| Previous Section | Index | Home Page |
19 Mar 2009 : Column 315WH—continued
3.24 pm
Tom Brake (Carshalton and Wallington) (LD): It has been a pleasure to serve on the Select Committee, particularly on the inquiry on a surveillance society. It is a very topical inquiry, and the work has been very detailed, with evidence taken from many different sources. I want briefly to set out some of the ways in which we are currently being watched or catalogued, or in which our personal data are being captured. I do not suggest that all the things I am about to mention are things to be concerned about—some of them are not—but some of them may be.
We have already heard about the 4 million or more CCTV cameras—one for every 14 people, apparently—and that people make 300 CCTV appearances a day in London. There are registration plate recognition cameras and mobile phone triangulation, which allows firms—or the police, when necessary—to work out where people are. Store loyalty cards are of huge value politically, in that we all rely on the data that they provide to fill our canvassing gaps. I imagine that all political parties use data from loyalty cards to help us to identify our supporters. In addition, there are credit card transactions, the London Oyster card, the electoral roll, NHS patient records, personal video recorders, phone tapping, hidden cameras, worker call monitoring, mobile phone cameras and internet cookies. I could go on and on. The list is getting longer almost daily.
The Government are clearly not directly responsible for all those examples of either a growing surveillance society or a society that is very much data-driven. However, they must take responsibility for curtailing the intrusion into our privacy that, increasingly, is being made from public sector and, potentially, private sector projects. We know that the Select Committee report and the Information Commissioner support the view that the Government should move to curb the drive to collect more personal information and establish larger databases.
Perhaps I should respond now to the point that the Minister made in a Delegated Legislation Committee a couple of days ago, when he expressed surprise that a Liberal Democrat supports the concept of databases. I should perhaps have declared an interest; having worked in the computer industry for 13 years before I was elected, I am not unfamiliar with databases. I was responsible for constructing many a large database. It is not the database that is the issue, but access to the data and the security of and controls over that data.
Mr. Coaker: I accept to an extent the hon. Gentleman’s point that it is not just the retention of data that matters, but access to them. If he reads Hansard, he will see that I was making the point that although he was going to vote against the EU data retention directive, he asked me whether that directive included such things as Facebook, MySpace and Bebo, and when I said that it did not, he expressed surprise. In turn, I expressed surprise that he was going to vote against the directive but was almost criticising me for not including such things, which would have resulted in a much bigger database.
Tom Brake: I suspect Sir John, that you would not allow us to go too far down the route of repeating the debate of a couple of days ago. However, the issue was the same then as today—control. If Facebook or Bebo are being used as, I suggest, there is evidence to show they are being used, there may be a case for retaining the data. However, it is a question of the controls that are imposed, who has access, and retention. They are the issues that need to be dealt with.
Hon. Members will be familiar with the human rights group Privacy International, which in 2006 produced a report that stated that Britain is the worst western democracy at protecting individual privacy. The two worst countries out of the total in the 36-nation survey were Malaysia and China, but Britain was in the bottom five, with, according to Privacy International, “endemic surveillance”. It listed several areas of concern, including “World leading surveillance schemes” and
“Lack of accountability and data breach disclosure law”.
The list specified that the commissioner has relatively few powers, and mentioned data retention, which we have talked about, as having made great steps forward without the required controls necessarily being in place. It also mentioned the identity card scheme with biometric data and—the subject of much debate a couple of days ago—the use by local authorities and other organisations of the Regulation of Investigatory Powers Act 2000, in a way that was, I believe, never intended, to track people just to identify whether they live where they claim to in relation to securing school places.
Privacy International clearly has strong reservations, as does the Select Committee, about the way in which the Government are dealing with those data, privacy and surveillance issues. When the Select Committee published its report, the then Home Office Minister, now the Minister for Employment and Welfare Reform, the right hon. Member for Harrow, East (Mr. McNulty), stated that the Government were listening and were tackling or reviewing the issues that the report raised. He said that they were taking those matters very seriously. I hope that in the time that the Government have had to consider the report, they have acted on some of the things that they said they would do.
On storing, sharing and securing data, the Select Committee report stated:
“The Home Office should work with the Information Commissioner to raise public awareness of how the Home Office collects, stores, shares and uses personal information.”
We know from the Government’s response that they have taken some action. To see what action they have taken, people should go to the published information charter, for which a website address is given in their response. I hope that the Minister will tell us that a little more action than that has been taken, because I imagine that my constituents who have just received letters about ContactPoint would not necessarily know that they should go to that website to find out how their data will be handled. I suspect that, with the exception of me, probably nobody in my constituency knows that they should look at that website to see how the Government are dealing with that issue and raising public awareness of how data are handled. I hope that the Minister will reel off a substantial list of further actions that have been taken since that issue was raised.
The Select Committee report also said:
“The Home Office should publish a report on an audit of the data collections managed by the Department and its agencies, outlining as far as possible without compromising security the technological and procedural safeguards currently in place.”
We know from the Government’s response that they are addressing that issue, or at least that the Home Office has noted the Committee’s recommendation. The Government’s response goes on to say that work is under way, which will take some time to be completed, and that
“then consideration will be given to which elements it would be possible to publish.”
I want the Minister to tell us how much progress has been made on that and whether anything is in the public domain already. If the Government are considering different types of data collection, how many of those audits have been completed, how many are under way, and when will a full list of them be published so that people can consider them?
The Select Committee has previously inquired into identity cards, which I cannot fail to mention, because that scheme is the greatest example of curtailment of our freedoms. The right hon. Member for Walsall, South (Mr. George) might disagree with me on this issue, but I have concerns about the Tesco trip that he was talking about. Clearly, it must be a priority to ensure that our citizens our safe—that is a given—but many people are concerned that they should be allowed to make that trip to Tesco without being required to produce an identity card. It is no business of anyone else’s what they do when they go about their daily business, if all they are doing is going to Tesco to buy a pint of milk. They should be allowed to do that without someone stopping them in the street, particularly if they are from a black or minority ethnic community, because they are much more likely to be stopped if the controls are very tight.
Such a system would significantly curtail our rights, and it would carry all the associated risks that come with Government IT projects, such as overrunning and the significant risk of data breaches. Also, it would be an ongoing consideration for every citizen that they must provide information to ensure that the register, and therefore their identity card, does not go out of date, leaving them subject to challenge when they enter or leave the country. My experience of France in the 1970s was that the police did not stop people like me when they did their controls in the underground system. Instead, they stopped Algerians, Tunisians and others whom they could clearly identify as being of a different colour. That is a real risk.
We had much discussion about the Regulation of Investigatory Powers Act 2000 a few days ago, which I do not want to go over again. However, the Select Committee raised that issue in its report, highlighting concerns that we need to raise public awareness of how and why communications data might be collected and used. We need much tighter controls on how those data are accessed, how the matter is governed by RIPA, and how various bodies may access data under the guise of RIPA.
Keith Vaz:
Even accepting that some of the data losses of the past year or so were mistakes for which nobody was culpable, does the hon. Gentleman share
my concern that, despite that spate of losses, we have not had a firm set of rules from the Government covering how data should be controlled and managed? We need rules on the level of seniority of civil servants who can access such data and on how those data may be sent from one organisation to another. Government Departments still seem to see those losses in isolation, with one Department blaming another for what happened. Our Committee was very concerned that there should be one, firm set of rules for the whole of Government.
Tom Brake: I agree entirely, and I thank the right hon. Gentleman for that intervention. We need to have clear safeguards and safety measures in place, but we do not have them. We do, however, have further extensions to databases, such as e-Borders, being rolled out. That is a genuine concern.
DNA retention has been mentioned. We have the largest DNA database in the world—it is far larger than the US’s. There are 1 million people on the database for whom there is no record on the police national computer, and 1 million who were children when they were added. It should be a source of concern that 140,000 people will have their DNA stored for life despite never having been charged with, let alone convicted of, any crime. As the right hon. Member for Leicester, East (Keith Vaz) has said, the Government have only two choices: either no one who is innocent is on the database, or there should be a system like the Polish system of giving all citizens a unique identifier, in which the Government capture DNA from everyone, at birth, so that we are all in the same boat. Having a substantial number of innocent people on the DNA database for an indeterminate length of time is unacceptable. The Government have to address that, and they have to choose where they stand.
Mr. Coaker: Will the hon. Gentleman clarify that point please? I usually understand what he means, but I am not quite sure what he just said. I understand his point that one can argue for a universal database, but I am not clear on his alternative. Is he saying that people should be on the DNA database only if they have been convicted, or if they have been charged? I know his position with respect to arrest, but I am not sure whether he means that they should be on the database when they have been charged or convicted.
Tom Brake: I thank the Minister for giving me the opportunity to clarify my position. This picks up the point that the right hon. Member for Leicester, East made about someone whose DNA has been retained on the database in spite of their many requests for its removal and the fact that they are innocent of any crime. I am not saying that people should not go on there, but there should be a clear process to ensure that the DNA of innocent people is removed from the database within a defined period.
Mr. Coaker: May I press the hon. Gentleman on this point? Is he saying that the DNA should go on following arrest, charge or conviction? Actually, I know that he accepts it should go on after conviction, but I do not understand his position regarding arrest and charge. What is he saying?
Tom Brake:
I am saying that there needs to be a point at which DNA is removed from the database. That is the critical issue. I shall caveat this point slightly by saying
that there may be people who have committed serious violent or sexual crimes whom we might want to keep on the database for a period of time, if they are charged but not found guilty. They would be the one exception. Ultimately, we must have clarity from the Government—and possibly from me as well—on what happens to someone’s DNA when they are clearly not involved with a crime. In the example of the one-year-old baby, there is clearly no justification for keeping their DNA on the database—unless the baby was being investigated for the theft of a rusk.
Keith Vaz: There is nothing wrong with DNA going on the database on arrest, because at that point we do not know whether somebody is going to be subsequently convicted. The point is, if somebody is innocent and is not convicted of a criminal offence, there ought to be a robust process whereby people can write in, get an answer so they know why DNA is being retained, and be told yes or no. If the answer is, “Yes, we’re going to keep it on the database,” the reason why should be given. The issue is that the process does not exist.
Tom Brake: I thank the right hon. Gentleman for providing the clarity that I was perhaps not providing myself. Clearly, in relation to the example of the baby, I am sure that all hon. Members agree that the DNA should be removed.
Other hon. Members have talked at length about CCTV, and we need to acknowledge that there might need to be a better level of control or regulation. However, there also needs to be an assessment of whether CCTV is as effective as people assume, because the evidence is uncertain and, during the Committee inquiry, some of our witnesses made it clear that they were also struggling to find the necessary evidence to demonstrate that it is as effective as hon. Members—possibly myself included—think that it is.
Mr. Bruce George: I am not responding out of reciprocation. I would like the hon. Gentleman to return to a point he made earlier—he was too quick for me. I am not trying to dramatise the matter, but perhaps somebody should calculate how many people who have committed a murder or a serious crime can bask in the security of the knowledge that there will be no DNA evidence to convict them because it might have been destroyed. I am not trying to accuse the hon. Gentleman of anything; I am sure that he knows I am seeking to make a genuine point. When do we put individual liberty above justice and people’s survival?
The second issue is whether there is a median point between everybody or nobody having their DNA recorded. There could well be a large number of people who would voluntarily submit themselves for inclusion, and if there were a media campaign for people to do that, it would put enormous pressure on others. The hon. Gentleman suggested that there was a stark choice between one side of the argument or the other, but I feel that there are some shades of difference between those points of view.
Tom Brake:
I thank the right hon. Gentleman for that intervention. He is right to highlight that the issue is perhaps not totally black and white and that there is some grey in between. He is right to ask how many
people might have been saved if the relevant DNA had been retained on the database, but one could also ask how many more people would have been saved if the money had been spent on other measures.
The right hon. Gentleman has reminded me of an interesting and sad case in my constituency where a mother’s daughter was murdered and the police requested local men to come forward and give their DNA—I am pleased to say that many local men did so. Again, once those men were eliminated from the police inquiries, they should have had the right to have their DNA removed, if that is what they chose to do. However, if people voluntarily choose to leave their DNA on the database, I am not going to argue against allowing it to remain there.
I shall now mention the child database, ContactPoint, to which I referred earlier. At home, we have just received the letter informing us that, through that system, information will be kept on computer. We clearly called for that system to be scrapped. Perhaps the Minister will accuse me of being against a massive database in relation to that issue, but I am not against massive databases when it comes to child benefits, tax credits or housing benefit, because that is how they work. However, ContactPoint is a massive database that is likely to present a risk, which I think the Government have acknowledged. As with any other database, there can be no guarantees that security is watertight and that at no point in the future will people whom we do not want to access the database be able to do so in a way that could put children at risk.
I shall finish by mentioning some new concerns—I would not say that they were threats necessarily. In the past couple of weeks, Google has launched a couple of services, one of which is Google Latitude. The service is enabled through people’s phones and allows their friends to track where they are on a Google map. I have no problem with a voluntary arrangement whereby people choose to let their friends know where they are. However, there seems to be the potential for people to use the technology in such a way that the owner of the phone does not necessarily know that the service has been enabled. We tested the technology on my phone and, after a certain number of days, a text message is sent to the phone to tell people that the service has been enabled. However, I do not know whether that happens for every device of that kind.
In the past couple of days, Google has launched another application called Street View, through which people can look at different streets in different cities around the country. The technology is moving so fast that my concern is whether the Government, the Information Commissioner and everyone else who needs to be involved can get ahead of the technological curve, or whether they will always be trying to catch up with technology that is continually pushing at the barriers and putting such images into the public domain. Interestingly, the police were asked about Street View, and they said that it was useful, because it would help to cut crime. I am not sure whether that suggests that there will be a working relationship between the police and Google Street View to ensure that those images are shared. If so, I would be interested to know what the data protection issues are and what dialogue took place before that application was made live—it is now live. Will the Minister say precisely what is happening in
terms of all those technological developments and what the discussion process is before applications that potentially threaten our privacy are released by commercial companies?
I am afraid that I have lost track of how much time I have left—okay, I have seen how long I have been speaking, and it is probably time for me to finish. The last thing that I want to mention is e-Borders. An alarming article in The Daily Telegraph, to which I hope the Minister will respond, stated:
“By the end of the year 60 per cent. of journeys made out of Britain will be affected with 95 per cent. of people leaving the country being subject to the plans”—
“by...2010.”
The Minister will know that we support the e-Borders programme in relation to exit controls, because we need to know who is leaving the country so that we can ensure that, for example, the UK Border Agency knows when asylum seekers have left the country and does not continue to investigate the cases. However, the extent of the details that will be held on the system is concerning— travel plans, addresses, credit card details. In addition, notification is required 24 hours in advance and there is the potential to be fined if that information is not supplied. I hope that the Minister will say that the scale of what is being suggested is not what the Government are truly planning.
I had better finish, Sir John. I just want to say that Liberal Democrats have real concerns about the surveillance society and the privacy issues that the report has highlighted. We have issued our freedom Bill, which sets out how we would respond to things such as ID cards, RIPA, DNA retention and the children’s database. We are at risk of sleepwalking into a surveillance society, and the Minister needs to wake up before the threat becomes reality.
| Next Section | Index | Home Page |