and I am happy to support clause 1 to stand part of the Bill.
To channel the Prime Minister, fibre means fibre. If hon. Members want to know what fibre means, it means fibre.
On the point about measuring BT and BDUK on take-up not access, both BT and BDUK are measured on take-up as well as access. Both are important. In fact, the contracts have take-up embedded in them, because the clawback from higher take-up allows money to be spent on further roll-out. The contracts that are being rolled out at the moment are from that clawback. The hon. Lady is therefore absolutely right that both take-up and access are important, and in the county-by-county figures from BDUK we have both take-up and access.
I also strongly agree with the hon. Lady on advertising. The Advertising Standards Authority has consulted for some time on descriptions of both “up to” speeds and pricing arrangements, both of which can be wholly misleading. I very much hope that the ASA will come out with new rules shortly—it has been working on that for some time. However, advertising is policed on a non-statutory basis and I think it would be a significant step for us to legislate on that matter because we do not want political interference in the rules around advertising. That is a step that I do not want to take. I do want the ASA to come to its conclusions as soon as possible. I hope that that answers all the questions that were asked on that point.
I appreciate that the Minister may not want to pre-empt the Ofcom consultation, but will there be any parliamentary scrutiny of the proposals that Ofcom will bring forward, or will we leave it to Ofcom and accept what it brings forward in terms of design, cost threshold and everything else we have debated this morning?
Of course there will be parliamentary scrutiny, because the Bill provides for the USO details to be put in place via secondary legislation. There will be scrutiny then and, as my hon. Friend the Member for Selby and Ainsty pointed out, there will also be the opportunity for Select Committees to scrutinise in their usual way. I hope that without reading the rest of my speech, which is all about how important and wonderful broadband is, the Committee will accept what I have said as a full response.
In short, although the precise design is subject to the Ofcom consultation, my view is that the potential in the Bill for the USO is more ambitious than the Scottish Government’s, because theirs is to be delivered later and has already specified a speed. Instead, we have proposals coming in sooner and with uprating built in from the start.
Question put and agreed to.
Clause 1 accordingly ordered to stand part of the Bill.
Clause 2
General conditions: switching communications provider
Question proposed, That the clause stand part of the Bill.
The Opposition are happy to support the clause. As we know, there are currently extremely low levels of switching in the market, with 5.9 million mobile users having never switched owing to concerns with the process and 2.5 million people saying they have experienced a major difficulty such as the amount of time it took or loss of their number. Every year, more than a million people are either double-billed or lose service in attempts to switch.
I understand that Ofcom has been considering how to make switching work for over eight years, and I am informed that the decision on switching has been delayed because of previous appeals and the current appeal regime, which we will come on to later in the Bill.
The powers for Ofcom to introduce gainer provider-led switching are welcomed by Opposition Members, as the figures clearly show there is little appetite to switch mobile provider at present, despite the clear lack of trust in mobile service providers themselves. In the last year, almost half of consumers have not switched providers; of those who have switched, 46% of them did so more than a year ago.
As Members are aware, at the moment switching providers is beyond arduous. Individuals have to contact their own provider and then the provider they wish to switch to. They have to terminate their old contract and then activate their new contract. This creates additional costs, time and hassle, and means that consumers are not able to compare all the deals available to them easily.
These proposals are welcome, but do the Government intend gainer provider-led switching to cover both mobiles and bundles? Clearly, many mobile networks also operate in other areas, such as internet and television, so would it not make it even easier for consumers if they could switch all at once if a better offer was provided? We look forward to hearing the Minister’s comments on that.
It would also be helpful if the Minister could put on the record what discussions he has had with Ofcom and mobile providers about the range and depth of information that will be available. Clearly, the lack of open data in this market holds back switching, but as we discussed earlier it also holds back investment and competition. It is very welcome to hear that BT has offered that information, but we would be grateful to hear exactly what data it is making available. Data on internet availability—such as costs, product offerings, location of cabinets and masts, access method, service quality, service faults, and planned network upgrade and dates—would all be enormously beneficial if they were published as open data.
That would be a considerable step towards creating a more effective market. It would not only help with switching but would enable an operator, community group or local authority to decide whether to build a new network for an area if there were no other plans to do so.
Nevertheless, these measures are very welcome and we on the Labour Benches are pleased to support them.
Consumers should be able to benefit from choice and competition in the UK communications markets, and I am very grateful for the cross-party support for these measures.
The central case is that changing suppliers should be quick and easy, and can benefit all. However, the reality is that no matter how attractive a deal may look, or how dissatisfied a customer may be with their current service, the rigmarole or the perceived rigmarole involved in changing provider deters switching. This clause makes it explicit that Ofcom has powers to facilitate easier switching in the communications sector.
It will be for Ofcom to consult on and define which communication services will be subject to switching processes. Ofcom is consulting on triple play—so fixed line, broadband and pay TV switching—with a view to simplifying the processes to switch multiple services as well. The clause will help to cement Ofcom’s power and will put in place processes to instil in consumers the confidence to shop around. That is the purpose of the clause.
There are ongoing discussions with Ofcom about the range and depth of information that is provided. Of course, the measure complements the information powers given to Ofcom in part 6 of the Bill, which we will come on to. So, once consumers have better information to hand about the services on offer, they can then switch to the service that is most suitable for them with confidence and the minimum of fuss.
Ofcom has existing powers to set conditions on electronic communication service providers, and this clause makes it explicit that Ofcom may set general conditions to facilitate switching. Such conditions could require providers to comply with defined processes, such as gaining provider-led switching. This approach would mean that consumers would no longer need to contact their existing provider when they want to move, and of course the gaining provider has the incentive to make these things as easy as possible.
I hope that all these things will help to boost switching and therefore make this market more competitive.
I beg to move that the clause stand part of the Bill.
Question put and agreed to.
Clause 2 accordingly ordered to stand part of the Bill.
Clause 3
Automatic compensation for failure to meet performance standards
The area of compensation is one that we have all probably been hearing about from our constituents for quite some time. Before speaking to the amendments, which are about mobile coverage, let me first welcome the important move in the Bill that not only puts compensation in place but makes it automatic. Telecoms and connectivity can feel like the dark arts to some of our constituents and it is important that whatever is put in place does not depend on their understanding the details of what they are entitled to. However, the point has already been made today that when people sign up for a broadband service, there should be far clearer, granular detail on what they should expect. We have wrestled today with what a USO should be; we have talked about download; we have talked about upload; the Minister rightly mentioned other areas such as latency and data limits; and of course cost comes into it.
In terms of compensation, it is important to recognise that broadband is different from telephony. Telephony is fairly binary—it is on or off. It works or it does not. There might be some interference, but it remains a fairly binary service. Broadband, however, is defined by many different characteristics.
As we look at a compensation regime, we need to look at the speed expectations. When someone signs up for a broadband service, they sign up for a service that is, by definition, contended. It is shared, which is why, as those who have ever been at home when the kids all get home from school, broadband speeds sometimes plummet. That is the reality of the service that is signed up for and that reality has to be accepted on a contended service—those who want a less contended service need to sign up for an appropriate service with BT or another provider—but there should still be levels of expectation. There should be a top-line download speed, an average speed and, in my view, a baseline speed, below which the service does not drop.
As we look at compensation, I would like to see some flexibility. Given the complete lack of information in the Bill—in keeping with the earlier clauses—there is the ability here for Ofcom to show flexibility and design an appropriate system. The telecoms providers all have huge challenges to face on their performance standards—the digital communications review called them out. BT was singled out, but it was not the only one. They all have a way to go in improving their service standards, so a compensation regime should be designed to incentivise them. We have to remember that this is about incentivising good performance, not about penalising bad performance, although the two obviously go side by side. We should design a scheme that is automatic and ensures people are compensated but that, most importantly allows people to get the service that they are promised and the providers are contracted for. That is important.
My hon. Friend the Member for Inverness, Nairn, Badenoch and Strathspey instigated work on the areas addressed in amendment 60 and new clause 2 some time ago. There are huge chunks of the country, not least the highlands but also the equally beautiful Scottish borders in my constituency, where there are notspots—in fact, it feels like there are more notspots than onspots most of the time, as I found on my summer tour. My hon. Friend brought forward proposals, which were put to the then Minister and Ofcom, to allow individuals who have signed up for a mobile service and then found that they cannot get proper service at home to be allowed out of their contract. Some providers—I think Vodafone was mentioned in the evidence session—have started to offer that. I hope that—hope is not a strategy, as we always used to say, but sometimes it is all we have—the Government will accept the sense of the amendment and new clause and put it in the legislation, to make it absolutely clear that, if I sign up for a mobile service and cannot use my device in my home, I am entitled to cancel that contract.
I rise to support the amendment in my name and the name of my hon. Friend the Member for Cardiff West. I also support the amendments tabled in the name of the hon. Member for Berwickshire, Roxburgh and Selkirk. I understand from the debate and the statement of intent that the baseline speed mentioned—10 megabits per second, as the Minister clarified—is the absolute minimum. The Opposition welcome the Government’s proposals to amend the requirements on automatic compensation, which will bring broadband services in line with other essential services such as energy and water. That recognition naturally extends to a form of automatic redress when things go wrong.
I am sorry to intervene so quickly, but this is an area where we need a bit of clarity. We have said that 10 megabits per second is a minimum, but as I understand it, it is a minimum maximum speed. It does not mean that under the USO, users will always get 10 megabits per second; it means that they sign up for a service where the maximum is 10 megabits per second. I think that is an important point to clarify.
We look forward to the Minister’s clarification.
More than 13 million households suffer from some form of broadband problem. It is about time that automatic compensation was introduced. As we know, seeking redress and compensation is often difficult for consumers, and brings little reward; many simply give up. Currently, users must lodge a formal complaint with their provider, then escalate that complaint to the ombudsman after eight weeks if they are not happy with the response. The onus certainly should not be on the customer to prove that they have lost service or that the service has not met the standard required. Where possible, automatic compensation should be made when a service provider becomes aware of a possible loss or reduction in service.
However, as has been mentioned, the legislation is not entirely clear on how the provision will be enforced, although we welcome the broad powers given to Ofcom. For example, if the fault is with the service provided to the retailer by Openreach, will the retailer pass on the compensation to the consumer who has been affected? How much will then reach the consumer? What will the level of compensation be? Which? has called for households to get £75 in compensation each time their broadband connection goes down, in line with compensation levels for power cuts. Will there be separate levels of compensation for broadband being slow or not working at all? Will the compensation cover planned network outages? Will the new regime come into effect on Royal Assent? Has Ofcom now completed all necessary consultation work?
Our amendment simply seeks to provide compensation within reasonable timescales. Consumers certainly would not want compensation payouts to drag on and on or broadband providers to drag their feet when there has been a clear outage and they are entitled to compensation. The automatic compensation model for the energy market is that it should be paid within 10 days of the customer claiming, or within 10 days of the end of the power cut if they are being paid automatically. That seems reasonable, but the Minister and Ofcom might have other ideas about what is reasonable.
Either way, we believe that it is important to set a clear timescale to ensure that consumers know exactly what they are entitled to, when they are entitled to it and how to go about claiming it if it is not forthcoming. We welcome the provisions and the recognition that consumers have a right to broadband and therefore a right to compensation if it goes wrong, but we would like assurances written into the Bill that compensation will be paid quickly.
Order. We will adjourn in about two minutes, but let us hear from Mr Hendry before we continue on Thursday.
Louise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)(8 years, 1 month ago)
Public Bill CommitteesI beg to move,
That the Order of the Committee of 11 October be amended as follows—
(1) In paragraph (1), after sub-paragraph (f) insert—
“(g) at 9.25 am on Tuesday 1 November;”.
(2) In paragraph (4), for “5.00 pm on Thursday 27 October” substitute “11.25 am on Tuesday 1 November”.
On Tuesday night, the House approved a motion to extend the Committee. This amendment will provide the additional time required thoroughly to scrutinise the Bill.
I thank the Government for replacing the sitting that we lost on Tuesday because of the debate that they scheduled on the BBC motion. We do not oppose this amendment, but the Government have tabled more than 130 amendments to the Bill since we agreed the programme motion, in good faith, on the basis that the Bill has 84 clauses. It is now clear that the Bill was not ready to come to Committee.
Not only have the Government tabled more than 130 amendments but they have made significant announcements about who the regulator will be. We welcome the significant publication of the codes of practice that will accompany part 5, but we should have had them earlier in the process. It is the job of Her Majesty’s loyal Opposition to scrutinise the Bill and table amendments, and we will not accept any criticism if the Committee does not get through the whole Bill. The Government should be prepared to add time if we do not make that progress.
We have been very accommodating on the timings. Not only did we remove the Tuesday afternoon sitting at the request of the Labour party, but we added another sitting at the end. We cancelled the sitting last Thursday afternoon at the request of the Labour party, despite the fact that we wanted it to happen. In fact, the amount of scrutiny in Committee will be less than we originally proposed, at the request of the Labour party. We will not have any truck with that one.
Clause 3 will make it easier for customers to claim compensation for service failures and, we hope, help improve customer satisfaction and drive the sector to deliver on its service commitments. The clause is about providing not only compensation but incentives that we hope will make such compensation unnecessary. The clause makes explicit Ofcom’s power to set general conditions on communications providers, requiring them to adhere to automatic compensation regimes as defined by Ofcom. It is part of Ofcom’s remit to protect the interests of end-users.
Telecommunications customers increasingly view their digital connectivity as essential, just as power and water are essential. The clause helps to deliver on those higher expectations. According to research by Ofcom, customers suffering from a loss of broadband service incur on average a direct financial cost of £18, spend an average of four hours trying to resolve the issue, and have to contact their provider an average of three times. Automatic compensation will mean that customers will receive standardised compensation for specific service failures, either without having to complain directly or through a streamlined process.
Ofcom has made a call for inputs and will be consulting with customers, customer groups, industry and all parties that want to enter the consultation, including devolved Governments. It will define which services and service quality issues will be eligible, how much the compensation will be, and the fault-identification and payment processes. The consultation process will ensure that the compensation scheme is fair and proportionate, mitigating the risk of additional costs being passed on to customers.
Clause 3 accordingly ordered to stand part of the Bill.
Clause 4
The electronic communications code
Question proposed, That the clause stand part of the Bill.
Clause 4 contains changes to the highly complex electronic communications code, as we heard earlier in the debate. We recognise and support the amendments tabled in the Minister’s name, which seek to clarify the web of legal technicalities and ensure that it interconnects with the existing legal landscape; that the new code does not infringe on access to land where the person does not agree to that access being obstructed; and that subsisting agreements continue in place.
Our primary concern is to ensure that the significant savings that the clause will clearly create for the mobile industry are invested in their entirety into infrastructure and roll-out for the public benefit.
We would also like to explore what consideration has been given to how we can ensure that independently-owned infrastructure can have a significant role in the sector and, if possible, make up a larger proportion of our infrastructure in line with the global market. The much-discussed difficulties of the broadband roll-out highlight the issues when infrastructure is owned by a private monopoly. We should seek to break up this market as much as possible. For that to happen, investment incentives for independent infrastructure need to be maintained as they are under the current ECC.
The assets of these small infrastructure providers, which are a valuable part of the market, are dependent on land. We would like a commitment from the Minister that further inevitable redrafts continue to carve out electrical communications apparatus from the definition of land. The benefit of independent infrastructure is the much higher capacity available for all networks to use on an open and non-discriminatory basis. Operators in this space filled more substantial towers, which send signals much further than an average mobile operator-owned mast. That is particularly important in rural areas, where more than half their investments have been made. More networks operating from better infrastructure enable transformational improvements in capacity.
The sector also unlocks significant new inward investment with a low cost of capital from the same funds that invest in UK energy, transport and utility assets. Clearly, significant investment is needed in the UK’s wireless infrastructure. Improving mobile connectivity needs substantial and sustained investment. New communication masts are needed in rural and suburban areas to improve coverage. In urban areas, to support the exponential growth in mobile data usage and provide ubiquitous high-speed connectivity, 5G networks will need hundreds of thousands of small cells connected with a dense network of fibre.
Analysis from Ernst & Young highlights that independently operated towers across Europe and North America host, on average, twice as many networks as vertically-owned towers. The UK is now lagging behind competitive telecoms markets around the world in respect of adopting the more efficient independent model; more than 60% of global and 80% of US masts are now operated independently of the networks that use them. Independent infrastructure can deliver investment in a way that maximises its productivity and enables the greatest level of connectivity.
Furthermore, we are aware that the industry has concerns about the clause given what is known as “stopping up”. That is the procedure that highway authorities use to decommission stretches of public highway. Under the new code, when streets are stopped up, the occupier of the land can give notice to quit and mobile operators would not then be able to cover the cost of relocation.
As I understand it, unlike the other reforms, this reform is intended to apply retrospectively, so we would be interested to hear the Minister’s thinking. More broadly on the clause, clearly the Minister and officials are attempting to make revisions to this enormously complex code, which obstructs or interferes with the means of access to this land.
There is a broader point. Despite the additional powers that the Bill provides to telcos over the landowners, in practice there absolutely must remain a solid working relationship between the two. As we heard in evidence last week, if good relationships are not continued, the industry might as well just go home for the next four to five years and forget about further expanding the network, such is the importance of good relationships and access to allow for upgrading and installing new infrastructure.
Industry evidence suggests that, on average, infrastructure facilities will need to be accessed every 12 days, so we must ensure that the legislation strikes the right balance between increasing access, which will help to upgrade the network, and maintaining a good relationship with the landowners who will help that roll-out.
The clause is intended to improve mobile coverage, so I will go back to something that the Minister said on Tuesday in Committee:
“That is why delivery on this commitment by the MNOs”—
that is, by the mobile network operators—
“is so important. The deal as agreed, which is a legally binding commitment, will result in nearly 100% of UK premises receiving 3G/4G data coverage, and 98% coverage to the UK landmass by the end of 2017.”—[Official Report, Digital Economy Public Bill Committee, 18 October 2016; c. 124.]
Those figures were not immediately familiar to me at the time. As I understand it, they were not in the legal agreement between the Government and the mobile network operators, which only requires guaranteed voice and text to each operator by 2017 to 90% and full coverage to 85% by 2017.
I believe that the Minister may have been referring to the new emergency service contract, which is being delivered by EE. That is exactly the point I was making: that is only one operator. Furthermore, is it not the case that currently only 46% of premises have access to 4G from all mobile network operators and that there remains a substantial 7%, or 1.5 million homes nationwide, that do not have basic voice or text coverage across the three networks?
The roll-out of this vital infrastructure by EE for the benefit of emergency services is obviously welcome and the coverage figures for the UK landmass are impressive. However, that does not constitute universal coverage, as it will be only for the benefit of EE customers, unless some kind of agreement that we are not aware of has been reached. Clearly, although that means that data coverage is reaching all corners of the UK, there is no parity of provision across the mobile network operators and that near-universal coverage, which is so needed, is still far from a reality.
New clause 20, to which we will return later, seeks to do something about that. It would empower the Secretary of State to commission a strategic review of mobile network coverage and to consider measures to enable universal coverage for residences across all telecommunications providers. That would enable the Government to take a second look at ways, including national roaming, genuinely to extend coverage across 3G and 4G to all network providers, because, as the Minister said in Committee on Tuesday, it is no good having full coverage with one provider if the others are not covered.
That was an excellent introduction from the Opposition spokesperson, highlighting a lot of the issues. I will try not to repeat them.
What I will do, however, is start by welcoming these overdue changes to the electronic communications code. We absolutely need to make it much easier for infrastructure to be rolled out—not just for masts; this also applies to the likes of Virgin, which is very concerned about wayleaves and access and how it can roll out wire networks. We very much welcome anything that will help increase coverage across the whole of the UK, and in particular across Scotland.
Amendments 2 to 6 are all technical amendments, to enable Ofcom to register dynamic spectrum access service providers and to set out what Ofcom can do where there is a contravention of the restrictions or conditions of registration.
Amendment 2 agreed to.
Amendments made: 3, in clause 8, page 8, line 19, at end insert—
‘( ) The amount of any other penalty specified under this section is to be such amount, not exceeding 10% of the relevant amount of gross revenue, as OFCOM think—
(a) appropriate, and
(b) proportionate to the contravention in respect of which it is imposed.”
This amendment ensures that the penalty based on the relevant amount of gross revenue applies only where the daily default penalty specified under new section 53F(4) of the Wireless Telegraphy Act 2006 does not apply.
Amendment 4, in clause 8, page 9, line 21, leave out subsection (1).
This amendment is consequential on amendment 3.
Amendment 5, in clause 8, page 9, line 25, leave out “this section” and insert “section 53F”.
This amendment is consequential on amendments 3 and 4.
Amendment 6, in clause 8, page 12, line 21, after “penalty” insert “specified”.—(Matt Hancock.)
This amendment brings new section 53L(5) of the Wireless Telegraphy Act 2006 into line with new section 53F(5) of that Act.
Question proposed, That the clause stand part of the Bill.
As the Committee is aware, spectrum which covers the electromagnetic frequency range from 3 kHz to 3,000 GHz is a central ingredient of all forms of wireless technology. The Opposition agree that making better use of spectrum is obviously essential to facilitate the development of the UK’s digital communications infrastructure. This is a national asset and it is important that the Government are constantly reviewing the way in which we can make better use of spectrum, particularly white space, which are used parts of the allocated spectrum.
It is also clearly important for Ofcom to have the power to police—for want of a better word—spectrum and it is important that, for instance, mobile network operators are achieving the coverage set out in their licence. We therefore support the specification of financial penalties if coverage requirements are not satisfied.
However, we would like reassurance on two issues: first, that amendment 2 does not water down the penalties that Ofcom can impose. The explanatory notes are not entirely clear and at present it seems as if, rather than allowing Ofcom to impose a penalty if coverage requirements are not satisfied, it simply must have regard to a potential penalty. We would welcome clarity from the Minister on that point.
My second, wider point is that, in the aftermath of Britain’s exit from the European Union, it is important that we continue to maintain influence in the allocations and regulation of spectrum. As the Minister will know, at present the EU member states harmonise spectrum access conditions EU-wide to ensure an efficient use of radio spectrum. In cases where there are conflicts between different usages of spectrum, they establish policy priorities. This is especially important with new and emerging technology, where the EU will ensure that fair allocation and reallocation of frequencies is harmonised across the European Union. In the aftermath of our exit from the EU, we must continue to communicate effectively with our European partners, as a pan-European strategy will still be in our interest. Will the Minister ensure that he continues to work closely with those partners, particularly as our loss of influence is unlikely to be compensated by our involvement in international forums?
I am very grateful for the Opposition’s support of the reforms to the way that spectrum is allocated. Spectrum is a finite asset and it is incredibly important that our digital communications, and especially wireless communications, increase so that we make best use of it. It is very good to see cross-party recognition of the importance of that management and that Ofcom play an excellent role in adjudicating on this.
I shall take the hon. Lady’s second specific question on the EU first. Of course we will continue discussions with neighbours about allocations. Ultimately, there are many spectrum frequencies that are dealt with on a global basis—for instance, those that are used in aviation. It is therefore important that we have international discussions, both in the EU and around the rest of the world. I can assure the hon. Lady that those discussions and that collaboration will continue. Indeed, some of it is going on as we speak.
On the hon. Lady’s first point about watering down the penalties, the way in which this is structured does not require a penalty, in case there are reasons not to have one, but allows for penalties. I think that gives Ofcom the necessary wiggle room, should it need it.
Question put and agreed to.
Clause 8, as amended, accordingly ordered to stand part of the Bill.
Clause 9
Statement of strategic priorities
Question proposed, That the clause stand part of the Bill.
We are grateful for the Minister’s reassurances in response to our concerns about clause 8. However, given those concerns, we think it is important that the statement of strategic priorities is updated in the aftermath of Britain’s exit from the EU and that consultation should begin right away. The statement of strategic priorities becomes much less clear after Brexit, when the Government will be required to take on significantly more of the burden and have much greater regard for the international element of spectrum access, as we will not be able to rely on European policy.
Clearly, Brexit will significantly alter the policy priorities of the Government in the operation of spectrum. We know that Ofcom is an international thought leader in this area, which may aid the Government. However, we believe that the statement must be amended to avoid any confusion and that that should be done in full consultation with industry.
The hon. Lady is dead right that we have to ensure that the strategic priorities take into account our exit from the European Union. Of course, some parts of spectrum that have very short distances can be set domestically, not least because there is a physical boundary of a minimum 26 miles between the UK and any other country. There are longer frequencies that have a bigger range, where minimising interference is important. Some are used on a global basis, in which case global agreement is required.
The issue has to be taken into account, and we will take on board the hon. Lady’s suggestion about ensuring that we have a statement of Government priorities post-Brexit that is appropriate to the UK outside the EU needing to engage with the EU, as well as with the rest of the world, and that domestic priorities are set where possible.
I am pleased to hear that the Minister shares the view that the BBFC should be given a permissive regime to do some of the things it does well, rather than the Government specifying too much. With that assurance, I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
I beg to move amendment 85, in clause 15, page 18, line 20, leave out subsection (5)(a).
With this it will be convenient to discuss the following:
Amendment 87, in clause 15, page 18, line 25, leave out subsection 6.
New clause 7—On-demand programme services: requirement to prevent persons under the age of 18 accessing pornographic material with an 18 classification certificate—
“On-demand programme services: requirement to prevent persons under the age of 18 accessing pornographic material with an 18 classification certificate
Section 368E of the Communication Act 2003 (harmful material) is amended as follows—
(a) in subsection (5)—
(i) after subsection (a) insert—
“(aa) a video work in respect of which the video works authority has issued an 18 classification certificate, and that it is reasonable to assume from its nature was produced solely or principally for the purposes of sexual arousal,”;
(ii) after subsection (b) insert—
“(ba) material that was included in a video work to which paragraph (aa) applies, if it is reasonable to assume from the nature of the material—
(i) that it was produced solely or principally for the purposes of sexual arousal, and
(ii) that its inclusion was among the reasons why the certificate was an 18 certificate,
“(bb) any other material if it is reasonable to assume from its nature—
(i) that it was produced solely or principally for the purposes of sexual arousal, and
(ii) that any classification certificate issued for a video work including it would be an 18 certificate.”
(b) in subsection (7) after “section” insert—
““18 certificate” means a classification certificate which—
(a) contains, pursuant to section 7(2)(b) of the Video Recordings Act 1984, a statement that the video work is suitable for viewing only by persons who have attained the age of 18 and that no video recording containing that work is to be supplied to any person who has not attained that age, and
(b) does not contain the statement mentioned in section 7(2)(c) of that Act that no video recording containing the video work is to be supplied other than in a licensed sex shop;””
This new clause requires the extension of measures for UK-based video on-demand programming to protect children from 18 material as well as R18 material.
The amendments all explicitly include on-demand programme services in the age verification measures proposed by the Government. Given the rise in the use of mobile devices and tablets in the past decade, the case for appropriate online pornography enforcement has increased. We commend the Government’s intention in the proposals. I also put on the record our thanks and congratulations to the hon. Member for Devizes, who has campaigned on this issue for many years along with many other hon. Members, not least my hon. Friend the Member for Bristol West.
The ultimate goal is to seek parity of protection for children between the online and offline worlds, but how that is done in practice is fraught with issues. I hope that we can improve the proposals before us. Teens have an emerging right to independent communication with friends and family, and we recognise and respect that. We must not fall back on outdated means of protection such as blanket parental permissions. We need to empower and protect young people in ways that make sense to them and that they can and will use.
As the Committee knows, the effects of online pornography on unhealthy attitudes to sex and relationships are only just starting to be explored, but the research indicates a troubling trend. The NSPCC study of more than 1,000 young people aged 11 to 18 found that over half the sample had been exposed to online pornography, and nearly all of that group—94%—had seen it by age 14. Just over half the boys believed that the pornography that they had seen was realistic, and a number of girls said that they worried about how it would make boys see girls and the possible impact on attitudes to sex and relationships. One respondent said:
“Because you don’t get taught how to go on the internet and keep yourself safe, there are loads of tricks to get you to give away or to go on a bad website.”
Crucially, in research by Barnardo’s, four fifths of teenagers agreed that it was too easy for young people to see pornography online by accident.
Adult products and spaces, including gambling shops, sex shops and nightclubs, are restricted in the offline sphere. Contents such as film and television, advertising and pornography are all also limited, with penalties ranging from fines to custodial sentences available to discharged proprietors who do not comply. It is a transparent, accountable process overseen by regulators and licence operators such as Ofcom, the BBFC and the Gambling Commission to ensure that children are protected from age-inappropriate content and experiences.
Labour is happy to support the Government’s efforts to introduce age verification, but we must ensure that enforcement is strong enough. Our amendment speaks to that broad aim of the Opposition, which I know is supported by Government Back Benchers, given the other amendments tabled today. However, the measure cannot be seen as a silver bullet, which is why tacking this manifesto commitment on to a Digital Economy Bill is inadequate. First, slotting it into a Bill on the digital economy gives the impression, however unintentional, that the measure is designed to deal only with commercial providers of pornography, those who exploit data or benefit from advertising or subscription services—those who are, in short, part of the digital economy, rather than all providers of pornography online.
Although we are aware that most pornography providers operate on a commercial basis, many do not. Peer-to-peer networks and Usenet groups, however difficult to police, would presumably not be in the scope of the Bill. That is on top of pornography available through apps that are commercial enterprises, such as Twitter and Tumblr, or free webpages, such as WordPress, where the provision of pornography is incidental or provides no income to the overall business, or is not used for commercial purposes at all. Under clause 15 as it stands, it is by no means clear that all pornography available on the internet will be subject to age verification requirements.
Allow me to remind the Minister what the Conservative party manifesto said on the matter in 2015. It stated that
“we will stop children’s exposure to harmful sexualised content online, by requiring age verification for access to all sites containing pornographic material”.
There is no prevarication or equivocation there, and I commend the wording in the manifesto. Unfortunately, between that time and the legislation being drawing up, a rogue adjective has been added to the commitment, which seemed perfectly clear in the manifesto. One could easily argue that if a site such as Tumblr does not make pornography available on a commercial basis, then it is exempt, which would leave that manifesto commitment in some difficulty. Can we therefore have a commitment from the Minister that the regulator will be able to go after all sites containing pornographic material and not just those operating on a commercial basis, however broadly we may want to define “commercial”? The word seems at best unnecessary, and at worst a breach of the manifesto commitment.
Slotting age verification into the Bill gives Members nothing like the scope needed to tackle the effect of under-age viewing of pornography, which is surely the intention behind its implementation, because the measure is not enough to protect children. For a start, the regulator should also be responsible for ensuring that services undertake self-audits and collect mandatory reports in relation to child abuse images, online grooming and malicious communication involving children. To ensure that services are working to consistent principles and to best support the collection and utilisation of data, the regulator should also be responsible for developing a definition of child abuse.
We need to improve reporting online. Children and young people are ill served by the currently inadequate and unreliable reporting systems when they experience online abuse. Reporting groups need to be standardised, visible, responsive and act rapidly to address issues. Every reporting group must be designed in ways children say they can and will use. The NSPCC found that 26% of children and young people who used the report button saw no action whatever taken in response to their complaint; and of those who did get a response, 16% were dissatisfied with it. The Government should include independent mediation and monitoring of responses to complaints.
Clearly, we need compulsory sex education in our schools. Compulsory age-appropriate lessons about healthy relationships and sex are vital to keeping children safe on and offline. We know that children are exposed to pornography, sometimes in an extreme or violent form. Alongside regulation to limit access to these materials, building resilience and instilling an early understanding of healthy relationships can help to mitigate the impact of that exposure.
On that point, we are incredibly keen to ensure that legislation is as clear as possible and that any potential loopholes are closed. One such loophole is clause 15(5)(a), which for reasons that are unclear excludes on-demand programme services. Explicitly excluding any on-demand programme service available on the internet in the Bill—although we are aware that they are regulated by Ofcom—risks on-demand programme services being subject to a much looser age verification requirement than the Bill would enforce on other pornography providers. We do not believe that the legislation intends to create two standards of age verification requirements for online content, regardless of whether it is separately regulated. The amendment is intended to close that loophole.
I will speak to amendments 85 and 87. I raised a question with David Austin last week about the regulation of video on demand. He confirmed that the intention of the Bill as it stands is to maintain the regulation of UK video on demand with Ofcom under the Communications Act 2003. That seems totally reasonable to me because Ofcom has done a good job. I think the issue is that the framework only requires age verification for R18 material.
I am not trying to give everyone a lesson—by the way, this is why we are so grateful to the BBFC; it gives very clear definitions of the material—but R18 is effectively hardcore porn. It contains restricted scenes that we would all consider to be pornography. Since 2010, the 18-certificate guidelines permit the depiction of explicit sex in exceptional justifying circumstances, so it is perfectly feasible for children to view 18-rated content that we would all consider to be pornographic. I fully agree with the sentiment behind amendments 85 and 87 to provide a level playing field for all online media, but we must ensure that all R18 and 18 content accessed through video-on-demand services is included in the provisions. However, removing clauses 15(5)(a) and 16(6) would cause a fair amount of confusion, as video-on-demand services would be regulated by Ofcom for the majority of the time but for age verification matters would be regulated by the BBFC and Ofcom, which raises the question of who has precedence and how enforcement would work.
I have therefore tabled new clause 7, which would meet the same objective in a slightly different way by amending the current regulatory framework for video on demand to ensure that children are protected from 18-rated as well as R18-rated on-demand material. The relevant section of the Communications Act 2003, section 368E, was amended by the Audiovisual Media Services Regulations 2014 to specify that R18 material should be subject to age verification to protect children. It is not a big step to require 18-rated pornographic material, which is the subject of much of this part of the Bill, to be included within the scope of that section. That would effectively create a legal level playing field. It would remove the issue of parity and precedence and would give us parity on the fundamental issue of the protection of children.
I agree with much of what the hon. Member for Sheffield, Heeley said. Ofcom’s latest figures on children and the media show that 51% of 12 to 15-year-olds watched on-demand services in 2015. The viewing of paid for on-demand content has gone up and accounts for 20% of viewing time for young people aged 16 to 24. They can view content rated 18 or R18 that would be prohibited for some of them if they were to purchase it in the offline world. With new clause 7, I recommend that the Government should try to ensure parity between the online and offline worlds. This Bill is a brilliant way to ensure that there is parity in the way that pornographic content is accessed.
Louise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)(8 years, 1 month ago)
Public Bill CommitteesI am sure our powers of persuasion will extend that support in the future. The outbreak of support for our manifesto is welcome; this is an incredibly important area, and I am proud to lead the Front-Bench effort to deal with underage people’s access to adult material by introducing age verification. I want to respond in detail to the points made, because it is important we get this right.
Before I come to the specific amendments, I will deal with commercial providers. The measures in the Bill will apply equally to all commercial providers, whether their material is paid for directly or appears on free sites that operate on a different business model. “Commercial” has quite a broad meaning, as my hon. Friend the Member for Devizes said. If a provider makes money from a site in any way, whether or not it makes a profit, it can be caught by the legislation. That is the right distinction, because it targets those who make money and are indifferent to the harm their activities may cause to children.
If the hon. Lady will hold on, I want to explain this in full, rather than in part, before I give way. The age verification regulator must publish guidance on the circumstances in which it will regard a site or app as commercial. It will be for the regulator to judge whether a site is commercial, and there is no definition that states which website platforms are covered. Crucially, the regulator will also be able to take a view if specific social media and other types of sites are ancillary service providers—a person who appears to be facilitating or enabling the making available of pornographic material by non-compliant persons. I think that the capturing of others as ancillary service providers is an important part of making sure that we fully deliver our manifesto commitment, as I believe this Bill does.
We are aware that “commercial” is not limited to sites that require payment. It includes online advertising and other business models, as the Minister has said. However, it is unclear how the regulator will be able to enforce these measures given that the only enforcement available to them is notifying other payment service providers and ancillary services.
No doubt we will come on to enforcement. A number of clauses and amendments are on enforcement. The point is that other social media sites can be classified by the regulator as ancillary service providers for facilitating or enabling the making of available pornographic material. Our view is that enforcement through disrupting business models is more powerful because you are undermining the business model of the provider. However, I do not want to get too distracted, in an out of order way, into enforcement which is rightly dealt with in later clauses.
If the Bill is clearly designed to enable the regulator to focus on social media sites and other ancillary service providers, why was that term “on a commercial basis” included in these sections?
My hon. Friend has just given the final paragraph of my speech. With those assurances and the broad support from the BBFC and its enthusiasm to tackle the need for age verification in that way, I hope that the hon. Member for Sheffield, Heeley will withdraw the amendment.
Quite a lot of clarification is needed, and I hope it will come during the Bill’s passage. I do not think that the distinction between Ofcom and the BBFC is clear in this part of the Bill or in later clauses on enforcement. However, given that it states elsewhere in the Bill that the proposal is subject to further parliamentary scrutiny, and as the BBFC has not yet officially been given the regulator role—as far as I am aware—I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
I beg to move amendment 66, in clause 15, page 18, line 24, at end insert
“or an internet service provider.”.
This amendment and amendment 67 ensure that the requirement to implement age verification does not fall on ISPs but commercial sites or applications offering pornographic material; and defines internet service providers.
Because various other aspects of the Bill capture ISPs. My concern is that the Bill focuses on the commercial content providers where they are. The amendment is intended to probe the Government about how they are thinking about ISPs vis-à-vis commercial content providers in the drafting of the clause.
Our amendments are designed to enable the regulator to ask the internet service provider to block offending sites. This goes back to the point we made earlier on the differences between sites operated “on a commercial basis” and social media sites and ancillary sites. The proposals as they stand do not give the regulator sufficient powers to enforce the mechanisms proposed in the Bill.
Broadening the definition of “ancillary service provider” specifically to include internet service providers would require the regulator to notify them of non-compliant sites. That will put ISPs in the same bracket as payment service providers, which will be required to withdraw their services if other measures have been exhausted. In the case of ISPs, they would be required to block offending sites.
The amendments would create a simple backstop power where enforcement through the Government’s proposals had not achieved its intended objective and commercial providers had not withdrawn their services, either because the fine does not act as a deterrent or because, due to their international status, they do not need to comply. If pornography providers continued to provide content without age verification restrictions, the regulator would then have the power to require ISPs to take down the content.
We believe that, without amendment, the proposals will not achieve the Bill’s aim, as non-compliant pornographers would not be absolutely assured of payment services being blocked. First, the proposals do not send anywhere near a strong enough signal to the porn industry that the Government are serious about the proposals and their enforcement. Giving the regulator the power but not the stick suggests that we are not all that bothered about whether sites comply. Secondly, we can have no reassurance that sites will be shut down within any kind of timeframe if there is non-compliance. As drafted in the explanatory notes, “on an ongoing basis” could mean yearly, biannually or monthly, but it makes a mockery of the proposals if sites could be non-compliant for two years or more before payment services may or may not act. That does not provide much of an incentive to the industry to act.
Throughout the evidence sessions we heard that there are significant difficulties with the workability of this entire part of the Bill. For instance, many sites will hide their contact details, and a substantial number will simply not respond to financial penalties. Indeed, an ability already exists in law for ISPs to be compelled to block images that portray, for example, child sex abuse. There is also an ability to block in the case of copyright infringement. It therefore seems eminently reasonable that in the event of non-compliance, the regulator has a clear backstop power. We believe that even just legislating for such a power will help speed up enforcement. If providers know that they cannot simply circumvent the law by refusing to comply with notices, they will comply more efficiently. That will surely help the age verifier to pass the real-world test, which is integral to the Bill’s objectives.
That is exactly what I am saying. On that basis, with the Government’s position having been put clearly on the record, I hope that my hon. Friend will not press new clause 8 to a vote.
New clause 11 would empower the Secretary of State to introduce regulations in relation to backstop blocking injunctions. We have looked carefully at the option of blocking by ISPs and have talked to a lot of stakeholders about it. We take the problem seriously, and we think our measures will make a real difference. We are yet to be persuaded that blocking infringing sites would be proportionate, because it would not be consistent with how other harmful or illegal content is dealt with. There is also a question of practicality: porn companies would be able to circumvent blocking relatively quickly by changing URLs, and there is an additional risk that a significant number of sites that contain legal content would be blocked. We would need to be convinced that the benefits of ISP blocking would not be outweighed by the risks.
I am a little confused about how the Minister envisages the provisions being enforced against the free sites we discussed in the previous group of amendments without that additional power, which indeed has been requested by the regulator that the Government have designated.
As the regulator said, the proposals here mark a huge step forward in tackling the problem. We have to make a balanced judgment: there is a balance to be struck between the extra powers to block and the need to ensure that they are proportionate. The powers are not a silver bullet; sites that were actively trying to avoid the Bill’s other enforcement measures would also be able to actively avoid these measures. It is questionable how much additional enforcement power they would bring, given those downsides.
Children’s charities and the regulator have asked for action to solve the problem of needing age verification. That is what the Bill delivers. The question of how to enforce that is incredibly important; there are different considerations to be made, and I think the Bill has ended up with the correct balance.
The BBFC witness explicitly said last week that
“we suggested, in our submission of evidence to the consultation back in the spring, that ISP blocking ought to be part of the regulator’s arsenal.”––[Official Report, Digital Economy Public Bill Committee, 11 October 2016; c. 41, Q91.]
The BBFC says that notification of payment providers or ancillary services providers and fines may not be sufficient. I appreciate that porn sites might well use different URLs to evade it, but why has the Minister explicitly removed ISP blocking as a further backstop power? We are not talking about blocking too many sites; we have been very clear that it is intended as a backstop power when other measures fail.
David Austin of the BBFC said:
“We see this Bill as a significant step forward in terms of child protection.”––[Official Report, Digital Economy Public Bill Committee, 11 October 2016; c. 42, Q94.]
We think, on balance, that the regulator will have enough powers—for example, through the provisions on ancillary service providers—to take effective action against non-compliant sites. For that reason, I think this is the appropriate balance and I ask my hon. Friend the Member for Devizes to withdraw her amendment.
I thank the Minister for that intervention. We will return to this subject in a series of amendments around clause 20. I want to thank the Minister for clarifying some of the murkiness around definitions in the Bill. I want to ask him and his team, though, to consider what his colleague had said, which goes back to the net neutrality point.
I accept what the Minister says about the spirit being absolutely clear, that our current filtering regime will not be captured, but Baroness Shields did say that we needed to legislate to make our filters regime legal. I did not hear from the Minister that that legislation is something that the Department is preparing or planning to introduce.
We very much share the hon. Lady’s concerns that the legislation has explicitly excluded the ability of internet service providers to block. We simply cannot understand why the Government have ruled out that final backstop power. We appreciate it is not perfect but it would give the regulator that final power. We will return to new clause 11 at the end of the Bill and be pushing it to a vote when we come to it.
I thank the hon. Lady for making her intentions clear. I am prepared to withdraw or not push my new clause to a vote on the basis of what the Minister said, but I would love to get his assurances—perhaps he will write to me—to be crystal clear on the fact that he believes the Government do not have to legislate in order to push back on the net neutrality regime.
Given the Brexit vote, I would be inclined to accept a letter from the Minister suggesting that we will absolutely resist any attempt to make EU net neutrality apply to what is a very fine, though not perfect, voluntary regime. On that basis, I accept the Minister’s assurances that that is what he intends to do. I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
Clause 15 ordered to stand part of the Bill.
Clause 16 ordered to stand part of the Bill.
Clause 17
The age-verification regulator: designation and funding
Question proposed, That the clause stand part of the Bill.
In this and related clauses, we seek to strengthen the proposals that the Government have put forward. We have said that the regulation needs to be beefed up to require internet service providers to be notified about non-compliance. We would like to see an injunction power to take down any content which a court is satisfied is in breach of the age-verification legislation, as soon as possible, at the start of the four-tier regulation process the Government have identified in their amendments and letters published to the Committee last week.
That would require a regulator with sufficient enforcement expertise and the ability to apply that injunction and push enforcement at an early stage. As we are aware, however, the BBFC heads of agreement with the Government do not cover enforcement. Indeed, they made perfectly clear that they would not be prepared to enforce the legislation in clauses 20 and 21 as they stand, which is part 4 of that enforcement process, giving the power to issue fines. The BBFC is going to conduct phases 1, 2 and 3 of the notification requirements, presumably before handing over to a regulator with sufficient enforcement expertise, but that has not been made clear so far.
While we welcome the role of the BBFC and the expertise it clearly brings on classification, we question whether it is unnecessarily convoluted to require a separate regulator to take any enforcement action, which will effectively have been begun by the BBFC and which so far has not been mentioned in the legislation. This goes back to the point my hon. Friend the Member for Cardiff West made earlier about the two separate regimes for on-demand programme services.
As I understand it, although it is not clear, the BBFC will be taking on stage 3 of the regulation, meaning it will be involved in the first stage of enforcement—in notification. That is fine, but it will then have to hand over the second stage of enforcement to another regulator—presumably Ofcom. The enforcement process is already incredibly weak and this two-tiered approach involving two separate regulators risks further delays in enforcement against non-compliant providers who are to protect or take down material that is in breach of the law. In evidence to the Committee, the BBFC said:
“Our role is focused much more on notification. We think we can use the notification process and get some quite significant results.”—[Official Report, Digital Economy Public Bill Committee, 11 October 2016; c. 41, Q83.]
We do not doubt it, but confusion will arise when the BFFC identifies a clearly non-compliant site that is brazenly flouting the law, and it does not have power to enforce quickly but will have to hand it over.
We would also like to hear when the Government are planning to announce the regulator for the second stage and how they intend to work with the BBFC. As far as I can see, this will require further amendments to the Bill. If it is Ofcom, it would have been helpful to have heard its views on what further enforcement powers it would like to see in the Bill, rather than being asked to fill in after the Bill has passed through Parliament. There is a clear danger that the enforcement regulator could be asked to take over enforcement of age verification, which it thinks requires more teeth to be effective.
We therefore have very serious concerns about the process by which clause 17 will be have effect. Although we will not vote against the clause, we want to make it very clear that we would have preferred to have seen an official announcement about who will carry out the enforcement provisions in the Bill before being asked to vote on it.
The debate on clause stand part is about the set-up of the regulatory structure and making sure that we get designation and funding right. It is our intention that the new regulatory powers and the new regulator or co-regulators will deliver on this. As the hon. Lady says, the BBFC has signed up to be designated as the age verification regulator responding for identifying and notifying. This will enable the payment providers and other ancillary services to start to withdraw services to sites that do not comply as soon as possible.
In what kind of timeframe does the Minister envisage the payment service providers acting from notification from the BBFC?
We intend formally to designate the BBFC as regulator in autumn 2017 and expect to be in a position to commence the provisions requiring age verification within 12 months of Royal Assent.
That was not quite my question. How long does the Minister anticipate that ancillary service providers or payment service providers will take to act on receiving notification from the BBFC that a site is non-compliant?
I would expect that to happen immediately. The question of the designation of the backstop enforcement regulator does not stop or preclude the BBFC from getting going on this. As we have heard, it is already working to put in place its own internal systems. As I have just said to the Committee, we have a new commitment that we expect to commence the provisions in terms of getting the system up and running within 12 months of Royal Assent; after that, if the BBFC has designated that there is a problem, I would expect action to be immediate, because I expect the BBFC to ensure through good relations that systems are in place.
I see enforcement very much as a back-up to good behaviour. As we have seen with the taking down of child pornography and material related to terrorism, many providers and platforms respond rapidly when such material is identified. It will be far better if the system works without having to resort to enforcement. We will set out in due course who is best placed to be the regulator for enforcement, but the system is new, and the approach provides the level of flexibility that we need to get it right. I have every confidence in the BBFC’s ability and enthusiasm to deliver on these aims, so I commend the clause to the Committee.
Question put and agreed to.
Clause 17 accordingly ordered to stand part of the Bill.
Clauses 18 and 19 ordered to stand part of the Bill.
Clause 20
Enforcement of sections 15 and 19
This is a series of consequential and investigatory amendments intended to probe the Minister’s thinking about what the regulator can actually do. At the moment, enforcement operates through a series of financial penalties, which we can discuss further when we debate clause 21, or of enforcement notices. We heard clearly last week from David Austin that the challenge is that almost none of the content-producing sites that we are discussing are based in the UK; in fact, I think he said that all the top 50 sites that the regulator will rightly target are based overseas.
The challenge is how the Government intend to carry out enforcement. I know that the BBFC’s current enforcement role is not carried out through its own designated powers; it is carried out through various other agencies, and the Bill makes further provision for financial penalties. I tabled the amendments to press the Minister on the point that it would be clearer to specify that where a site, or the company that owns a site, is based in the UK, a financial penalty can and will be applied.
For overseas sites, enforcing a financial penalty, if one can even get to grips with what the financial accounts look like, may be difficult, hence the enforcement notice and then a series of other potential backstop actions; I know that the Minister is aware that I do not feel that we have exhausted the debate on blocking. I am trying to probe the Government on whether there is a way to use the Bill to reflect the reality that content providers are unlikely to be based primarily in the UK, and that perhaps a different approach is needed for those based offshore.
We completely support the hon. Lady’s amendments, which propose a sensible toughening up of the requirements of the age verification regulator. We particularly welcome the measures to require the regulator to issue enforcement notices to people outside the UK if they do not comply. That is an attempt to close a large hole in the current proposals. How will the BBFC tackle providers outside the UK?
At the evidence session last week, David Austin said that
“you are quite right that there will still be gaps in the regime, I imagine, after we have been through the notification process, no matter how much we can achieve that way, so the power to fine is essentially the only real power the regulator will have, whoever the regulator is for stage 4”;
we are not yet certain.
He continued:
“For UK-based websites and apps, that is fine, but it would be extremely challenging for”
the BBFC, Ofcom or whoever the regulator is for stage 4
“to pursue foreign-based websites or apps through a foreign jurisdiction to uphold a UK law. So we suggested, in our submission of evidence to the consultation back in the spring, that ISP blocking ought to be part of the regulator’s arsenal.”––[Official Report, Digital Economy Public Bill Committee, 11 October 2016; c. 41, Q91.]
That is precisely why we will return to the amendment on ISP blocking, because if we are to pursue foreign-based providers, the ability to block will be integral to that strategy.
My hon. Friend is making a series of excellent points which I hope the Minister can answer. We keep discovering that there are gaps, inconsistencies and potential confusion in the Bill. She has referred to the witnesses who gave evidence last week. Does she agree that it is really important that we focus carefully on the gaps that children’s charities such as the NSPCC have identified?
Obviously, I completely agree with my hon. Friend. We appreciate that the Government have consulted extensively with partners and representatives of all the relevant stakeholders, but it is not clear to us why they have not allowed ISPs that ultimate backstop power to block. For that reason, and to meet the objective of tackling providers outside the UK, we support amendments tabled by the hon. Lady the Member for Devizes.
I rise to support the amendments. It will not surprise the Committee to learn that I seek clarity about the impact on Scots law. It comes back to the same point: a lot of the issues that are being wrestled with in this place apply in a different legal jurisdiction. Perhaps the Minister could address that.
I should like to add to the comments made by hon. Friends. My concern is that if there are too many gaps and loopholes in the legislation, that may, perversely, put greater pressures on the enforcement authorities, because they will have to seek out so many different mouse-holes down which some of the content providers may run and disappear. I am slightly concerned and ask the Minister to consider the danger of an unintended consequence, because if it is not possible to stamp out content immediately, vital resources and focus will be diverted.
Does my hon. Friend also agree that with too many loopholes in the legislation, the more responsible providers of content will include age verification measures but users who want to avoid those tools will be pushed on to perhaps more extreme or violent pornography and perhaps even in to the deep web?
Yes. I raised this with the gentleman from the British Board of Film Classification, I believe, and I questioned his assertion about the top 50 websites. He said that the process would not stop there but proceed to the next 50, but if those 50 content providers are constantly moving all over the place, it will be rather like a game of whack-a-mole. Unless we have a sufficiently large mallet to give the mole a whack early on—[Interruption.] This is a serious business, and if I am sounding a bit jocular, that is not meant to take away from the serious issue. If we do not have the tools to address those who are deliberately not complying, and those who do not wish to comply with the regulations that we are putting in place to protect our children, I fear that we will be chasing after them too much.
My hon. Friend the Member for Sheffield, Heeley is right that there will also be the danger that investigative authorities use too many of their resources to go after this, when there are other things they need to go after as well. We need to put the tools at the disposal of the investigative and enforcement authorities, to give them the opportunity to make as clean an attack as possible on the providers that are not complying with the desire of this House.
I thank the Minister for that clarification and for the mention of support. The intention was to help to provide a practical solution rather than cut off aims. He has persuaded me that I do not need to press the amendment to a vote. Although I take the point about shared regulation, I would ask him to consider in setting up the BBFC as the primary regulator that it is working reasonably well in the video-on-demand world, but this may be having them stray into a new sphere of expertise in terms of finding, identifying and sending out enforcement notices or penalties, particularly for foreign-based companies. I think the whack-a-mole analogy is entirely consistent—they will shut their doors and reopen in another jurisdiction almost overnight. Given the anonymity principles, it is sometimes almost impossible to know where they actually are. If the Minister is assuring us that everyone is aware of the problem, he believes the powers allow the regulator to be flexible, and it is something that his Department will consider, I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
I beg to move amendment 86, in clause 20, page 21, line 40, leave out paragraph (b) and insert—
“(b) “during the initial determination period fix the date for ending the contravention of section 15(1) as the initial enforcement date.”.
With this it will be convenient to discuss the following:
Amendment 88, in clause 20, page 21, line 40, at end insert—
“(c) after the initial determination period fix a period of one week for ending the contravention of section 15(1)”.
Amendment 89, in clause 20, page 22, line 13, at end insert—
‘(14) In this section, “initial determination period” means a period of 12 months from the date of the passing of this Act to the initial enforcement date.”.
This group of amendments goes even further—they have the straightforward intention of continuing the process of strengthening the powers and, crucially, of speeding up the enforcement period, to help the Government achieve their manifesto commitment. The Bill would give the regulator the power to set a lengthy, if not indefinite, period for ending the contravention of section 15. The amendment would speed up the enforcement, requiring the regulator to issue an enforcement period of one week. Given that we do not anticipate that the BBFC will be the official regulator or have these powers for another 12 months on Royal Assent, we do not anticipate that a one-week enforcement period would be too onerous on content providers.
The group should be seen in tandem with our other amendments providing a backstop power requiring ISPs to block a site, and would send a clear message to content providers that the Government would treat any contravention of section 15 with the utmost seriousness and that continuing to provide content without age verification for a prolonged period of time would not be tolerated. We believe that, if the enforcement powers under clauses 20 and 21 are toughened up, the message will spread throughout the industry and it will make it clear that age verification is not an optional extra, but a central requirement in the effort to tackle what under-18s can see.
I am sympathetic to the purpose of this group of amendments. We think that decisions on when and how to enforce should be left to the regulator, but I see the point of trying to put a week into the Bill. However, it is overly prescriptive to do so in primary legislation. Our aim is for a proportionate regime, where the regulator can prioritise and deal with problems in a way that is aligned with its goals of protection, rather than having to fulfil legal requirements that might lead to unintended consequences.
Can the Minister give us any example where a one-week enforcement period would not be doable?
No, but I cannot—and she cannot—foresee all the circumstances that the regulator will have to deal with. It is far better to have a regulator with flexibility to respond and clear aims and intentions, rather than it having to fulfil an arbitrary timescale because that is in primary legislation.
Can the Minister confirm whether the legislation enables the regulator to set a time limit for enforcement?
Yes, it will allow the regulator that flexibility. I would rather have that flexibility at the level of the regulator than in primary legislation. I think that is a reasonable approach. The regulator will then be able to act in the way that it is clear from this debate is intended. I hope that on that basis, the amendment may be withdrawn.
It is useful to have on the record the Minister’s agreement that one week is a suitable enforcement period. On that basis, I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
No comment. Had we made more progress, amendment 62 might not have been necessary, but as I feared, we have not. I am confident that we all agree on the merit of the intent of this part of the Bill. We all want to protect young children from accessing inappropriate pornographic material. I do not want any of my children doing so, and I know how much they use electronic devices. My youngest, Robert, is only seven, and he is phenomenally tech savvy. It would not be that difficult in this world to stray, even with some of the blocking systems that are in place.
A lot of the problems that we have here are to do with international sites. I am dismayed at the Government’s unwillingness to move and not even so much as listen to Opposition Members, the regulator or charities, who all insist that ISP blocking is the kind of extra measure that we should put in place. Given that broader context and the Minister’s conviction, which I believe is sincere, that he has a package of measures that will work, in light of our concerns and those of many others, a review should be put in place. I know that in the past the answer to anything involving a review has been, “That’s what the Select Committee process is for; they will have a review,” but we should not leave something as important as protecting young children to a Select Committee. The Government should take responsibility rather than abdicate it to a Select Committee. The Government should put ISP blocking in the Bill, show that they treat the issue seriously and have a review to ensure that we get the outcome that we all want: a safer environment for our children on the internet.
Given that the Government have been so intransigent on the sensible suggestions for how their proposals could be strengthened, certainly on the issue of internet service provider blocking, I completely agree with the hon. Gentleman. The Minister keeps saying that he does not want to be too prescriptive, but we argue that the phrase “on a commercial basis” is too prescriptive and limits the powers of the age-verification regulator. Given the broad support for additional powers, we want the age-verification regulator and any other regulator involved in enforcement to come back to the House and tell us what additional powers they need to make this work. There are significant loopholes in the Bill and it could have serious unintended consequences for our young people. We completely support the SNP amendment.
I entirely understand the enthusiasm for commencement, and I have given the commitment that we would expect it within 12 months of Royal Assent. I hope that that deals with the demand for a timing of commencement to be put on the face of the Bill. Unfortunately, that renders the SNP amendment slightly impractical, because it would require a review within 12 months of Royal Assent, but if the Act commences only 12 months after Royal Assent, a review at that point might not show as much progress as we would hope.
I will not test the Committee’s patience further by going over arguments that we have already had, but there is one further area of clause 20 that we wish to touch on—the lack of an appeals process in the legislation. The Minister may expect the regulator to build that appeals process in: it would be helpful to have some clarity from him on that.
As I understand it, the BBFC will use analytics to identify sites that should have age verification. Analytics are not foolproof, so obviously an appeals mechanism will be needed for websites incorrectly prevented from operating. Previous such systems have wrongly filtered out websites such as breast cancer charities or forums for gay and transgender people. That is incredibly important: let us put ourselves in the shoes of a young gay man or woman, growing up in a religious household perhaps, who does not know where to turn to ask the questions that would plague any teenager coming to terms with their sexuality and who seeks refuge and solace in internet forums with other people going through the same issues. As risky as the internet can be, it can also be an incredibly empowering, transformative space that can literally save lives in such situations. Such lifelines must absolutely not be filtered out by ASPs or made subject to age verification; the Bill should include a mechanism that allows for correction when they have been mistakenly identified.
We also need clarification on who will develop the analytics, the data they will be based on and whether it will be done in consultation with the tech industry. We can only assume that this is an oversight that will be corrected when working out how the regulator is to proceed.
The hon. Lady raises an important point about access to information about sex education, sexuality, abortion and all sorts of things that are incredibly valuable. She is right to draw attention to safe forums. I reassure her that many of the same issues came up with respect to the question of voluntary filtering and, despite what some of those giving evidence said, the incidence of false blocking of such valuable sites is incredibly low. The BBFC as regulator is really good: it is not in the business of defining based on imagery, and it has fairly detailed algorithms. I share her concern, but I want to offer some comfort.
I am grateful. I heard the BBFC or the Open Rights Group say that the incidence was very low, but it would do no harm to build an appeals process into the legislation to ensure that where sites that should not be blocked or require age verification have fallen through the cracks, that can be resolved at the behest of the regulator.
The hon. Lady is absolutely correct that there needs to be an appeals process. That process is provided for in clause 17(4):
“The Secretary of State must not make a designation under this section unless satisfied that arrangements will be maintained by the age-verification regulator for appeals”.
I agree with everything else she said. It is worth remarking on the recent announcement that gay and bisexual men will now be pardoned over abolished sexual offences—that is not in the Bill, so that remark was completely out of order, but I still think it was worth making. Appeals are important; I hope she is satisfied that they are provided for.
Question put and agreed to.
Clause 20 accordingly ordered to stand part of the Bill.
Clause 21 ordered to stand part of the Bill.
Clause 22
Age-verification regulator’s power to give notice of contravention to payment service providers and ancillary service providers
I rise to speak to new clause 18, which stands in my name and that of my hon. Friend the Member for Cardiff West. I also support the amendments tabled by the hon. Member for Devizes. The Government’s proposals really do rely on an awful amount of good will among all the stakeholders involved in the legislation. It makes sense to create a backstop power for the regulator to require payment services to act should they not do so in the first instance.
New clause 18 comes from a slightly different perspective. It would oblige the age-verification regulator to ensure that all age verification providers—the companies that put the tools on websites to ensure compliance—are approved by the regulator; to perform a data protection impact assessment that they make publicly available; and to perform an array of other duties as well.
The new clause is designed to address some of the concerns about the practicality of age-verification checks, ensuring that only minimal data are required, and kept secure; that individuals’ privacies and liberties are protected; and that there is absolutely no possibility of data being commercialised by pornographer. We raise the latter as a potential risk because the proposals were drafted with the input of the pornography industry. That is understandable, but the industry would have a significant amount to gain from obtaining personal data from customers that might not currently be collected.
As we said earlier, we have full confidence in the BBFC as regulator, but, as with the proposals in part 5 of the Bill, it is vital that some basic principles—although certainly not the minutiae—are put on the face of the Bill. We are certainly not asking anything that is unreasonable of the regulator or the age-verification providers. The principles of privacy, anonymity and proportionality should all underpin the age-verification tool, but as far as I am aware they have not featured in any draft guidance, codes of practice, or documents accompanying the Bill.
The Information Commissioner agrees. The Information Commissioner’s Office’s response to the Department for Culture, Media and Sport’s consultation on age verification for pornography raised the concern
“that any solution implemented must be compliant with the requirements of the DPA and PECR”—
the Data Protection Act 1998, and the Privacy and Electronic Communications (EC Directive) Regulations 2003 that sit alongside it. It continues:
“The concept of ‘privacy by design’ would seem particularly relevant in the context of age verification—that is, designing a system that appropriately respects individuals’ privacy whilst achieving the stated aim… In practical terms, this would mean only collecting and recording the minimum data required in the circumstances, having assessed what that minimum was. It would also mean ensuring that the purposes for which any data is used are carefully and restrictively defined, and that any activities keep to those restricted purposes…In the context of preventing children from accessing online commercial pornography, there is a clear attribute which needs to be proven in each case—that is, whether an individual’s age is above the required threshold. Any solution considered needs to be focussed on proving the existence or absence of that attribute, to the exclusion of other more detailed information (such as actual date of birth).”
The Commissioner made it clear that she would have
“significant concerns about any method of age verification that requires the collection and retention of documents such as a copy of passports, driving licences or other documents (of those above the age threshold) which are vulnerable to misuse and/or attractive to disreputable third parties. The collection and retention of such information multiplies the information risk for those individuals, whether the data is stored in one central database or in a number of smaller databases operated by different organisations in the sector.”
I understand that the Adult Provider Network exhibited some of the potential tools that could be used to fulfil that requirement. From the summary I read of that event, none of them seem particularly satisfactory. My favourite was put forward by a provider called Yoti, and the summary I read describes the process for using it as follows:
“install the Yoti App…use the app to take a selfie to determine that you are a human being…use the app to take a picture of Government ID documents”—
passport or driving licence, I imagine—
“the app sends both documents to Yoti…Yoti (the third party) now send both pictures to a fourth party; it was unclear whether personal data (e.g. passport details) is stripped before sending to the fourth party…Fourth party tells Yoti if the images (selfie, govt ID) match…Yoti caches various personal data about user”
to confirm that they are over 18. The user can then visit the porn site—whatever porn site they would like to visit at that time—and then the
“porn site posts a QR-like code on screen…user loads Yoti app…user has to take selfie (again) to prove that it is (still) them…not a kid using the phone…user scans the on-screen QR-code, is told: ‘this site wants to know if you are >18yo, do you approve?’…User accepts…Yoti app backchannel informs porn site…that user >18yo”
and then the user can see the pornography.
I do not know whether any Committee members watch online pornography; I gather that the figure is more than 50% of the general population, and I am not convinced that hon. Members are more abstinent than that. I ask Members to consider whether they would like to go through a process as absurd as the one suggested.
The hon. Lady has got ahead of the potential Daily Mail headline when the freedom of information request comes in for her Google search history.
I am not convinced that anybody would want to go through a process as the one I have just described, or even one significantly less convoluted. I suggest that instead they would seek entertainment on a site that did not impose such hurdles. The BBFC in its evidence made the telling point that the majority of the viewing population get their content from the top 50 sites, so it is very easy to target those—we see that entrenched in clause 23. The problem with that, as my hon. Friend the Member for City of Chester pointed out, is that targeting those sites may push viewers to the next 50 sites, and so on. We therefore need to ensure that the process is as straightforward and as minimal as possible.
My concern about users being pushed to the next 50 sites is that those sites are much less regulated, and I hazard a guess that they are much more likely to be at the extreme end of the spectrum.
That is exactly my concern. I imagine that the top 50 providers are not as hardcore, are less extreme and may not include such violent images; as we move on to the next 50 or the 50, there is a danger of images becoming more extreme.
The solution must not result in the wholesale tracking or monitoring of individuals’ lawful online activities or the collection of data with a view to unlawful profiling of individuals. I am not convinced that the BBFC is properly resourced to undertake the significant additional workload, nor am I convinced that the practicalities of the software that have so far been exhibited, or their implications, have been properly worked out.
My hon. Friend is generous in giving way. She is absolutely right about resourcing. I am no technical expert, but does she agree that such a database may be a prime target for hackers unless it is properly resourced and defended?
That is absolutely right, and I will come to that point. We heard evidence from the BFFC that it intended potentially to use age-verified mobile telephony to ensure that sites are properly age verified, but I am afraid that that approach is also flawed. First, there is the obvious issue that there is nothing to stop an underage child using the information attached to that phone—be it the phone number or the owner’s name—to log on and falsely verify. Equally, there are enormous privacy issues with the use of mobile-verified software to log on.
The BBFC said clearly that it was interested not in identity but merely in the age of the individual attempting to access online pornography, but as we all know, our smartphones contain a wealth of information that can essentially be used to create a virtual clone. They are loaded with our internet conversations, financial data, health records, and in many cases the location of our children. There is a record of calls made and received, text messages, photos, contact lists, calendar entries and internet browsing history—the hon. Member for Devizes may want to take note of that—and they allow access to email accounts, banking institutions and websites such as Amazon, Facebook, Twitter and Netflix. Many people instruct their phones to remember passwords for those apps so they can quickly be opened, which means that they are available to anyone who gets into the phone.
All that information is incredibly valuable—it has been said that data are the new oil—and I imagine that most people would not want it to be obtained, stored, sold or commercialised by online pornography sites. The risks of creating databases that potentially contain people’s names, locations, credit card details—you name it—alongside their pornographic preferences should be quite clear to anyone in the room and at the forefront of people’s minds given the recent Ashley Madison hack. I am not condoning anyone using that website to look for extramarital affairs, nor am I privileging the preferences or privacy of people who wish to view online pornography over the clearly vastly more important issue of child protection. However, one consequence of that hack was the suicide of at least three individuals, and we should proceed with extreme caution before creating any process that would result in the storing of data that could be leaked, hacked or commercialised and would otherwise be completely private and legitimate.
That is the reasoning behind our reasonable and straightforward amendment, which would place a series of duties on the age-verification regulator to ensure that adequate privacy safeguards were provided, any data obtained or stored were not for commercial use, and security was given due consideration. The unintended consequences of the Government’s proposals will not end merely at the blocking of preferences, privacy or security issues, but will include pushing users on to illegal or at the very least non-compliant sites. We are walking a thin tightrope between making age verification so light-touch as to be too easily bypassed by increasingly tech-savvy under-18s and making it far too complicated and intrusive and therefore pushing viewers on to either sites that do not use age verification but still offer legitimate content or completely illegal sites that stray into much more damaging realms. These provisions clearly require a lot more consultation with the industry, and I am confident that the BBFC will do just that, but the Opposition would feel a lot more confident and assured if the regulator was required to adhere to these basic principles, which we should all hold dear: privacy, proportionality and safety.
The hon. Lady rightly gets to the great concern that somehow, in doing something good, an awful lot of concern can be created, and I am sympathetic to her points. I remind her that it is not as if these sites do not know who is visiting them anyway. One of the great conundrums on the internet is that every single keystroke we take is tracked and registered. Indeed, that is why shopping follows us around the internet after we have clicked on a particular site. Unless people are very clever with their private browsing history, the same is the case for commercial providers.
I absolutely support the Government’s intention here. We just want to ensure it is done in the right way and balances both sides of the argument. I think it is absolutely right that internet service providers are offering this filter, but does the hon. Lady share my concern that very few families take it up and very many families turn it off?
There are Ofcom data. One of the requirements we asked for was for Ofcom to monitor. Take-up improved, and, as I said, some internet service providers now have an automatic “on” system, whereby a person has to intervene to take the filters off. I am told that only about 30% of families choose to do so. Here is the savvy thing: we all know that people live in households with multiple ages and multiple requirements on the internet, so many ISPs now offer a service that enables people to disable the filters for a period and automatically reinstate them the following day. They do not have to do anything if they want the filters to be in place, but they might want to access over-18 content as an adult.
I want to discuss some of the other issues that have come up in this conversation, in the process of finally speaking about these amendments. Is it in order to do so, Mr Stringer?
That is a very reassuring reply and I thank the Minister for it. We have had a very good debate. I know that his officials will be listening and thinking hard about what has been said, and I do not think it would serve the Committee any purpose to press my amendments or my new clause to a vote.
I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
Question proposed, That the clause stand part of the Bill.
It was interesting to hear the Minister refer to financial regulations. I was not present on Second Reading because I was not then in the position that I occupy now, but having read that debate I do not believe that there was any such reference. So we would like some clarity on who will be the regulator of the payment service providers and what work has already been done with the Financial Conduct Authority—I assume it will be with the FCA in this circumstance—to ensure that it will be regulating those providers, to make sure that they act with speed and due diligence on receiving notification from the age verification regulator under clause 15.
It is disappointing that the Government do not consider new clause 18 necessary to amend the Bill. I appreciate that the BBFC has been given powers to establish a code of practice, but given the very serious consequences that could result from that not being done correctly, some basic principles need to be embedded into the process, based on the issues that I raised earlier in our discussion.
I will just add that we will return to this issue on Report.
We have been engaging directly with payment service providers, although—no doubt as and when necessary—engagement with financial authorities will be made. Payment service providers can withdraw services from illegal activity under their existing terms and conditions, so the provision is already there for the measures to take effect.
Question put and agreed to.
Clause 22 accordingly ordered to stand part of the Bill.
Clause 23
Exercise of functions by the age-verification regulator
I promise this will be the last time I speak today. I am afraid I have had a slight change of heart. I tabled this amendment around many points that have been raised today on the difficulty of focusing the BBFC’s efforts on the fact that much of this traffic is not simply going to the larger websites. As we have heard, many other free sites are providing information. However, in reading my amendment, I have decided that it is almost a vote of no confidence in the BBFC’s ability to be flexible and I would therefore like to withdraw it.
New clause 12 would give the power to the age verification regulator to introduce another code of practice—the Opposition are very fond of them—for internet content providers. [Interruption.] And reviews, we are very fond of reviews.
We have made it clear throughout that we want enforcement to be as tough as possible and for all loopholes to be closed, but we also want to ensure that children are as safe in the online world as they are offline. There absolutely needs to be that parity of protection. That is one reason why we are disappointed, as I mentioned, that these measures came forward in a Digital Economy Bill, where it was incredibly difficult to look at the issues of child protection online in a thoroughly comprehensive way.
The new clause proposes that the regulator should work with industry to create a statutory code of practice, based on BBFC guidelines for rating films and the principles of the ICT Coalition for Children Online. The code would establish a set of minimum standards that would apply consistently to social networks, internet service providers, mobile telecommunication companies and other communication providers that provide the space and content where children interact online.
This is not intended to be an aggressive, regulatory process. We envisage that it will be the beginning of a much broader debate and conversation between regulators and content providers about just how we keep our children safe on the web. This debate will encompass not only ideas such as panic buttons, but education about the online world, which must run in parallel for any process to be effective.
A statutory code would work with providers to lay out how content is managed on a service and ensure that clear and transparent processes are in place to make it easy both for children and parents to report problematic content. It would also set out what providers should do to develop effective safeguarding policies—a process that the National Society for the Prevention of Cruelty to Children has supported.
As I said, this will clearly be a staged process. We envisage that in order to be effective, the development of a code of practice must involve industry, child protection organisations such as the NSPCC and, crucially, the children and families who use online services. But this code of practice would be based on existing industry and regulatory minimum standards and would require providers to ensure that the safety and wellbeing of children is paramount in the design and delivery of their products and services. The new clause would also empower the Secretary of State to make regulations to ensure effective enforcement of the minimum standards in the code of practice.
The online world can be an enormously positive force for good for our children and young people. It makes available a scale of information unimaginable before the internet existed and there is compelling evidence that that constant processing of information will lead to the most informed generation of children the world has known, but it needs to be made safe to realise that potential. The new clause would give assurance to Opposition Members that we will enable that to happen.
I am grateful to my hon. Friend the Member for Devizes for saying that she will not press her amendment and for what she said about the BBFC. Anybody reading the transcript of this debate will see the universal support for the BBFC and its work.
On the point about statutory guidance, through the UK Council for Child Internet Safety we have made guidance available to providers of social media and interactive services to encourage businesses to think about safety by design and help make platforms safer for children and young people under the age of 18. The amendment would make something similar into statutory guidance. I see where the hon. Lady is coming from, but the scale and scope of the internet makes this an unprecedented challenge. Some of the biggest sites have over 2 billion visits per year and UK audiences make up a very large proportion of those. It would be very difficult to have statutory guidance that would be policeable in any complete way. Rather than statutory guidance that could not be dealt with properly, it is better to have non-statutory guidance that we encourage people to follow.
On that point, does the Minister share my concern about the levels of discontent among those children who are trying to report online through social media? Some 26% received absolutely no response at all and of those that did receive a response, only 16% were satisfied. What more can we do to strengthen that?
I do recognise that. My point is that making non-statutory guidance statutory will not help in that space, but there is clearly much more to do. I hope that, with that assurance, my hon. Friend the Member for Devizes will withdraw the amendment.
I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
Question proposed, That the clause stand part of the Bill.
This is a very curious clause, which renders much of the well-informed—as the Minister said—and useful discussion that we have had today about enforcement, targeting smaller providers and restricting access across the web, completely and utterly redundant. If the clause as I read it goes forward unamended, it will provide the regulator with the ability to target only the largest providers of online pornography, perhaps even limiting its ability to target only them.
As we have discussed at length, this is an incredibly difficult area to police, which I appreciate. It is obviously going to be far easier to tackle the 50 largest providers, not least because I assume many of them are already providing some level of age verification and are probably more at the responsible end of online pornography content providers. I would remind the Committee of the Conservative party’s manifesto, which said:
“we will stop children’s exposure to harmful sexualised content online, by requiring age verification for access to all sites containing pornographic material”.
That does not make any reference to commercial providers or whether the provider has a large or small turnover, is on WordPress, Tumblr, Twitter, Facebook or Snapchat. Today’s debate has very much suggested that the role of the regulator will be to focus on those sites that are operated on a commercial basis. Given the Minister’s reluctance to implement internet service provider blocking, I do not believe that the manifesto commitment will be achieved.
My hon. Friend is making a very interesting point. The clause refers to
“a large number of persons”
and
“a large amount of turnover”.
“A large number of persons” might be 1,000; it might be 1 million. Has there been any indication from the Government of what they mean by that?
As far as I am aware, we have had no indication from the Government at all. It would be very interesting to hear the Minister’s comments on that and on why the clause exists at all.
The Minister has been saying at length that he does not want to be too prescriptive to the regulator, but he is putting into primary legislation that the BBFC will be able to target, first and foremost, the larger providers and those that are more easy to target. I would imagine that a regulator in any regulatory system would go after the bigger and less problematic providers before those that are more difficult to tackle—no reasonable person would expect anything different. I find this confusing: why should the provision be in primary legislation, given the Minister’s overtures about not being too prescriptive and giving sufficient flexibility?
As I have just mentioned in the discussion on the previous clause, some of the biggest sites on the internet have more than 2 billion visits a year. As the hon. Member for Sheffield, Heeley said, many sites are involved. Allowing discretion for a targeted approach is important. The clause also allows the regulator to
“carry out, commission or support…research…for the purposes of exercising, or considering whether to exercise”
the powers. That is important, too, because we want the regulator to have the power to conduct research to inform its views. Both those things are important parts of the execution of age verification.
The Minister said just now that the clause will stop the BBFC—we are to assume that it will become the age verification regulator—from being in breach of its statutory duties if it goes after the largest pornography providers first. Putting aside the analogy that my hon. Friend the Member for Cardiff West made, which was absolutely right, is it not the case that the age verification regulator does not have many statutory duties? That was the whole purpose behind the amendments of the hon. Member for Devizes. The regulator is required only to—well, it is not required to; it may—give notice to any payment services or ancillary service provider. I fail to see how targeting any content provider first, last or in any other way would put the regulator in breach of any requirement under the Bill.
I want to make it clear that it can target in order to work as effectively and as soon as it can. I am slightly surprised to find Opposition Members against that principle.
Digital Economy Bill (Eighth sitting) Debate
Full Debate: Read Full DebateLouise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)Department Debates - View all Louise Haigh's debates with the Cabinet Office
(8 years, 1 month ago)
Public Bill CommitteesWe are catapulted into part 5 of the Bill.
Clause 29
Disclosure of information to improve public service delivery
I beg to move amendment 98, in clause 29, page 28, line 25, leave out “had regard to” and insert “complied with”.
This amendment provides stronger compliance with the code of practice on the disclosure of information.
With this it will be convenient to discuss the following:
Amendment 100, in clause 30, page 29, line 33, leave out “had regard to” and insert “complied with”.
This amendment provides stronger compliance with the code of practice on the disclosure of information.
Amendment 99, in clause 32, page 30, line 13, at end insert—
‘(1A) In determining whether to make regulations under section 29, 30 or 31 the appropriate national authority must ensure that—
(a) the sharing of information authorised by the regulations is minimised to what is strictly necessary,
(b) the conduct authorised by the regulations to achieve the “specified objective” is proportionate to what is sought to be achieved by that conduct,
(c) a Privacy Impact Assessment compliant with the relevant code of practice of the Information Commissioner’s Office has taken place and been made publicly available,
(d) the proposed measures have been subject to public consultation for a minimum of 12 weeks, and responses have been given conscientious consideration.
(1B) As soon as is reasonably practicable after the end of three years beginning with the day on which the regulations come into force, the relevant Minister must review its operation for the purposes of deciding whether these should be amended or repealed.
(1C) Before carrying out the review the relevant Minister must publish the criteria by reference to which that determination will be made.
(1D) In carrying out the review the relevant Minister must consult—
(a) the Information Commissioner, and
(b) open the review to public consultation for a minimum of 12 weeks, and demonstrate that responses have been given conscientious consideration.”
This amendment seeks to reduce the risk of successful legal challenges. Challenges are often made on grounds of privacy and this would amend that to increase privacy safeguards.
Amendment 96, in clause 32, page 30, line 33, at end insert—
‘(3A) A particular person identified in personal information disclosed under sections 29, 30 or 31 is able to request to a specified person under subsection 29(1) that the personal information is modified and corrected if necessary.”
Amendment 95, in clause 32, page 30, line 34, leave out
“(including a body corporate)”
and insert
“, a group of persons, a private company or a publicly traded company irrespective of their size and revenue, but”.
Amendment 105, in clause 35, page 32, line 31, leave out “have regard to” and insert “comply with”.
I am very grateful to my hon. Friend the Member for Cardiff West for giving me some much-needed time off. I do not wish to disappoint the Minister by not being as brief as we were earlier, but I am not sorry, because part 5 really does require some further scrutiny. I think the Government know that it was not ready for Committee, not least because they have tabled several dozen amendments to it, but also because the codes of practice were not in good enough shape last week, according to the Information Commissioner, but were published just a few days later—some civil servants were clearly working overtime in the intervening period.
Clause 29 allows specified persons to share data for a specified objective. All national authorities will be enabled to lay regulations through secondary legislation for exactly what those data-sharing arrangements will be and what they will be for. In doing so, this clause lays out that they will be required to ensure the secure handling of information and to have regard to the codes of practice. Our amendments seek to strengthen this and to ensure that anyone involved in the sharing of data under these new powers is in full compliance with the codes of practice that were published last week.
I want to be very clear here: the Opposition do not oppose the Government’s sharing data among themselves to improve policy making and public services, but we must get this absolutely right and we are still a long way away from that, given the state of the current proposals. This is a key point: the public support the sharing of data to better enable the Government to provide services and to better enable the public to make use of those services, but public trust is fragile and has been rocked in recent years by varying degrees of incompetence in managing those data. Before Government Members point out that previous Labour Administrations were just as guilty, I should say that I fully accept that. This is not a political but rather an administrative point, which is why such proposals need to proceed with the utmost caution.
The Information Commissioner produced a very instructive report on this very point, which is extremely important to this part of the Bill, because it demonstrates the circumstances in which the public are happy for their data to be shared. The commonly recurring themes of what the public want regarding data could not be clearer: they want control over their data; they want to know what organisations are doing with those data; and they want to understand the different purposes and benefits of sharing their data. In that context, 63% of people agreed that they had lost control over the way in which their data are being used. This demonstrates that if there is to be sharing of data, which we support, there must be very clearly defined safeguards based on consent and transparency.
This part of the Bill gives considerable powers to Government to share data, but there are essentially no safeguards built in to ensure privacy, data protection, proportionality and a whole host of other principles that should sit alongside data sharing. It is vital that these reforms go ahead and we are completely in favour of effective data sharing across Government to achieve public sector efficiencies, value for money, improved public sector services, take-up of benefits for the most vulnerable, such as the warm home discount or free school meals, and, most importantly, an improved experience for those who use public services.
The Minister for Digital and Culture claimed in an evidence session that the safeguards are in the Bill, but that is simply not the case. I would be grateful if the Parliamentary Secretary, Cabinet Office outlined what safeguards he thinks there are. As I, a relatively amateur observer, as well as those who are much more expert in the matter read it, the safeguards are to be added at a later date, written up by the Government and consulted on with people whom the Government deem fit to consult. Furthermore, there is absolutely nothing the public sector does that is not covered by the clause. I would be grateful, therefore, if the Minister gave give us a single example that that—I quote from the clause—for the purposes of
“the improvement of the well-being of individuals or households”,
or of improving
“the contribution made by them to society”,
would not deliver.
It is good to see the shadow Minister back in her place. She is making an excellent start to this section of the debate, pulling out many of the key issues. I am afraid that the ministerial team might not like the scrutiny that the process is supposed to provide—and essentially does. The point about transparency is critical and there is a confidential submission that points out that transparency does not prevent people from doing anything; it simply requires them to be accountable for what they do. We have recently seen the case of HMRC outsourcing to Concentrix the ability to collect tax credits. Data from another source were used, and we all know the damage that can be done when that is not done well.
I am grateful for that intervention. I am very aware of the Concentrix case and will come on to it shortly.
On the inclusion of non-public sector authorities and the Government’s intention to strictly define the circumstances and purposes under which data sharing with such organisations will be allowed, their statement of intent was clear. However, only one paragraph in the 101-page draft code mentions non-public sector organisations. That paragraph says that an assessment should be made of any conflicts of interest that the non-public authority may have but it does not give any examples of what those conflicts of interest might look like, so perhaps the Minister will elaborate on that when he responds. It states that a data-sharing agreement should identify whether any unintended risks are involved in disclosing data to the organisation—the risk regarding Concentrix was just highlighted—but the code of practice does not list any examples or set out how specified persons might go about ascertaining those. It also states that non-public authorities can only participate in a data-sharing agreement once their sponsoring public authority has assessed their systems and procedures to be appropriate for the secure handling of data, but it does not give any sense of what conditions they will be measured against or how officials should assess them.
That is not the kind of reassurance that was provided in the Government’s consultation response. Given that these are draft codes, I hope the Minister will take what I have said away and improve them, not least because of the recent scandal relating to the US multinational company, Concentrix, which was contracted by HMRC to investigate tax credit error and fraud. Concentrix sent letters to individuals—mostly working single mothers across the country receiving tax credits—in what was essentially a large-scale phishing exercise. Not only did it get things catastrophically wrong by cancelling benefits that it should not have cancelled and leaving working mothers destitute over many weeks and months in some cases, but it performed serious data breaches in sending multiple letters to the wrong individuals and disclosing personal information.
We have made it very clear that the Bill could have done with considerably more work before it was brought before the House. I understand that the civil servant who wrote part 5 has now left, or is in the verge of leaving, the employ of the civil service, so there is even more reason for us to work cross party and with expert organisations on improving the proposals.
As I have said, public trust in Government handling of data is not strong. Unfortunately, the public have not been given any reason to put their concerns to rest. The recent National Audit Office report, “Protecting information across government”, revealed the prevalence of weak controls on the protection and management of personal information in Government. Any continuation of the existing poor information management identified by the NAO, or the further weakening of cyber-security and data protection implied by part 5, is likely to have negative economic and social impacts.
As the Information Commissioner’s Office commented:
“It is important that any provisions that may increase data sharing inspire confidence in those who will be affected. Our research shows that the public are concerned about who their data is shared with and reflects concerns that they have lost control over how their information is used. Even apparently well-meaning sharing of data such as GP patient records for research purposes can arouse strong opinions.”
This is an important time to strengthen cyber-security and the minimisation and protection of data, which is why it is so important to get this part of the Bill right. A huge prize is on offer, but this has the potential of going the way of the care.data scandal. Frankly, it is astonishing that neither Ministers nor civil servants have learnt their lessons from that very regrettable episode, because there was absolutely nothing wrong with the principle of care.data either; it attempted to achieve exactly the kind of aims as the Bill’s reforms.
The idea was to create a database of medical records showing how individuals have been cared for across the GP and hospital sectors. Researchers believed that the information would be vital in helping them to develop new treatments as well as assessing the performance of NHS services. The records would be pseudo-anonymised, meaning that the identifiable data would be taken out. Indeed, they would just contain the patient’s age range, gender and the area they lived in. However, researchers could apply for the safeguards to be lifted in exceptional circumstances, such as during an epidemic. That would have needed the Health Secretary’s permission.
The concept had the backing of almost the entire medical community, many charities and some of the most influential patient groups. The UK’s leading doctors told us how access to so many NHS records would help them to understand the causes of disease, quickly spot the side effects of new drugs and detect outbreaks of infectious diseases.
The problem with care.data was that the advantages and the principles upon which the data would be shared were simply not communicated by the Government or by NHS England, and so it attracted the criticism of bodies as disparate as the British Medical Association, the privacy campaign group Big Brother Watch and the Association of Medical Research Charities. Such was the botched handling of the publicity surrounding care.data that, by April 2014, the launch was aborted. However, it emerged the following June that nearly 1 million people who had opted out of the database were still having their confidential medical data shared with third parties, because the Health and Social Care Information Centre had not processed their requests.
A review by the National Data Guardian, Dame Fiona Caldicott, found that care.data had caused the NHS to lose the trust of patients, and recommended a rethink. That prompted the then Life Sciences Minister, the hon. Member for Mid Norfolk (George Freeman), to announce that the scheme was being scrapped altogether, even though £7.5 million had already been spent on constructing a database, printing leaflets, setting up a patient information helpline and researching public attitudes to data sharing.
The Caldicott review established a set of Caldicott principles, with the primary one being that the public as well as the professionals should be involved in data-sharing arrangements. Dame Fiona Caldicott proposed a simple model that gives people the option to opt out of any of their information being used for purposes beyond care. She said:
“We made it slightly more complicated by saying it was worth putting to the public the choice of having two separate groups of information to opt out of – [those being] research and information used for running the health service. If you put all of the possible uses of data currently in the system together and asked people to opt in or out of that, it’s actually asking them to make a choice about a very big collection of information. [People] may want to have the possibility of saying, ‘Yes, I’d like my data to be used for the possibility of research, but I don’t want it to be used for running the health service’.”
She also made it very clear that the benefits of data sharing and what it means need to be communicated clearly to the public, as there is a lot of confusion around how the data are shared.
Absolutely nothing has changed since that disaster and the subsequent review, so it is concerning not to see those basic principles included in the Bill. I am interested to hear the Minister’s response to those principles laid out by the National Data Guardian. The public need to be able to trust organisations that handle their data and they need to retain control over those data. Both those things are essential to build confidence and encourage participation in the digital economy. The principles have been debated over the past several years at the European level, and we should be told here and now—today—whether the Government intend to implement the EU’s General Data Protection Regulation. If they are, why is the Bill not compliant with it?
The new EU GDPR and the law enforcement directive were adopted in May and will take effect from May 2018. The GDPR includes stronger provisions on: processing only the minimum data needed; consent; requirements on clear privacy notices; explicit requirements for data protection by design and by default; and on carrying out data protection impact assessments.
Although the Government’s arrangements for exiting the European Union have yet to be decided, it seems likely that the GDPR will take effect before the UK leaves, so the Government will have to introduce national level derogations prior to its implementation. If that is the case, there will have to be a thorough consideration of the impact of the new legal framework on all aspects of the Bill affecting data sharing, including implementation arrangements. Indeed, as the Information Commissioner said when giving evidence to the Committee two weeks ago:
“There may be some challenges between the provisions and the GDPR… There would ?be a need to carefully review the provisions of this Bill against the GDPR to ensure that individuals could have the right to be forgotten, for example, so that they could ask for the deletion of certain types of data, as long as that was not integral to a service.”––[Official Report, Digital Economy Public Bill Committee, 13 October 2016; c. 112-13, Q256.]
The GDPR states that data are lawfully processed only if consent has been given by the individual, which is completely lacking in this section of the Bill. It also gives data subjects that right to withdraw consent at any time:
“It shall be as easy to withdraw as to give consent.”
Controllers must inform data subjects of the right to withdraw before consent is given. Once consent is withdrawn, data subjects have the right to have their personal data erased or no longer used for processing.
Order. May I gently assist the hon. Lady by saying that I am not sure she has referred to her amendments much yet? She is making an excellent clause stand part speech. This will certainly now be the clause stand part debate, but it might help the Committee if she came on to her amendments as soon as possible.
Of course. Thank you very much, Mr Streeter.
Our amendments would ensure that the codes of practice, which have been vastly improved over the past week, are statutory. It is important that the principles and safeguards outlined so far are included and are statutory. That is what I have been alluding to so far in my speech. It seems pointless for civil servants to have put all this work into the codes for them merely to be regarded, rather than statutorily complied with. The codes must be improved further, and we hope that Ministers and officials will work with the industry and organisations to do just that, but we want to see them referenced properly in the legislation and properly complied with. Anything less means that the powers enabled in the clause dwarf any safeguards or checks included in the codes.
Amendment 99, in my name and that of my hon. Friend the Member for Cardiff West, would help to build trust in the Government’s data-sharing provisions—trust that has been rocked over a number of years. That trust is absolutely essential if this extension of the Government’s data-sharing powers is to be effective. It is worth noting again that the draft regulations allow a significant extension of data-sharing powers with a significant number of Departments. That extension is rightly set within defined and strict criteria, but some of the definitions contained within those criteria are at best vague.
Subsection (8) of clause 29 allows for the sharing of data if it is of defined “benefit” to the individual or households. Subsection (9) allows for the sharing of data if it
“has as its purpose the improvement of the well-being of individuals or households.”
While the extension is ostensibly for tightly defined reasons, those reasons are in fact so broad that they could refer to anything at all.
We again come back to the point about public trust. The public want to know why their data are being shared and that it is strictly necessary. Amendment 99 would help build that trust by ensuring that, under clauses 29, 30 and 31,
“the sharing of information authorised by the regulations is minimised to what is strictly necessary…the conduct authorised by the regulations to achieve the “specified objective” is proportionate…”
and that
“a Privacy Impact Assessment…has taken place”.
The amendment would require the Minister to establish a review that consults the Information Commissioner and the public on the effectiveness of the measures. The amendment would require the Minister, after a three-year period, to review the operation of these provisions to decide whether they should be amended or repealed.
A similar measure is included in the Bill in the provisions relating to data sharing for the purposes of the collection of public debt, so it is puzzling that it is not included in this part, too, as these provisions are so much broader and just as risky, if not riskier. Individuals are right to be anxious about their sensitive data being shared. The amendment would allow for the public to be reassured that their data are being handled within the strictest confines.
Amendment 96 would give individuals a right to access and correct their own data. Empowering citizens to have access to and control over their own personal data and how they are used would clearly help improve data quality. Citizens could see, correct and maintain their own records. Data need to work for people and society. Citizens need to be actively engaged in how their data are secured, accessed and used. Again, that needs to be put on the face of the Bill.
Part 5 does not make clear how proposals to data share comply with the Government policy of citizens’ data being under their own control, as set out in paragraph 3 of the UK Government’s technology code of practice. Indeed, the proposals appear to weaken citizens’ control over their personal data in order for public bodies and other organisations to share their data. Weakening controls on the protection of their data is likely to undermine trust in the Government and make citizens less willing to share their data, challenging the move towards digital government and eroding the data insights needed to better inform policy making and related statistical analysis. That type of organisation-centred, rather than citizen-centred, approach characterised the failure of the top-down imposition of care.data in the NHS. That is why we tabled these amendments.
It is an honour to serve under your chairmanship, Mr Streeter, and to be standing here making my Committee debut. The hon. Member for Sheffield, Heeley is obviously new to the business as well, and I hope to follow her example. She has been gracious and proportionate in holding the Government to account. I hope we can have a full and frank exchange—hopefully, a rapid one—as we move through part 5.
The Government share information every day. Like every organisation, we rely on information to deliver the support and services that everybody relies on. These proposals will not do anything radical. They are simple measures designed to provide legal clarity in uncontroversial areas. The hon. Lady said that the Bill’s objectives are too broad, but I am afraid I disagree. We have made available draft regulations that set out three clear objectives, which are constrained and meet the criteria. I believe it is possible to strike a balance between the regulations and the evidence to set out specific objectives on identifying individuals and households that have multiple disadvantages, improving fuel poverty schemes and helping citizens retune their televisions when the broadcasting frequency is changed in a couple of years’ time.
The hon. Lady mentioned some specific examples. I want to turn to the fuel poverty schemes. When we look at those several years down the line, I genuinely believe that we will be proud to have sat here and legislated in a Committee that introduced data-sharing measures that enable, for instance, a significant number of vulnerable people to benefit from the warm home discount scheme. At the moment, about 15% of warm home discount scheme recipients are classed as fuel poor, according to the Government’s definition. By utilising Government-held data on property characteristics to benefit the recipients, we estimate that that figure could be at least tripled. That could mean that an additional 750,000 fuel poor households receive a £140 rebate off their electricity bill each year.
We know that some vulnerable households miss out on the warm home discount because they need to apply and they either do not know the scheme exists or, for one reason or another, are unable to complete an application. Our proposed changes could result in the majority of the 2.1 million recipients receiving the rebate automatically. It will come straight off their energy bills without the need to apply. That is simply an extension of the data-sharing measures that already exist in the Pensions Act 2014 for pension credit. It is evolution, not revolution.
That example clearly sets out how we will require data to be shared among Government organisations and for there to be a flag to suppliers of eligible customers. In that instance, we will require the suppliers to use data only to support customers. Each objective will require a business case setting out the purpose and participants, which will be approved by Ministers and subject to parliamentary scrutiny.
I note that we are debating clause 29 stand part as well as the amendments, so after talking generally about part 5, let me move on to the clause. I believe that these powers do not erode citizens’ privacy rights. They will operate within the existing data protection framework. The new powers explicitly provide that information cannot be disclosed if it contravenes the Data Protection Act 1998 or part 1 of the Regulation of Investigatory Powers Act 2000. Further, they are carefully constrained to allow information to be shared only for specified purposes and in accordance with the 1998 Act’s privacy principles.
The new codes of practice, which the hon. Lady mentioned—I have been assured that they are on the parliamentary website—have been developed to provide guidance to officials in sharing information under the new powers in respect to public service delivery, fraud and debt, civil registration, research and statistics. The codes are consistent with the Information Commissioner’s data sharing code of practice. Transparency and fairness are at the heart of the guidance. Privacy impact assessments will need to be published, and privacy notices issued, to ensure that citizens’ data are held transparently. I was delighted that the Information Commissioner wrote to the Committee on 19 October saying:
“Transparency is key to building people’s trust and confidence in the government’s use of their data. I am pleased to see that further safeguards such as references in some of the codes to the mandatory implementation and publication of privacy impact assessments (PIAs), and reference to my privacy notices code of practice, have been highlighted in the Bill’s codes of practice.”
The Information Commissioner also said that she wanted the privacy impact notices to be included in the Bill, and the codes to be explicitly subordinate to her code on data-sharing practices. Will the Minister confirm that those codes are indeed subordinate? Will he also explain why the codes are not included in the Bill if they are so central to the process?
I will come to the second point later. On the Information Commissioner’s desire to include privacy impact assessments, it is clear to me from her letter that she is now content with the situation as it stands:
“I am content that the codes all now reference and better align with the guidance on sharing personal data set out in our statutory code and include effective safeguards to protect people’s information.”
The Information Commissioner was referring to the codes being improved since she gave evidence to the Committee. Later in that letter, which I think the Minister has in his hand, she goes on to say that she stands by the other evidence, both the oral evidence that she gave the Committee and her written evidence, which included her view that privacy impact notices should be in the Bill.
The Information Commissioner also mentions that, on privacy impact assessments and with reference to her privacy notices code of practice:
“This will build in transparency at two levels:—”
in the current situation—
“greater accountability through the publication of PIAs and timely and clear information for individuals so they can understand what is going to happen to their data.”
The Government remain committed to working with the Information Commissioner’s Office. When it came to the evidence sessions, I was aware of the fact that we had a long process discussion around the codes of practice and when their publication dates were due. It was very important for me, as a Minister, to ensure that we had the confidence of the ICO going forward and that we could publish those draft codes. We will continue those conversations.
When looking at putting the codes or privacy impact assessments in the Bill, it comes back to the key point of being able to continue that conversation when it comes to a transformational technology that we may not even know exists at the moment and that may radically change our ability to look at how we data share. At the moment we are looking at specified portals through which we will data share for the benefit of the most vulnerable in society, but there may be a new technology that allows the Government to expand our scope. If that new technology comes into being and we write the codes and privacy impact assessments into the Bill, we will have the chilling effect of ossifying the practice; it will impact on our ability to adapt and to be able to look at new technology, to move fast and to realise the opportunities that we may have to data share for the benefit of the most vulnerable in society.
I completely agree that we should not tie ourselves down in the Bill, particularly to technology. It came through loud and clear from the evidence sessions that part 5 seems to tie us to a very outdated approach to data sharing. It does not talk about data access; we heard that an awful lot in the evidence sessions. The Bill goes against the Minister’s own guidance on that. We should look not at bulk sharing, which takes us back to when we had filing cabinets or were sending across spreadsheets and databases on USB sticks, but at using application programming interfaces and canonical datasets, on which the Cabinet Office is leading the way. I would appreciate it if the Minister commented on that.
The hon. Lady highlights the argument I am trying to make, which is that the data-sharing measures in the Bill are proportionate, constrained and there to ensure that we can bring public confidence with us, which she mentioned. That is why we have highlighted specific portals through which we will be able to share Government information across Departments. In future, there will be secondary legislation powers to review and expand that, but there will be a whole process for which we need scrutiny.
That is why the Bill is so important: by highlighting how we can help those most in need and how, when it comes to data and consent, some people are in circumstances, by virtue of being in deprived communities or particularly vulnerable, of not knowing that they can benefit from their data being shared. It is the Government’s responsibility to act in this particular area to ensure that data are shared for the benefit of the most vulnerable. That is why the Bill is designed as it is. We have the secondary regulations in place, limited as they are at the moment, going through impact assessments and everything that we need to ensure that we have a proportionate response to sharing data.
I fully appreciate what the hon. Lady said but I hope that she will accept that the Government have pulled out all the stops to ensure that we can take public confidence with us. That is why, for instance, under clause 33, new criminal sanctions have been developed to protect information shared under the new powers in respect of public service delivery, fraud, debt and research, so those convicted of offences could face a maximum penalty of up to two years imprisonment for illegal data sharing, a heavy fine or both.
No statutory restrictions that currently exist on sharing of data, such as in the Adoption and Children Act 2002, will be affected by these data measures. When it comes to audits, which the hon. Lady mentioned, data-sharing agreements entered into under the power will set out a governance structure of how audits will take place. This structure will oversee the arrangement and what participating bodies are required to do under data sharing. The Information Commissioner’s Office also has a general power to conduct audits, including compulsory audits of Departments and organisations to check that they are complying with the law in relation to the handling of personal information. All bodies are required to comply with the ICO’s request for assistance so that it can determine whether data have been processed lawfully in data-sharing arrangements. The ICO can pursue criminal proceedings where necessary.
Will the Minister confirm that every Department that undergoes a data-sharing arrangement will complete a full audit of all data-sharing arrangements in that Department? Will that be available under the Freedom of Information Act?
On the individual point of audit, I will have to write to the hon. Lady. I will further consider her amendments and speak about them when we discuss three-year reviews. I want to ensure that bodies sharing information under the public service delivery power, for instance, strictly observe and follow codes of practice. Although I welcome the intention of the amendments, I think they are unnecessary. The Bill sets out the key conditions for disclosing and using information, including what can be shared by whom and for what purposes. We followed the common approach taken by the Government to set out details of how data are shared in the code of practice.
I want to return to the hon. Lady’s question of whether we use “have regard to” or “comply with”. The wording, “have regard to” already follows common practice in legislation, as illustrated in section 25 of the Immigration Act 2016 and section 77 of the Children and Families Act 2014. As the power covers a range of public authorities and devolved territories we want the flexibility that I mentioned about how the powers are to be operated, so that we can learn what works and adapt the code as necessary. To put it into the Bill, as I mentioned, would hamper that ability to adapt for future purposes. If bodies fail to adhere to the code, the Minister will make regulations that remove their ability to share information under that power, as is indicated, indeed, in part 11 of the code of practice, which states:
“Government departments will expect public authorities wishing to participate in a data sharing arrangement to agree to adhere to the code before data is shared. Failure to have regard to the Code may result in your public authority or organisation being removed from the relevant regulations and losing the ability to disclose, receive and use information under the powers”.
Amendment 106 requires the Minister to run a public consultation for a minimum of 12 weeks before issuing or reissuing a code of practice. The code of practice is essentially a technical document that sets out procedures and best practice with guidance produced by the ICO and Her Majesty’s Government. Clause 35 requires the Minister to consult the Information Commissioner and other persons, as the Minister thinks appropriate. I think that that strikes a good balance. Indeed, as I mentioned, we have been working closely with the ICO to ensure that there is confidence in the codes and the Information Commissioner states:
“I am pleased to report that significant progress has been made since my evidence session and I am content that my main concerns about the codes have now been addressed”.
I think it is very important to put that on record.
To respond to the hon. Gentleman on his specific point, we will update the lists of bodies able to share information of the public service delivery power, and the PSD power allows for new objectives to be added by regulations if they meet the conditions specified in primary legislation. So the issue of the pupil premium, which he mentioned, may be one of the many worthy purposes for which new objectives could be created.
I would like also to draw the hon. Gentleman’s attention to the disclosure of information in the draft regulations, which I hope will reassure him. Paragraphs 21 and 22 of schedule 1 to the Bill refer to the organisations that will be sharing data, or that will be permitted to do so once they have applied to do so, including the county councils of England, the district councils in England and even the council of the Isles of Scilly. We recognise that there is that local government fracture that he mentioned and we hope that when it comes to data-sharing measures we will be able to heal that.
It was disappointing not to hear the Minister mention the General Data Protection Regulation and explain why this legislation has not been written in compliance with it, or my points about non-public sector authorities. I hope that he can return to those issues later in his remarks.
On the point about the Information Commissioner, in her evidence she supported statutory codes of practice. She also recommended that Parliament should review all aspects of data-sharing, and not just the clauses relating to fraud, after an appropriate time, which is what informed our amendment.
As our amendment says, we would also like the codes to make it clear that good cyber-security practice should not be about data sharing and that it should be about leaving the data with their original owner. I hope that the Minister will return to those issues when he comments on later stages of the Bill.
With that in mind, I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
Clause 29 ordered to stand part of the Bill.
Clause 30
Disclosure of information to gas and electricity suppliers
I beg to move Government amendment 108, in clause 30, page 29, line 21, at end insert “, or
() the making of grants (by any person) under section 15 of the Social Security Act 1990 in accordance with regulations under that section made by the Scottish Ministers or the Welsh Ministers.”
This amendment enables information to be disclosed by a specified person to a licensed gas or electricity supplier for the purposes of a scheme in Scotland or Wales for the payments of grants to improve energy efficiency under section 15 of the Social Security Act 1990.
This clause enables the person specified in regulations to disclose information to gas and electricity suppliers. The disclosure must be for the purpose of reducing energy costs, or improving energy efficiency or the health or financial wellbeing of those living in fuel poverty, and it must be disclosed for use in connection with one of the fuel poverty support schemes listed in the clause.
The schemes referenced are the warm home discount scheme and the energy company obligation. Although the territorial extent of both these schemes is GB-wide, fuel poverty itself is a devolved matter. Officials in the devolved Administrations, including Labour-run Wales, have asked for Scottish and Welsh fuel poverty schemes to be included in the provisions of the clause. That is because there are grant schemes that fall under section 15 of the Social Security Act 1990 that address fuel poverty in Scotland and Wales. Those schemes would also benefit from the ability to share information between public authorities, and with gas and electricity suppliers, for the provision of assistance to fuel-poor households. The schemes are Nest and Arbed in Wales, and Scotland’s home energy efficiency programme. They help to reduce energy costs, or to improve energy efficiency or the health and financial wellbeing of people living in fuel poverty. The same safeguards will be in place as for all data disclosed under the clause—that is, data can only be disclosed by persons specified in regulations and for the specific purposes identified in the clause. All persons involved in a data-share must have regard to the code of practice.
The inclusion of these grant schemes will strengthen the ability to deliver better targeted, cost-effective fuel poverty schemes in Wales and Scotland.
Amendment 108 agreed to.
Question proposed, That the clause stand part of the Bill.
May I welcome the Minister to his position? It was remiss of me not to do so earlier; he is the model of a patient Minister and very polite with it, too.
As with clause 29, we very much support the objective behind the proposals in clause 30—to identify the individuals most in need of warm home funding and any other grant or benefit that will alleviate fuel poverty. As we heard from Citizens Advice, energy firms have found it difficult to establish whether people are entitled to funding, so people who should get the help do not get it. Sharing the data should smooth that process. We know that fuel poverty is a significant contributor to debt. StepChange said that about 10% of its clients would be within the old definition of fuel poverty—they spend more than 10% of their income on fuel—and it has seen the number of people in gas and electricity arrears rise sharply from where things were in 2010.
However, there are concerns about disclosing personal data to gas and electricity suppliers, again with no detail on what personal information might be disclosed or how. There is none of the legal or technical detail essential to ensure data security, the ethical use of data and the necessary trust framework essential to protect the rights, privacy and security of citizens. The same problems plague the rest of part 5, not least that the general data protection regulation explicitly bans the use of data to monitor the behaviour of people in a way that could be seen as profiling, so we would appreciate the Minister’s comments on that point.
As we have seen, the warm home discount can work well, but it must be set within strict safeguards. The initial legislation was introduced to allow data sharing to be carried out, and we know that the Department of Energy and Climate Change was extremely careful with the idea, and concerned about public perceptions about trust and private sector companies’ use of data. There was a great deal of anxiety about the public view when the proposal was put as a theoretical proposition. The public are not convinced about the sharing of data with private companies—let alone between Departments—and particularly with private providers such as energy companies who have a potential commercial stake in the data.
That is why the warm home scheme currently works through data from the DWP and energy suppliers going to a third party, which crunches the data to identify the matches. The energy suppliers are then sent onward a list of their eligible customers and the data are deleted from the third party’s computers. The data are not held on any computers; that provides an appropriate safeguard for all individuals concerned. That is critical to alleviating concerns about the sharing of personal information.
At present, therefore, companies with no public accountability learn nothing of any commercial value to their activities, which is a crucial point. The sharing of data cannot be done if there is a company with a potential conflict of interest. However, clause 30 allows for the disclosure of information to gas and electricity suppliers to help people living in fuel poverty and within other tightly defined criteria. Although the clause is clear that data may be used only for the purposes intended, unease will remain about why, in this instance, the Government have allowed personal information to be shared with electricity suppliers rather than with a third-party trusted provider.
There will be a serious concern that electricity and gas suppliers are being passed information whose content could present a potential conflict of interest. Nobody is suggesting that the electricity or gas suppliers would do anything in breach of their obligations, but the risk is certainly there. That was the basis behind the creation of a third-party supplier in relation to the warm home scheme.
We therefore welcome the creation of an offence for passing on any of this information and we welcome the maximum sentence of two years. It provides a clear steer from Government on the sensitivity of the data, yet clearly we would prefer that the disclosure would not happen directly at all.
These Government amendments concern sanctions for unlawful disclosure and the disclosure and use of data to prevent and detect crime or prevent antisocial behaviour. A person receiving personal information under the public service delivery, debt, fraud and research powers cannot disclose that personal information unless it is for one of the exceptional reasons listed in the Bill, such as preventing loss of life or for national security. Technical amendments will ensure that it is clear that the list of exceptional reasons includes the prevention or detection of crime, or the prevention of antisocial behaviour.
The Bill provides that any person who contravenes the prohibition on further disclosure is guilty of an offence, which carries a penalty of imprisonment, a fine, or both. The introduction of criminal sanctions shows how seriously we take our responsibility to protect personal information, and we consider that it represents a key safeguard to accompany the new powers. It is imperative that individuals handling personal information under the powers take great care in handling that information.
We do not think that mistakes when handling personal data are acceptable, but we do not want to criminalise honest mistakes. The current drafting is slightly overzealous, so amendments 117, 128, 139 and 158 ensure that criminal liability arises only where there has been intent to disclose information. In circumstances involving disclosures made in error, we consider that other sanctions would be more appropriate, such as those set out in the Data Protection Act 1998 or internal disciplinary action.
The remaining amendments are minor technical amendments to ensure that information received under the powers can be shared to assist legal proceedings or criminal investigations outside the United Kingdom where necessary, while maintaining consistency across our clauses and aligning with other similar provisions in other legislation.
These Government amendments are technical and seem absolutely fine, apart from the provision to prevent antisocial behaviour. It is not clear to me why the disclosure would be necessary for the purposes of antisocial behaviour as defined under Anti-social Behaviour, Crime and Policing Act 2014. Can the Minister provide a clearer explanation of why any data that are ostensibly there to be shared for the purposes of alleviating fuel poverty and managing public sector debts would be used to prevent antisocial behaviour? Does that point to the concern I expressed earlier about the provisions leading to a broader scope for the use of information?
The exemption has been included to ensure that if information received under the powers points to possible antisocial behaviour, it can be shared. That is intended to avoid any risk that by failing to refer explicitly to antisocial behaviour we cause ambiguity about whether certain information on antisocial behaviour can be shared. That ambiguity would have a chilling effect on multi-agency responses to antisocial behaviour, thereby undermining one of the key purposes of the 2014 Act.
Can the Minister give an example of how data relating to fuel poverty shared between a Government agency and a gas and electricity company could possibly relate to antisocial behaviour?
We are talking about public service delivery powers, which do not just cover the warm home discount, attractive though that is. I know that all members of the Committee will be grateful, when this legislation goes through, to go back to their constituents and talk about being on this Bill Committee and how they delivered savings for millions of pensioners, but there are other key aspects of the Bill in relation to the troubled families programme and those living in communities blighted by antisocial behaviour. Data sharing around those programmes could create data matches that point to antisocial behaviour taking place or flag that up. We have a public duty to ensure that we have that power so that we can protect those vulnerable people whose lives are blighted in communities affected by particular types of antisocial behaviour.
Amendment 109 agreed to.
Amendments made: 110, in clause 32, page 30, line 19, leave out
“(whether or not in the United Kingdom)”.
This amendment removes the provision stating that a criminal investigation for the purposes of clause 32(2) may be within or outside the United Kingdom. This is for consistency and on the basis that a reference to a criminal investigation covers an investigation overseas in any event.
Amendment 111, in clause 32, page 30, line 21, leave out
“and whether or not in the United Kingdom”.
This amendment removes the provision stating that legal proceedings for the purposes of clause 32(2) may be within or outside the United Kingdom. This is for consistency and on the basis that a reference to legal proceedings covers proceedings overseas in any event.
Amendment 112, in clause 32, page 30, line 28, at end insert—
“( ) In subsection (2)(ba) “anti-social behaviour” has the same meaning as in Part 1 of the Anti-social Behaviour, Crime and Policing Act 2014 (see section 2 of that Act).”—(Chris Skidmore.)
See the explanatory statement for amendment 109.
Clause 32, as amended, ordered to stand part of the Bill.
Clause 33
Confidentiality of personal information
I beg to move amendment 101, in clause 33, page 31, line 19, leave out “or permitted”.
With this it will be convenient to discuss the following:
Amendment 102, in clause 33, page 31, line 25, leave out “made” and insert “necessary”.
This amendment and amendments 103 and 104 seek to place a stricter requirement to reduce the risk of non-compliance with data protection.
Amendment 103, in clause 33, page 31, line 27, leave out “made” and insert “necessary”.
See the explanatory statement for amendment 102.
Amendment 104, in clause 33, page 31, line 30, leave out “made” and insert “necessary”.
See the explanatory statement for amendment 103.
The amendments would restrict the onward disclosure of data. As we know, the public value their data, and the amendments would place a higher test on onward disclosure.
It is important that data disclosures of information as sensitive as we have been discussing are appropriately considered; they must not simply be nodded through. Introducing a principle of necessity would mean that organisations have to make a case, rather than merely tick a box. Crucially, that would help to make the Bill more consistent with existing data protection. As the Information Commissioner’s data sharing code of practice clearly states:
“You should employ ‘need to know’ principles, meaning that other organisations should only have access to your data if they need it, and that only relevant staff within those organisations should have access to the data. This should also address any necessary restrictions on onward sharing of data with third parties.”
The ICO’s data sharing code of practice could not be any clearer. It is designed to protect an individual’s data and to prevent any onward disclosure to the organisations that have access to those data.
The Data Protection Act is also framed in terms of necessity. The ICO’s code of practice states:
“The processing is necessary because of a legal obligation that applies to you (except an obligation imposed by a contract)…The processing is necessary to protect the individual’s “vital interests”. This condition only applies in cases of life or death, such as where an individual’s medical history is disclosed to a hospital’s A&E department treating them after a serious road accident…The processing is necessary for administering justice, or for exercising statutory, governmental, or other public functions.”
The amendments, which would insert the word “necessary”, ask a simple question: why are the exemptions in the Data Protection Act set aside when there is disclosure of confidential personal data for certain public interest purposes? That is already clearly well established. For example, in the context of policing, section 29(3) of the Data Protection Act states that:
“Personal data are exempt from the non-disclosure provisions in any case in which”
the disclosure is for any of the purposes of a criminal investigation, and failure to disclose
“would be likely to prejudice”
that investigation. One element of the application of that exemption from the non-disclosure provisions has the effect of excluding the lawfulness of the disclosure. It therefore protects the disclosing body from action for breach of confidence.
To disclose under the Data Protection Act, there has to be prejudice to an investigation before a disclosure of personal data can occur. Clause 33(2)(e) refers to disclosures
“made for the purposes of a criminal investigation”,
with no test of prejudice. The advantage of the amendments is that they would bring in the word “necessary”. That minor shift would at least ensure that the disclosure of personal data is proportionate.
Similarly, section 35(2) of the Data Protection Act permits disclosure of personal data for legal proceedings without risk of the disclosing party being subject to an action for breach of confidence if the disclosure of personal data
“is necessary… for the purpose of, or in connection with, any legal proceeding”.
In contrast, clause 33(2)(f) does not include the word “necessary” and reduces the threshold of disclosure to one that could facilitate speculative disclosures that could not be made under the Data Protection Act. We would be grateful if the Minister explained why the necessity is removed and why the DPA provisions are not sufficient when personal data are disclosed, but only when it is necessary in connection with any legal proceedings. The amendments would align disclosure with the provisions of the DPA.
The changes to clause 33(2)(h)(i) to (iv) are proposed to make it clear why the DPA is insufficient. Schedule 2(4) permits disclosure of personal data if it
“is necessary in order to protect the vital interests of the data subject.”
Schedule 2(5)(b) allows disclosure that is necessary
“for the exercise of any functions conferred on any person by or under any enactment”.
Can the Minister describe what disclosures of personal data do not fall within those two provisions? The amendments insert the word “necessary” and simply align the disclosure with the Data Protection Act.
I am concerned about why the Minister thinks the amendments will provide confusion; they will actually bring the clause into alignment with the Data Protection Act 1998—currently, large swathes of the Bill are not. Personal information is not defined as in the Data Protection Act, and nor are other clauses in this part. With your leave, Mr Streeter, I will test the will of the Committee.
Question put, That the amendment be made.
These are minor and technical amendments to clauses on the code of practice and statements of principles that will be issued under part 5 of the Bill. The amendments will require that the code of practice be consistent with the data sharing code of practice issued by the Information Commissioner under the Data Protection Act 1998, ensuring greater clarity for practitioners and increased transparency for citizens about the relationship between the provisions in the Bill and the DPA. The amendments have been tabled with our conversations with the ICO in mind; we have the Information Commissioner’s confidence that the codes are right. I commend the amendments to the Committee.
Amendment 118 agreed to.
I beg to move amendment 106, in clause 35, page 32, line 42, at end insert—
“(ea) the public for a minimum of 12 weeks, and the relevant Minister, must demonstrate that responses have been given conscientious consideration, and”.
The amendment relates simply to the fact that the Opposition would like a full public consultation on the draft codes of practice. A much better version has been put before the Committee, and I understand that it is now on the parliamentary website, but we would like a proper consultation period, not just a consultation with whomever the Government see fit to consult.
Amendment 106 would introduce a requirement for the Minister to publicly consult for a minimum of 12 weeks before issuing or reissuing the code of practice under clause 35.
Many details of the code of practice are drawn from the ICO data sharing code of practice. Others were drawn from two years of open policy making with civil society and other groups. We have just discussed a Government amendment intended to ensure that our codes will be consistent with the ICO’s data sharing code of practice. On that basis, we see no need for a compulsory public consultation before issuing the code, and even less need to make it a requirement in respect of any reissue. Some future changes to the code may be minor. We do not see a need to run a public consultation in those instances—indeed, to do so would be disproportionate in a great number of such cases.
Clause 35 requires that the Minister consult the Information Commissioner and other persons as the Minister thinks appropriate. Those other persons will include civil society groups and experts from the data and technology areas. We will run a full public consultation when a significant revision is expected, such as before the EU data protection regulation comes into effect, which I believe will be in May 2018. The clause as drafted provides the flexibility required. On that basis, the amendment is unnecessary and I invite the hon. Lady to withdraw it.
I am pleased to hear that the Government intend to consult on major revisions, and I hope that the draft codes, although much improved, will improve further in Committee, particularly in the areas outlined earlier relating to non-public authorities. As the Government have not listened to many of the recommendations made in their own consultation earlier this year, perhaps it is a futile amendment. I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
Question proposed, That the clause stand part of the Bill.
I will just lay some further concerns about the draft codes. Clause 35 requires specified authorities and specified persons to have regard to the code of practice. We have conducted our own mini-consultation. One member of the Government’s own open policy group described the codes of practice as “discursive and poorly constructed”, another as “empty waffle”. Agreement was widespread that they still require significant legal and technical improvements, and that safeguards should be included in the Bill itself.
Part 5’s provisions for personal data sharing enable officials to decide unilaterally when they may access and share citizens’ personal data without consent and for purposes other than that for which it was provided. It raises serious concerns about how the UK will be able to host any EU citizens’ personal data post-Brexit. If UK officials are able to access and use their data without consent, it is highly unlikely that the EU will regard that as approaching anything like “adequacy” with respect to the general data protection regulation.
It is an incredibly worrying aspect of the Bill and the accompanying codes of practice that nowhere do they refer to the EU’s GDPR, which will not come into effect until 2018, as the Minister said, although the Information Commissioner’s Office has stated that organisations must comply with the GDPR if they wish to continue to do business across the EU or with EU citizens’ data. Although we are referring to Government agencies and Departments, there is every likelihood that they will process EU citizens’ data.
Where consent is to be overridden by officials, the approach is not well defined. There is no consideration of or support for alternative approaches, such as empowering citizens to be helped by letting them nominate someone other than officials to act on their behalf, rather than officials doing so. There is inadequate attention to transparency and accountability. We have many lessons to learn from the Estonian Government, as we heard in evidence sessions.
Furthermore, the personal data-sharing code perpetuates errors from the two-year consultation. For example, when the code refers to application programming interfaces, it incorrectly implies that they are a new thing. They are not, with modern web APIs generally recognised as having been in existence since around 2002—hardly state of the art. The code also displays no apparent awareness of, for example, zero knowledge proof, a method by which one party can prove to another that a given statement is true without conveying any information apart from the fact that the statement is true.
For that reason, both technical and legal safeguards must be within the Bill, not the lengthy and vaguely drafted codes of practice relating to personal data. Quite simply, none of the codes contains the safeguards alluded to earlier in the consultation and Bill process. In the interests of time, I simply say to the Minister that we will revisit concerns about the codes of practice. We have serious concerns about the lack of transparency still built into the codes of practice, let alone on the face of the Bill, and we would like some updated technological references in those codes.
Question put and agreed to.
Clause 35, as amended, accordingly ordered to stand part of the Bill.
Clauses 36 and 37 ordered to stand part of the Bill.
Clause 38
Disclosure of information by civil registration officials
I beg to move amendment 97, in clause 38, page 36, line 15, at end insert—
‘(2A) An authority or civil registration official requiring the information must specify the reasons for requiring the information to be disclosed.
(2AA) Information disclosed under this section shall not be shared with any other public or private body beyond those specified in subsection (1).”
With this it will be convenient to discuss amendment 107, in clause 38, page 36, line 12, leave out from “that” to end of subsection and insert—
“(a) the authority or civil registration official to whom it is disclosed (the “recipient”) requires the information to enable the recipient to exercise one or more of the recipient’s functions and,
(b) the data subjects whose information is being disclosed have given valid consent under data protection legislation.”
This amendment would remove bulk sharing while allowing certificates to be shared to support electronic government services.
These provisions, more than any others in relation to civil registration officials, have surprised and confused those involved in the data-sharing proposals and the open data policy-making process, as they were never mentioned in the more than two years of discussion about data sharing in that open policy-making group. In the Government’s consultation response, they said that
“a large number of individual respondents and representatives from civil society stated strong opposition to the proposed power providing the ability for the bulk sharing of data, believing that the power would effectively create an identity database and enable personal data to be shared between public authorities even where there is no public benefit to do so.”
The amendments would address exactly that.
The publicly stated policy intent of the clause is to allow a citizen interacting with the Department to allow that Department to confirm their civil registration information electronically. That could undeniably enable better informed decision making, allocation of resources and service delivery, and would support the modernisation of public services. However, as drafted, the legislation also allows the entire civil registration database to be copied over to arbitrary locations for arbitrary purposes. That is not the same thing as a citizen allowing access when using digital services.
There are further concerns about the clause’s lack of compliance with the Data Protection Act 1998. Civil registration documents will be shared in bulk to improve service delivery where there is a clear and compelling need, according to the Bill. However, “clear and compelling” remains a lower test than the Data Protection Act’s “necessary and proportionate”, and is likely to be challenged. The use of bulk data runs counter to the Centre for the Protection of National Infrastructure guidance, which warns of the risks associated with bulk data, particularly from hostile foreign intelligence services.
The example given by Government that would require the sharing of civil registration data is around child reference numbers, which become national insurance numbers. National insurance numbers used to be attached to child benefit. It worked on the assumption that every parent would claim child benefit for their child and, when that child reached 15 and a half years of age, their national insurance number would be dispatched.
When the Government changed their policy on child benefit and effectively restricted it to parents who earned less than £50,000 per year, that created a potential problem for the assigning of national insurance numbers. The proposals will presumably address the problem by using birth-certificate data to inform who should be issued with NI numbers and when. That seems a perfectly reasonable and sensible method to correct an unintended consequence of the changes to child benefit policy, but can the Minister give us any other examples of when and why such bulk data sharing would ever be necessary or proportionate? The example I have just run through is incredibly specific and I hope that it would not be and is not repeated across Government.
Digital Economy Bill (Ninth sitting) Debate
Full Debate: Read Full DebateLouise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)Department Debates - View all Louise Haigh's debates with the Cabinet Office
(8 years ago)
Public Bill CommitteesNot necessarily; that has not been called yet. The amendments have been tabled in the name of the hon. Member for Sheffield, Heeley. She finished her speech on Tuesday, and I put on record my thanks for her impressive scrutiny of the Bill, which she has done almost single-handedly. I note that she made a weighty speech about Concentrix yesterday, so I do not know how she finds the time to sleep. I am sure that it will be noted in the Lords that we have gone through a full process of scrutiny in Committee.
The Government will ensure that citizens can access future Government digital services effectively and securely, while removing the current reliance on paper certificates. That will provide more flexibility and modernise how services are delivered.
Amendment 97 would require registration officials and public authorities requesting information to specify reasons for requiring disclosure. In considering a request to share information under those powers, a registration official would first need to be satisfied that the recipient requires the information to enable them to exercise one or more of their functions.
In her speech on Tuesday, the hon. Lady raised some issues about the Data Protection Act 1998 and said that the Government should set out clearly that it is being honoured, particularly for registration. The hon. Member for Hyndburn talked about fundamental principles, and I can confirm that the Bill’s fundamental principle is its compliance with the Data Protection Act. Data should not be disclosed if to do so would be incompatible with that Act, the Human Rights Act 1998 or part 1 of the Regulation of Investigatory Powers Act 2000.
The Data Protection Act is Magna Carta of the data world, and we want to ensure that all parts of the Bill comply with it. When disclosing information, only minimal information will be provided, in accordance with the requirements of the data recipient.
I am grateful to the Minister for his kind and polite words. If that is the case, why does the Bill contain the words “clear and compelling”, rather than “necessary and proportionate”, which is the term associated with the Data Protection Act?
I have taken legal advice about that issue, which the hon. Lady raised in her previous speech, and I have been told that those words do not in any way, shape or form challenge or change the interpretation of and compliance with the Data Protection Act. We will be happy to look again at the wording and reflect on it if that gives her confidence that we are absolutely committed to ensuring that the Data Protection Act runs through the core of the Bill. Registration officials are required to be aware of the reasons for the request, so the intention behind the amendment is already achieved by the clause.
Amendment 97 seeks to prevent the onward disclosure of information by the data recipient to any other public or private body beyond the specified public authorities listed in proposed new section 19AB(1) of the Registration Service Act 1953. Disclosures under the power will be restricted to the specified public authorities listed in proposed new section 19AB(1). In addition, personal data will be shared only in accordance with the power and in adherence to the Data Protection Act, by which the recipients will also be bound. As an additional safeguard, under the code of practice, data-sharing agreements can place restrictions on onward disclosures of data, which will be adopted where appropriate.
Amendment 107 would retain the requirement for a civil registration official to be satisfied that the information was required by a recipient to fulfil one of more of their functions before disclosing data. It seeks to add a requirement that an individual must have given valid consent under data protection legislation before any disclosure of their personal data. The data protection legislation referred to is believed to be the Data Protection Act, to which these clauses are already subject. They already state that personal data must be processed fairly. In practice, it will sometimes be necessary to share information in the public interest, where it is impractical or inappropriate to seek or rely on the consent of the individual concerned, but that is already permitted under the Data Protection Act, which we are determined to ensure remains in force.
In the hon. Lady’s speech on Tuesday, she talked about the uses of bulk data and asked me to give examples of where the powers will be used and where they are already used. The powers will allow registration officials to disclose birth data to other local authorities. Currently, a registrar is unable to notify another local authority if a birth takes place in their district but the child’s parents reside in another. Being able to disclose data across district boundaries will assist healthcare, school and wider local authority planning. Being able to share bulk information will ensure that children are known to the local authorities in which they reside and that action can be taken to address any needs of the child or parent.
Another example relates to blue badge fraud. It is estimated that about 2.1% of blue badge fraud relates to use of a blue badge following the death of the individual to whom it belonged. The new powers will allow data to be shared with the local authorities to help reduce that fraud.
The Minister gives an important example—blue badge fraud—in which data are accessed rather than shared. The local authority will have an access point into Department for Work and Pensions data to determine whether someone is disabled, but there is absolutely no need for bulk data sharing across local authorities. That is the kind of example that we should follow in the rest of the public sector.
My hon. Friend the Member for Hyndburn made important points about the absence from the Bill of clauses dealing with the private sector. In the evidence session, we heard from the chief executive of a tech start-up in Canary Wharf who made it very clear that nothing in the Bill would help his business or others operating in the digital economy. We will certainly return to that theme. I draw my hon. Friend’s attention to new clause 31, which the Committee will consider on Tuesday morning and which will require a review of data ownership across the public and private sectors.
I am grateful that the Minister has confirmed that the Government will consider a rewording of “clear and compelling”, because I think it could lead to some confusion regarding the compliance of part 5 with the Data Protection Act. It is great to hear him praise the Tell Us Once scheme, which was set up by the shadow Secretary of State for Culture, Media and Sport, my hon. Friend the Member for West Bromwich East (Mr Watson)—I will pass on the Minister’s congratulations to him.
The Minister referred to a platform; will he confirm whether he is referring to a central database of citizens’ civil registration information? That is a key concern. I am also glad to hear that sharing information without consent will take place only in explicitly defined circumstances, but I am still not clear why chapter 2 of part 5 will not—as our amendment 97 would—require civil registration officials to disclose why they are sharing information, as all the other chapters in part 5 require data-sharing arrangements or specified persons to do. If the Minister can explain that to me in an intervention, I will happily withdraw the amendment.
I used the word “platform” as part of a process argument about being able to look at data in the round, rather than to suggest that there would be any centralised data collection. That is certainly not the case. For public confidence, measures in the codes of practice set out clearly that when it comes to the data-sharing measures, once data have been used for the required purpose, they are then destroyed. They are not kept on any register for any historical purpose.
Turning to the hon. Lady’s second point—
Minister, this is an intervention. I call Louise Haigh—you may intervene again, Minister.
My question stands: why is there not a requirement in this chapter of this part for the reasons for disclosure, as there is in all the other chapters? I would be grateful if the Minister intervened regarding that point.
The registration codes of practice clearly set out that the purposes will need to be defined and that a business case will need to be made. None of that can take place until we ensure that there is a specified public function defined on the face of legislation, particularly when it comes to the code of practice that registrars will have to follow and which will be reviewed yearly. I believe that measures are in place to ensure that any data-sharing is done through a due process that is incredibly tight, restrictive and respectful of the use of individuals’ data.
I am afraid I am still not satisfied with why that requirement is not on the face of the Bill as it is in other chapters, so I will press amendment 97 to a vote. I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
Amendment proposed: 97, in clause 38, page 36, line 15, at end insert—
‘(2A) An authority or civil registration official requiring the information must specify the reasons for requiring the information to be disclosed.
(2AA) Information disclosed under this section shall not be shared with any other public or private body beyond those specified in subsection (1).”—(Louise Haigh.)
Question put, That the amendment be made.
The clause amends the Registration Service Act 1953 to introduce new flexible data-sharing powers that allow registration officials to share data from birth, death, marriage and civil partnership records with public authorities for the purpose of fulfilling their functions. That will provide more flexibility and modernise how Government services are delivered.
Being able to share registration data will bring many benefits, for example, in combating housing tenancy fraud. The National Fraud Authority estimates that housing tenancy fraud—for example, a tenant dies and someone else continues to live in the property when they have no right to—costs local authorities around £845 million each year. Being able to provide death data to local authorities will assist in reducing that kind of fraud. The sharing of data will provide benefits for the public in a number of different ways, including the removal of barriers when accessing Government services. It will pave the way for citizens to access Government services more conveniently, efficiently and securely, for example by removing the current reliance on paper certificates to access services.
Data will continue to be protected in accordance with data protection principles, and a number of safeguards will be put in place. Registration officials will be able to share data with only specified public authorities, as defined in new section 19AB—which also includes a power for the Minister to make regulations to add, modify or remove a reference to a public body, thereby providing reassurance that the data will only be disclosed in a targeted way to the Departments listed. As set out in paragraph 58 of the code of practice, the Registrar General has a responsibility to review the code annually, which will involve the national panel for registration. As an additional safeguard, such regulations will be made under the affirmative procedure, requiring the approval of both Houses.
All data sharing will be underpinned by a statutory code of practice, as set out in section 19AC. As I have said, when revising the code the Registrar General will have an obligation to consult the Minister, the Information Commissioner and other relevant parties. The code of practice will act as a safeguard by explaining how discretionary data-sharing powers should be used. The code will require data-sharing agreements to be drawn up, which will includes safeguards on things such as how data will be used and stored and for how long they are to be retained, and forbidding data to be cross-linked in any way.
Question put and agreed to.
Clause 38, as amended, accordingly ordered to stand part of the Bill.
Clause 39
Consequential provision
Question proposed, That the clause stand part of the Bill.
Several questions relating to the clause remain unanswered because we were cantering through on Tuesday afternoon. Will the Minister confirm, and give examples of, what the powers in this part of the Bill will exclude? Will he give some guidance on how officials are meant to determine where the line is for what is and is not included? Will there be more guidance issued for non-public sector authorities that will come under the legislation? Will he assure us that the codes, in their next iteration, will provide further guidance on how officials should deal with conflicts of interest when sharing data, how they should identify any unintended risks from disclosing data to organisations, and how sponsoring public authorities should assess whether their systems and procedures are appropriate for the secure handling of data? I would also be grateful if the Minister confirmed what lessons have been learned from the recent National Audit Office report that found more than 9,000 data incidents in the past year alone, and how the Government are improving their data processes to address those issues.
Will the Minister assure us that nothing in the Bill will undermine patient confidentiality? I am aware that the British Medical Association has written to him but has not had a response. The BMA is unclear about whether the scope of the Bill includes the disclosure of personal health and social care information, which would significantly weaken existing protections for confidential data. Will the well established rules that already protect such confidential information continue to apply, and will he assure us that these powers will not override common law in this vital area?
Finally, on a significant area that has not yet been addressed, do the Government intend to implement the EU’s general data protection regulation? If they do, why is the Bill not compliant with it?
On the European directive, which is to be introduced in May 2018, the codes will be revised and will reflect that. That is why the flexibility we have from the codes not being written into the Bill is so important—so that we can deal with instances in which there will be change in the future. They will be updated to reflect that change in May 2018.
Civil registration officers—public servants who want to share data for the benefit of the public—are not trying to do anything that would compromise those whom they serve. In the code of practice, paragraph 47 states that privacy impact assessments will be put in place to ensure that there will be compliance with data protection obligations and that they meet individual expectations of privacy. All Departments entering into data-sharing arrangements under the powers must comply with privacy impact assessments and publish the findings. We want to ensure transparency so that members of the public understand why it is necessary for those data to be shared.
An application to share data is not simply a permissive path by which new data-sharing arrangements can be established without going through due process and regard. In the fairness and transparency section of the data code of practice, there are many questions that must be addressed in order to establish the data-sharing arrangements. They are clearly laid out.
The Minister says that civil registration officials will be required to publish their findings. What exactly will they be required to publish, under either the code or the measures in the clause?
Paragraphs 47 and 49 of the civil registration data-sharing code of practice clearly state:
“All government departments entering into data sharing arrangements under these powers must conduct a Privacy Impact Assessment and to publish its findings. The Information Commissioner’s Conducting Privacy Impact Assessments code of practice provides guidance on a range of issues in respect of these assessments, including the benefits of conducting privacy impact assessments and practical guidance on the process required to carry one out…Registration officials entering into new data sharing arrangements should refer to the following guidance issued by the Information Commissioner on Privacy Impact Assessments which includes screening questions…to determine whether a Privacy Impact Assessment is required.”
On health care data, the Government are considering Dame Fiona Caldicott’s recommendations. The consultation closed on 7 September, and I confirm that the Bill’s powers will not be used in relation to health and care data before we have completed that process.
The Bill explicitly says that health and social care information should be excluded, but there are concerns that it is drafted so widely that it could be used for that, and I think that the Minister has just confirmed it. He is saying that it is wide enough that should the Government decide on the basis of Dame Fiona’s review that they want to share health and social care information, the Bill will enable it. Is that the case?
The Government will respond to the National Data Guardian’s review. It will not have an impact on the Bill at this stage. The Department of Health recently concluded a public consultation and is considering how to implement her recommendations. As it will take time to make the changes and demonstrate that the public have confidence in them, it would be inappropriate for the Government to seek new information sharing powers in respect of health and care data at this time. I note that we will come to health and care data when we debate a later group of amendments on research, and I hope to provide more information when we do.
Question put and agreed to.
Clause 39 accordingly ordered to stand part of the Bill.
Clause 40
Disclosure of information to reduce debt owed to the public sector
I beg to move amendment 190, in clause 40, page 39, line 21, leave out “have regard, in particular, to” and insert “must comply with”.
With this it will be convenient to discuss the following: amendment 191, in clause 44, page 42, line 8, leave out “have regard to” and insert “comply with”.
Amendment 192, in clause 52, page 49, line 8, leave out “have regard to” and insert “comply with”.
Amendment 193, in clause 60, page 55, line 20, leave out “have regard to” and insert “comply with”.
Amendment 194, in clause 67, page 66, line 15, leave out “have regard to” and insert “comply with”.
Amendment 198, in clause 82, page 80, line 18, at end insert
“and only after the codes of practice required under sections 35, 44, 52 and 60 have been approved by a resolution of each House of Parliament.”
New clause 35—Public register of data disclosures—
‘(1) No disclosure by a public authority under Part 5 shall be lawful unless detailed by an entry in a public register.
(2) Any entry made in a public register under subsection (1) shall be disclosed to another person only for the purposes set out in this Part.
(3) Each entry in the register must contain, or include information on—
(a) the uniform resource locator of the entry,
(b) the purpose of the disclosure,
(c) the specific data to be disclosed,
(d) the data controllers and data processors involved in the sharing of the data,
(e) any exchange of letters between the data controllers on the disclosure,
(f) any other information deemed relevant.
(4) In this section, “uniform resource locator” means a standardised naming convention for entries made in a public register.
These are further amendments tabled by my hon. Friend the Member for Cardiff West and me to make the codes of practice, on which officials have obviously worked so hard and which were developed in consultation with the Information Commissioner, legally binding. With your permission, Mr Stringer, I will come to specific issues about the data-sharing measures and fraud during debate on clause stand part.
I appreciate what the Minister said about sanctions being enforced on those authorities that do not have regard to the code of practice, but it says on the front page of the code:
“The contents of this Code are not legally binding”;
it merely
“recommends good practice to follow when exercising the powers set out in the Bill.”
That is not really a strong enough message to send to officials and all those involved in data-sharing arrangements. I would be interested to hear examples from the Minister of when it would be considered reasonable not to follow the code, as I assume that that is why he does not want to build it into primary legislation. I know that he will tell me that his real reason is that he wants to future-proof the codes. That is all well and good, but the Bill is already outdated. One witness wrote to us in evidence:
“Part 5 seems to imply an approach to ‘data sharing’ modelled on the era of filing cabinets and photocopiers when—quite literally—the only way to make data available to others was to send them a duplicate physical copy. Modern technology has already rendered the need for such literal ‘data sharing’ obsolete: data can now be used without copying it to others and without compromising security and privacy.”
Furthermore, data sharing is not defined, either legally or technically, in the Bill or in the codes of practice. Does data sharing mean data duplication—copying and distribution—or does it mean data access, or alternatives such as attribute exchange or claim confirmation? These are all quite different things, with their own very distinct risk profiles, and in the absence of any definition, the term “data sharing” is ambiguous at best and potentially damaging in terms of citizens’ trust, cyber-security and data protection. Let me give an example: there is a significant difference between, and different security risk associated with, distributing personal information to third parties, granting them controlled and audited one-time access for the purpose of a specific transaction, or simply confirming that a person is in debt or is or is not eligible for a particular benefit, without revealing any of their detailed personal data.
What is more, there is no reference in the clause to identity and how officials, citizens, or organisations, or even devices and sensors, will be able to prove who they are and their entitlement to access specific personal data. Without this, it is impossible to share data securely, since it will not be possible to know with whom data are being shared and whether they are an appropriate person or organisation to have access to those data. Security audits, of who has accessed which data, when and why, require a trusted identity framework to ensure that details of who has been granted access to data are accurately recorded. Presumably, it will also be mandatory to implement good practice security measures, such as protecting monitoring, preventing in real time inappropriate attempts at data access, and flagging such attempts, to enable immediate mitigating action to be taken.
As I said on Tuesday, all these details are moot, as are the codes of practice and indeed the Information Commissioner Office’s excellent code of practice, if the existence and detail of data sharing is not known about to be challenged; hence the need for a register, as set out in new clause 35. That is why we have tabled our amendments and we would like the Minister to give serious consideration to the inclusion of these important principles and safeguards in the Bill. We are not talking about detailed regulations, we are certainly not talking about holding back technological advances, and we are not talking about the “dead hand of Whitehall”, as the Minister said on Tuesday. We are talking about vital principles that should be in primary legislation, alongside any new powers to share information. The most important of those principles is transparency, which is exactly what new clause 35 speaks to. It would require public authorities to enter in a public register all data disclosures across Government.
The Minister did not know the detail of the audits that are mentioned in the codes of practice. We really need more detail on those audits, as it may well satisfy us in our request for this register. Will all data-sharing agreements be kept in a single place in each Department, updated as data are shared and disclosed across Government, with Government agencies and with non-public sector organisations? Will these additional agencies keep similar audits and—crucially—will those audits be publicly available? Also, will the audits include the purpose of the disclosure, the specific data to be disclosed, how the data were transferred, how the data are stored and for how long, how the data are deleted at the end of that time frame, what data controllers and processors are involved in the sharing of that data, and any other restrictions on the use of further disclosure of that data?
If we have, in a single place, data-sharing amendments, as this amendment would establish, the public can see and trust how their data are being used and for what purpose. They can understand why they are getting a letter from Concentrix about Her Majesty’s Revenue and Customs, or why they have been targeted for a warm home scheme, and—crucially—they can correct or add to any information on themselves that is wrongly held.
Does the hon. Lady agree that, if there is an opportunity to access a proactive notification service that indicates to the member of public that their data are being used and for what purpose, that should be included in any future consideration of this matter?
I completely agree, and I believe that the gov.uk Notify service would be an excellent means by which to go about that. I hope that the Minister will consider it.
My hon. Friend is making a valid point, which I referenced in my point about getting on the bus and the destination. She is suggesting that individuals have rights to own their information; there is a register that they could accept. This is the journey that we have to make. It is about empowering the individual. My hon. Friend is making a powerful point. I am pleased that the Opposition are making this point, because it needs to be made. The future will be about individual ownership of information. I hope that my hon. Friend prosecutes the argument as well as she can.
The point is vital and it is the point that was made earlier in our proceedings. Unless we get this right at this stage, it will become a scandal that the Government will then have to deal with and it will hold back progress on sharing data, as we saw with the care.data scandal. We do not want to see the Government embroiled in another scandal like that and we hope that they heed our warnings in order to avoid one in the future.
The objective behind the register is that it could be considered an amnesty for all existing data-sharing projects, with the disclosure assisting understanding of the problem and improving public trust. Let us not kid ourselves that the Bill covers the only data sharing that happens across Government. In a recent interview with Computer Weekly, the new director of the Government Digital Service, Kevin Cunnington, said:
“The real work is going on in”
places such as “Leeds and Manchester”—I would disagree with him on that point for a start, because we are not fans of Leeds in Sheffield—
“as well as London. We need to be part of that. The example I use is where DWP now runs a whole set of disability benefits. It would be incredibly helpful if DWP had selected and consensual access to some of”—
those people’s—
“medical data. Right now, NHS Digital and DWP are having that conversation in Leeds and we’re not in the conversation. Why wouldn’t GDS be in a conversation like that? If we’re going to be, we’ve got to be in Leeds—we can’t do that from here.”
We know that that conversation is happening between the DWP and the NHS—despite assurances that sharing of health and social care information is not happening across Government—only because a random official mentioned it in a random interview, so I ask this question again: does the Minister have an audit of data-sharing agreements and arrangements across Government, or is it the case, as I fear it is, that not only do the public not know which data are shared across Government, for what purpose and how they are stored, but Ministers do not know either?
The hon. Lady is making an excellent point. What this cuts back to is the underlying theme of transparency. Rather than the Government acting in a paternal way—“We’ll do what is best for the citizens”—they should be transparent and make it clear to citizens why and where data are being used.
That is exactly the kind of attitude that underpins these elements of the Bill: “Trust us. We’ll sort it out. Give us your data. No problem. We’re going to share them freely and fairly.” The Government may well do. The problem is that the public do not have that trust in them. As I said on Tuesday, this is not a party political point. The previous Labour Government were not up to scratch in handling data either. This is not a party political attack at all. It is a genuine attempt to get these proposals in the best shape possible, to aid Government digitisation and deliver efficient public services.
Just as the Government give taxpayers a summary of how their tax money has been spent so they should give citizens information on how they have used data on them. If there is transparency through a register, there can be an informed conversation about whether a data disclosure will solve the problems that it claims to. There has been data sharing to prevent fraud for decades and a complete absence of audited and accurate results from that work. Arguing that current data sharing has not prevented fraud and so there should be more data sharing equates to doing the same thing over and again and expecting a different result.
The amendment is vital to restore and build on public trust in the Government handling of data. It is not in my nature to call on my constituents to trust this Government, but if they enacted the amendment, I absolutely would. I would be able to tell my constituents in good faith that they were right to trust their data to this or any future Government, because they and the data community could see exactly how and why their data were being used and exert some control over it. If the Government do not heed this lesson now, I am afraid that they will learn the hard way when things go the way of care.data or worse, as they inevitably will.
To return to the security angle, we must have assurances that only people with a genuine business need to see the personal information involved in a data-sharing arrangement will have access to it; confirmation of who will notify in the event of any security breach; and procedures in place to investigate the cause of any security breach. Paragraph 104 of the code suggests:
“You should ensure that data no longer required is destroyed promptly and rendered irrecoverable. The same will apply to data derived or produced from the original data, except where section 33 of the DPA applies (in relation to data processed for research purposes).”
At all times, we want to ensure that public confidence is taken forward with the pilots. They will be put in place only once all the boxes have been ticked. Paragraph 108 of the code states:
“You should make it easy for citizens to access data sharing arrangements and provide information so that the general public can understand what information is being shared and for what purposes. You should communicate key findings or the benefits to citizens derived from data sharing arrangements to the general public to support a better public dialogue on the use of public data.”
Security is not discretionary. Amendment 190 would not reinforce that requirement. It is not a question of compliance with systems in place. Instead, there must be adequate systems in place and Ministers must have regard to those systems to ensure they meet the essential security specifications that the Government demand.
Amendments 191 to 194 concern the codes of practice and present a similar discussion to the one we had about using “have regard to” or “compliance to”. The powers cover a range of public authorities in devolved areas, and we want to ensure flexibility in how powers will be operated, so that we can learn from what works and adapt the code as necessary. If bodies fail to adhere to the code, the Minister will make regulations to remove their ability to share information under the power as set out in paragraph 11 of the code of practice.
As I mentioned, the requirement to have regard to the code of practice does not mean that officials have discretion to disregard the code at will. They will be expected to follow the code or they will lose their ability to share data. There could be exceptional reasons why it is reasonable to depart from the requirements of the code. To fix a rigid straitjacket creates a system of bureaucracy where officials must follow processes that run contrary to logic. This is standard drafting language adopted for the above reasons in the Immigration Act 2016, the Children and Families Act 2014 and the Protection of Freedoms Act 2012, to name a few recent pieces of legislation.
It is welcome to hear how detailed and extensive these audits will be. If they are subject to the Freedom of Information Act 2000, will the Minister consider proactively publishing them anyway, so that we can be assured that they are all kept in one place and that data sharing happens only in accordance with data-sharing arrangements that are in the public domain?
When we set up new data-sharing arrangements, we must remember that the ICO and the devolved Administrations must be consulted and that the powers must go before Parliament again. We will have further scrutiny when considering the regulations under the affirmative procedure for secondary legislation.
Given that the arrangements have to go through all the obstacles that the Minister has just outlined, I do not understand why not then include them in a central register, so that they are all in one place. We could then be confident that not just those cases in the Bill but all data sharing across the Government is made public and people can have confidence in how and why their data are being used and shared.
The hon. Lady refers to new clause 35, so I would now like to address that and take her points on board. This is about informing the public about what information is being shared by public authorities and for what reason.
The Bill’s provisions already include a number of commitments to transparency and proportionality, which I have already discussed in disclosing information by public authorities. There is a consistent requirement to uphold the Data Protection Act, including its privacy principles that govern the secure, fair and transparent processing of information.
We require the publishing of privacy impact assessments and privacy notices as set out in paragraph 82 of the code of practice. The research power requires the UK Statistics Authority, as the accrediting body, to maintain and publish a register of all persons and organisations it has accredited, and they can be removed under clause 61(5), which mandates that a withdrawal of accreditation will take place if there has been a failure to have regard to the code of practice.
The requirements of the new clause would inevitably create a new set of administrative burdens, which in turn would carry significant cost implications. It is not clear how the uniform resource locator referred to would be agreed upon, or what assessment has been made of the administrative changes that may be required across the public sector. The requirement might have an unintended consequence. For example, it is possible that including information on the specific data to be disclosed would raise difficult questions about whether the public register would interfere with the duty of confidentiality or breach the provisions of the Data Protection Act. Some of the new powers—in particular, the research provisions—would involve the sharing of non-identifying information, so it is not clear how citizens would understand from a register which datasets contain information relating to them or any particular group of reasons.
The key purpose of the new powers is to simplify the legal landscape to enable public authorities to do their job more effectively and deliver better outcomes for the citizen. The new clause, however well intentioned—I respect the hon. Lady’s point—risks working against that purpose and I therefore invite her to withdraw it.
The Opposition drafted the amendments and I accept that they may not be perfect, but the principle behind the idea of a data register is impossible to argue with. If the Minister claims that these audits will be done thoroughly and that they will be subject to the Freedom of Information Act anyway, I see no reason why they should not be proactively published, so that the public and Opposition Members can have full confidence that everything in the codes of practice, which are not statutory, is being properly adhered to.
Does my hon. Friend concur that a proactive publication might be a lot more cost-effective than chasing after hundreds or, indeed, thousands of FOI requests?
Absolutely. This is where the Government often miss a trick: the interrelationship between FOI and open data could drive significant efficiencies across the Government and provide citizens and the data community with valuable data, including data that are valuable to the digital economy. I appreciate that our amendment might not be perfectly drafted, but I hope that the Minister will give serious consideration to the proactive publication of these audits and of all data-sharing arrangements across the Government.
There are existing mechanisms across Europe whereby information can be given to the public proactively. Does the hon. Lady agree that the public should not have to go through the process of making an FOI request—they should not have to go through all that hassle—to get the information that pertains to them and their lives?
Exactly. The data belong to them; that is exactly right. They should not have to jump over legalistic hurdles to find out how and why the Government are using data that should belong to them, and the Bill completely turns the view that they should not have to do so on its head. I take the Minister’s point about the amendment not being properly drafted. We will go away and redraft it and we will absolutely return to this issue on Report. I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
Question proposed, That the clause stand part of the Bill.
As I have already set out, the Opposition broadly support the objectives outlined in the clause, but, as we have said on several occasions, those objectives must be set within strict safeguards to enable the better management of services.
Indeed, the open data policy process, which has been referenced several times, was a practical and commendable way in which to establish key principles for data to be handled, and to seek the views of industry experts. It is just a shame that it was completely ignored.
Polls show that the public consistently approve of the better use of data across Departments to help to improve customer service; nobody could really dispute that. However, our concerns are not related to the broader principle but to the practicality of these measures.
As we heard in the evidence we received, if these new powers are used appropriately in the management of debt, they could help put a stop to aggressive, unco-ordinated approaches from Government agencies to debt. There is little doubt that debt collection for central Government Departments leaves a lot to be desired. Vulnerable citizens facing multiple hardships are being pursued in a way that is to the detriment of the overall policy of reducing debt.
Citizens Advice said in its evidence to the Committee that there has been a big growth in demand for help with debt, as policies such as the bedroom tax and complex tax credit arrangements are pushing people, through no fault of their own, into debt. The Government’s haphazard approach often compounds matters and creates perverse outcomes, whereby thousands of individuals who are claiming exactly what they should be claiming are targeted in profiling exercises, which amount to nothing short of a mass Government-sponsored phishing exercise. Such an exercise has no place in necessary Government efforts to reduce error.
Shocking research by the charity StepChange has found that these aggressive debt collection methods have resulted in Government Departments having the dubious accolade of being second, behind bailiffs and ahead of mobile phone companies, in the list of those organisations that are considered most likely to treat debtors unfairly.
Again, there is little doubt that the Government’s move to help Departments to better share necessary information on debt could help reduce the unco-ordinated approach that currently harms debtors. However, there are two problems. First, as we have heard, the Government’s debt collection process is flawed and suffers from a lack of trust; and, secondly, the clause will furnish the Government with an extension of their power in matching data, yet this year alone the Government have demonstrated an abysmal failure to match their powers to their responsibility to the users of their services. That leaves public trust hanging by a thread.
Good debt management is a key part of achieving the Government’s fiscal policy objectives. Clause 40 provides a permissive power that will enable information to be shared for the purposes of identifying, collecting, or taking administrative or legal action as a result of debt owed to the Government. With more than £24 billion of debt owed to the Government, the problem is clearly significant.
Public authorities need to work together more intelligently to ensure that more efficient management of debt occurs. We believe that the new power will assist in achieving that. By enabling the efficient sharing of information to allow appropriate bodies to draw on a wider source of relevant data, informed decisions can be made about a customer’s circumstances and their ability to pay. Sharing information across organisational boundaries will help the Government to understand the scale of the issues individuals are facing, and where vulnerable customers are identified, they can be given appropriate support and advice.
Citizens Advice stated:
“This new power is an opportunity to advance the fairness and professionalisation agenda in government debt collection…Sharing data between debt collecting departments will create improved opportunities for better treatment of people in vulnerable situations, and must be matched with fairer and more effective dispute resolution processes.”
The Government agree with that and have worked with non-fee paying debt advice agencies to develop fairness principles to accompany the power, which are included in annex A of the code of practice.
It is important to dwell on the principles that organisations will adhere to, which state:
“Pilots operating under the new data sharing power should aim to use relevant data to help to differentiate between: A customer who cannot pay their debt because of vulnerability or hardship…; A customer who is in a position to pay their debts but who may need additional support; and A customer who has the means to pay their debt, but chooses not to pay - so public authorities, and private bodies acting on their behalf, can assess which interventions could best be used to recover the debt”,
and that:
“Pilots must be conscious of the impact debt collection practices have on vulnerable customers and customers in hardship”.
The principles go on to cover:
“Using relevant sources of data and information to make informed decisions about a customer's individual circumstances and their ability to pay.”
That process could include:
“An assessment of income versus expenditure to create a tailored and affordable repayment plan based on in work and out of work considerations, including the ability to take irregular income into account; and consideration of the need for breathing space to seek advice, or forbearance, in cases of vulnerability and hardship…Where a vulnerable customer is identified, they should be given appropriate support and advice, which may include signposting to non-fee paying debt advice agencies.”
I would be grateful if the Minister confirmed that those pilots and the powers enabled in the Bill will apply only to individuals already identified as being in debt, and that they will not seek to profile individuals who may or may not be in debt.
Yes, I can confirm that. Moving forward, I reassure the Committee that we will continue to work closely with Citizens Advice and StepChange to look at fairness in Government debt management processes. Only HMRC and DWP have full reciprocal debt data-sharing gateways in place, under the Welfare Reform Act 2012. This power will help level the playing field for specified public authorities by providing a straightforward power to share data for clearly outlined purposes. Current data-sharing arrangements are time-consuming and complex to set up, and significantly limit the ability of public authorities to share debt data. This power will help facilitate better cross-Government collaboration that will help drive innovation to improve debt management. The clause will provide a clear power for specified public authorities to share data for those purposes, and will remove the existing complications and ambiguities over what can and cannot be shared and by whom.
The Minister may have just clarified the point I was seeking to tease out of him. The problems that my hon. Friend the Member for Sheffield, Heeley described show that, far from helping people with debt, the agencies acting on behalf of the Government have created debt that did not exist previously by misusing Government data. The Minister may have just assured us that that will not be the case. If the Minister is really concerned about reducing Government debt, perhaps the Government should have not chopped in half the number of HMRC tax inspectors and instead gone after the people who owe the Government tax.
Question put and agreed to.
Clause 40 accordingly ordered to stand part of the Bill.
Clause 41
Further provisions about power in section 40
Amendments made: 120, in clause 41, page 40, line 5, at end insert—
“(ba) for the prevention or detection of crime or the prevention of anti-social behaviour,”
This amendment and amendment 123 create a further exception to the bar on using information disclosed under Chapter 3 of Part 5 of the Bill for a purpose other than that for which it was disclosed. The amendments allow use for the prevention or detection of crime or the prevention of anti-social behaviour.
Amendment 121, in clause 41, page 40, line 6, leave out
“(whether or not in the United Kingdom)”.
This amendment removes the provision stating that a criminal investigation for the purposes of clause 41(2) may be within or outside the United Kingdom. This is for consistency and on the basis that a reference to a criminal investigation covers an investigation overseas in any event.
Amendment 122, in clause 41, page 40, line 8, leave out
“and whether or not in the United Kingdom”.
This amendment removes the provision stating that legal proceedings for the purposes of clause 41 may be within or outside the United Kingdom. This is for consistency and on the basis that a reference to legal proceedings covers proceedings overseas in any event.
Amendment 123, in clause 41, page 40, line 11, at end insert—
‘( ) In subsection (2)(ba) “anti-social behaviour” has the same meaning as in Part 1 of the Anti-social Behaviour, Crime and Policing Act 2014 (see section 2 of that Act).”—(Chris Skidmore.)
See the explanatory statement for amendment 120.
Clause 41, as amended, ordered to stand part of the Bill.
Clause 42
Confidentiality of personal information
Amendments made: 124, in clause 42, page 41, line 4, at end insert—
“(da) for the prevention or detection of crime or the prevention of anti-social behaviour,”
This amendment and amendment 127 create a further exception to the bar on the further disclosure of information disclosed under Chapter 3 of Part 5 of the Bill, allowing disclosure for the prevention or detection of crime or the prevention of anti-social behaviour.
Amendment 125, in clause 42, page 41, line 5, leave out
“(whether or not in the United Kingdom)”.
This amendment removes the provision stating that a criminal investigation for the purposes of clause 42(2) may be within or outside the United Kingdom. This is for consistency and on the basis that a reference to a criminal investigation covers an investigation overseas in any event.
Amendment 126, in clause 42, page 41, line 8, leave out
“and whether or not in the United Kingdom”.
This amendment removes the provision stating that legal proceedings for the purposes of clause 42(2) may be within or outside the United Kingdom. This is for consistency and on the basis that a reference to legal proceedings covers proceedings overseas in any event.
Amendment 127, in clause 42, page 41, line 12, at end insert—
‘( ) In subsection (2)(da) “anti-social behaviour” has the same meaning as in Part 1 of the Anti-social Behaviour, Crime and Policing Act 2014 (see section 2 of that Act).”
See the explanatory statement for amendment 124.
Amendment 128, in clause 42, page 41, line 13, leave out subsections (3) and (4) insert—
‘( ) A person commits an offence if—
(a) the person discloses personal information in contravention of subsection (1), and
(b) at the time that the person makes the disclosure, the person knows that the disclosure contravenes that subsection or is reckless as to whether the disclosure does so.” —(Chris Skidmore.)
This amendment applies to the disclosure of personal information in contravention of subsection (1) of clause 42. It has the effect that it is an offence to do so only if the person knows that the disclosure contravenes that subsection or is reckless as to whether it does so.
Clause 42, as amended, ordered to stand part of the Bill.
Clause 43 ordered to stand part of the Bill.
Clause 44
Code of practice
Amendment made: 129, in clause 44, page 42, line 7, at end insert—
‘( ) The code of practice must be consistent with the code of practice issued under section 52B (data-sharing code) of the Data Protection Act 1998 (as altered or replaced from time to time).”—(Chris Skidmore.)
This amendment requires a code of practice issued under clause 44 by the relevant Minister and relating to the disclosure of information under clause 40 to be consistent with the data-sharing code of practice issued by the Information Commissioner under the Data Protection Act 1998.
Question proposed, That the clause stand part of the Bill.
In evidence, Citizens Advice told us that an estimated £1 in every £5 of debt in this country is debt to the Government. It found that its clients can suffer detriment when public bodies have overly aggressive, unco-ordinated and inconsistent approaches to debt collection. There is also fairly substantial evidence that central Government debt collection lags behind the high standards expected of other creditors, including water companies, council tax collection departments, banks and private debt collectors.
I ask the Minister to consider extending the common standard financial statement to set affordable payments, as the energy, water, banking and commercial debt collection sectors do. That is demonstrated by research from StepChange, which found that in terms of debt collection, those facing severe financial difficulty were likely to rate the DWP and local authorities only just behind bailiffs as those most likely to treat them unfairly.
The Government have started work to look into the common financial statement and standard financial statement alongside non-fee-paying debt advice agencies. That work is in its infancy, but the evidence will help us to decide whether the CFS/SFS could have benefits for Government. Until that work is completed, the Government cannot commit fully to adopt the CFS/SFS.
Will the Minister give a timeframe for when that work will be completed and when we will have a statement from the Government?
It is not possible for me to give a timeframe in a Bill Committee discussing clause stand part. I suggest that I write to the hon. Lady, setting out those details in due course.
Government debt is clearly different from private sector debt. It is not contractual. The Government provide a wide range of services to citizens, such as the NHS and education system, and targeted support for those who meet the eligibility requirements to receive benefits. In return, citizens are required to pay taxes and repay any benefit in tax credit overpayments or fines that have been imposed for criminal activity. That revenue helps to fund vital services. The Government aim to ensure that customers are treated fairly. We encourage customers to engage early, so that they can agree on an affordable and sustainable repayment plan that takes individual circumstances into account. We understand that if poor debt collection practice occurs, that can cause distress.
The clause requires in particular that the code of practice must be issued by the Minister. It sets out more detail about how the power will operate and the disclosure and use of data. All specified public authorities and other bodies disclosing or using information under the power must have regard to the code of practice, which sets out in detail best practice of how the data-sharing power should be used. That includes what data should be shared, how data will be protected, issues around privacy and confidentiality and, significantly, the set of fairness principles that I talked about, which must be considered when exercising the power in clause 40. With that in mind, and the fact I have discussed extensively how the codes of practice will help protect the most vulnerable in society, I hope the clause will stand part of the Bill.
I am grateful to the Minister for the commitment to write to me. It would be welcome if he could write to all members of the Committee. That shows how committed he is to improving the detail of the clause.
Question put and agreed to.
Clause 44, as amended, accordingly ordered to stand part of the Bill.
Clause 45
Duty to review operation of Chapter
I rise to speak to amendment 130, in clause 45, page 43, line 10, at end insert—
‘( ) The relevant Minister may only make regulations under subsection (5)—
(a) in a case where the regulations include provision relating to Scotland, with the consent of the Scottish Ministers;
(b) in a case where the regulations include provision relating to Wales, with the consent of the Welsh Ministers;
(c) in a case where the regulations include provision relating to Northern Ireland, with the consent of the Department of Finance in Northern Ireland.”
This amendment requires the relevant Minister to obtain the consent of the Scottish Minsters, Welsh Ministers or Department of Finance before making regulations which, following a review under clause 45, amend or repeal Chapter 3 of Part 5 and make provision relating to Scotland, Wales or Northern Ireland respectively.
It is envisaged that information-sharing powers will enable sharing arrangements to be set, but they may take place solely within a devolved territory or involving data relating to devolved matters. The amendments intend to require the consent of Scottish Ministers, Welsh Ministers and the Department of Finance in Northern Ireland before making any regulations to amend or repeal the provisions that relate to those territories. Regrettably, we have found technical flaws with the amendments, so we will reconsider this issue and return to it at a later stage.
I would be grateful if the Minister confirmed what technical issues there are with the amendments.
There are a number of technical issues in these amendments, and we are determined to consult thoroughly with the devolved Administrations and the relevant offices. We will do so in due course. We will return to that later in the Bill.
The amendments apply to the research power. Together they provide clarity on the conditions that must be met when information provided by public authorities for research purposes is processed, as set out in clause 56. They also require public authorities to obtain accreditation to process personal information with that power, and they provide further clarity on the exclusion of health and adult social care information in clauses 56 and 63.
Personal information must not be disclosed to researchers under the power unless it is first processed in a way that protects the privacy of all data subjects. Those involved in the processing of information must be accredited as part of the conditions under this power. Processing may be carried out by the public authority that holds the data concerned, a different public authority, or specialist persons or organisations outside the public sector, including those providing secure access facilities and other functions, those commonly referred to as trusted third parties, or a combination of the two.
These amendments have been tabled to ensure that the position is reflected accurately in clause 56 and to ensure that it is clear that each accredited processor can disclose information to other accredited processors as required. In addition, they clarify that a person involved in the processing of information other than the public authority holding the information can disclose the de-identified information to researchers.
As drafted, the Bill does not require public authorities to be accredited or to process data for disclosure to researchers. On reflection, the Government recognise the importance of ensuring that all bodies involved in processing information are subject to the same level of accountability and scrutiny. The amendments will enable the UK Statistics Authority, as the accrediting body, to enforce a consistent approach to best practice for handling information.
Finally, it is important that the exclusion of health and adult social care data is defined in a way that is accurate and transparent. As drafted, the research clauses could be interpreted as excluding from the power public authorities that are primarily health and adult social care providers, but which provide some health-related services. That could mean that, contrary to the intention of the Bill, public authorities, including local authorities that provide a range of services, are at risk of being barred from sharing data relating to their functions because they provide some health and social care-related services.
The amendments will clarify that public authorities whose sole function is to provide health and/or adult social care services will be excluded from the power. They also clarify that public authorities that provide health and/or adult social care services as part of a range of services can share information, including health and adult social care data.
I very much welcome the amendments. Has the Minister considered the Information Commissioner’s recommendation to have an additional offence for re-identifying anonymised personal information, as in the Australian model? I otherwise support the amendments.
Digital Economy Bill (Tenth sitting) Debate
Full Debate: Read Full DebateLouise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)Department Debates - View all Louise Haigh's debates with the Cabinet Office
(8 years ago)
Public Bill CommitteesIt is a pleasure to serve under your chairmanship, Mr Streeter. There is little need to dwell on this chapter of the Bill because of the safeguards that, as we have heard, are already in place and are well tried and tested. I was greatly encouraged that the Royal Statistical Society said in our evidence session that there needs to be a clear and well understood framework for the sharing of such information, as proposed in this part of the Bill. As we have said at length, we support that.
Most importantly for this debate, the Office for National Statistics operates transparently and publishes guidance on what data it uses and when, and on the public value that is derived from the data and information supplied to it for the purposes of producing official statistics and statistical research. The ONS’s information charter sets out how it carries out its responsibility for handling personal information, and the ONS’s respondent charters for business surveys and household and individual surveys set out the standards that respondents can expect.
The code of practice for official statistics has statutory underpinning in the Statistics and Registration Service Act 2007. Statisticians are obliged to adhere to its ethical requirements, including its principles of integrity, confidentiality and the use of administrative sources for statistical purposes. The Royal Statistical Society said that consideration could usefully be given to whether a new framework for the national statistician to access identifiable data held across the Government and beyond should require a supplementary code of conduct, to extend further public confidence. I would be grateful to the Minister if he confirmed whether he has responded to that and what steps he intends to take on that point.
Finally, the national statistician recently established the national statistician’s data ethics advisory committee, which provides ethical consideration of proposals to access, share and use data. The majority of the committee are independent and lay members from outside the Government, and it operates transparently with all papers and minutes published. It provides independent scrutiny of data shares and reports to the national statistician, who then reports to the UK Statistics Authority board. That model could easily be transposed to better protect data across the Government, as described in other chapters in the Bill.
We are happy to support the measures given the excellent and long-standing safeguards that are already in place, and we hope that, in time, the codes and other requirements in other parts of the Bill follow suit.
The clause will create a clear, permissive power for public authorities to disclose information that they hold for the purpose of research in the public interest. It will ensure that any personal information is processed before it is disclosed and that a person’s identity is not specified in the information, so that a person’s identity cannot be deduced from that information. It will establish a set of conditions to ensure that any processing of personal information is undertaken in a way that protects the privacy of individuals.
To maintain a truly innovative and competitive economy and to ensure that decisions taken on a range of economic and social issues are informed by the best possible evidence base, it is essential that we maximise the use of rich and varied sources of administrative information that is held across public data.
I shall come in a moment to the UK Statistics Authority’s position on the use of national statistics; it would benefit enormously from these measures. The potential benefits from increased access to information extend far beyond the research community. It is generally accepted that increased research and development leads to improved productivity and therefore increased economic growth. Information is increasingly a key raw material.
The research community has for some time been prevented from making better use of information held by the public sector, due to a complex legal landscape that has evolved over time. As a result, public authorities are often uncertain about their powers to share information, leading to delays, in some cases lasting years. In the meantime, projects become obsolete or are abandoned.
The Administrative Data Taskforce warned in its 2012 report that the UK was lagging behind other countries in its approach to this issue. It called for a generic legal power to allow public authorities to provide information for research purposes. As well as providing that power, which will remove the uncertainty that has frustrated the research community, the clause will provide a set of conditions that must be complied with if personal information is to be shared.
The conditions can be summarised as the sharing and use only of information that has been de-identified to industry standards to remove information that would identify, or is reasonably likely to identify, an individual, and the requirements that those who process information that identifies a person take reasonable steps to minimise accidental disclosure and prevent deliberate disclosure of such information, that all those who process personal information or receive or use processed personal information are subject to an accreditation process overseen by the UKSA, whether they are researchers, technicians or those who provide secure environments for linking and accessing data, that research for the purposes of which the information is disclosed is accredited and that all those involved in the exercise of the power adhere to a code of practice that is produced and maintained by the UKSA.
The UKSA is the designated accredited body with a duty to maintain and publish registers of all those accredited for any purpose under the power. That includes all those who may be involved in preparing personal information for disclosure to researchers and the research project itself. The results or outcomes of the research project must be publicly available, to demonstrate that the research is for the public good. The UKSA has a duty to maintain and publish the criteria for accreditation, and all activity under the power will be subject to a code of practice issued by the UKSA. I hope that answers the hon. Gentleman’s concerns.
Turning to the willingness for this to happen, the clause represents an important step forward for research in the UK. It will allow greater opportunities to produce high-quality research, which, in the words of the Economic and Social Research Council, can place
“the UK at the forefront of the international scientific landscape.”
It will allow greater opportunities to improve our understanding of our economy and society.
I would like to put on record the comments of Sir Andrew Dilnot, the chair of the UKSA:
“The Digital Economy Bill, currently before the House of Commons Public Bill Committee, represents a unique opportunity to deliver the transformation of UK statistics. The existing legal framework governing access to data for official statistics is complex and time-consuming. The proposals in the Bill, by making use of data already held across Government and beyond, would deliver better access to administrative data and for the purposes of statistics and research, delivering significant efficiencies and savings for individuals, households and businesses. Decision-makers need accurate and timely data to make informed decisions, in particular about the allocation of public resource. This Bill will deliver better statistics and statistical research that help Britain make better decisions.”
Question put and agreed to.
Clause 56, as amended, accordingly ordered to stand part of the Bill.
Clause 57
Provisions supplementary to section 56
Amendments made: 150, in clause 57, page 53, line 24, at end insert—
‘( ) In its application to a public authority with functions relating to the provision of health services or adult social care, section 56 does not authorise the disclosure of information held by the authority in connection with such functions.”
This amendment and amendments 168 to 170 ensure that Chapter 5 of Part 5 applies to a public authority with functions relating to the provision of health services or adult social care and other functions, but that in such a case the powers to disclose in the Chapter only apply to information held in connection with the other functions.
Amendment 151, in clause 57, page 53, line 28, leave out “56” and insert “56(1)”.—(Chris Skidmore.)
See the explanatory statement for amendment 142.
Clause 57, as amended, ordered to stand part of the Bill.
Clause 58
Bar on further disclosure of personal information
Amendments made: 152, in clause 58, page 53, line 38, leave out “56(9)” and insert “56(3B)”.
See the explanatory statement for amendment 142.
Amendment 153, in clause 58, page 54, line 2, at end insert “(including section56(3B))”.
See the explanatory statement for amendment 142.
Amendment 154, in clause 58, page 54, line 6, at end insert—
“(da) which is made for the prevention or detection of crime or the prevention of anti-social behaviour,”.
This amendment and amendment 157 create a further exception to the bar on the further disclosure of information which is disclosed under clause 56 (so that it can be processed for disclosure under that section), allowing disclosure for the prevention or detection of crime or the prevention of anti-social behaviour.
Amendment 155, in clause 58, page 54, line 7, leave out
“(whether or not in the United Kingdom)”.
This amendment removes the provision stating that a criminal investigation for the purposes of clause 58(3) may be within or outside the United Kingdom. This is for consistency and on the basis that a reference to a criminal investigation covers an investigation overseas in any event.
Amendment 156, in clause 58, page 54, line 10, leave out
“and whether or not in the United Kingdom”.
This amendment removes the provision stating that legal proceedings for the purposes of clause 58(3) may be within or outside the United Kingdom. This is for consistency and on the basis that a reference to legal proceedings covers proceedings overseas in any event.
Amendment 157, in clause 58, page 54, line 11, at end insert—
‘( ) In subsection (3)(da) “anti-social behaviour” has the same meaning as in Part 1 of the Anti-social Behaviour, Crime and Policing Act 2014 (see section 2 of that Act).”
See the explanatory statement for amendment 154.
Amendment 158, in clause 58, page 54, line 21, leave out subsections (5) and (6) insert—
‘( ) A person commits an offence if—
(a) the person discloses personal information in contravention of subsection (2), and
(b) at the time that the person makes the disclosure, the person knows that the disclosure contravenes that subsection or is reckless as to whether the disclosure does so.
This amendment applies to the disclosure of personal information in contravention of subsection (2) of clause 58. It has the effect that it is an offence to do so only if the person knows that the disclosure contravenes that subsection or is reckless as to whether it does so.
Amendment 159, in clause 58, page 54, line 39, leave out “56(9)” and insert “56(3B)”. —(Chris Skidmore.)
See the explanatory statement for amendment 142.
Clause 58, as amended, ordered to stand part of the Bill.
Clause 59
Information disclosed by the Revenue and Customs
Amendment made: 160, in clause 59, page 54, line 43, leave out “56(9)” and insert “56(3B)”.—(Chris Skidmore.)
See the explanatory statement for amendment 142.
Clause 59, as amended, ordered to stand part of the Bill.
Clause 60
Code of practice
Amendments made: 161, in clause 60, page 55, line 19, at end insert—
‘( ) The code of practice must be consistent with the code of practice issued under section 52B (data-sharing code) of the Data Protection Act 1998 (as altered or replaced from time to time).”.
This amendment requires a code of practice issued under clause 60 by the relevant Minister and relating to the disclosure of information under clause 56 to be consistent with the data-sharing code of practice issued by the Information Commissioner under the Data Protection Act 1998.
Amendment 162, in clause 60, page 55, line 24, leave out “56” and insert “56(1)” —(Chris Skidmore.)
See the explanatory statement for amendment 142.
Clause 60, as amended, ordered to stand part of the Bill.
Clause 61
Accreditation for the purposes of this Chapter
Amendments made: 163, in clause 61, page 56, line 7, leave out “56” and insert
“subsection (1) of section 56”.
See the explanatory statement for amendment 142.
Amendment 164, in clause 61, page 56, line 9, leave out “section” and insert “subsection”.
See the explanatory statement for amendment 142.
Amendment 165, in clause 61, page 56, line 11, leave out “section” and insert “subsection”.
See the explanatory statement for amendment 142.
Amendment 166, in clause 61, page 56, line 23, leave out “56” and insert “56(1)”.
See the explanatory statement for amendment 142.
Amendment 167, in clause 61, page 56, line 38, at end insert—
‘(6A) The Statistics Board—
(a) may from time to time revise conditions or grounds published under this section, and
(b) if it does so, must publish the conditions or grounds as revised.
(6B) Subsection (6) applies in relation to the publication of conditions or grounds under subsection (6A) as it applies in relation to the publication of conditions or grounds under subsection (2).”—(Chris Skidmore.)
This amendment enables the Statistics Board to revise the conditions and grounds it establishes for the accreditation and withdrawal of accreditation of people and research for the purposes of information sharing under Chapter 5 of Part 5 of the Bill.
Clause 61, as amended, ordered to stand part of the Bill.
Clause 62 ordered to stand part of the Bill.
Clause 63
Interpretation of this Chapter
Amendments made: 168, in clause 63, page 57, line 18, leave out subsection (2) and insert—
‘(2) A person is not a public authority for the purposes of this Chapter if the person—
(a) only has functions relating to the provision of health services,
(b) only has functions relating to the provision of adult social care, or
(c) only has functions within paragraph (a) and paragraph (b).
(2A) The following are to be disregarded in determining whether subsection (2) applies to a person—
(a) any power (however expressed) to do things which are incidental to the carrying out of another function of that person;
(b) any function which the person exercises or may exercise on behalf of another person.”.
See the explanatory statement for amendment 150.
Amendment 169, in clause 63, page 57, line 21, leave out “subsection (2)(a)” and insert “this Chapter”.
See the explanatory statement for amendment 150.
Amendment 170, in clause 63, page 57, line 30, leave out “subsection (2)(b)” and insert “this Chapter”.—(Chris Skidmore.)
See the explanatory statement for amendment 150.
Clause 63, as amended, ordered to stand part of the Bill.
Clause 64
Disclosure of non-identifying information by HMRC
Question proposed, That the clause stand part of the Bill.
Very briefly, I would be grateful to the Minister if he confirmed why a separate, further clause is necessary on disclosure of non-identifying information by HMRC. The safeguards in the rest of the Bill are sufficient.
As the holder of some of the most useful datasets in the public sector, HMRC has an interest in sharing data more extensively where it does not compromise taxpayer confidentiality. The clause relates to the current legal constraints for HMRC on the disclosure of non-identifying information, allowing the UK tax authority to share information for purposes in the public interest. It deals with information that does not reveal a person’s identity: either general information that is never related to a taxpayer or information aggregated to such a degree that it does not reveal anything particular to a person.
These are minor and technical amendments to various definitions in proposed new sections 45B and 45C of the Statistics and Registration Service Act 2007. Sections 45B and 45C give the UK Statistics Authority a right of access to information required for its functions held by Crown bodies and public authorities respectively. Under section 45B, if a Crown body declines to provide information requested by the UK Statistics Authority, the authority may decide to lay the related correspondence before the relevant legislature, including the relevant devolved legislature for the devolved Crown bodies. Under section 45C, before issuing a notice to a devolved public authority that is not a Crown body, the UK Statistics Authority must seek consent from the relevant devolved Administrations.
Amendments 173 and 176 amend the definition of the phrase “Wales public authority” in sections 45B and 45C to refer to a new definition of “Wales public authority” being created by the Wales Bill, which is currently going through the House of Lords. They ensure that sections 45B and 45C are updated with a new definition of “Wales public authority” and will operate consistently with other definitions.
Amendments 172 and 175 amend the definition of “Scottish public authority” in sections 45B and 45C to capture public authorities with mixed functions or no reserve functions within the meaning of the Scotland Act 1998. Amendment 172, which amends section 45B, also refers expressly to a public authority that is part of the Scottish Administration, clarifying that these are Crown bodies to be dealt with under section 45B.
Section 45B states that Crown bodies include
“the Bank of England (including…the Prudential Regulation Authority)…the Financial Conduct Authority…and…the Payment Systems Regulator”.
Amendment 171 clarifies that the reference in section 45B to the Bank of England also includes any of its subsidiaries. That means that section 45B can also cover bodies such as the asset purchase facility fund, which the Bank of England set up in 2009. Amendment 171 also means that any subsidiaries that the Bank sets up in future will be treated in the same way under section 45B as the Bank itself.
Amendment 174 reflects the fact that the Prudential Regulation Authority is currently a subsidiary of the Bank of England formed under section 2A of the Financial Services and Markets Act 2000. This position will change when section 12 of the Bank of England and Financial Services Act 2016 comes into force. Section 12 changes how the PRA is formed and gives the Bank of England functions as the PRA. Amendment 174 therefore ensures section 45B applies during the transitional period before section 12 of the 2016 Act comes into force. It treats the wording in brackets in the relevant part of section 45B as not applying until section 12 comes into force. Until then, the PRA, as a subsidiary of the Bank, will be covered by amendment 171.
Amendment 171 agreed to.
Amendments made: 172, in clause 67, page 61, leave out lines 39 to 43 and insert “the public authority—
() is a part of the Scottish Administration, or
() is a Scottish public authority with mixed functions or no reserved functions (within the meaning of the Scotland Act 1998).”
This amendment modifies the requirement for a request for information under new section 45B of the Statistics and Registration Service Act 2007 and any response to be laid before the Scottish Parliament so that it applies to a request to public authority which is a part of the Scottish Administration or a Scottish public authority with mixed or no reserved functions.
Amendment 173, in clause 67, page 61, line 45, leave out from beginning to end of line 3 on page 62 and insert
“the public authority is a Wales public authority as defined by section 157A of the Government of Wales Act 2006.”
This amendment modifies the requirement for a request for information under new section 45B of the Statistics and Registration Service Act 2007 and any response to be laid before the National Assembly for Wales so that it applies to a request to a Wales public authority.
Amendment 174, in clause 67, page 62, line 13, at end insert—
‘( ) Until the coming into force of section 12 of the Bank of England and Financial Services Act 2016 subsection (1)(b) has effect as if the words in brackets were omitted.”
This amendment makes provision about the reference in new section 45B(1)(b) to the Bank of England in the exercise of its functions as the Prudential Regulation Authority in the period before the coming into force of section 12 of the Bank of England and Financial Services Act 2016. Until that section comes into force the Authority will remain a subsidiary of the Bank and so will be covered by the reference in amendment 171.
Amendment 175, in clause 67, page 62, line 41, leave out from “authority” to end of line 3 on page 63 and insert
“which is a Scottish public authority with mixed functions or no reserved functions (within the meaning of the Scotland Act 1998).”
This amendment modifies the requirement to obtain the consent of the Scottish Ministers before giving a notice under new section 45C of the Statistics and Registration Service Act 2007 so that it applies to a notice given to a Scottish public authority with mixed or no reserved functions.
Amendment 176, in clause 67, page 63, line 5, leave out from “authority” to end of line 10 and insert
“which is a Wales public authority as defined by section 157A of the Government of Wales Act 2006.”
This amendment modifies the requirement to obtain the consent of the Welsh Ministers before giving a notice under new section 45C of the Statistics and Registration Service Act 2007 so that it applies to a notice given to a Wales public authority.
Amendment 188, in clause 67, page 65, line 3, at end insert—
‘( ) The statement must be consistent with the code of practice issued under section 52B (data-sharing code) of the Data Protection Act 1998 (as altered or replaced from time to time).” —(Chris Skidmore.)
This amendment requires a statement issued under section 45E of the Statistics and Registration Service Act 2007 by the Statistics Board and relating to the exercise of its functions under sections 45B, 45C and 45D of that Act to be consistent with the data-sharing code of practice issued by the Information Commissioner under the Data Protection Act 1998.
Question proposed, That the clause, as amended, stand part of the Bill.
As the Minister has just outlined, clause 67 differentiates access to information held by Crown bodies and a power to require disclosures by other public authorities. In essence, it enables the statistical authorities to request information from Crown bodies and to demand it from other public authorities. I would be grateful if the Minister confirmed why there is that distinction. He may well be aware that the Royal Statistical Society and the ONS would like the Bill to be amended to include the power to require disclosure from Crown bodies in exactly the same way as from public authorities. What consideration has been given to that? Why are the same requirements not on both types of public authorities?
The clause gives certainty and teeth to data supplied to the UK Statistics Authority. Official statistics are not an optional extra. If they are incomplete, decisions made by the Government and Parliament that rely on those statistics could be misinformed, late and lose impact. UKSA must have the data equipment necessary to produce the numbers that decision makers need to make the best decisions in the interests of the country.
Existing legislation provides precedents for requiring businesses and households to provide information for producing aggregate statistics about the economy and society. For instance, the Statistics of Trade Act 1947 requires businesses to report the data required for the production of UK economic statistics. For the past 100 years, the Census Act 1920 has required every household to provide information once every 10 years so that we can understand our population and society. To put that in context, censuses are long established but expensive. The 2011 census cost us almost £500 million. Census data are the statistical spine of decision making, including the allocation of public funds.
Allowing UKSA access to administrative data the Government already hold is more efficient. We should not be asking people in business questions when we already know the answers from other sources. Under the Statistics and Registration Service Act 2007, UKSA must seek legislation every time it needs access to Government datasets where there is no existing data-sharing gateway. That mechanism is limited and only removes barriers that existed before the 2007 Act, and will become increasingly redundant over time.
The clause realises the expectation that, where UKSA needs access to datasets to produce statistics, it should be given that access. Section 45B requires Crown bodies, in particular central Government Departments, to provide data when UKSA asks for them, or, where necessary, have their refusal put before Parliament. Why treat Crown bodies differently from public authorities? That way of working, set out in sections 45B and 45C, ensures consistency between how a Crown body interacts with another on the one hand, and how a Crown body interacts with a non-Crown body on the other.
Sections 45C and 45D allow UKSA to require data from public authorities and large businesses. In practice, UKSA will focus on businesses that hold data likely to support to UKSA’s data needs, reducing the existing burden of surveys on businesses and individuals. UKSA must be sure that the data it relies on will continue to be provided, to ensure the integrity of the statistics it produces and the integrity of decisions based on those statistics.
Section 45F makes it clear that public authorities and businesses must comply with the notice they receive from UKSA under sections 45C or 45D, which draws on existing precedents for enforcement seen for the census and business surveys. Section 45E also requires UKSA to publicly consult on a statement of principles and procedures it will apply when operating these new powers. UKSA will lay that before Parliament and the devolved legislatures.
Section 45B lays out that UKSA must
“specify the date by which or the period within which the public authority must respond to the request.”
What kind of period are we are talking about? What kind of period does the Minister consider reasonable in which a public authority must respond to a request from UKSA?
I will write to the hon. Lady on that particular point with further information. I am more than happy to do that. She correctly noted that timeframes are set out, which highlights the transparency arrangements already set down in the Bill. That has been well thought through, and we are determined to ensure that we work closely with UKSA going forward. UKSA will publicly consult on a new code of practice to support public authorities in consulting it on planned changes to data systems to protect the accuracy and integrity of its statistical outputs. Again, that will be laid before Parliament and the devolved legislatures.
We have spoken previously about codes of practice. Illustrative first drafts of the statement and the code have been made publicly available, including to members of the Committee, and they continue to be developed ahead of a full public consultation in a few months’ time. We are determined to ensure that the research and statistics communities are given the tools to enable them to do their jobs efficiently and effectively going into the 21st century. We want to ensure that the UK is a leader in developing statistics and research.
Question put and agreed to.
Clause 67, as amended, accordingly ordered to stand part of the Bill.
Clause 68 ordered to stand part of the Bill.
Clause 69
OFCOM reports on infrastructure etc
Question proposed, That the clause stand part of the Bill.
I welcome the other Minister back to his place, and I look forward to the lengthy correspondence that the Cabinet Office Minister and I will be having. The Minister for Digital and Culture and I also had lengthy correspondence when he was at the Cabinet Office, and I look forward to that continuing.
Will the Minister lay out what the clause seeks to achieve? What reports would Ofcom publish under this power that it currently cannot? Would this extend to requesting and publishing information that was referenced in an earlier debate—right at the beginning on part 1—potentially in relation to existing broadband and communications infrastructure and to where Openreach and other providers are rolling out broadband in order to ensure a more effective market? The Opposition welcome all attempts by regulators and Government to make as much data open as possible, so we very much welcome the powers in the clause.
Clause 69 allows Ofcom to prepare and publish reports on underlying data at times it considers appropriate as opposed to at specified times, as is currently the case. The short answer to the hon. Lady’s question is yes. Before the end of the year, Ofcom will publish a “Connected Nations” report, for example, which typically goes into detail about the connectivity of the infrastructure, but there are restrictions at the moment on when these can be published. We think it is better to allow Ofcom to prepare and publish reports at times that it considers appropriate.
Question put and agreed to.
Clause 69 accordingly ordered to stand part of the Bill.
Clauses 70 and 71 ordered to stand part of the Bill.
Clause 72
Provision of information to OFCOM
I beg to move amendment 177, in clause 72, page 70, line 15, after “135”, insert “of the Communications Act 2003”.
This amendment makes it clear that the Act amended by clause 72 is the Communications Act 2003.
The amendment corrects a minor error to clause 72. We omitted the words
“of the Communications Act 2003”.
I consider this to be a pretty technical amendment.
Amendment 177 agreed to.
Clause 72, as amended, ordered to stand part of the Bill.
Clause 73
Information required from communications providers
Question proposed, That the clause stand part of the Bill.
I would like to put on the record again that this Bill was clearly not ready for Committee. We have just seen another example of an amendment that was completely uncalled for. In the last part, amendments had to be withdrawn that were incorrect. I hope that the proposals are properly examined in the Lords and that this is not a recurring theme throughout future legislation that this Government introduce. It is very disappointing to see the lack of preparation for this Bill.
The hon. Lady is doing a marvellous job for her Front-Bench team, but having sat through several Bill Committees, I assure her that this situation is not particularly unusual. What is important is getting the Bill absolutely right and making sure that we use this opportunity to scrutinise it. We should proceed in the spirit of us all wanting the best thing and stop taking pops at the drafting team.
I am assured by my hon. Friend the Member for Cardiff West that this was not common practice under the last Labour Government, and I am horrified to hear that it has been common practice over the past couple of years.
Amendment 177, which was agreed on a cross-party basis, corrects what was in fact a printing error. I hope that the hon. Lady will withdraw her rather pernickety point. I am glad that the Committee has had the opportunity to correct the problem.
It is good to hear that it was the 177th amendment that the Government have had to table to this Bill.
Let us move on to clause 73. The Minister will be pleased to hear that we welcome the clause, which has clearly been drafted with consumers at its heart. The clause provides Ofcom with powers to require information that will enable and empower consumers to switch, thereby creating a much more efficient and open market with fewer barriers to entry.
Ofcom does not currently have powers to require communications providers to provide information on quality of service, such as how they are doing on customer service, complaints, fault repairs or the speed of installation, and it does not have the power to specify how it would want that information to be provided. We welcome these new powers, which will make it much easier for Ofcom to publish this important comparative information that will help consumers.
I would be grateful if the Minister expanded on the points raised in relation to clause 69. He said that BT is about to be forthcoming with information on its existing infrastructure and on the roll-out of broadband. Can he confirm whether that information has been provided? If not, when does he expect it to be provided?
Subsection (5) of proposed new section 137A of the Communications Act 2003 states that the power conferred on Ofcom
“is to be exercised by a demand, contained in a notice served on the communications provider”.
Prior to that, a draft notice will stipulate a reasonable notice period. Can the Minister give us some examples of what he would consider to be a reasonable notice period for a particular dataset? Will that be in negotiation with a provider, or will it be set by Ofcom? What will be the consequence for communications providers that refuse to comply? Finally, how quickly would he like to see Ofcom publish the publishable data after receiving them from a communications provider?
We are happy to support clause 73 stand part.
Clause 73 paves the way for greater access to information to help consumers make more informed decisions. The hon. Lady has set out exactly why that is needed. The clause will also enable Ofcom to require providers to collect, retain or generate data for these purposes and to ensure that consumers are easily able to access information that is most relevant to their decision. The power will enable Ofcom to require information in machine-readable formats, for example, so that third parties can mash it and provide it in a usable, meaningful and accessible way for the consumer, thereby helping things such as comparison websites, which we strongly support.
On the hon. Lady’s specific questions, the data will form part of Ofcom’s data publication before the end of the year. She asked about a reasonable notice period, which will be for negotiation with providers. It is for Ofcom to decide when it is appropriate to make a publication, and it will endeavour to do so as soon as possible. On the consequences for providers that do not supply the data, these are highly regulated markets in which Ofcom has significant powers, some of which we are enhancing elsewhere in the Bill, so there will be very serious consequences for a provider that does not abide by a requirement from Ofcom to publish. I hope that answers the questions.
Question put and agreed to.
Clause 73 accordingly ordered to stand part of the Bill.
Clause 74
Appeals from decisions of OFCOM and others: standard of review
Question proposed, That the clause stand part of the Bill.
The clause will reform the appeals process against Ofcom decisions, speeding up the process and ensuring that consumers’ interests are better prioritised. The Communications Act 2003 states clearly that Ofcom’s principal duty is to further the interests of citizens and consumers, but clearly there are issues with how the current appeals process works.
The current process is that Ofcom makes a decision following full consultation with the industry and the public; under the Competition Appeal Tribunal rules, an affected body can then appeal against the decision. Ofcom has six weeks to lodge its defence, and a month later substantive appeals are considered in a court case management conference, at which procedural and substantive points are raised. Third parties can then intervene, after which the appellant can lodge a reply. About a month before the hearing, the parties can lodge skeleton arguments. The hearing then takes place, and judgment is usually reserved. That judgment can take anything from weeks to up to a year. Parties then have about three weeks to decide whether they want to go to the Court of Appeal.
Not only is that process incredibly cumbersome, but it allows for considerable new evidence and new parties to the appeal, of which Ofcom had no knowledge at the consultation phase, to be brought forward mid-process. Under the new system, both the process of gathering evidence, including for the cross-examination of witnesses and experts, and the general treatment of that evidence are designed to be slimmed down. The system will still allow for an appeal, of course—that is only right for the sake of justice—but it will ensure that the appeals process does not unduly benefit those who can afford to litigate. It is alleged that it is currently those with the deepest pockets who bring forward the greatest number of appeals; indeed, most appellants have far deeper pockets than Ofcom has to defend itself with.
I have heard the concerns of some within the industry about the changes, as I am sure the Minister has. Although we are in favour of the Government’s proposals, I would appreciate the Minister’s response to some of those concerns. In a submission to the Committee, a group of the largest communications providers has claimed that the current appeals regime works well for consumers and has delivered consumer benefits to the tune of hundreds of millions of pounds.
I understand the rationale behind trying to split up the powers that Ofcom has been given and make the process slimmer, but it is quite an achievement to get BT, Sky, Virgin Media, Vodafone and O2 in agreement. I share the hon. Lady’s concern and look forward to the Minister’s response, which I hope will help to allay it.
I agree, and although I support the Government’s objective, it is of concern that such a wide range of communications providers—the biggest investors in communications infrastructure in the UK—are so vehemently opposed to the changes. This is exactly what the Committee stage of any Bill is designed for: to test out arguments and make sure that the right thing is being done. Will the Minister confirm what impact assessment of the proposals has been made, and what benefit he anticipates the changes will bring to consumers?
The submission that I mentioned claims that if the proposed regime had been in place, the mobile call termination case in 2007 would have led to a £265 million loss to consumers over the two-year period from 2010 to 2012. It states that
“in each of the cases cited, the Tribunal’s decision was that Ofcom’s decision had not gone far enough in consumers’ favour. The quantifiable financial impact of these appeals totalled a net benefit to consumers of around £350-400m.”
It says that the merits review
“enabled these errors to be corrected, the finding of the Government’s 2013 research was that on a JR”—
judicial review—
“standard, each of these decisions would have stood unadjusted.”
No one is saying that Ofcom will get things right 100% of the time—clearly, it will not. The new appeals process is not saying that either, but it will substantially raise the bar for appeals by allowing only regulated bodies to contest how a decision was made. Is the Minister confident that the decisions cited in the evidence from BT and the other providers would still be corrected under the new regime? The providers claim that they would not.
We have heard mixed messages about whether the proposals will bring the communications regulator in line with other utilities regulators. Ofcom told us in evidence that they would do just that, but is it not the case that the price control decisions of both Ofgem and Ofwat are subject to merits review by the Competition and Markets Authority? Will the Minister confirm why that is the case for other industries but not for communications?
On SMEs, techUK is particularly concerned that the higher bar of judicial review will have a disproportionate impact on smaller providers, which brought 17% of appeals between 2010 and 2015. I would be grateful if the Minister assured us that his Department has fully considered the impact these changes will have on SMEs, and particularly on new entrants to the market.
I understand that there will always be winners and losers in any regulatory change. The Minister will no doubt enjoy basking under the adoring gaze of TalkTalk and Three, but he will have to live with the fact that he is in BT’s and Virgin’s bad books for now. What is also clear is that for most people this appeals regime is far from well understood, as the industry claims. In fact, they would find it very difficult to understand why changes that could benefit them are being held up, sometimes for years on end, and why big communications providers are spending millions of pounds on litigation when they should be ploughing that money into helping their customers.
That is no basis on which to continue an appeals regime that leads to excessive litigation and smothers changes that may help—indeed, in some cases, may transform—consumers’ relationships with their communications providers. Clearly, during the exercise of that duty, Ofcom will be required to intervene and make a ruling, which sometimes the industry may not like.
If the broad contention on this side is that Ofcom should be given further powers to ensure that the industry acts in the best interests of consumers, there is little point in allowing an appeals process to continue that is so lengthy that it can render any changes useless. One particularly compelling example given in the evidence session was about the need for far greater switching for consumers. The chief executive of Three remarked that we are at the bottom of the class in terms of switching, and that despite nearly a decade of campaigning little has been done to get rid of provider-led switching. That was because when Ofcom tried to legislate on it, to enable consumers to switch, one of the major mobile providers was able to litigate and push the matter into the long grass, from where it has not emerged until today.
With all that in mind, and pending answers to the questions that I have put to the Minister, we are happy to support the clause.
That was an excellent assessment of the pros, cons and challenges around the proposed changes to appeals. Much of the analysis and thinking that the hon. Lady has just set out is what we went through in coming to the same conclusion that it is sensible to change the appeals process.
I will set out some of the detail of the changes and then I will answer the specific questions that were put. The clause alters the standard review applied by the Competition Appeal Tribunal when deciding appeals brought under the Competitions Act 2003 against decisions made by Ofcom. This is in order to make the appeals process more efficient. The changes will not apply to appeals against decisions made by Ofcom using powers under the Competition Act 1998 or the Enterprise Act 2002.
Currently, appeals can be brought and decided on the merits of a case, and this exceeds and effectively gold-plates article 4 of the EU framework directive that requires that the merits of a case are taken into account in any appeal. The result of this over-implementation is an unnecessarily intensive and burdensome standard of review that can result, as the hon. Lady set out, in very lengthy and costly appeals litigation, which can hinder timely and effective regulation, and risks Ofcom taking an overly risk-averse approach to regulating the sector properly.
I completely accept that we should not have separate regulatory systems for SMEs and larger providers. Will the Minister confirm that the new judicial review process will not unduly hinder SMEs, in contrast to the current “on the merits” appeal process?
I have looked at that specific point and I am satisfied that the new process does not, because a judicial review can take into account those sorts of concerns but is a more efficient process of appeal.
On the point raised by the hon. Member for Berwickshire, Roxburgh and Selkirk, I should say that we have considered using the language of the directive but we do not believe that it materially changes our approach. I said I would get back to the hon. Gentleman; I was a bit quicker than even I expected.
On that basis, I hope that the use of the well-tried and well-tested judicial review will prove a more efficient regulatory basis in future.
The Minister has not addressed a couple of points: the potential loss to consumers that the industry claims the new system will create and the cases that would not have been brought under the existing system; and the mixed messages we have heard about whether the Bill brings Ofcom into line with other utilities regulators.
On the first point, I am convinced that this change will act in the benefit of consumers, because we will have a quicker regulatory approach. The big incumbents will not be able to hold up a regulatory decision through aggressive use of the appeals process. Instead, we will have a more efficient appeals process. I am convinced that this will improve the situation for consumers.
Of course, it is possible to pick out individual cases that may have gone the other way or may not have been able to be considered under the new approach. First, it is not possible to know whether that is the case without testing them. Secondly, looking at individual cases out of context does not allow us to step back and look at the effective operation of the system as a whole. I am sure the hon. Lady agrees with that approach.
But is it not the point that those decisions were made by Ofcom and were incorrect, according to the tribunal? They were not made with consumers’ best interests at heart and they would not have been appealed under the new system because the method by which they arrived at those decisions was correct. Is there any scope in the proposals to allow certain examples, such as those put forward by the industry, to be given a merits-based review, as with price control reviews by Ofgem?
The cases that the hon. Lady and the industry cited have been assessed, and we believe that judgment under a JR system would have gone the same way as under the old system—but quicker. I hope that deals with that concern. JR is used in a large number of other areas. Of course there are specific other cases in which it is not, but it is a strong basis of appeal that is regularly used in public sector decisions. If material error is present, it can then be addressed by judicial review. I hope I have answered the hon. Lady’s questions.
Question put and agreed to.
Clause 74 accordingly ordered to stand part of the Bill.
Clause 75
Functions of OFCOM in relation to the BBC
Question proposed, That the clause stand part of the Bill.
We do not wish to oppose Ofcom’s new role in regulating the BBC, for which clause 75 provides—as the Minister knows, we supported the BBC charter agreement last week in the House—but we have some concerns, which are shared by the BBC, about how Ofcom’s new role will work out in practice.
Distinctiveness is an absolutely vital characteristic of the BBC and its services. It is one of the things that justifies its public funding. The BBC should deliver its public purposes and mission, and it should serve all audiences, through distinctive services. Critically, distinctiveness should be judged at the level of services, rather than programmes. That does not mean that the BBC should focus on “market failure” programming or never make a programme that the commercial sector might make. Instead, the test should be that every BBC programme aspires to be the very best in its genre. Overall, the range of programmes in the BBC services should be distinguishable from its commercial competitors. There is a concern that Ofcom could be too prescriptive in the standards it expects of the BBC. For example, it might focus on quotas, such as the number of religious or news hours, rather than a substantive, qualitative assessment, and rather than a standard, such as high-quality journalism.
Evidence shows that BBC services are distinctive and have become more so in recent years. Audiences agree: more than 80% of the people responding to the Government’s charter review consultation said that the BBC serves audiences well, almost three quarters said that BBC services are distinctive and about two thirds said that they think it has a positive impact on the market.
The definition of distinctiveness in the agreement and the framework for measuring it are therefore critically important. The section of the charter agreement that relates to the new powers that will go to Ofcom requires Ofcom to set prescriptive and extensive regulatory requirements, which must be contained in an operating licence for BBC services. Ofcom must have a presumption against removing any of the current requirements on the BBC—there are about 140 quotas in the BBC’s existing service licences—and seek to increase the requirements overall by both increasing existing requirements and adding new ones.
Ofcom has been given detailed guidance about what aspects of distinctiveness it must consider for the BBC’s TV, radio and online services. That follows an old-fashioned approach to content regulation based on prescribing inputs, rather than securing audience outcomes, such as quality and impact. The BBC is concerned that it will introduce a prescriptive and inflexible regulatory framework that could restrict the BBC’s editorial independence and creativity.
Clarity about the definition of distinctiveness would be welcome. It should be applied to services, not individual programmes. The extensive content quotas in clause 2 of the charter should be a response to a failure to be distinctive, not the starting point.
Does my hon. Friend share my concern that, when the Government came up with the idea of distinctiveness, they themselves were not absolutely clear what it meant? Frankly, we are still at the stage at which the Government might say, “We don’t know what it is, but we might recognise it when we see it.”
That is a very great concern. There is a serious risk of confusion about how the new regulatory regime is going to work for both Ofcom and the BBC. To be frank, I do not think quotas are appropriate in this respect. I have got nothing against quotas—I was selected on an all-women shortlist, which aim to increase the number of women in the parliamentary Labour party.
The Minister is absolutely correct that I would have won it on an open shortlist. It is very kind of him to say that.
But quotas in this respect restrict creativity and innovation, which are prerequisites of distinctiveness. Ofcom, as an independent regulator, should have the freedom to determine how best to regulate the BBC to secure policy goals. I would be grateful if the Minister confirmed what consideration has been given to the impact this will have on the quality programming we have come to expect from the BBC.
Finally, there is a concern that Ofcom may prejudice value for money over public interest. It would significantly reassure the BBC and the public, and would provide a greater degree of certainty over how Ofcom will behave in its enhanced regulatory role, if the same principles applied to the BBC charter—that there must be parity between public interest and value for money—were applied to Ofcom as well.
I am glad we have cross-party support for the clause, as we do for the BBC charter. It is incredibly helpful to the BBC’s role that it knows that the basis on which it operates and is regulated is supported on a cross-party basis.
It is very important—I will read this clearly on to the record—that distinctiveness as set out in the framework agreement is about BBC output and services as a whole, not specific programmes. Ofcom has the capability to make judgments about the overall distinctiveness of BBC output and services as a whole. That is the basis on which we expect it to operate under this legislation.
The hon. Lady asked whether there should be guidance underneath that. As she set out, there is existing guidance, and the public are very happy in large part with the result of that. I reject the idea that we cannot have any detail underneath the basis that distinctiveness should be decided on BBC output and services as a whole. At the moment, as she set out, there is detail, and it works well.
This is essentially an incremental approach. The BBC already faces this guidance and operates successfully. The clause is not prescriptive in that regard. Ofcom needs to operate in a reasonable way and exercise its judgment to ensure that we get the much-loved BBC operating as well as it can, as it has in the past and as it should in the future.
Question put and agreed to.
Clause 75 accordingly ordered to stand part of the Bill.
Clause 76
TV licence fee concessions by reference to age
I rise to address new clause 38, which is in my name and that of my hon. Friend the Member for Cardiff West. I am sorry to say that this is where any cross-party consensus on the Bill ends. We absolutely do not support clause 76 or any of the amendments to it. Not only the Opposition, but the more than 4 million over-75s in this country who currently make use of this benefit oppose the clause. The benefit was promised to them in last year’s Conservative manifesto, a manifesto that, frankly, many of them will have voted for in good faith. Now, just 16 months into the Parliament, the Government are abandoning that pledge on the pretence that it should now be for the BBC to decide. Well, it will not only be Opposition Members, but millions of over-75s, and indeed future over-75s, who see right through that underhand tactic.
Just to concentrate the Committee’s mind, I did a bit of research at 11 o’clock last night, when I was still in my office writing my speeches for today. Given that more than 89% of over 75-year-olds make use of the free TV licence introduced by the previous Labour Government, in the Minister’s West Suffolk constituency there will be 8,863 over-75s who potentially stand to lose out because of the Government’s tactics—that is one of the highest numbers in the entire country. I do not have good news for the Parliamentary Secretary, Cabinet Office either: 7,121 over-75s in his constituency will be very unhappy with this measure.
An awful lot of disgruntled over-75s will be coming the Ministers’ way in future surgeries. There will be quite a queue at their constituency offices. I would not rule out the pensioners having a copy of the Conservative manifesto in hand, because that manifesto contained a pretty unequivocal promise:
“We will maintain all the current pensioner benefits including Winter Fuel Payments, free bus passes, free prescriptions and TV licences for the next Parliament”.
In fact, the header above that list of pensioner benefits said:
“We will guarantee your financial security”.
Those benefits were all introduced by the previous Labour Government.
Does the manifesto mention anywhere that the Government might transfer their responsibility for any of those benefits to an unelected body?
No, that is exactly my point. Whether or not the BBC gains responsibility for this provision is moot. The BBC is an unaccountable organisation when it comes to setting welfare policy. This represents the start of a slippery slope. Where does it end once the Government start asking other bodies to make decisions on who gets benefits? This is yet another broken promise—one promise has already been broken in part 3—so we are not doing very well. I am sure the powerful older voter lobby will not take this lying down.
Does the hon. Lady accept that this measure was not imposed on the BBC? The deal was negotiated with the BBC in exchange for other things, including opening up revenue opportunities such as by closing the iPlayer loophole.
It is interesting that the hon. Gentleman makes that point, because I was just about to say that I am sure the Government will argue that the BBC has been rewarded handsomely in the charter renewal process and that the BBC will decide its funding policy for over-75s within that context.
From 2018, the BBC is being asked to shoulder £200 million of the annual cost of free TV licences, and it will assume the full £745 million annual bill from 2020—that amounts to more than a fifth of the entire BBC budget. It is more than enough to fund Radio 4 ten times over, and it is almost enough to fund the entire budget of BBC 1. The BBC has been asked to take control of setting the entitlement for over-75 licences because the Government know that they cannot afford it at its current rate. We accept that the BBC has asked for responsibility for this policy, but that is because the cost of the policy was enforced on it through negotiations. It is outrageous that the BBC is being asked to fund it at all.
It is interesting that my hon. Friend used the term “negotiations” and the Minister repeated it from a sedentary position. There is a difference between negotiations between equals and being negotiated with by someone holding a loaded gun to one’s head.
That is absolutely right. The Opposition made clear in the debate on the BBC charter our utter condemnation of the underhand, aggressive, bully-boy way in which the Government “negotiated”. It was not a negotiation. As a former trade union rep, I recognise a negotiation when I see one, and the way the Government handled the previous licence-fee settlement was nothing of the sort. That led us to the position we are currently in. The BBC should never have been given the responsibility for delivering on a Conservative party manifesto pledge. It should have felt able to reject even the suggestion that it take on the cost of free TV licences for the over-75s.
Is the hon. Lady suggesting that the BBC is not capable of effective negotiations? Its senior executives include Labour’s former Secretary of State for Culture, Media and Sport.
The point is that, as my hon. Friend the Member for Cardiff West said, the BBC was essentially in negotiations with a gun to its head. It was not a free and fair negotiation. The individual to which the hon. Gentleman just referred does not sit on the BBC board, and I do not believe he was involved in the negotiations with the Government.
The fact that we have reached this point—that the BBC was in essence forced to agree to become an arm of the Department for Work and Pensions—says a lot about the overbearing, menacing way the Government treated an organisation that they should cherish, and the cavalier disregard they have shown to the over-75s to whom they made a promise last year. Call me old fashioned, but I believe that promises should be kept. Behaviour like the Government’s brings disrepute on all Members from all parties. It makes people think that it is exactly what politicians do: we promise things in elections that we have absolutely no intention of delivering. It is a problem for all Members, whether Government or Opposition.
Despite public outcry, the Government have still not ruled out further stick-ups of the type that have got us into the position we are in now. They have refused to establish a transparent process to set the licence fees of the future. The Opposition do not consider it a done deal. With new clause 38, we are seeking to guarantee free TV licences to over-75s. That would give the responsibility for the policy and the funding of TV licences back to the Government, where it belongs. There would be no more wriggling out of a decision that should be laid firmly at the Minister’s door.
If the Conservatives want to rid themselves of the cost of the free TV licence, they should have the courage to say that they are doing it. They should have put it in their manifesto and campaigned on it; they should not have created a non-ministerial branch office of the DWP in the BBC to do their dirty work for them. That is why if our new clause was accepted we would be calling for the scrapping of clause 76 in its entirety.
The new clause is very clear: it should be for the Secretary of State for Work and Pensions to specify the conditions under which people are entitled to concessions, and to provide the BBC with the necessary funding to cover the cost of those concessions. That is how it was set up under the previous Labour Government, and it is under those conditions that it should continue. The responsibility should not be delegated to any body other than the Government themselves. They should not be allowed to get away with delegating the responsibility and effectively forcing the BBC to take the rap.
This is a point of principle for the Opposition. We cannot accept a policy that takes the responsibility for even a tiny part of our social security system and gives it to an organisation with no direct accountability to the electorate. Unaccountable organisations do not have to face the consequences of their decisions, especially given the announcement we have heard today from the chief executive of Her Majesty’s Revenue and Customs. Even HMRC does not want to see private sector involvement in decisions on tax credits. A non-ministerial body has said that the private sector should not be involved in who does or does not receive tax credits, or any other type of benefit. That is exactly the argument we are making.
Private sector organisations are the wrong bodies to be involved in deciding who gets benefits, not only because they are incentivised by profit but because they are unaccountable. They do not have to stand for election based on those decisions, and therefore they should not be allowed to make them. It is the equivalent of outsourcing children’s services to Virgin and, in the process, asking them to pick up the tab for child benefit and requiring them to decide who gets it. Our social security system is far too precious for BBC executives, however noble their intentions or professional their considerations, to decide who is and who is not entitled to a benefit of any description. Labour introduced the free TV licence for the over-75s. It cannot be a BBC executive, unaccountable to the public and unaccountable to all our constituents, who calls time on it.
If the amendment falls, it will be high time that the Government were honest about what they were doing and honest with the voters. If they are not, Labour will do everything in its power to make it clear to those millions of over-75s exactly what is happening: their TV licence entitlement will be reduced or taken away not by the BBC, but by the Government who knowingly and cynically engineered the change.
What a fantastic presentation of a new clause, which I absolutely agree with.
Having looked into this whole area, I find it staggering. The BBC is faced with the prospect of huge cuts, but I am concerned that it is suddenly being passed the responsibility for setting policy. The Bill shows that the Government like to outsource as much as possible, because they outsourced most of the content to Ofcom in the early stages. However, the proposal relating to free TV licences for the over-75s is an absolute abdication of responsibility. We have all been invited to enough Age Concern events to know how isolated elderly people feel and how important television is for them. This is fundamentally welfare policy.
That is an extremely good point, and it reads back to the point that I made earlier: when there has to be a review of the cost of the policy, and perhaps a reduction in the availability of free TV licences, Ministers—perhaps they will be shadow Ministers by that time—[Interruption.] We fight on to win. Conservative Members will be able to point to the BBC and say, “It was the BBC what done it”, in order to evade all responsibility. But they will not evade responsibility, because this will not be forgotten, if they get away with doing it. There is a much better alternative: the excellent new clause proposed by my hon. Friend the Member for Sheffield, Heeley.
I am appalled by what is, as my hon. Friend is clearly laying out, a naked attempt to evade responsibility. Does he share my concern that this is the beginning of a slippery slope? Where exactly does this end? Once the principle that the Government are attempting to put in the Bill is in legislation, to whom else can they outsource responsibility for their social security policies?
My hon. Friend makes a good point. I am cautious about straying too far from the point under discussion, but she says that this is the beginning of a slippery slope. It is not, because the Government have form in this area. I look to you, Mr Streeter, for a little bit of latitude here.
There are, for example, massive cuts to local government funding; the Government have taken huge amounts of money away from local authorities, expect them to come up with cuts and reductions in services, and then say, “It is nothing to do with us; blame your local authority.” There is one point on which I would disagree with my hon. Friend the Member for Sheffield, Heeley: this is not the beginning of a slippery slope; it is a continuation of form. The Government have been rumbled, and they know it.
The hon. Gentleman anticipates what I was moving on to, which is that the policy is also about passing responsibility. The Government want to shape the decision and take the credit where there is an upside, and to dump it on the BBC where there is a downside. That is what this is about—so the BBC is left with it.
Suppose the Government wanted to offer further icing on the cake and have over-70s get the free TV licence. The Government would take the credit for that, but any difficult decisions, such as only over-80s getting the free licence and the 75-year-olds losing out, will of course be the BBC’s fault. We can see exactly what is happening and the duplicity of the argument. The Government are setting the BBC up with a dilemma: it will take the stick for any downsides, but for any upsides the Government will be up there on the podium, all backslapping each other, saying, “Great social policy!”
There is no escaping that, and I do not think that the general public are fooled—they can see. It would make perfect sense for the Minister to accept new clause 38, because the public see what the Government are doing with that shift of responsibility for the over-75s. The public will not be fooled by the shift; they can see precisely what Ministers are trying to achieve. The public, too, will be concerned and asking how it affects them, the ordinary person. Will the BBC, faced with further cuts, have to say, “Well, we’re sorry, it’s only over-80s who will get it”? Decisions and responsibilities are outsourced to the BBC, and the licence fee payer, in particular those coming up to that age, will be wondering, “Hang on, I’m going to get the worst of both worlds—either a Tory Government or the BBC cutting my licence fee.” I do not think that the public will be too happy. They will not not see through this—sorry about the double negative.
My hon. Friend is right. This predates the Minister’s time in post, so I very much hope that he takes the opportunity to go back on his predecessor’s decision. The Government thought they were being very clever with this move to outsource and put the duty on the BBC, but as my hon. Friend says, everyone will see right through this. Nobody will blame the BBC. The responsibility will lie clearly with the Government, and I hope that they are listening and will act on his points.
We trust that the Government will listen to the public and see that they are on the wrong side of the argument, but perhaps we will find out in a few minutes that they do not recognise that.
It is interesting to hear that the hon. Gentleman thinks that the Government have ended top-slicing. What is his opinion of the contestable fund that should have gone back to the BBC? There was an underspend in the top-slicing he mentioned. We have had no commitment from the Minister, so that will be a one-time-only thing, and we do not know that it will continue after the three-year period.
Order. I am keen that we focus on the new clause and on clause 76 stand part, and not allow ourselves to get into a wider discussion about the future of the world and the BBC as we know it.
If you will forgive me, Mr Streeter, I will not get into the debate of whether Beverley and Holderness or Hyndburn should be the ultimate beneficiaries, because that is ultimately about Lancashire and Yorkshire—a subject I will stay well away from.
I conclude by saying I appreciate the efforts of the Opposition in raising this point, but we have to appreciate that, at the end of this settlement, the BBC will have more resources going into it.
I hope the hon. Lady will forgive me; I have given way to her several times. The BBC will have more resources as a result of this. The over-75 licence fee will become the responsibility of the BBC, but the indications from the Government are clear: we are committed to free licences for the over-75s, as we promised in our manifesto.
On the principle that the BBC is responsible for the funding of the BBC according to the licence fee negotiations agreed with the Government. This is a funding decision, and funding issues are for the BBC.
I have given the Opposition a couple of quotations from the head of the BBC about why he agrees with the policy. Let me give them another quotation:
“The Labour party welcomes the fact that the charter provides the BBC with the funding and security it needs as it prepares to enter its second century of broadcasting.”—[Official Report, 18 October 2016; Vol. 615, c. 699.]
Not my words, but those of the boss of the hon. Member for Sheffield, Heeley, the shadow Secretary of State for Culture, Media and Sport, the hon. Member for West Bromwich East (Mr Watson). Well, I agree with her boss—he was absolutely right.
Of course I will give way—if the hon. Lady can explain why she disagrees with her boss.
I made it clear that we support the BBC charter, but my boss—as the Minister calls him—and I also made it clear that we do not support this element of it.
I have two more quotations to put to the Minister. In the Lords debate on the charter two weeks ago, the assessment of the former BBC director-general, John Birt, was that
“the impact…will be—over the span of a decade—to take almost exactly 25% out of the real resources available to the BBC for its core services. A massive reduction in programming is therefore simply unavoidable.”—[Official Report, House of Lords, 12 October 2016; Vol. 774, c. 1950.]
The former chairman of the BBC Trust, Chris Patten, then said:
“I agree with what the noble Lord, Lord Birt, said about the licence fee settlement—not just the finance on the table but the way it was done. It was a scandal to do it like that”.—[Official Report, House of Lords, 12 October 2016; Vol. 774, c. 1954.]
The Opposition absolutely agree.
That is not related to clause 76. What is related to the clause is the fact that the BBC agrees it has the funding it needs, as I set out and as agreed by the shadow Secretary of State for Culture, Media and Sport.
My next point is about why we are transferring the power and why it would be wrong to adopt new clause 38, which would undermine the BBC’s funding settlement. The reason is that the BBC asked for it. It is incumbent on those who propose new clause 38 and oppose clause 76 to explain why they disagree with the BBC, with this strong settlement and with all those who say that we have provided a good funding settlement for the BBC. Instead of pressing the new clause, I suggest that the hon. Lady should support clause 76, to put the BBC’s funding on a sustainable footing for years to come.
The hon. Member for Fylde said that he opposed our new clause on two grounds, of which the first was that the BBC provides free TV licences. It does, but we have absolutely no guarantee that it will continue to do so.
The Minister is correct that the BBC asked for this, but as I referred to earlier, the BBC asked for the policy on who should and should not get a free TV licence because the funding was forced on it. It asked for that funding because it wants to reduce the number of people who get free TV licences in the future—it as much as said that to us. We do not want the BBC to have that policy; nor do we want it to have the funding settlement. It is a principle that we fundamentally oppose, so we intend to test the will of the Committee.
We will come to the new clause later in our proceedings, but right now the question is that clause 76, as amended, stand part of the Bill.
Question put and agreed to.
Clause 76, as amended, ordered to stand part of the Bill.
Clause 77
Direct marketing code
I beg to move amendment 195, in clause 77, page 75, line 22, leave out “direct marketing” and insert
“any form of marketing, including direct marketing, or customer engagement”.
With this it will be convenient to discuss the following:
Amendment 196, in clause 77, page 75, line 27, leave out “direct marketing” and insert “marketing and customer engagement”.
Amendment 197, in clause 77, page 75, line 40, leave out subsection (4) and insert—
‘(4) In this section—
“customer engagement” means the interactions initiated between a business and an individual or group of individuals for marketing and other business purposes;
“direct marketing” means the processing and use of personal information for marketing purposes;
“marketing” means the business processes through which goods and services are moved from being concepts to things that customers and potential customers want.”
New clause 34—Power of Information Commissioner to take action on unsolicited communications—
‘(1) The Privacy and Electronic Communications (EC Directive) Regulations 2003 (S.I.2003/2426) are amended as follows.
(2) In Regulation 31(1), between “sections 55A to 55E” and “of the Data Protection Act 1998” insert “and section 61”.
(3) In Schedule 1, after paragraph 8B insert—
8C In subsections (1) and (3) of section 61—
(a) for “an offence under this Act” there shall be substituted “a contravention of the Privacy and Electronic Communications (EC Directive) Regulations 2000”;
(b) for “guilty of that offence” there shall be substituted “liable for that contravention”; and
(c) for “proceeded against and published accordingly” there shall be substituted “served with a notice, proceeded against of punished accordingly”.’
This new clause seeks to allow the Information Commissioner’s Office to take action against company directors for breaches not only of the Data Protection Act 1998, but of the 2003 EU regulations on unsolicited communications.
Thousands of individuals are plagued by nuisance calls every day. I will turn to that in my remarks on clause stand part, but I shall speak to the amendments and new clause first. We welcome the inclusion in the Bill of a direct marketing code. If it works effectively, it will contain practical guidance and promote good practice in direct marketing activities. It will help to guide the experiences of companies and individuals, but direct marketing, as we know, is fairly narrowly defined and refers to the direct selling of products and services to the public. It is covered under the Data Protection Act 1998 and the privacy and electronic communications regulations. The rules cover not only commercial organisations but not-for-profit organisations such as charities and political parties. The rules for direct marketing are very clear and are becoming —absolutely rightly—increasingly tougher.
There are two types of nuisance call: live marketing calls—unwanted marketing calls from a real person—or automated marketing calls, which are pre-recorded marketing messages that are played when someone answers the phone. They are covered by a raft of legislation and regulation attempting to clamp down on that type of behaviour. Our amendments attempt to broaden the definition of the new direct marketing codes, so the law will cover not only direct consumer marketing but consumer engagement.
Direct marketing uses personal data and demographic insights relating to residence and the habits of people previously to market to people individually and directly. Consumer engagement is much broader and involves the use of personal data to engage with customers for a broad set of business processes, which include, but are not restricted to, direct marketing. TV advertising, for example, is not considered to be direct marketing, but TV advertising campaigns can be designed with information derived from consumer data and used to target broad groups of consumers based on data derived from individuals.
In our view, the direct marketing code, which we very much welcome, and the Information Commissioner’s guidance in this field should cover this broader use of individuals’ data. As we have said throughout, we want data to be used responsibly, and this simple amendment would extend the code to apply to all uses of data in consumer marketing, and not just the kind that is used to directly target people.
What a welcome return to sense from the Opposition. The amendments tabled to clause 77 relate to the definition of direct marketing, which, as defined in the Data Protection Act, is
“the communication (by whatever means) of any advertising or marketing material which is directed to particular individuals.”
The definition captures any advertising or marketing material, not just commercial marketing, which is a point that the hon. Lady made, as well as all promotional material, including material promoting the aims of not-for-profit organisations. It also covers any messages that include some marketing elements, even if that is not the main purpose of the message.
The privacy and electronic communications regulations put direct marketing by electronic means into the scope of the definition, thus making it applicable to telephone calls, both live and automated, faxes, emails, text messages and other forms of electronic communication. It is essential that the definition of direct marketing in the PECR remains aligned with the definition in the Data Protection Act, so that the Information Commissioner’s Office’s powers of enforcement for nuisance calls to remain effective and enforceable in law.
New clause 34 is intended to amend the PECR, to extend to company directors and other officers liability for breaches when those officers have allowed breaches to occur or when breaches have happened because of something they have failed to do. In that way, the Information Commissioner could impose fines on company officers rather than just on companies as at present. The proposal relates to nuisance calls made by organisations. They are a blight on society, causing significant distress to elderly and vulnerable people in particular.
Excellent. I thank the Minister for that and given that comment, rather than outlining the full case for why I think accepting new clause 34 is a good idea, I will embrace the positivity and happily sit down, without pressing my new clause, knowing that the Government will introduce a similar measure.
I beg to ask leave to withdraw the amendment.
Amendment, by leave, withdrawn.
Question proposed, That the clause stand part of the Bill.
I have a couple of points that I would like the Government to consider on clause stand part and why there is a deficiency, not only in the Bill but in all the other regulations, guidance and advice that support it.
My first point is simply that people the length and breadth of this country are sick and fed up of direct marketing. They are sick and fed up of the back of their doors having a mound of unwanted mail that they have to dispose of, which has come from companies that they have no interest in. I have a high number of empty properties—2,500—in my area, and in some cases this goes beyond being a nuisance and an aggravation, and becomes a fire hazard. We have mounds of direct mail behind the door, and it is never-ending and never stops.
People receive not only physical mail but email. Businesses the length and breadth of Britain—I have made the point that this is not a business-friendly Bill and it should be, as it is a Digital Economy Bill—are sick and fed up of their email boxes being stuffed full of unwanted emails, which are costing them a fortune as they have to put someone on them to go through them. It has got to stop. We have to act as a Parliament, and the Government have got to sit up and take notice. How much is this costing British businesses? How much is it aggravating UK citizens?
These companies seem to get away with it. There is a free-for-all at the minute. There is no way anyone can tell me that a mound of mail does not come through my letterbox weekly or there is not a long sequence of unwanted emails in my inbox, and no one can tell me that companies in my constituency and every other constituency do not face huge costs.
We very much welcome the new clause and are pleased that, once again, the Government have heeded the Opposition’s advice. We said clearly at the beginning of the process that, in regard to the digital skills that are needed to support and improve the digital economy, the Bill was lacking. I want to put on record the fantastic work already going on across the UK in supporting adults to learn digital skills, not least by organisations such as the Tinder Foundation and community organisations—I will abuse my position now and reference organisations such as the Heeley Development Trust and Heeley City Farm in my constituency, which through community work already skill up adults in digital skills. We very much support the clause and look forward to the Government taking our advice more in the future.
Amendment 183 agreed to.
Clause 83, as amended, ordered to stand part of the Bill.
Clause 84 ordered to stand part of the Bill.
New Clause 26
Qualifications in information technology: payment of tuition fees
‘(1) The Apprenticeships, Skills, Children and Learning Act 2009 is amended as follows.
(2) In section 88(1) (qualifications for persons aged 19 or over: payment of tuition fees), for “1(a) or (b)” substitute “1(a), (b) or (ba)”.
(3) In paragraph 1 of Schedule 5 (qualifications for persons aged 19 or over), after paragraph (b) insert—
(ba) a specified qualification in making use of information technology;”.
(4) After paragraph 5 of that Schedule insert—
“Power to specify qualification in information technology
5A The level of attainment demonstrated by a specified qualification in making use of information technology must be the level which, in the opinion of the Secretary of State, is the minimum required in that respect by persons aged 19 or over in order to be able to operate effectively in day-to-day life.”’—(Matt Hancock.)
This clause creates an obligation on the Secretary of State to ensure that courses of study for qualifications in information technology are free of charge for persons in England aged 19 or over. The qualifications will be specified in regulations under Schedule 5 to the Apprenticeships, Skills, Children and Learning Act 2009.
Brought up, read the First and Second time, and added to the Bill.
New Clause 27
Digital additional services: seriously harmful extrinsic material
After section 24 of the Broadcasting Act 1996 (digital additional services) insert—
“24A Duty to prevent access to seriously harmful extrinsic material
(1) In carrying out their functions, OFCOM must do all that they consider appropriate to prevent digital additional services from enabling members of the public to access seriously harmful extrinsic material.
(2) “Seriously harmful extrinsic material”, in relation to a digital additional service, means material that—
(a) is not included in the service, and
(b) appears to OFCOM—
(i) to have the potential to cause serious harm, or
(ii) to be likely to encourage or incite the commission of crime or lead to disorder.”’ —(Matt Hancock.)
This new clause would require OFCOM to seek to prevent digital television additional services enabling access to seriously harmful content that does not form part of the service, for instance by linking to content streamed from the internet. OFCOM could do this by imposing licence conditions in relation to such services.
Brought up, read the First and Second time, and added to the Bill.
New Clause 28
Suspension of radio licences for inciting crime or disorder
‘(1) In Chapter 2 of Part 3 of the Broadcasting Act 1990 (sound broadcasting services), for section 111B (power to suspend licence to provide satellite service) substitute—
“111B Suspension of licences for inciting crime or disorder
(1) OFCOM must serve a notice under subsection (2) on the holder of a licence granted under this Chapter if they are satisfied that—
(a) the licence holder has included in the licensed service one or more programmes containing material likely to encourage or incite the commission of crime or to lead to disorder,
(b) in doing so the licence holder has failed to comply with a condition included in the licence in compliance with section 263 of the Communications Act 2003, and
(c) the failure would justify the revocation of the licence.
(2) A notice under this subsection must—
(a) state that OFCOM are satisfied as mentioned in subsection (1),
(b) specify the respects in which, in their opinion, the licence holder has failed to comply with the condition mentioned there,
(c) state that OFCOM may revoke the licence after the end of the period of 21 days beginning with the day on which the notice is served on the licence holder, and
(d) inform the licence holder of the right to make representations to OFCOM in that period about the matters that appear to OFCOM to provide grounds for revoking the licence.
(3) The effect of a notice under subsection (2) is to suspend the licence from the time when the notice is served on the licence holder until either—
(a) the revocation of the licence takes effect, or
(b) OFCOM decide not to revoke the licence.
(4) If, after considering any representations made to them by the licence holder in the 21 day period mentioned in subsection (2)(c), OFCOM are satisfied that it is necessary in the public interest to revoke the licence, they must serve on the licence holder a notice revoking the licence.
(5) The revocation of a licence by a notice under subsection (4) takes effect from whatever time is specified in the notice.
(6) That time must not be earlier than the end of the period of 28 days beginning with the day on which the notice under subsection (4) is served on the licence holder.
(7) Section 111 does not apply to the revocation of a licence under this section.”
(2) In section 62(10) of the Broadcasting Act 1996 (application of sections 109 and 111 of the 1990 Act to digital sound programme services) for the words from “section 109” to “1990 Act” substitute “sections 109, 111 and 111B of the 1990 Act (enforcement)”.
(3) In section 250(3) of the Communications Act 2003 (application of sections 109 to 111A of the 1990 Act to radio licensable content services) for “111A” substitute “111B”.’—(Matt Hancock.)
This new Clause gives OFCOM power to suspend immediately, and subsequently revoke, the licence of any licensed radio service if material is included that is likely to encourage or incite crime or lead to disorder. It replaces a power applying only to satellite and cable services.
Brought up, read the First and Second time, and added to the Bill.
New Clause 29
Power to apply settlement finality regime to payment institutions
In Part 24 of the Financial Services and Markets Act 2000 (insolvency) after section 379 insert—
‘Settlement Finality
“379A Power to apply settlement finality regime to payment institutions
(1) The Treasury may by regulations made by statutory instrument provide for the application to payment institutions, as participants in payment or securities settlement systems, of provision in subordinate legislation—
(a) modifying the law of insolvency or related law in relation to such systems, or
(b) relating to the securing of rights and obligations.
(2) “Payment institution” means—
(a) an authorised payment institution or small payment institution within the meaning of the Payment Services Regulations 2009 (S.I. 2009/209), or
(b) a person whose head office, registered office or place of residence, as the case may be, is outside the United Kingdom and whose functions correspond to those of an institution within paragraph (a).
(3) “Payment or securities settlement system” means arrangements between a number of participants for or in connection with the clearing or execution of instructions by participants relating to any of the following—
(a) the placing of money at the disposal of a recipient;
(b) the assumption or discharge of a payment obligation;
(c) the transfer of the title to, or an interest in, securities.
(4) “Subordinate legislation” has the same meaning as in the Interpretation Act 1978.
(5) Regulations under this section may—
(a) make consequential, supplemental or transitional provision;
(b) amend subordinate legislation.
(6) A statutory instrument containing regulations under this section is subject to annulment in pursuance of a resolution of either House of Parliament.”’—(Matt Hancock.)
The inserted section enables the Treasury to apply a settlement finality regime to payment institutions. The current settlement finality regime for payment systems and securities settlement systems is in the Financial Markets and Insolvency (Settlement Finality) Regulations 1999 (S.I 1999/2979).
Brought up, read the First and Second time, and added to the Bill.
New Clause 30
Bank of England oversight of payment systems
“Schedule (Bank of England oversight of payment systems) extends Part 5 of the Banking Act 2009 (Bank of England oversight of inter-bank payment systems) to other payment systems; and makes consequential provision.”—(Matt Hancock.)
The new clause introduces new Schedule NS2 which extends the Bank of England’s oversight of payment systems, by removing the current restriction that limits the Bank’s oversight to systems for payments between financial institutions.
Brought up, read the First and Second time, and added to the Bill.
New Clause 1
Strategic review of sharing telecommunications infrastructure
‘(1) Within six months of this Act coming into force, the Secretary of State shall commission a strategic review of the sharing of telecommunications infrastructure and shall lay the report of the review before each House of Parliament.
(2) The review under subsection (1) shall consider measures to maximise the sharing of telecommunications infrastructure by telecommunications service providers.’—(Calum Kerr.)
Brought up, and read the First time.
I can do better than merely asking the Select Committee, although I do think that Select Committees do important reports and should not be denigrated. Ofcom has also been given a statutory duty to provide a report to the Secretary of State every three years on the state of the UK’s communications infrastructure, including the extent to which UK networks share infrastructure. That is precisely what the new clause asks for as a one-off. I assure the hon. Gentleman that the reports will happen regularly. The next three-yearly report is due in 2017, which is the same time that new clause 1 specifies for its review.
Moving on to new clause 20, we recognise the importance of improving mobile coverage. I support the intention behind it, but I do not think a statutory review is necessary at this time. We already have building blocks in place to deliver extensive mobile connectivity, and it is happening. The changes that we have debated today will give Ofcom the ability to provide data to ensure that we know how effective mobile connectivity is. We have legally binding licence obligations to ensure that each mobile operator provides voice coverage to at least 90% of the UK land mass. Taken together, 98% of the UK will have a mobile signal by the end of 2017, according to the agreements.
Does the Minister envisage, then, that Ofcom will gather data to produce reports on the extent of mobile coverage against the Government targets set with mobile network operators?
I do expect that. I can confirm my expectation that that is what Ofcom will do.
We just changed the rules so that instead of being restricted to producing such reports three times a year, Ofcom can do so whenever it thinks it appropriate. That will provide for Ofcom to be able to do so as much as possible, but I committed earlier today to having a connected nations report before the end of this year. I hope that that provides for what the hon. Lady seeks in new clause 20 and that the hon. Members will not press their new clauses.
Digital Economy Bill (Eleventh sitting) Debate
Full Debate: Read Full DebateLouise Haigh
Main Page: Louise Haigh (Labour - Sheffield Heeley)Department Debates - View all Louise Haigh's debates with the Cabinet Office
(8 years ago)
Public Bill CommitteesI could not possibly be as glowing about the hon. Member for Selby and Ainsty as the hon. Member for City of Chester has been. There is a love-in across the Benches this morning.
I, too, rise briefly to support the new clause. To paraphrase a well-known quote by Eric Hoffer, the American moral philosopher, every good idea begins as a movement, becomes a business and eventually degenerates into a racket. That is what we have here. Online sales and fan-to-fan ticket sites are fantastic at enabling people to get access to the music events they want to go to, but because of the evolution of technology, software and bots, we now have a distorted market, about which we absolutely need to do something.
I want the hon. Member for Selby and Ainsty to be able to go to see his favourite band, Green Day—as he was mentioning them, it occurred to me that one of their songs, and the name of their 2004 album, seemed appropriate for a gentleman who might yet end up in the White House. I must also add that my hon. Friend the Member for Perth and North Perthshire (Pete Wishart) suggests that MP4 tickets are very easy to get hold of—he is determined that they are stopped from selling below ticket value.
I commend the hon. Member for Selby and Ainsty on his new clause and I am happy to support it.
I rise briefly to support the new clause. My hon. Friend the Member for Cardiff West and I were proud to put our names to it. I commend the hon. Member for Selby and Ainsty for bravely revealing his devotion to Green Day. I stand in solidarity with him—I, too, am a big fan.
This issue has been a problem for too long for fans of musicians of all descriptions. It prices people out of access to their favourite bands and acts and thereby entrenches a class barrier to culture, which cannot be allowed to continue. For as long as there have been ticketed events, there have been people making money out of the fact that demand for live sports or music outstrips supply. As my hon. Friend the Member for City of Chester pointed out, the development of technology has escalated the problem. Punters simply do not stand a chance against digital ticket purchasing software. The new clause would kick away one of the legs that ticket touts rely on.
The current legislation contained in the Consumer Rights Act 2015 is extremely patchy. It can compel ticket resale sites to publish information such as seat number and face value, but it is not enforced sufficiently and tickets are routinely sold at a high mark-up. Unless Parliament gets tough now, resale sites will continue brazenly to flout the law. It is high time that Parliament closed the legal loophole. That is what the industry, musicians and fans are calling for. I take the opportunity to thank my hon. Friend the Member for Washington and Sunderland West (Mrs Hodgson), who has been calling for this change for some time. We wholeheartedly support new clause 13.
I recognise the strength of feeling across the Committee on this matter. I will certainly do the bidding of the hon. Member for City of Chester and pay tribute to the work of my hon. Friend the Member for Selby and Ainsty, who is a long-standing supporter of live music and has made his case. Last week, he introduced me to Josh Franceschi in the House of Commons, who was able to make his plea very directly.
I match my hon. Friend’s Green Day ticketing problem and raise him my Paul Simon ticket problem. I had a similar experience when buying tickets to see Paul Simon next week at the Royal Albert Hall, to which I am looking forward enormously. I had to pay an eye-watering amount for the tickets—much higher than the face value.
I will, but I do not think that there is any real need for the Minister not to commit carrying the measure out in the Bill. It simply extends what is already available. If someone borrowed an e-book by turning up at a library, the author would receive their public lending right, but if they did so remotely through the same library service, the author would not. Clearly that is an unacceptable injustice and anomaly.
The Minister has said that the Government need to take their time. It was March 2013 when they said in their response to the independent review that they intended to reflect that technology change. Three years and eight months later, we have a Bill in Committee in the House of Commons and still the Government say they need to take their time to get it right. This Bill is the right time to get it right. I hope the Minister will reflect further on the raft of amendments to this defective Bill that will be introduced in the House of Lords if we do not put this right in the House of Commons. I beg to ask leave to withdraw the motion.
Clause, by leave, withdrawn.
New Clause 19
Personal data breaches
‘(1) The Data Protection Act 1998 is amended as follows.
(2) After section 24 insert—
“24A Personal data breaches: notification to the Commissioner
(1) In this section, section 24B and section 24C, “personal data breach” means unauthorised or unlawful processing of personal data or accidental loss or destruction of, or damage to, personal data.
(2) Subject to subsections (3), (4)(c) and (4)(d), if a personal data breach occurs, the data controller in respect of the personal data concerned in that breach shall, without undue delay, notify the breach to the Commissioner.
(3) The notification referred to in subsection (2) is not required to the extent that the personal data concerned in the personal data breach are exempt from the seventh data protection principle.
(4) The Secretary of State may by regulations—
(a) prescribe matters which a notification under subsection (2) must contain;
(b) prescribe the period within which, following detection of a personal data breach, a notification under subsection (2) must be given;
(c) provide that subsection (2) shall not apply to certain data controllers;
(d) provide that subsection (2) shall not apply to personal data breaches of a particular description or descriptions.
24B Personal data breaches: notification to the data subject
‘(1) Subject to subsections (2), (3), (4), (6)(b) and (6)(c), if a personal data breach is likely to adversely affect the personal data or privacy of a data subject, the data controller in respect of the personal data concerned in that breach shall also, without undue delay, notify the breach to the data subject concerned, insofar as it is reasonably practicable to do so.
(2) The notification referred to in subsection (1) is not required to the extent that the personal data concerned in the personal data breach are exempt from the seventh data protection principle.
(3) The notification referred to in subsection (1) is not required to the extent that the personal data concerned in the personal data breach are exempt from section 7(1).
(4) The notification referred to in subsection (1) is not required if the data controller has demonstrated, to the satisfaction of the Commissioner—
(a) that the data controller has implemented appropriate measures which render the data unintelligible to any person who is not authorised to access it, and
(b) that those measures were applied to the data concerned in that personal data breach.
(5) If the data controller has not notified the data subject in compliance with subsection (1), the Commissioner may, having considered the likely adverse effects of the personal data breach, require the data controller to do so.
(6) The Secretary of State may by regulations—
(a) prescribe matters which a notification under subsection (1) must contain;
(b) provide that subsection (1) shall not apply to certain data controllers;
(c) provide that subsection (1) shall not apply to personal data breaches of a particular description or descriptions.
24C Personal data breaches: audit
‘(1) Data controllers shall maintain an inventory of personal data breaches comprising—
(a) the facts surrounding the breach,
(b) the effects of that breach, and
(c) remedial action taken
which shall be sufficient to enable the Commissioner to verify compliance with the provisions of sections 24A and 24B. The inventory shall only include information necessary for this purpose.
(2) The Commissioner may audit the compliance of data controllers with the provisions of sections 24A, 24B and 24C(1).
(3) In section 40 (Enforcement notices)—
(a) in subsection (1)—
(i) after “data protection principles,” insert “or section 24A, 24B or 24C”;
(ii) for “principle or principles” substitute “principle, principles, section or sections”;
(b) in subsection 6(a) after “principles” insert “or the section or sections”.
(4) In section 41 (Cancellation of enforcement notice”)—
(a) in subsection (1) after “principles” insert “or the section or sections”;
(b) in subsection (2) after “principles” insert “or the section or sections”.
(5) In section 41A (Assessment notices)—
(a) in subsection (1) after “data protection principles” insert “or section 24A, 24B or 24C”;
(b) in subsection (10)(b) after “data protection principles” insert “or section 24A, 24B or 24C”.
(6) In section 41C (Code of practice about assessment notices)—
(a) in subsection (4)(a) after “principles” insert “and sections 24A, 24B and 24C”;
(b) in subsection (4)(b) after “principles” insert “or sections”.
(7) In section 43 (Information notices)—
(a) in subsection 43(1)—
(i) after “data protection principles” insert “or section 24A, 24B or 24C”;
(ii) after “the principles” insert “or those sections”;
(b) in subsection 43(2)(b) after “principles” insert “or section 24A, 24B or 24C”.
(8) In section 55A (Power of Commissioner to impose monetary penalty)—
(a) after subsection (1) insert—
“(1A) The Commissioner may also serve a data controller with a monetary penalty notice if the Commissioner is satisfied that there has been a serious contravention of section 24A, 24B or 24C by the data controller.”;
(b) in subsection (3A) after “subsection (1)” insert “or (1A)”;
(c) in subsection (4) omit “determined by the Commissioner and”;
(d) in subsection (5)—
(i) after “The amount” insert “specified in a monetary penalty notice served under subsection (1) shall be”;
(ii) after “Commissioner” insert “and”;
(e) after subsection (5) insert—
“(5A) The amount specified in a monetary penalty notice served under subsection (1A) shall be £1,000.
(5B) The Secretary of State may by regulations amend subsection (5A) to change the amount specified therein.”
(9) In section 55B (Monetary penalty notices: procedural rights)—
(a) in subsection (3)(a) omit “and”;
(b) after subsection (3)(a) insert—
(aa) specify the provision of this Act of which the Commissioner is satisfied there has been a serious contravention, and”;
(c) after subsection (3) insert—
“(3A) A data controller may discharge liability for a monetary penalty in respect of a contravention of section 24A, 24B or 24C if he pays to the Commissioner the amount of £800 before the time within which the data controller may make representations to the Commissioner has expired.
(3B) A notice of intent served in respect of a contravention of section 24A, 24B or 24C must include a statement informing the data controller of the opportunity to discharge liability for the monetary penalty.
(3C) The Secretary of State may by regulations amend subsection (3A) to change the amount specified therein, save that the amount specified in subsection (3A) must be less than the amount specified in section 55A(5A).”;
(d) in subsection (5) after “served” insert “under section 55A(1)”;
(e) after subsection (5) insert—
“(5A) A person on whom a monetary penalty notice is served under section 55A(1A) may appeal to the Tribunal against the issue of the monetary penalty notice.”
(10) In section 55C(2)(b) (Guidance about monetary penalty notices) at the end insert “specified in a monetary penalty notice served under section 55A(1)”.
(12) In section 67 (Orders, regulations and rules)—
(a) in subsection (4)—
(i) after “order” insert “or regulations”;
(ii) after “section 22(1),” insert “section 24A(4)(c) or (d), 24B(6)(b) or(c),”;
(b) in subsection (5)—
(i) after subsection (c) insert “(ca) regulations under section 24A(4)(a) or (b) or section 24B(6)(a),”;
(ii) for “(ca) regulations under section 55A(5) or (7) or 55B(3)(b),” substitute “(cb) regulations under section 55A(5), (5B) or (7) or 55B(3)(b) or (3C),”.
(13) In section 71 (Index of defined expressions) after “personal data |section 1(1)” insert “personal data breach |section 24A(1)”.
(14) In paragraph 1 of Schedule 9—
(a) after paragraph 1(1)(a) insert—
“(aa) that a data controller has contravened or is contravening any provision of section 24A, 24B or 24C, or”;
(b) in paragraph 1(1B) after “principles” insert “or section 24A, 24B or 24C”;
(c) in paragraph (3)(d)(ii) after “principles” insert “or section 24A, 24B or 24C”;
(d) in paragraph (3)(f) after “principles” insert “or section 24A, 24B or 24C.””
This new clause seeks to create a general obligation on data controllers to notify the Information Commissioner and data subjects in the event of a breach of personal data security. The proposed obligation is similar to that imposed on electronic communication service providers by the Privacy and Electronic Communications (EC Directive) Regulations 2003.—(Louise Haigh.)
Brought up, and read the First time.
I beg to move, That the clause be read a Second time.
New clause 19 would provide a general obligation on companies to report personal data breaches. This crucial amendment gets to the heart of the regulatory system around cyber-security. Cyber-security is one of the greatest challenges we face as a country. Despite the Government’s multi-million pound strategy and their further welcome announcement today, we do not believe they have faced up to the challenge yet. Some 90% of large UK firms were attacked in 2014. That is an astonishing figure, and yet only 28% of those businesses reported their cyber-attack to the police. As the Minister knows, national crime statistics rose for the first time in 20 years last year, because scams and cybercrime are now included.
Throughout discussion of the Bill, we have made it clear that we feel it does nothing to address the real challenges facing the digital economy. The Bill should have equipped the sector for the digital future—a future as replete with challenges as with opportunities. None of those challenges could be greater than cyber-security. That security says to consumers and individuals that, in this coming century, when data will be the lifeblood and the exchange of personal data the currency, nothing is more critical to ensure that that runs smoothly than their trust.
This multi-billion-pound sector, which now amounts to 11% of our GDP, is utterly reliant on the mutual trust fostered between consumers and producers, which is why the new clause is so critical. It would establish for the first time a duty on all companies to report any breach of cyber-security. The legislation as it stands is simply inadequate. The Data Protection Acts deal extensively with the protection of personal data, but there is no legal obligation on companies to report data breaches. The privacy and electronic communications regulations include an obligation to report data breaches, but that only applies to telecommunications companies and internet service providers and, at that stage, only requires companies to consider information customers.
Clearly, however, it is not only communications providers that hold sensitive data about people that carry the potential to be commodified. Insurance companies have had their data stolen, to be sold to claims management companies; banks are hacked, as J.P. Morgan was in 2014; and TK Maxx suffered the largest retail hack to date with the loss of credit and debit card information. Yet none of those examples had a duty to report to their customers to ensure that further harm was not done with their information.
The net impact of the lack in existing legislation is that the vast majority of attacks go unreported, and people are left in the dark when their personal data have been hacked, leaked, stolen or sold. If we are to talk meaningfully about data ownership, we cannot allow that to continue. We welcome yesterday’s announcement that the Government will be implementing the general data protection regulation. As the Minister knows, the GDPR provides for a general obligation on all companies to report breaches to regulators and customers. Will he make it clear how he expects to fulfil that obligation and whether he is willing to accept the new clause?
Fundamentally, we are keen that the UK’s digital economy is not seen as a soft touch on cybercrime. That is why the new clause would impose a general obligation on data controllers to notify the Information Commissioner and data subjects in the event of breaches of personal data security. We believe that that would be a major step forward, and we look forward to the Minister’s comments.
I hope that we can deal with this new clause fairly quickly. I strongly support the hon. Lady’s assertion that cyber-security is vital, and I appreciate her welcome for the national cyber-security strategy that the Chancellor of the Exchequer set out today. People say that there are two types of company: those that have had a cyber-attack and know about it; and those that have had one and do not know about it. It is vital that cyber-security is a priority for all companies that use the internet.
As the hon. Lady said, we have announced that the general data protection regulation will apply in the UK from May 2018. That new regime will introduce tough measures on breach notification, making it a requirement for all data controllers and processors to report data breaches to the Information Commissioner if they are likely to result in a risk to the rights and freedoms of individuals. Breaches must also be notified to the individuals affected where there is a high risk to their rights and freedoms. Under the GDPR, the sanctions available will be worth up to 4% of total global annual turnover, or €20 million, so it will be strongly in the interests of organisations to comply with the requirements.
I suggest that the bringing into UK law of the GDPR is the appropriate place to make the change that the hon. Lady suggests in her new clause. I therefore ask her to withdraw the motion.
If the Government intend to implement regulations in May 2018, I am not convinced why they cannot amend this legislation now.
The implementation of GDPR is a much bigger piece of work than simply this change. It is better to bring the whole thing in properly and in good order, rather than piecemeal.
It is highly unsatisfactory that, for the next 18 months, companies receiving cyber-attacks will still not be reporting them to customers that have had their data stolen, hacked or lost, but it is welcome that the Government will be implementing the general data protection regulation. The Opposition will continue to scrutinise the implementation of their cyber-security strategy, so, with the Minister’s assurances, I beg to ask leave to withdraw the motion.
Clause, by leave, withdrawn.
I beg to move, That the clause be read a Second Time.
The new clause is a very simple amendment, one that I hope the Committee will agree is long overdue. The Communications Act 2003 ensured that access services—subtitles, audio description or sign language—are available on TV that is watched at a prescribed time and channel.
The way in which we watch and consume television has changed considerably since 2003; it is worth remembering that once the Communications Act 2003 reached Royal Assent, it would be a full five years before BBC iPlayer launched online. Similar on-demand services launched in the same year. Although subtitling is at or near 100% across the public service broadcasters, 76% of the UK’s 90 on-demand providers still offer no subtitles at all—despite the fact that, according to Ofcom’s figures, some 18% of the UK population use them.
The principles behind the Communications Act 2003 recognise that those with sensory loss should not be denied access to the information and services that many of us take for granted. Obviously, that principle still applies, yet, because of changes to technology, those with sensory loss cannot keep up.
In July 2013, the then Minister for the Digital Economy acknowledged this paradox, saying:
“If it is clear that progress isn’t being made in three years’ time…we will consider legislation.”
We say that time is up. That is why the Opposition have helpfully brought forward a new clause to remind the Government of their commitment. The clause would merely update the existing regulatory regime that has worked so well for linear TV and apply it to on-demand.
There is no reason to believe that a burden will be imposed. The current code has a sliding scale for access services provision so that new and smaller broadcasters are either exempt or have gradually increasing targets. No linear broadcasters are ever required to spend more than 1% of their relevant turnover on access services. The new clause would be subject to public consultation. It is eminently reasonable and long overdue. It is clearly time the Government acted to reflect the digital world in which we live and allowed those with sensory loss to play a full and active part in it.
The creation of a digitally inclusive society is a crucial commitment for this Government. If somebody is not able to enjoy and exploit the benefits and convenience afforded to able bodied people, it is for us to better understand why and to work with interested parties to identify and implement a remedy.
The current statutory targets for subtitling, signing and audio description—collectively known by domestic TV channels as “access services”—cover 83 channels, over 90% of the audience share for broadcast TV. Over the years, the provision of access services has increased. Most notably, the number of service providers reporting subtitles grew from seven channels in 2013 to 22 in 2015. However, there is still clearly room for improvement.
We have become a society that wants to watch TV at a time and place convenient for us. As with much of the Bill, changes in technology outgrow the underpinning regulatory framework. It is not unreasonable to expect that content should have subtitles when it is made available at a time and place that are convenient for the viewer—even more so if access services were present at the scheduled broadcast time.
Ofcom currently possesses the power to encourage the 116 on-demand services providers in the UK to provide these services, but it does not have the power to require them. We have been considering what can be done—as the hon. Lady might imagine, given the previous commitment. We have been engaged in discussion with Ofcom to determine how we can address the shortcoming so that an increase in the provision of access services for video on demand can be achieved. We will continue that engagement with Ofcom. It made its position clear in evidence to the Committee, having previously argued that the law as it stood was what was needed.
I urge the hon. Lady to withdraw the new clause. It would require a code of practice that would be too prescriptive and would get into the micromanagement that we talked about earlier in our consideration of the Bill. Also, I would want the clause to specify that it is for Ofcom, not the Secretary of State, to make such a code.
I would be grateful if the Minister gave us a firm timeframe for this work with Ofcom; this is yet another area that could easily have been addressed in the Bill. He is saying, “Work is ongoing. We might come back to it later.” There are so many areas of the Bill that could have been addressed by ongoing work. It all shows yet again that the Bill should have been delayed and brought forward when it was fit for Committee and ready to tackle all the issues.
The hon. Lady is clearly wrong about that, for two reasons. First, I do not want to delay the other measures in the Bill; she seems to want to delay a whole series of things that will improve mobile roll-out and broadband roll-out and will put age verification in place, and I think that would be a mistake.
Secondly, in the Committee’s consideration of the Bill, we have had opportunities for further debate that have not been taken up. That shows that there has been full and proper scrutiny of the whole Bill. In this case, after the publication of the Bill, Ofcom said that it thought there was a need for the change in the law. We should take that seriously, consult Ofcom and consider exactly what needs to happen.
I repeat that in July 2013, the Minister’s predecessor said:
“If it is clear that progress isn’t being made in three years’ time…we will consider legislation.”
The Government have had more than three years to do this. It is not that Ofcom came forward after the Bill was published. The Bill presented a perfect opportunity, so will he commit to the exact timeframe for giving Ofcom the powers?
Ofcom previously said that it had all the necessary powers, but its position has changed. When the regulator changes position, it is reasonable to take that into account and to consult on ensuring that we can get the powers into place.
I make no bones about it: the support for access services for video on demand has not been in place before. We made big strides in the previous Parliament. We are committed to doing more to ensure that the support is more widely available. Instead of the tone of delay that is coming from those on the Opposition Benches, we should have a tone of support. That is what I propose, so I ask the hon. Lady to withdraw the new clause.
It is completely outrageous to suggest that we are the ones arguing for delay.
The Minister’s predecessor said more than three years ago that the Government would legislate. I say to the Minister that he will legislate in haste and repent at his leisure. He may live to repent in terms of some of the measures that have been brought forward and some that have been missed in the Bill. I will seek assurances from Ofcom, seeing as the Minister has not been able to provide them, and we may return to the issue on Report, but for now I beg to ask leave to withdraw the motion.
Clause, by leave, withdrawn.
New Clause 24
Employers in the digital economy
“Where a business provides a digital service in which they act as an intermediary between labour suppliers and consumers where that service retains significant control over the service providers the labour suppliers shall be defined as employees of that business, as defined in section 230 of the Employment Rights Act 1996.”—(Louise Haigh.)
Brought up, and read the First time.
The digital economy is the fastest growing area of the UK economy. We are very proud that, as a proportion of GDP, it is the largest in the G20. It employs more than 1.3 million workers, of whom a significant proportion—many more will not be categorised in that figure—are employed in the so-called gig economy. As we heard following the Uber ruling on Friday, many of those people do not enjoy very basic workers’ rights. The London employment tribunal found that Uber was a transportation business and that the drivers who work through the app do work for Uber. The judgment against Uber was hailed as a landmark by the union that brought the claim, GMB, and rightly so. I am a proud member of that union.
Friday’s landmark ruling should have ripple effects across the entire digital economy. At its best, the disruptive force of technology is reframing our relationship with each other and the world around us, whether that is farmers using millimetre-accurate GPS to guide their crops or technical experts in safety-critical industries using live data to monitor the manufacturing process. While the digital economy is heralding an unprecedented opportunity for many, the reality can be very different for the more than a million workers employed within the industry. Too often they will find themselves overworked, underpaid and exploited by bosses they never meet, and who do not even fulfil their basic duties as an employer.
Uber is the totemic example. Their “workers”—who pay Uber commission for every taxi ride completed—are not guaranteed breaks, holiday pay or even the minimum wage. Astonishingly, Uber did everything they could to argue to the tribunal that these people were not employees or workers. The judgement states that
“Any organisation (a) running an enterprise at the heart of which is the function of carrying people in motor cars from where they are to where they want to be and (b) operating in part through a company discharging the regulated responsibilities of a PHV [private hire vehicle] operator, but ( c) requiring drivers and passengers to agree, as a matter of contract, that it does not provide transportation services…and (d) resorting in its documentation to fictions, twisted language and even brand new terminology, merits, we think, a degree of scepticism.”
We could not agree more, and it is a bitter irony that a force that is making this era one of the most inter-connected in history has left many workers more isolated than ever before. The Government—who have promised to look out for those that are “just managing”—seem to have been blindsided by the challenges faced by the most enterprising of workers in our economy. There are few workers who would better match that description of “just managing” than the taxi drivers who work upwards of 60, 70 and 80 hours per week and still struggle to pay their bills.
The new clause goes further than the Uber ruling; it would require drivers and other workers to be treated as employees of digital intermediaries. In so doing, their rights to sick pay and holiday pay would be protected as well as the right to paid breaks and the right to the bare minimum wage. When companies such as Uber inevitably try to wriggle out of their responsibilities by appealing against this recent decision, they will have nowhere to go.
We hope that the Government will step into the breach and move to enshrine the rights of workers employed in this emerging sector in law. This decision applies solely to Uber, but the principle should surely hold across the economy. It could affect many tens of thousands of people. So far, the Government’s only announcement has been a two-sentence press release issued on a Friday afternoon referring to a review that has no end in sight. If that is all that the Government can muster, it is hard to believe that they have grasped the scale of the challenge. This will be creating considerable insecurity for both the businesses operating in the digital economy and the workers involved.
I hope that the Minister is acutely aware of both the urgency and the importance of new clause 21 and why it was wholly inadequate for there to be no mention of workers and their protections in the Digital Economy Bill. Hopefully, the Minister will go away and consider measures that will fill the legal vacuum now created, and provide reassurance to the burgeoning digital workforce who, by virtue of a technological sleight of hand, are denied the rights that many of us take for granted. That is clearly an injustice of the first order.
The hon. Lady asks for us to act, and then sets out the way in which we are acting. That demonstrates that this important area is being considered by the Government.
Technology is indeed changing employment patterns, and the system must keep up with it. Clearly, employers must take their employment law responsibilities seriously and they cannot simply opt out of them. This means making sure that workers are paid properly and enjoy the employment rights to which they are entitled. As a very strong supporter of the living wage and the national living wage, which we introduced, I am a great proponent of ensuring that the labour market operates fairly. Part of that fairness is making sure that it is also flexible. That needs to be considered too, alongside the rights.
I have no doubt that Matthew Taylor will get in contact with lots of trade unions. It is a good idea to take a cross-party approach. The review will last for about six months and among other things it will consider security, pay and rights, skills and progression, and specifically the appropriate balance of rights and responsibilities of new business models and whether the definitions of employment status need to be updated to reflect new forms of working such as on-demand platforms. It will tackle some of those issues. With that explanation, I hope that the hon. Lady will see that we are taking a sensible, reasonable approach and will withdraw her new clause.
The Opposition have been nothing but reasonable in Committee. The Minister refers to righteous anger; for those taxi workers in London, Sheffield and across the country who are working and not guaranteed paid breaks or the minimum wage, it is not righteous anger but justifiable anger on their behalf. We are arguing not against all flexibility but for those basic rights to be enshrined in law. They should never be compromised for anyone’s convenience.
We are pleased finally to see a timeframe and have a commitment that the review will report back in six months. We will keep a close eye on the review and hope that it will take note of today’s debate. With that, I beg to ask leave to withdraw the motion.
Clause, by leave, withdrawn.
New Clause 31
Review of information disclosure and data ownership
‘(1) The Secretary of State must commission an independent review of information disclosure and data ownership under Chapter 1 of Part 5 of this Act.
(2) In conducting the review, the designated independent reviewer must consult—
(a) specialists in data sharing,
(b) people and organisations who campaign for the rights of citizens to privacy and control regarding their personal information, and
(c) any other persons and organisations the review considers appropriate.
(3) The Secretary of State must lay a report of the review before each House of Parliament within six months of this Act coming into force.
(4) The Secretary of State may not make an order under section 82(4) bringing the provisions of Chapter 1 of Part 5 of this Act into force until each House of Parliament has passed a resolution approving the findings of the review mentioned in subsection (3).’.—(Louise Haigh.)
Brought up, and read the First time.
I beg to move, That the clause be read a Second time.
A great deal of our lengthy debate on part 5 has focused on data ownership and control. The Government have stated elsewhere that their policy is that citizens should own and control their own data, but sadly the Bill takes us backwards in that regard by adopting a completely paternalistic approach to data sharing, with a “Government knows best” attitude. We are blindly to assume that our data are being kept, shared and used appropriately while we are kept in the dark about how they are being used and for what purpose.
As the former Prime Minister famously said, “Sunlight is the best disinfectant,” and as I have previously argued, a register for all data-sharing arrangements is necessary—in fact, essential—to ensure trust in the Government’s data sharing. Quite simply, we cannot have trust when there is no transparency, and that is true for Governments of any colour. The new clause would require the Government to commission an independent review of information and data ownership under chapter 1 of part 5, which would seek to establish the direction in which the Government’s stated policy intent for individuals to have control over their data is heading.
The Minister has given us all kinds of assurances that the codes of practice will sufficiently embed the principles, which have been debated at length, but as they are not statutory, there must be some form of mechanism to ensure that the spirit of the codes and the intention he stated in our debates are adhered to. Following the announcement that the Government will implement the general data protection regulation, the codes and the legislation are already out of date. I understand the role of Select Committees in this House, but the proposals made in the Bill are about incredibly detailed practices relating to the day-to-day operation of the civil service that are unlikely to be unearthed through a Select Committee report without a whistleblower or any kind of proactive publication, as suggested in our new clause on the new register.
The use of administrative data has been discussed at length, but it is not to be confused with the use of big data—a wholly different beast that has not been tackled in the Bill. That is another missed opportunity. A committee has been established in the Cabinet Office to consider the ethics of big data. That is absolutely necessary, but, again, it should have been conducted as an independent review, rather than something led by Government. My fear is that we are lagging well behind other Administrations with respect to how we treat data, and in the embedding of consent and control into our data regimes. We run a serious risk of sleepwalking into a major scandal.
Before I was elected I worked in the City of London, for Aviva. There I was put on a project looking at the type of things that we could do with big data. Aviva is a gold star insurer so it certainly was not indulging in unethical behaviour, but the kind of data that, if allowed, actuaries would like to test is simply not known—it would horrify the average consumer. There are many providers in the market for data, and many ways beyond our imagination in which our data could be commodified. It would take only a “Dispatches” exposé, or a scandal in The Mail on Sunday, and the Government would be forced to react; then, as all Governments do, they would over-react.
The Bill provides an excellent opportunity to look at the issues in the cold light of day, rather than the heat of reaction. I strongly urge the Ministers to take that opportunity and accept the new clause.
There are several problems with the new clause. First, it would delay the delivery of significant public benefits; secondly, it seeks more consultation on measures where there has already been a long and broad-ranging consultation effort over many years; thirdly, it is asking for even more Parliamentary time, when the scheme, future pilots and data-sharing measures are already subject to significant and continued Parliamentary scrutiny.
We believe that the proposed review and subsequent delay would prevent us from delivering significant public benefits, such as extending the warm home discount, which had the support of the Committee last week. If implementation of warm home discount reform were delayed by one year because of the time needed to carry out the review and then to establish the necessary data-sharing arrangements, the Government would potentially help about 750,000 fewer fuel-poor homes in 2018-19. Further, there would be a delay to our ability to implement the benefits of more effectively targeting the £640 million-a-year energy company obligation.
The measure is not short on consultation. That process started in April 2014 and has involved civil society groups, experts and practitioners. There was a public consultation. The draft clauses were published in February 2016. There has been lots of discussion and the Government have listened. That is why information can be shared only for specific objectives, which can be added to only if they satisfy the public benefit test. It is why we have new unlawful disclosure offences, and a code of practice that has been welcomed by the Information Commissioner. The proposed review would require the Government to consult the very people we have already consulted in developing the public service delivery power.
The Bill is also not short on parliamentary oversight. There must be agreement by Parliament to new objectives for sharing data, new public authorities—a list will be drawn up—and the code of practice. The code of practice clearly sets out the process for public bodies to maintain public confidence, with privacy and impact assessments and by ensuring that all data-sharing arrangements are public. That is clearly set out in paragraphs 74 to 78 in part 5. The further scrutiny sought in the new clause is unnecessary duplication. The purpose of scrutiny by Parliament is to decide whether the powers should be taken, so no purpose would be served by having another review before the powers are commenced. For that reason I ask the hon. Lady to withdraw the amendment.
The Minister is dead right. We would like some more consultation on the review, not least because nearly all of the Government’s consultees are unhappy with the proposals in the Bill.
I hope that we have thrashed out many of the part 5 issues and that the Government will act and amend the provisions in the other place. If that does not happen, we shall return to the matter on Report. I beg to ask leave with withdraw the motion.
Clause, by leave, withdrawn.
New Clause 32
OFCOM power to enforce structural separation of BT Openreach
‘After section 49C of the Communications Act 2003 insert—
“(49D) OFCOM has the power to enforce the structural separation of BT Openreach, should OFCOM consider this necessary.”’—(Calum Kerr.)
Brought up, and read the First time.
I beg to move, That the clause be read a Second time.
I will outline the rationale and seek reassurances as to how the Government intend to deal with this matter. We propose that the Bill be amended to ensure that Ofcom has the strongest legal basis to deliver all the options highlighted in its digital communications review. Ofcom is consulting at the moment on how it could introduce legal separation for Openreach within the BT group, but structural separation remains an option.
I beg to move, That the clause be read a Second time.
This new clause would mean that mobile phone service providers must give all consumers the opportunity to put a financial cap on their monthly mobile phone bill and that a mobile phone service cannot be provided until the service provider has put in place a cap of the agreed amount, if the consumer has made an express request. The new clause would be welcomed by many who have found that, when they receive an email or check their bank balance at the end of the month, their monthly mobile phone bill has come in much higher than expected.
The reason for the new clause is clear: mobile phone tariffs are complex, particularly on data. Few of us understand how much data we need for an average month, and consumers of all kinds can find that they use much more data than expected. Citizens Advice has provided me with an example that reveals the problem. One man changed his shift patterns and started using his phone to watch films during the night. His network sent a text message to tell him that he had gone over his monthly allowance, but he did not think too much about it until he received a bill for more than £2,000 at the end of the month. His service was subsequently cut off. Research suggests that as many as one in five consumers finds it difficult to keep track of how much they spend on data. The average unexpectedly high bill is usually double the cost of the original monthly fee.
Citizens Advice has received more than 60,000 inquiries about telephone and broadband debt, with its in-depth specialists dealing with nearly 27,000 individual mobile phone debt cases. Mobile phones have become a staple of our everyday life, and a voluntary cap would help consumers, particularly those who can ill afford an occasional doubling of their bill. Consumers support the measure, with more than 77% welcoming the idea.
This is not the first time that the proposal has been considered. In 2012, Ofcom considered introducing regulations but could not overcome the objections of providers, who argued that it would be too costly. Since then, two mobile phone providers have led the way and proved that it can be done. With the Bill’s new provisions on Ofcom appeals, I hope the Government will now consider our new clause.
The new clause seeks to place a mandatory obligation on mobile phone service providers to agree a financial cap on monthly bills with the customer at the time of entering into the contract, or to secure an agreement from the customer that they do not wish to have a financial cap. Consumers can avoid bill shocks in a number of different ways, so this additional measure is not necessary.
Before purchasing a mobile contract, consumers can already calculate their normal usage based on their last couple of bills. Once a consumer has established their monthly usage, Ofcom-accredited comparison websites are available to them. In fact, the Bill makes further progress on switching. Mobile phone providers are also taking steps to protect their customers from bill shock. As the hon. Lady says, many providers alert customers when they are close to reaching usage allowance limits and offer apps that enable consumers to monitor that usage.
I do not think that is true. There are examples of contracts that have caps or prepayment. Such contracts exist and they would not be complemented by the new clause, which is about ensuring that information and agreement are available at the start of a contract. The new clause proposes that such an agreement is available or that the person explicitly chooses not to have a cap, which in substance is the same position as now—it would just change what is in the vast quantities of small print at the bottom of these contracts.
The provisions in the new clause will not be a negative process, as the Minister has just outlined; they will require people to request a cap, rather than to agree that a cap is not put in place. Does the Minister honestly believe that enough information is provided when customers negotiate a contract with a telecoms provider about how much data are going to cost and how much additional data—over the agreed limit—will cost? Does the law currently guard against the example I provided of the gentleman who was watching films, completely oblivious to the fact that he was running up a bill of hundreds of pounds?
I think that that information has to be provided. Further, it is Ofcom’s job to ensure that that sort of information is provided in a reasonable way, and it has the capability to do that.
Can we guard against anybody using a mobile phone in a way completely different to their own intention at the point of signing the contract, having not taken into account the impact of that behaviour on the price? It is very hard to do that. I also do not see how the new clause would do that. It would simply change the way that a contract is written in the first place, giving the same options of either a capped or non-capped contract. It still provides for the two, so I do not think it would make a substantive difference.
That is not to deny that there is not always a challenge here to make sure that people get the best possible information, and crucially that switching is available and, as is provided for, that if somebody enters into a contract and wants to change that contract shortly after entering into it, they have the ability to do so. One provider now gives new customers the ability to put on a block on outgoing calls after they have reached their allowance, which they can turn on and off via their account, for example. There are dynamic ways of dealing with this within contracts, and I think that is probably the best way to do it, rather than with primary legislation.
Having said all of that, I of course recognise that this is an important and challenging area, but I hope that with that explanation the hon. Members will withdraw the new clause.
The Minister has not given us a good enough reason for why consumers should not have the ability to put a financial cap on their monthly bills. He has laid out some voluntary mechanisms that various communications providers have implemented, which is all well and good for their customers, but I am sure he will accept that that is a very haphazard way to deal with this issue.
The proposal in the new clause is itself a voluntary proposal, because it provides for the agreement from a customer should they not wish to see a financial cap. In substance, that is exactly what the new clause provides for.
It is voluntary for the consumer but not for the telecoms provider. The Minister, in his typical, patronising way, is trying to put this differently from how the Opposition is putting it.
Does the hon. Lady agree that it is just common sense to allow the consumer the choice to avoid high bills?
Absolutely. I do not think the Minister has made a case at all for not allowing this to happen, or why mobile phone companies should object to people voluntarily placing a financial cap on their bills to avoid the kind of excessive bills that can be, and are, run up by even the most tech-savvy of people. We will divide the Committee on the new clause, because we have not been provided with sufficient explanation as to why it should not go forward.
Question put, That the clause be read a Second time.
I beg to move, That the clause be read a second time. We have reached our final new clause, which was tabled in frustration at the amount of time I spend on trains every week and how shockingly poor the quality and consistency of wi-fi is, even when one has paid for the privilege of accessing it, in addition to not inconsiderable rail fares. To make things worse, the Sheffield to London line has appalling mobile network coverage; I can make a call on about 15% of the journey, just when we are in the stations. That is why our new clause on the mobile strategic review is absolutely necessary to ensure that network coverage is extended across the UK and to keep those mobile network operators on target. We need decent quality wi-fi on all our public transport and in all our public spaces. We now have a record high of 1.65 billion rail passenger journeys every year. Without decent network and internet coverage, they are essentially unproductive journeys that could be used to boost our economy. Indeed, many of our cities outside London lose out on investment precisely because the connecting transport has such poor mobile and internet coverage.
I have spoken to several London-based tech companies that have chosen to invest in cities other than Sheffield, because they would essentially lose the time travelling from London through being unable to work. You would be forgiven for thinking that this was deepest, darkest Peru rather than one of the biggest cities in the UK, just two hours’ train journey from London; but I was in Peru earlier this year and they have free wi-fi on their buses and in public spaces. In fact, of the top 10 most wi-fi-friendly cities in the world, the UK does not even feature. From Taipei to Florence and Tel Aviv to Hong Kong, the rest of the world is far ahead of us on access to free public wi-fi, which is boosting their tourism industries and domestic industries. There is benefit to be had for the train operating companies as well. In some US states, people recognise that they can deliver passenger-oriented services as part of wider, often safety-related, communications projects that they need to undertake, and harvest passengers’ use of social media as a valuable data source for plugging gaps in their travel information services, as well as for monitoring reactions to network performance and being able to take remedial steps.
I am sure that the Minister is going to tell the Committee about the Government’s superconnected cities programme, which got off to a shaky start—though they are to be congratulated on the progress that has already been made in delivering free wi-fi to trains and buses across Leeds, Bradford, Edinburgh, Newport, Cardiff, Greater Manchester, York and Oxford. As ever, though, we will push the Government and the Minister to be more ambitious and achieve everything they are capable of achieving, investing in the digital infrastructure that we need to ensure that our digital economy can continue to thrive across the whole country. Alongside roads and rail, it is the Government’s job to ensure that our country is fully equipped with the digital infrastructure necessary for the digital revolution. As has been said many times, I am afraid that this Bill, unamended, does not cut it.
Our proposal would not require a single penny of public money. It would simply chip into the tens of millions of pounds of profit that the train companies make off the back of publicly-funded infrastructure. It would simply put into franchise agreements a requirement for all trains to provide free wi-fi and we have been very flexible and reasonable about the level at which that should be provided. Ultimately, we need to see free wi-fi on all our public transport. Sheffield’s longer bus journeys already offer free wi-fi, while York and Newcastle have opened up their public spaces. It will mean that people and businesses can be more productive and we can all spend less on our data packages.
In a progressive spirit, we join in the support for this measure. As someone who travels regularly, having taken my position in this House, on some of the train services, I note that the difference between the contract that the Scottish Government have organised through the franchise with ScotRail with intercity wi-fi, and what is available here is quite stark. In fact, all new electrical multiple units of 318s, 320s, 334s and 380s in Scotland come with wi-fi and power sockets. I urge the Minister to consider including that and to ensure that customers in England and Wales get the same sort of service as those in Scotland.
It is highly appropriate to end this sitting with the new clause because the intent behind it has cross-party support from both parts of the Opposition represented here. Government Members not only recognise, but are enthusiastic and passionate about getting better wi-fi on trains. My hon. Friend the Member for Devizes, as a Transport Minister and more specifically a Rail Minister, was instrumental in getting Britain to where we are with wi-fi on trains. It is something all MPs understand as we travel around the country. Our frustration is shared by the great British travelling public and the demands for better and faster free wi-fi on trains will continue until they are sated.
Requiring free wi-fi on trains has been undertaken through new franchises and implemented also in existing franchises. The obligation to provide free wi-fi is now secured in 10 of the 15 franchises and we forecast that more than 90% of passenger journeys will have access to wi-fi by the end of 2018 and almost 100% by 2020. There have been further programmes, such as the superconnected cities programme. The hon. Member for Sheffield, Heeley says she wants to press us to achieve all we can, and we accept the challenge.
For all new franchises, the current specifications will require a minimum of 1 megabit per second per passenger, which allows for web browsing, basic email and social media activity. Crucially, this is set to increase by 25% every year with a focus on ensuring that it is reliable and consistent because dropped calls or frequent breaks in ability to access wi-fi are seriously frustrating.
There are even stronger bids in some competitions. For example, the East Anglia franchise, which I use a lot, will provide up to 100 megabits per second to the train by 2019, then 500 megabits per second by 2021 and 1 gigabit per second by the end of 2021 on key intercity routes, not least the Norwich in 90 and Ipswich in 60 plans. That is totally brilliant and I pay tribute to my hon. Friend the Member for Devizes for making it happen.
Wi-fi was previously dependent on mobile coverage that trains went through, but train operators have started to innovate and have done deals with mobile operators to make sure they have enough 4G coverage down the track. Chiltern is an example. It agreed a deal with EE to provide 100% coverage from London to Birmingham. This is happening. Specifying a particular technology in legislation is likely to provide more problems than solutions. Our changes in driving wi-fi through contracts with operators is more likely to be successful in getting more connectivity faster. That is the approach I propose.
In a moment, I will ask the hon. Member for Sheffield, Heeley to withdraw the motion, but first I want to pay tribute to all the people who have helped to make this Committee happen, including the Opposition. We have had cheerful and sometimes forthright debates, but in the best spirit of improving the digital economy for all the citizens we serve. I pay tribute particularly to the hon. Member for Sheffield, Heeley who, in her first performance in her new position, has shown the rest of us how to do it. She has been charming and brilliant. I can only say, thank goodness for Jeremy Corbyn.
I thank you, Mr Stringer, and Mr Streeter for chairing the Committee so effectively and efficiently, and for ensuring that I made fewer mistakes than I otherwise would. I thank the Clerk and the staff of the Public Bill Office, who have helped enormously to keep us on the straight and narrow. I thank the Doorkeepers for holding the doors open long enough for my Whip to ensure that we had all our people here when necessary. I thank the Hansard reporters for no doubt capturing us accurately, in sometimes quite complicated language. I thank the police, my officials in DCMS—in particular the Bill team—and also those from across Government, because the Bill has measures in it from many different Departments. There has been great cross-Government collaboration and I put on record my thanks to my policy officials, the Bill team and my private office team. I thank all those who have given oral or written evidence to the Committee, which has improved our ability to scrutinise the Bill. With that, I hope that the hon. Member for Sheffield, Heeley will withdraw this final new clause and we can report to the House a well-scrutinised Bill.
It is very welcome to hear that all new franchise agreements—the Minister is nodding—will contain a requirement for wi-fi. I am happy to withdraw the motion.
Before I do, I add my thanks to you, Mr Stringer, and to Mr Streeter. You have both kept us in order and guided us through, particularly me in my first time on the Front Bench in a Bill Committee. I was put in this job two days before the Committee proceedings began, when I had not yet read the Bill. To say that this was being thrown in at the deep end is something of an understatement. I add particular thanks to the Clerk, who has been incredibly helpful in getting our last-minute amendments together, to the Hansard writers, to the police and Doorkeepers, and of course to all the civil servants who have been in and out of here through a revolving door as we have cantered through the various clauses. I also thank all my hon. Friends who have contributed, SNP Committee members and Government Committee members. I thank both Whips who have kept us to time—we are going to get there eventually.
It has been unsettling to agree with the Minister on so many things but I have been very relieved to find that he still manages to infuriate me. I believe we have stress-tested the Bill pretty roundly. We have found it wanting in several areas and I am confident that it will receive amendments in the other place. I am disappointed to see it emerge relatively unscathed from Committee, but I am confident that it will return from the other place in better shape. I beg to ask leave to withdraw the motion.
Clause, by leave, withdrawn.
New Schedule 1
Electronic communications code: consequential amendments
“Part 1
General provision
Interpretation
1 In this Part—
“the commencement date” means the day on which Schedule 3A to the Communications Act 2003 comes into force;
“enactment” includes—
(a) an enactment comprised in subordinate legislation within the meaning of the Interpretation Act 1978,
(b) an enactment comprised in, or in an instrument made under, a Measure or Act of the National Assembly for Wales,
(c) an enactment comprised in, or in an instrument made under, an Act of the Scottish Parliament, and
(d) an enactment comprised in, or in an instrument made under, Northern Ireland legislation;
“the existing code” means Schedule 2 to the Telecommunications Act 1984;
“the new code” means Schedule 3A to the Communications Act 2003.
References to the code or provisions of the code
2 (1) In any enactment passed or made before the commencement date, unless the context requires otherwise—
(a) a reference to the existing code is to be read as a reference to the new code;
(b) a reference to a provision of the existing code listed in column 1 of the table is to be read as a reference to the provision of the new code in the corresponding entry in column 2.
(2) This paragraph does not affect the amendments made by Part 2 of this Schedule or the power to make amendments by regulations under section 6.
(3) This paragraph does not affect section 17(2) of the Interpretation Act 1978 (effect of repeal and re-enactment) in relation to any reference to a provision of the existing code not listed in the table.
Table
Existing code | New code |
Paragraph 9 | Part 8 |
Paragraph 21 | Part 6 |
Paragraph 23 | Part 10 |
Paragraph 29 | Paragraph 17 |
“Infrastructure system (and providing such a system) | Section 57(1)”. |
“Payment system | 182” |