Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, what recent assessment she has made of the adequacy of the application of data protection law to the collection and retention of personal data in connection with infant baptisms and other religious rites; and whether she plans to review the compatibility of such practices with principles of (a) consent and (b) children’s data rights.

Under the UK’s data protection legislation, religious organisations have obligations to process personal data lawfully, fairly and transparently. Personal data should also be kept secure, its accuracy should be maintained where appropriate, and it should not be processed for longer than is necessary.

The legislation is monitored and enforced independently of government by the Information Commissioner’s Office (ICO), which has published guidance for organisations on complying with the legislation in respect of children's data, including the circumstances where it would be appropriate to seek parental consent to the intended processing: Children and the UK GDPR | ICO.

The government has no plans to carry out an assessment of whether and how religious organisations collect and retain personal data relating to infant baptisms and other rites, but anyone who has concerns about the handling of their personal data can raise the matter with the ICO via https://ico.org.uk/for-the-public/.