Select Committee on European Union Minutes of Evidence

Examination of Witnesses (Questions 140-154)

Mr Peter Thompson and Ms Harriet Nowell-Smith

25 OCTOBER 2006

  Q140  Lord Dubs: So what rule will prevail, if the Framework Decision is adopted, for the data that are not covered by SIS II?

  Ms Nowell-Smith: The Framework Decision.

  Mr Thompson:

  Chairman: I think you have just shot Baroness Henig's—

  Baroness Henig: I think I know the answer to my question! That is, the SIS II instrument will prevail wherever there are differences—

  Lord Corbett of Castle Vale: You are giving the answer before we ask the question!

  Q141  Baroness Henig: I will ask the question, because the SIS II Decision does not provide for a right to information, whereas the Framework Decision does. The Framework Decision allows for the blocking of data and marking of data, whereas the SIS II Decision does not. I am assuming—but you will tell me if I am wrong—that the SIS II instrument will prevail in these cases.

  Mr Thompson: For once I can actually depart from this typescript! In fact, there is a right of information set out in the SIS II instrument, where the national legislation permits it. That right does exist in the UK, and it is Articles 50 and 52.

  Baroness Henig: So this is an area of slight change.

  Q142  Viscount Ullswater: Could I ask a supplementary? How does one exercise the right?

  Mr Thompson: Off the top of my head, I am not quite sure.

  Ms Nowell-Smith: In the UK, do you mean?

  Q143  Viscount Ullswater: Yes, for the information held on SIS II. How do you exercise the right?

  Ms Nowell-Smith: The data subject would write to the police body. The SIS II instrument has not yet come into force in UK law, so I do not know if there will be a central point of contact or if it will be diffused. The Home Office could, I am sure, tell you better than I could. However, the legal instrument provides that the access is in accordance with domestic law. The current position in domestic law under the Data Protection Act is that data subjects can ask data controllers and receive their subject access rights that way, and it is enforced by the Information Commissioner.

  Q144  Lord Avebury: In the document to which I referred earlier, that is the document where the Council of the European Union asks the Multidisciplinary Group to consider certain changes in the Data Protection Framework Decision, there is a question about the deletion of Articles 19 and 20 of the original proposal, which imposes an obligation on Member States to ensure that data subjects would be informed of the fact that data was being processed about them. Are you saying that the deletion of these clauses is happening and that they will be replaced by an article which leaves this to the legislation in individual Member States?

  Mr Thompson: Perhaps I could ask Harriet to take that question, if only because she is much closer to the detail of the DPFD negotiations than I am. I think that she could give you a fuller answer.

  Ms Nowell-Smith: Again, there is not too much we can say about the current state of the negotiations, because they are regarded as confidential by the Commission and the position of other Member States is something that I cannot really comment on. The UK's position is that we provide access rights to data subjects in this area under domestic law. We are content for it to happen in the Data Protection Framework Decision. You might also like to note that the articles you referred to distinguish between data that is collected from data subjects and data that is collected from third parties, which is an important distinction to keep in mind in those sections. The basic principle that there should be a right of access in Article 21 of the Data Protection Framework Decision I believe is not referred to in that communication. I do not have it with me today.

  Q145  Lord Avebury: That is correct.

  Ms Nowell-Smith: It is the provision that provides right of access to data that is held about people. The articles you are discussing, Articles 19 and 20, are about the different circumstances in which the police, for example, have to notify people that they do hold data. Sometimes it is obvious that the police hold your data. If you have been interviewed by someone in uniform at a crime scene, you will know that they have your data. Sometimes, if there is a covert surveillance going on, hopefully you will not know that the police have your data! So the notification rules are complicated, but the basic right of access, to be able to ask the police whether or not they have your data and to show it to you, is something that is in Article 21, and I believe that is not in question in the communication to which you have referred.

  Lord Avebury: That is very helpful.

  Q146  Chairman: I should have said earlier that you will be sent a transcript of this meeting in due course. When you look at the transcript, not only to make sure that you are correctly recorded but if it occurs to you that there are things that you should follow up in writing to us, that would be very welcome.

  Mr Thompson: Of course, yes. We will try and do that as quickly as possible, because I know that you are making good progress on this.

  Q147  Lord Dubs: The SIS II Decision and the Framework Decision both emphasise the importance of judicial remedies as regards data protection. At present, British courts cannot make references to the Court of Justice under Third Pillar matters because the Government have not opted in to the Court's jurisdiction. Is that something the Government are planning to reconsider?

  Mr Thompson: You will appreciate this is a government position beyond the sole responsibilities of the Department for Constitutional Affairs, but it is certainly true that the Government keep under constant review this question about EC jurisdiction and the Third Pillar. At the moment, we have no plans to change our current position. From memory, there are 14 Member States who have decided to come under the jurisdiction of the ECJ and the Third Pillar. We are not one of them. From memory, I think it is Ireland, Denmark, and probably the eight accession countries comprise the others.

  Q148  Lord Corbett of Castle Vale: Are the Government content with the progress of negotiations on the Data Protection Framework Decision?

  Mr Thompson: We have always supported rapid progress on the DPFD. From memory, it came out at the tail end of our presidency; so we were not able to do much with it. We supported progress during the Austrian presidency, and we have certainly supported the efforts that the current Finnish presidency has made to up the pace on negotiations. My understanding is that the Finnish presidency hopes to conclude the DPFD by December of this year. If that is not possible, we would hope that the German presidency, which follows them, would similarly give this priority.

  Q149  Lord Avebury: I am wondering whether you can say anything about the legal status of the Multidisciplinary Group on Organised Crime. What was the legislative instrument under which it was set up? Is it really satisfactory that the Council should delegate responsibility for progress on the DPFD to a body whose members are anonymous and where we do not know if it contains any experts on data protection?

  Mr Thompson: On the first point, I am afraid that offhand I do not know its legal basis. It is very much a Home Office lead. My understanding is that the Multidisciplinary Group is merely throwing its comments into the ring, if you like. The main body conducting discussions on the DPFD is the Council working group, with representatives from all the Member States, and that is the body of which we, the Department for Constitutional Affairs—who, after all, are responsible for data protection in the UK—meet with our colleagues, our opposite numbers, and that is where the main negotiations take place. I do not know if you have anything to add, Harriet?

  Ms Nowell-Smith: We do attend the MDG. I do not know the legal basis on which it was set up.

  Mr Thompson: If it is helpful, we can either speak to the Home Office or ourselves write back to you and clear that up.

  Chairman: That would be very helpful.

  Q150  Lord Avebury: Do you know whether it contains any experts on data protection?

  Ms Nowell-Smith: I feel I can assure you that it does. The UK delegation is represented by the Department for Constitutional Affairs, so we are the ones who attend these working groups. That is because it is primarily a data protection instrument. Many countries also send data protection experts. If they send crime experts, they are crime experts with an expertise in data protection, as far as I am aware.

  Mr Thompson: Can I record that I have made a mistake there? It slipped my mind that in this particular case the Council working group I referred to is of course the Multidisciplinary Working Group. That is confusion on my part, and I would like to correct that for the record, if possible.

  Q151  Lord Corbett of Castle Vale: Would the adoption of the SIS II Decision or the Framework Decision entail any amendments to the UK's national data protection laws?

  Mr Thompson: Implementation of SIS II is for the Home Office. I know that they are considering this matter at the moment, although they have not reached a decision. My understanding is they are looking for a solution which is practical; something one can do quickly and which is, clearly, legal. I just do not know beyond that.

  Q152  Earl Listowel: If I may, I would like to ask a question about the Schengen evaluation team. This came up in our first evidence from the Home Office. I think that there is some scepticism about the effectiveness of that team. Can you reassure us that this is in fact well resourced? That, for instance, if it has concerns about new accession countries, they have the resources to address them? Do they report back? Is there clarity to the public about those reports?

  Mr Thompson: I do not think there is much I can add, in the sense that I have not heard any concerns that they are either under-resourced or not doing a proper job. You are right that there is this Schengen evaluation team, made up of representatives from Member States. Before anyone can join the Schengen Information System, they make an assessment as to whether or not that particular Member State's systems are sufficiently good. I have not heard any concerns, but I cannot really go beyond that.

  Q153  Earl of Caithness: May I ask a question about how some of this will work in practice? What are the implications for our police and judicial services when they are collecting data, when they have to determine whether it will be used solely within the UK, or whether it will be used within the Framework Decision, or whether it will be used within SIS II and hawked round the EU and other countries outside? How will poor Mr Policeman, when he collects the data, determine that and the way in which he takes the data? Because the way he collects it and the way he handles it will have implications, depending where it finally ends up.

  Mr Thompson: I am not sure there is anything by way of real detail I can say that is useful here. Our department's interests are in the appropriate data protection rules that apply to the database as a whole. What we do not have responsibility for is how we implement it and how the police will. I just do not have that kind of information at hand. What I do know is that the main components of SIS data, for example, will tend to be people who are wanted for some reason. An obvious example might be that there is a European arrest warrant against them. That would be an obvious trigger as to why you would put something on SIS. People who are missing and people who are under surveillance—my understanding is that is very much the bulk of people who might actually be on SIS. I do not know whether there is any extra detail you are aware of, Harriet?

  Ms Nowell-Smith: It is easier to think of it in a staged way. Therefore, when you are collecting detail and you are a policeman just doing your normal job, you would be applying the Data Protection Act already. When you decide to enter information on to SIS II, at that point you have to think about the rules in SIS II. Most of the rules in SIS II, though, would be about the length of time for which you keep data. That kind of rule I would not expect to be applied by each policeman putting data into SIS II. It would be managed by the national body that maintains the database. So that part you would address only when you were entering information on to SIS II. We do provide a high level of data protection in the police and judicial areas already, so there is less risk for the UK than for some other Member States of having divergent levels of data protection for different types of data. Obviously we want a simple system that everyone can understand and work with.

  Q154  Chairman: Thank you both very much indeed. You have been very helpful and we are most grateful to you for answering as you did. I remind you that we would very much welcome any subsequent written comments, if you think that those are required when you look at the transcript. I think that now, in a seamless way, we will change witnesses. You are both very welcome to stay if you want to.

  Mr Thompson: Thank you very much. Once we have seen the transcript, we will certainly bear in mind whether or not we need to get back to you and clarify matters.

previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2007