(1 year, 3 months ago)
Commons ChamberIt is a pleasure to follow my right hon. and learned Friend the Member for Kenilworth and Southam (Sir Jeremy Wright), who made a characteristically thoughtful speech. At the outset, I want to put on record my entry in the Register of Members’ Financial Interests, and also my chairmanships of the all-party parliamentary groups on digital identity and on central bank and digital currency, which includes stablecoins. I also put on record the fact that I am the father of an eight-year-old girl and a nine-year-old girl, who have both just got iPads, and I am very aware of the need to protect them as all other children in the UK.
I just want to say that I have had good engagement with Ministers during the progress of this Bill through all of its stages, and I want to thank them and their teams for that. I also want to say that I really welcome what is now in the Bill to progress what I talked about in this place at the last stage it was discussed, which was the effect of algorithms and all of those design features that are part of the addiction we have heard several Members talk about as a potential harm. I think it is really good that that is in the Bill, and it is really good that the tech companies are being forced to think hard about these things.
My amendments—they are proposals for amendments rather than ones I realistically thought we would adopt through votes today—were designed to address a couple of potential shortcomings I saw in the Bill. One was the potential chilling effect on innovation and in the use of really important services that are user-to-user services from a technical point of view, but are not involved in the transmission of the content we are trying to deal with as the main objectives of this Bill. So it was very welcome to hear my hon. Friend the Minister speak at the Dispatch Box about the Government’s intention not to cover the sorts of services to do with data exchange and multi-party computation—some of the more modern methods by which the internet of things, artificial intelligence and various other types of platform run—which are not about making content available that could be a risk in the context we are talking about.
The other shortcoming I was trying to address was this idea, coming back to my right hon. and learned Friend the Member for Kenilworth and Southam, of the potential for the introduction of systemic weaknesses and vulnerabilities into the core systems that all our communications, many of our services, Government services and others rely on day by day for their secure operation. I think he made a very interesting point about the need to think through the precise legal impact that the potential uncertainty about some of those issues might have on the operation of those systems.
I am trying to introduce amendments—for example, amendment (a) in lieu of Lords amendment 189—essentially to provide clarification. This is particularly important when we are thinking about the remote access powers or the remote viewing of information powers in Lords amendment 189, which is why I have proposed an amendment in lieu. It is incredibly important that what we do in this Bill does not create the really fundamental weaknesses that could undermine the security that we and all of our systems rely on for their core operations.
I was also trying to address people’s understandable desire for their data not to be potentially accessible by an unauthorised third party. That type of systemic weakness, which could be introduced by doing the access process in the wrong way, is something we need to think carefully about, and I hope the Minister will say something about intent in respect of that at the Dispatch Box.
I do not want to take too much more time because I know that lots of other Members wish to speak, but the place where I got these ideas, particularly around systemic weakness, were powers in Australian law that are there to provide protection from exactly that type of application of the regulations. I know officials think that Lords amendment 189 does not present such a systemic risk, because it is about viewing information remotely rather than having access to the system directly, but I think that needs more clarity. It actually states:
“view remotely—
information…in real time”
which could potentially be interpreted as requiring that type of access.
On proportionality—this is my last point—we must think about the concept of necessity within that. We must try to strike the right balance—I hope we will all try to do this—between wanting to encourage tech firms to divulge how their systems work, and give people, including the Government, tools to say when something is not working well and they want to opt out of it, while also ensuring that fundamental operative things that are used in cryptography and computer systems to communicate with each other securely, are not inadvertently undermined.