David
Howarth: It could be relevant but new—that is the
problem. To follow what Walport and Thomas said about not allowing the
orders to be part of a change of policy, we must have a list of
existing policies and apply them in the relevant way. We cannot have a
new but relevant policy that would justify a change. That important
point is what lies behind amendment 56.
Amendment 55
raises the point that a fair balance between the public interest and
that of the individuals concerned will always, in the minds of
Ministers, come out in favour of the public. That is the job of a
Minister—they are supposed to think about the interests of the
public. If we are going to protect the interests of individuals and
their right to privacy, we must say so far more clearly, rather than
simply allowing Ministers to do a balancing test in their own heads,
which will inevitably come out in one direction. That is what amendment
55 seeks to achieve.
Amendment 57
is about the problem that the information sharing order could grant
powers to do whatever to anyone. It ought to be restricted to people or
organisations that count as public authorities and are covered by the
Human Rights Act. The amendment also seeks to stop onward delegation of
powers to people or organisations that are not covered by the Human
Rights Act.
Amendment 59
seeks to remove what I think is a rather weird provision in the clause.
In the list of things that the order can do, proposed new paragraph (f)
states: “provide
for a person to exercise a discretion in dealing with any
matter”. I
do not know what is envisaged, so I want to ask the Government what
such a matter could be, and about the possibility of allowing someone
to have discretion over whether to ignore the data protection
principles.
Amendments 60
and 61 are about any enactment provision. They seek in one case to
remove, and in the other case replace, a Henry VIII clause that allows
Ministers to change primary legislation by order. I have had a couple
of conversations with a leading legal historian who asked me to mention
the fact that calling such clauses Henry VIII clauses is a bit of a
calumny on Henry VIII, since he never got this power through
Parliament—it would not let it through, which illustrates how
serious such powers are. The orders should certainly not be allowed to
change the Data Protection Act—Walport and Thomas are clear
about—or, of course, the Human Rights Act. Whether orders should
be allowed to change any primary legislation is, in practice, a more
difficult question. If there is going to be such a power, it needs to
be very specific and not what seems to be a
catch-all. Those
are our central amendments, but there are also amendments 147 to 149,
on privacy impact statements, which are a useful technique recommended
by the Information Commissioner. If the Government are not going to do
anything else at this point, they should think about more effective use
of privacy impact assessments.
In the end, the
question before us is that raised by the right hon. Member for
Knowsley, North and Sefton, East: is what is being proposed justified
by the size of the problem identified? The answer to that is that it
cannot be. The breadth of the power proposed goes way beyond the
inconveniences first identified as the problem to be solved. What are
we introducing instead? Through all the submissions from a whole host
of organisations, from Privacy International to the British Medical
Association—I shall not read them all out because we know them
from having received all the briefings—the theme is that the
provisions are destructive of trust in the Government and in
professionals, such as doctors, doing their jobs. I am perfectly
willing to accept that that was not the intention, but I am afraid that
that is the effect. The clause has to be changed very clearly and very
soon, otherwise people will start to suspect that the intention of the
Government is changing in favour of doing something that they really
should not be
doing. Mr.
Henry Bellingham (North-West Norfolk) (Con): Good
afternoon, Mr. Gale. The clause is horrible and we would
intend to strike it out, although it could be improved if the Minister
accepted two of our amendments and two of the amendments tabled by the
hon. Member for Cambridge, which we have
signed. Our
amendment 356 would remove the
phrase “secure
a relevant policy
objective” and
insert “serve the public interest”. Amendment 357 is
similar to amendment 147, which was tabled by the hon. Member for
Cambridge. It demands that the designated authority wanting to make an
information sharing order must supply a full privacy impact assessment.
We also support the hon. Gentleman’s amendment 52—that is
why we signed it—because it removes the frightening proposed new
subsection (3)(b) that enables information collected for one purpose to
be shared out with organisations for a wholly different purpose. That
is a wide-ranging part of the clause, the consequences of which would
be to give much more power to Her Majesty’s Government. I ask
the Minister to accept the amendments because they would improve an
unsatisfactory
clause. We
are not at all happy with the clause. From what the excellent
Information Commissioner told us the other day in the evidence session,
he wanted more powers, which is what clause 151 is all about. However,
I do not believe that he wanted to see the Government take for
themselves the extra powers to share data—between Departments,
as well as with the private sector. He did not want that at all; he was
tactful when he spoke to us, but to me he looked uneasy and far from
happy.
Mr.
Kidney: This cannot be right. The hon. Gentleman says that
he trusts the Information Commissioner, but he is now misrepresenting
his views. The commissioner wrote the report that recommended the
fast-track procedure to enable data sharing to take place. How can the
hon. Gentleman say that he is backing the Information Commissioner in
opposing the
clause?
Mr.
Bellingham: The clause goes much further than the Thomas
and Walport review. Perhaps I am a suspicious person, but judging from
the mood music at the evidence session, the Information Commissioner
did not look to be enamoured with the clause.
In this
technological age, more data are always going to be shared. We accept
that medical records are going to be shared among hospitals and GP
practices, and that the police and the Driver and Vehicle Licensing
Agency are sharing more and more data. We recognise that the fight
against crime requires more data to be exchanged and shared. There are
increasing numbers of CCTV cameras, and local councils are going to
share that information with the local police. There was a recent
example of that in my constituency. An unfortunate Polish migrant
worker was minding his own business in the centre of King’s Lynn
when he got beaten up by a bunch of drunken hooligans. The incident was
caught on CCTV and the four people involved were then prosecuted,
convicted and sent to prison. That is an example of CCTV cameras
working well and how data should be shared.
We accept that
in this terrifying, terrorist environment there will be more and more
data sharing. We want the police and security services to retain the
powers that they have, and that will mean more data sharing. However, a
balance needs to be struck between the needs of the police in fighting
crime and the rights of the
individual. I
recently saw a quote from Sir David Omand, the Cabinet Office’s
former security intelligence co-ordinator, saying:
“Finding
out other people’s secrets is going to involve breaking everyday
moral rules.”
The intrusive mining of
databases, including accessing phones, could involve “breaking
everyday moral rules”. We have to go so far, but surely there is
a stage beyond which we should not go. However, much of the data that
are shared could, and should, be shared on a voluntary basis. The
public do not mind some of their data being shared and we all know what
sort of data that is.
Alun
Michael: I am following the hon. Gentleman with some
interest. The idea that there should be a balance between the public
and individual interest is one of the basic principles of data sharing.
However, he seems to be straying into saying that he accepts that there
will be more data sharing, but that it should be done on the basis of
common sense. Is that really a basis for decision making? I accept that
judgment needs to be applied, but is it enough to leave things to
common sense? Does he accept that there are occasions when data that
should be shared are not shared, because of the tendency in some courts
to retreat into a comfort zone of saying that the safest thing to do is
not to share
it?
Mr.
Bellingham: My concern is that if the Government are given
more powers, they are going to use those powers on an increasingly
draconian basis. One can look at any Government and see them using
their powers in the way I described the other day as “Executive
creep”. They want to find out more about what people are
doing.
The role of
quangos and agencies has grown enormously over the past few years and
the private sector has become more involved in working for Departments
under contract. I cited this morning some of the Departments that are
using private sector agencies. I mentioned that the Office of the
Solicitor General has a
large contract with Logica. I talked about the Department for Business,
Enterprise and Regulatory Reform, and I remind the Committee that, as
at June last year, it had 165 databases, of which 90 were maintained by
external companies that are private sector contractors. The MOJ owns
and maintains 74 different databases. In a recent parliamentary answer,
the Under-Secretary of State for Justice, the hon. Member for
Liverpool, Garston, did not break down—like some Departments
did—which of those 74 were wholly owned by the Department and
which were maintained by the Department but run by the private sector.
I will be coming back with questions about that because obviously quite
a few of those databases are run by major IT companies such as Logica
and Autonomy. We do not mind that, because they are excellent
companies, but we are looking at some very sensitive databases, such as
ARIA, which is the asylum and immigration system, the magistrates
courts’ database, the centralised attachment of earnings system,
C-NOMIS, and the recorded appearances
database. 1.30
pm My
concern is that more of that data will be shared between Departments
without the necessary checks, because the clause does not carry those
checks. Perhaps it would not matter so much if we could trust this
Government and if they have had a good record on handling and storing
our data, but can we trust them? I am not going to give the Committee a
long list of some of the scandals over the loss of data that have
occurred in the past few years, where data have not been properly
looked after, but the Government are
incompetent. The
other thing that worries me is that the Government are becoming
increasingly illiberal. I would never have guessed that, as a
mainstream Conservative, I would be finding myself way to the left of
this Government on some libertarian issues. If one looks at the
national ID card scheme, the extra powers that bailiffs have to break
in and enter people’s homes to enforce not Crown court or
magistrates court debts but civil debts and the other hare-brained
schemes that they have come up with, one sees that they are becoming
more and more illiberal. In the Bill, we have secret inquests, and now
the data-sharing proposals, which just go too
far.
The
Parliamentary Under-Secretary of State for Justice (Maria
Eagle): I thought that the hon. Gentleman said earlier
that he believes in the use of common sense, not statutory rules. But
he now seems to be arguing that there ought to be a proper framework
against which any Government can be held to account, which we all agree
with. His current argument suggest that the proper way forward is
voluntarism, but I do not follow how that
works.
Mr.
Bellingham: At the moment, a lot of voluntary arrangements
are in place and a huge amount of data are shared between Departments.
What is happening at the moment across Departments leads to the
necessary level of data being shared. It is our proposition that when
the Government make mistakes over how data are handled and stored, they
should be held to account—we argued earlier that the Government
should not have Crown immunity. But we also feel strongly that the
powers under the clause just go too far. It is not just me who is saying
that, because Liberty, which the hon. Member for Cambridge quoted
earlier, said that
it “strongly
opposes these amendments as the powers it gives are extraordinarily
broad and make a mockery of the safeguards contained in the DPA (Data
Protection Act
1998).” The
Joint Committee on Human Rights, a hugely eminent Committee of
parliamentarians, said in its 14th report:
“We
fundamentally disagree with the Government’s approach to data
sharing legislation, which is to include very broad enabling provisions
in primary legislation and to leave the data protection safeguards to
be set out later in secondary
legislation.” We
heard Dr. Meldrum from the BMA say the other day that the clause could
seriously undermine the confidence that patients have in doctors. It
could lead to patients being reluctant to disclose personal
information, and even making them reluctant to go to a surgery in the
first
place. This
morning, we received a briefing from the Wellcome Trust, the Medical
Research Council and the Academy of Medical Sciences, which
states: “However,
we recognise that patient records are both sensitive and personal, and
therefore should be protected by robust safeguards. The research
benefits will only be realised if there are appropriate mechanisms in
place so that the public, patients and doctors are able to trust that
their data will be kept secure and
confidential.” It
is about trust, and the clause represents the final breakdown of the
privacy contract between the state and individuals. That is why we will
vote against the clause, unless the Minister comes up with serious
concessions. I believe that she is aware of the widespread public
opposition, and Labour Members, who have so far been silent in the
debate, must understand the level of public
concern.
Alun
Michael: The hon. Gentleman is on a rant that seems to be
designed for press consumption. Labour Members are taking part in a
constructive debate with the Minister, who appears to be listening, so
will he stop
ranting?
Mr.
Bellingham: I have been expressing my views forcefully,
but I do not regard that as a rant. Conservative Members take the
clause very seriously. We have co-operated with the Minister on many
parts of the Bill. We started off in a spirit of bipartisanship and
co-operation, and we want to work with the Minister and produce good
legislation. My concern is that tagging on this clause will
substantially undermine a really good
Bill.
Maria
Eagle: Is the Conservative position that the current
legislation is adequate, that voluntarism where it can sensibly be
arranged is good, and that no additional framework of rules is needed,
or is it that there should be some changes to the statutory framework,
but that the changes are the wrong
ones?
Mr.
Bellingham: It is both. We feel that the current rules are
working well, although there could be improvements. We do not feel that
this is the way to go about it because we feel that—this is my
last point—if one destroys public trust and confidence,
undermining the vital privacy contract between the public and the
Government, it leads to a breakdown in trust and public opposition,
cynicism and apathy, which will undermine the Government’s whole
data protection programme.
| 
