The Parliamentary Under-Secretary of State for the Home Department (Meg Hillier): I beg to move,

As ever, it is a pleasure to serve under your chairmanship, Mr. Williams. The order is made under sections 36 and 38 of the Immigration, Asylum and Nationality Act 2006. Section 36 introduced a requirement for the Secretary of State, Her Majesty’s Revenue and Customs and chief police officers to share passenger, crew, freight, service and other travel-related information specified by order where the information is likely to be of use for immigration, police or Revenue and Customs purposes. Section 38 introduced a statutory gateway to allow those various border agencies to disclose similar information specified by order to the security and intelligence agencies where it is relevant to their statutory purposes.

The order specifies the travel-related information that must be shared between the agencies under section 36 and that which may be shared with the security and intelligence agencies under section 38. Travel-related information can be broken down into three clear categories: information about the travel documents or journey of a passenger or crew member; information held by the border agencies about a passenger or crew member or their journey or a freight movement; and information about or related to freight.

To set the order in a wider context, globalisation and the increase of traffic flowing into and out of the UK is placing increasing demands on the border controls and agencies affected by the order. That is why the Government are implementing the most comprehensive package of institutional and practical immigration reform for about 100 years—no substantial changes have occurred since 1909. Two important proposals are involved. First, there is the establishment of the UK Border Agency, for which my hon. Friend the Minister for Borders and Immigration has responsibility, and a unified border force that brings the work of the Border and Immigration Agency, HMRC at the border and UKvisas into a single, more powerful agency.

The second important proposal is the creation of the e-Borders programme, which will help to achieve the Government’s objective, by the end of 2008, of beginning to count foreign nationals into and out of the country—something we have been unable to do since 1994, when border controls were scrapped. It also introduces compulsory watch-list checks for high-risk journeys before people land. E-Borders will capture data on the majority of international passenger and crew movements by the end of next year. There has already been some success with the pilot project Operation Semaphore.

The order is essential to the future work of the UK Border Agency. It enables agencies to work together more closely using new structures, techniques and technology to deliver a co-ordinated and efficient model of border management to meet the travel demands of the 21st century. It is a strategically important issue both at e-Borders level and at the local tactical level, through the freight targeting hub at Dover and the joint intelligence cell at Gatwick and other airports.

Neither the e-Borders programme nor other joint working arrangements can function effectively without the routine and bulk sharing of travel-related data permitted by this order. Some data-sharing already takes place, but it is not permitted in volume. It is currently permitted only on a case-by-case basis, and justification has to be given for every disclosure. That hinders the work of the agencies. The examination of travel data agency by agency may involve sequential interceptions by three agencies rather than one co-ordinated response. That does not help the agencies, which may find that they are not in sync with the intervention and have to co-ordinate incredibly well in order to be in sync. Neither, crucially, does it help the traveller, who might be considerably inconvenienced if they happen to be the target of three agencies’ work.

By placing an obligation on the border agencies to share specified travel-related information, the order facilitates their ability to share routinely and in volume data on people and freight crossing the border. That must, of course, be provided on the basis that it is likely to be used for immigration, Revenue and Customs or police purposes. It is key to effective border management. The pooling of data will allow us to develop a much better awareness of suspect passengers’ travel patterns and networks, and to pre-screen passengers and identify those who carry a high risk of involvement in illicit activity. I stress that it will be a blind process and select people on the basis not of their surname, faith or what they look like but of their passenger movements. Information sharing will be triggered by a passenger or piece of freight travelling.

Mr. Dominic Grieve (Beaconsfield) (Con): I appreciate that that is the purpose. If I understand it correctly, that means that every passenger and freight movement in and out of the United Kingdom will be recorded. Will the Minister give the Committee some idea of the total number of freight and passenger movements that it is estimated will be thus recorded in any 12-month period?

Meg Hillier: I certainly can, and if the hon. Gentleman bears with me, I shall pick up that point in my summing up rather than searching out the figure now. It is a considerable number, and we are already screening 30 million passenger movements each year through our e-Borders pilot, the Semaphore programme.

As I was saying, it is important to stress that this will be a blind process; it is not about discriminating but about using intelligence about passenger and freight movement to target intervention to the most necessary individuals or movements. It will enable us to identify the individuals who present the biggest threat to the UK and mount an appropriate and co-ordinated response that will help to solve those problems.

Tom Brake (Carshalton and Wallington) (LD): Before the Minister moves on, will she clarify what she said about movements? Will the system be triggered by a set of movements that have previously been identified as suspicious, rather than just by any movement from anywhere to anywhere?

Meg Hillier: I make two points to answer that. First, for the order to apply and information to be shared, it must relate to a passenger. The hon. Gentleman, for instance, is sitting in this Committee room, so data sharing would not kick in. Were he to travel to New York tonight, that would be the point at which it would kick in.

On intelligence and how the data will be used, the system will pick up patterns of behaviour. The trigger might be if there were a known human trafficking route that people had travelled, perhaps buying their tickets in cash at a particular travel agency. Such data would be pooled, the agencies would be alerted and they could take action and intervene. They might not even intervene at that point; they would continue to gather intelligence and data and intervene when they felt an arrest or enforcement action was necessary. I hope that that gives the hon. Gentleman some understanding of how it will work.

Mr. Philip Hollobone (Kettering) (Con): Can the Minister clarify whether the order will include passengers travelling within the European economic area, and whether data sharing as a result of the order could be triggered by other obligations that the immigration, police or revenue and customs authorities have to other European Union countries? Could its provisions be triggered by investigations that start in other EU countries with which the UK has an obligation to co-operate?

Meg Hillier: On European passenger movements, yes, it will apply to anyone coming in or out of the UK borders. We also have an agreement that is about to come into place between the EU and Australia on the sharing of passenger name record information. Some European countries already share passenger name records. I was in Ljubljana at the end of January presenting to European Interior Ministers what we in the UK have been doing on sharing those records through the e-Borders programme. A proposal is currently being debated in Europe to share passenger name record information—the information that airlines get, in particular—to tackle terrorism and serious organised crime. We welcome that step and would also like it to be used to tackle serious crimes such as murder and sexual offences. That debate has been going on. We have also been hosting many of our European counterparts at the joint operating control centre where we currently carry out Project Semaphore to see for themselves the reality. I am writing to many of those countries to share with them some of the important work we have done to square this with data protection legislation in the UK, which has been a concern for some of our European colleagues.

A lot of work has been going on internationally to ensure that we have a common approach. It is worth citing the Minister for Justice, Equality and Law Reform for the Republic of Ireland, Brian Lenihan, who said that we should be doing this in Europe, because otherwise we will have a second-rate protection for our citizens compared with the United States, which is finalising an arrangement with the European Union on passenger name records. I hope that gives the hon. Gentleman some context about the international challenges of this issue. In terms of the data trigger for investigations, clearly some data sharing goes on with watch lists. Perhaps I can pick up on some of those issues in more detail in my summing up, rather than delay now, when I am sure other hon. Members wish to speak.

Another key element of this order is its impact on carriers. The order means that carriers will only have to supply their passenger and crew data to the Government once, rather than receiving individual requests from each of the agencies. Where those carriers currently have good systems, it is going to be much easier for them to do that. The cost of providing the data averages 14p per passenger. Obviously, that average masks a range, but it can cost as little as 0.04p per passenger. For most carriers, that is not a burden, although there are issues with some carriers. If hon. Members have questions, I will be happy to go into that.

We know that the approach is highly effective. Project Semaphore has demonstrated the benefits enormously, as I have mentioned. We currently screen 30 million alerts and, in the three years the project has been running, that has resulted in more than 1,600 arrests for crime including murder, rape and assault, the offloading of passengers who would not qualify for entry to the UK, and seizure of many false documents, tobacco and drugs. Semaphore has made a very real contribution to the fight against terrorism. I am sure hon. Members will understand why I cannot go into detail about those cases, but I am sure you will agree, Mr. Williams, that the order is important in that respect as well. As I have mentioned, we are already sharing with European countries on this issue, particularly because of the terror-related issues

Although the UK is at the forefront, it is not alone. The United States, Australia and other countries are becoming involved in this, and taking up this approach to passenger screening. The benefits of the order are clear, but recent events remind us of the importance of sharing information securely, safely and proportionately. I know that that is a matter of particular concern to the Committee.

I reassure hon. Members that the order does not give the border agencies free rein to share data without limitation. Only the travel data specified may be shared, and that data must have been assessed, at the outset, as likely to be of use for immigration, police or Revenue and Customs purposes. These are set down in law. In addition, in the next six months, we will be having a review along with the information commissioner, after a lot of discussion, to make sure that the data we are using for these purposes are still necessary and vital.

It should also be noted by the Committee that the order applies only to sharing between the border agencies under section 36 of the Immigration and Nationality Act 2006, and with the security and intelligence agencies. That is where I started, but it is also worth reminding hon. Members of the scope of the order.

Mr. Hollobone: Does the order do anything to address the problem of people getting on planes, coming to the UK, losing their documentation deliberately on board, and then arriving at Heathrow, or wherever, and claiming asylum?

Meg Hillier: It is not specifically tasked to deal with that issue, but clearly if one has information on boarding an aeroplane, and has provided passport details, that information—passenger name record and other information—would be passed through. It would therefore be clear that that documentation had existed at some point. Perhaps I could go into more detail in my summing up about whether there may be any further implications.

In addition to the order, there are three other statutory instruments before the House. One is the code of practice currently before Parliament. That is where we have worked particularly with the information commissioner’s office, because this code will regulate very clearly the sharing of information under this order. It lays down detailed and stringent data protection and data retention guidelines, and ensures that the approach is legitimate, fair and proportionate in terms of the data being shared. I am confident that the data protection obligations have been fully met and I would not want to stand before the Committee today, Mr. Williams, unless I and the Government were sure of that.

I trust that hon. Members will join me in supporting the order. As I have mentioned, it forms a package of secondary legislation and it will provide an essential legislative platform for the UK e-Borders programme and for more effective joint working between the agencies and, in the future, the UK Border Agency when it is created. That is essential for delivering a co-ordinated and efficient model of border management, which is capable of dealing with the rapid growth in passenger numbers. I am sure that hon. Members will want to support the order, because it secures our borders and ensures the safety and security of the public. I commend the order to the Committee.

Mr. Grieve: May I join in welcoming you, Mr. Williams, to the Chair? I would also like to reassure the Minister that we will not be opposing the order. The intention of the order is one that I am sure the entire Committee will have no difficulty in supporting, so I hope that the Minister will excuse me if I just go through a number of points on which I seek some clarification.

It seems to be quite clear on the basis of the question that I asked the Minister that we are dealing here, in terms of raw data, with a colossal amount of information. I think that the figure that she put forward, off the top of her head, was 30 million movements per annum, each one of which, I assume, will not only record the name but the passport number and presumably the other details that were given to the carrier in the first place, including the address provided by the person. If I understand her correctly, all that information will be recorded on to a raw database, where it can be assessed and from which the information can be obtained and then possibly shared out.

Logically, that brings me to my first question. I am left with some uncertainty as to whether all the border agencies will have access to the entirety of the raw data, or whether it is intended that only the material that is deemed to be useful because it is extrapolated will be provided to the individual agencies. If it is the latter, we need some clarification as to which organisation will hold the entirety of the raw data that is supplied; data that, as I have said, is going to be colossal in quantity.

The next question that must arise is about data security. Of course, I am perfectly mindful that the Minister is being transparently sincere when she says that it is the intention that this data should be kept secure. However, she will be perfectly aware from the examples that have cropped up in the last 12 months, including examples from some of the agencies with which we are concerned here, that data have a remarkable capacity, particularly when there is a huge amount, to go absent without leave. I would be grateful if the Minister would explain how the security of the data will be ensured.

That issue of security seems to link into my first question, which was whether all these agencies will have access to the entirety of the raw data or whether there will be one agency that will control the raw data and that will decide, through its technology, what parts should be extrapolated, to be given to others that should have access.

The next question that arises has already been touched upon by my hon. Friend the Member for Kettering: what will happen in terms of international co-operation? Again, I would like to make it clear to the Minister that I understand perfectly the good sense of sharing data on an international basis with other agencies that may be designed to try to prevent crime or terrorism. However, again the question arises about what arrangements the Government have made to ensure the confidentiality and the maintenance of confidentiality of the data. Furthermore, will that international sharing of data include the sharing of the entirety of the data or only such part of the data as the Government consider necessary to fight crime and terrorism specifically?

To encapsulate it in a nutshell, are we going to allow all sorts of foreign Governments and agencies to carry out—I do not mean this pejoratively—fishing expeditions into the entirety of the material, or will we supply them with those things that can be justified to the information commissioner on a frequent basis? I seek clarification from the Minister on that.

It would be helpful if the Minister provided a little more information, compatible with the needs of national security, on how the information will be stored. Will it be stored on a specific and dedicated computer system provided by the Government, or some existing computer system provided by them? Are the Government satisfied that the information technology that is going to be applied to the material is satisfactory and that it will be satisfactory for the task?

Those points conclude the main questions that I wished to ask on the matter, and I hope that the Minister will respond to them in her winding-up speech. Clearly, we should not minimise the colossal quantity of information that we are dealing with. Given that a substantial percentage of the population of the country travel, and that for that purpose we routinely supply information that goes to the heart of personal identity recognisers, including material that could be extremely damaging to people if it falls into the wrong hands, the Committee and the public will wish to be satisfied that the Government have adequate systems in place to handle the material, and that they ensure that confidentiality is maintained throughout.

Tom Brake: It is a pleasure to serve under your chairmanship, Mr. Williams—I do not envisage that you will have any problems with the Committee because I also support the order. Clearly, data sharing is sensible when its purpose is to tackle serious crime and terrorism. However, it requires adequate safeguards, and I have a number of short questions for the Minister, some of which have been touched on by the official Opposition spokesman.

Clearly, the technical solutions for data encryption, file transfers and so on are probably not in place at the moment. However, the Minister may have views about the principles that should apply to those things so that we can have some reassurance that the recent disasters of data going missing do not re-occur with the database. As the hon. Member for Beaconsfield set out in his comments, the scale is such that the database and the management of data have significant cost implications. Has the Minister assessed what those might be?

The Minister referred to data retention. Will she clarify how long the data will be held? Will the data be held irrespective of whether they are used for a particular purpose and whether they have been identified as being of security value? Will the data be kept for seven years, which I believe might be the retention period, irrespective of whether a journey was taken by someone who subsequently proved to be of interest to the Government from a security or other point of view?

I shall listen carefully to the Minister, but I hope that either now or later in writing she may be able to provide further clarification on those points. I shall await her response, but I believe that it is a sensible order for us to support, and we will do so if the need arises.

Meg Hillier: I can, I hope, answer all the points that hon. Members raised. The hon. Member for Beaconsfield raised the issue of the numbers involved. I was able to give the numbers for Operation Semaphore today. Once the scheme under the order is fully rolled-out, 200 million passengers in 2006 will be covered, and 305 million by 2015. I cannot provide freight figures at the moment, but I shall write to the hon. Gentleman with that information. However, e-Borders covers every movement within the EU, as I mentioned.

The hon. Member for Kettering was particularly interested in the issue of data sharing outside our borders, and that can be done on a case-by-case basis. There would be normal co-operation with official security agencies if, for example, a terrorist were crossing any border, as we would expect. That can take place on a case-by-case basis, but no blanket dipping can be done by the security agencies or police of other countries.

With regard to the comments made by the hon. Member for Beaconsfield on data, the data will be filtered by the agencies that have an interest, and they will alert another agency that might also need to know about something so that co-ordination can take place. With regard to data security, the system will be a closed system and access control will be allowed only to named and accredited individuals. Those activities are audited on a rolling basis, but there can also be random auditing to ensure that nothing else is done. To draw a parallel that is on a smaller scale and easier for us to understand, I am also responsible for the UK Passport Service, which uses random auditing to ensure that no member of staff looks up the passport records of hon. Members or famous England footballers, for example. It practises its own checks with secure databases in government, and that is important.

All three border agencies have a joint data controller, so with regard to the legal position the role is held jointly by the three agencies. I mentioned international data sharing, and that is on a case-by-case basis. The hon. Member for Beaconsfield was also concerned about sharing data with third states. That does not fall within the scope of the order, but clearly it happens and I mention it because it has been raised by hon. Members. It takes place in the normal day-to-day operations between countries when we are trying to deal with terrorist concerns on a normal watch-list system, for example. It is open to the UK Government to share that data when they consider it to be appropriate, so long as it is in accordance with European law and UK data protection law.

The hon. Member for Carshalton and Wallington rightly raised the issue of costs, and I think that the proposal represents good value for what it does and how it serves the British public in protecting their safety. The total cost of the programme is £1.486 million over 10 years from 2007—the programme started last year and will continue until 2017. The cost to the Government is £1.224 million over that period of time; they are paying 70 per cent. of the cost. I mentioned a specific figure for carrier costs, but the global figure for carriers is £242 million over the same 10-year period, which includes the set-up and running costs. I said that the average estimated costs per passenger movement was 14p and mentioned the differential of 0.04p, but that can range up to £6.31. That higher cost is for some carriers that do not have up-to-date systems, but carriers are modernising their systems as we speak, so it is expected that those figures will drop considerably and that even that average will go down.

I will touch on the length of time that data are retained, which depends on the different agencies. For e-Borders, data are retained for five years. The Borders and Immigration Agency will keep its data for five years, but can hold it longer on a case-by-case basis. If a case is still live because of immigration issues, the data would obviously be held longer. Her Majesty’s Revenue and Customs keeps data for five years, but can hold it longer under certain circumstances, so long as they are relevant. I should have said that the order does not apply to former Inland Revenue information, but only to HMRC information. The police are constrained in the length of time they hold data to a minimum of six years, and there is a limitation Act on how long they can hold certain information. If the information is needed for longer, it is transferred to an individual agency and comes under its data protection rules, so that it is on the basis of the shared information that can be held for longer by individual organisations.

I am sorry, but I may have inadvertently misled the Committee. In terms of the UK sharing data with third countries, it can do so on a bulk basis. Case-by-case matters relate to certain specific interventions. That may have been a bit confusing for the Committee, but we can supply on a bulk basis. Obviously there are still clear data protection rules that cover it, so it must be for reasons of tackling terrorism and the other issues that I have outlined.

Mr. Hollobone: If a UK citizen travels to the United States I believe that it is a requirement for them to declare whether they have been arrested in this country. Do Her Majesty’s Government provide bulk data to the United States authorities about passengers who have an arrest record in the United Kingdom?

Meg Hillier: We are getting into slightly other territory here. If there is a serious issue and somebody is wanted, that information will be on a watch list. As far as I understand, routine data, such as when a passport is swiped at US immigration control, would not necessarily alert someone that a person had a criminal record at any point in their life. It is not the case that everything a person has ever done would be available to passport control. However, if there were a concern at an immigration point, any immigration officer of any national country could seek information about somebody. Therefore, if there were some suspicion or a pattern of behaviour that was a cause for concern there would be mechanisms for delving, but it would not be on a routine basis.

It is worth highlighting the impact of Operation Semaphore—I have already highlighted some of the benefits. Currently Operation Semaphore only covers 12 per cent. of all routes into and out of the UK. One in 2,200 passenger movements have been flagged for intervention, and one in 12 of those has resulted in an arrest. The proposal to roll out those measures to the other 88 per cent. of routes into and out of the UK is important, but it is also proportionate in that only one in 12 of those who are flagged are arrested.

Tom Brake: As the Minister is concluding her remarks, there was one point on retention that I do not think she responded to. That is whether the 305 million passenger records that the Government will be logging—I cannot remember the exact date—will all be retained for the five or six-year period that she has referred to, irrespective of whether the movements were in any way suspicious.

Meg Hillier: That is the case. In order to build up a pattern of suspicious movement, one must keep that pattern of behaviour. I do not wish to pick on the hon. Gentleman, but to illustrate the point, suppose he were to travel to New York on a regular basis, and there were some suspicion that at some point he was perhaps smuggling drugs, it would be useful to know whether that had been the case three, four or five years ago in order to build up that pattern of behaviour. If it were immediately wiped, there would be no pattern of behaviour to build up. We believe that it is proportionate to keep it for that length of time. It only flags up if an issue arises. It is an enclosed and secure database. I should stress that no information is downloaded to disk at any stage. Information will be transferred on a secure wire.

Mr. Grieve: I assume that the recording of the data will come from the passenger information supplied to the carriers rather than information being supplied to passport control when one goes through passport control. Otherwise it sounds as though it will be a rather laborious process, which might be rather time consuming. Could the Minister confirm that point?

Meg Hillier: I am happy to confirm that. We are already well practised with this advanced passenger information. Sometimes people are filtered out by airline liaison officers who are British Government employees working abroad and helping airlines to screen passengers before they arrive. They can pick people up at an early stage. Those lists of people travelling on a particular aircraft, for example, would arrive in the UK before the aircraft arrived if there were a particular concern.

Under this proposal, rather than having to screen the whole flight, because there was a suggestion that someone might be travelling on a particular route, we can hone down to the few passengers or perhaps an individual passenger on that large flight who had an issue and deal with them on arrival. Then there would be a flag at immigration control, but the aim is not to slow down immigration controls. We are trying to ensure that passengers can come through them with ease.

There are also safeguards to protect the privacy of individuals and individuals can request the data that are held on them. The code of practice which is issued under section 37 of the 2006 Act, which needs to be read alongside the order, will regulate the handling and sharing of data information under section 36, as I have mentioned. It sets out the stringent safeguards that are in place to ensure compliance. It is worth highlighting that point, too.

The order is an important tool to ensure that the Government can protect the British public and other citizens of the world from passengers who are travelling with malign intent. It ensures what we believe is a proportionate response to that. Most travellers will not even be aware that this is happening. We will be able to catch the handful and target the relatively few people who are intent on causing this country or others harm. It deserves to be supported and I am delighted that all members of the Committee support it this evening.

Question put and agreed to.

Resolved,

Committee rose at six minutes past Five o’clock.