Draft Code of Practice for Civil Registration Officials Disclosing Information under Section 19AA of the Registration Service Act 1953
Margot James Excerpts(5 years, 11 months ago)
General CommitteesRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister for Digital and the Creative Industries (Margot James)
I beg to move,
That the Committee has considered the draft Code of Practice for Civil Registration Officials Disclosing Information Under Section 19AA of the Registration Service Act 1953.
It is indeed a pleasure to serve under your chairmanship, Mr Sharma. The Digital Economy Act 2017 amends the Registration Act 1953, introducing discretionary data-sharing powers that allow civil registration officials to share civil registration data such as birth, death, marriage and civil partnership records with other civil registration officials and with public authorities for the purposes of fulfilling their functions. Any data sharing will be carried out in accordance with the requirements of data protection legislation. For the data-sharing powers under part 5 of the Digital Economy Act 2017 to become operational, the codes of practice, including the civil registration code of practice, have to be laid before Parliament and approved by a resolution of each House.
The civil registration code of practice sets out how the discretionary data-sharing powers should be used by civil registration officials when considering disclosing information under those powers. While primarily for civil registration officials, the code of practice will become a public document and will provide greater transparency on how civil registration information is held and managed.
The code of practice has been drafted in consultation with the Information Commissioner’s Office to ensure that it is compliant with data protection legislation and the latest standards for best practice for information sharing. In developing the code of practice, work also took place with other Departments, the devolved Administrations and civil society groups with privacy interests. That approach ensured the right balance was struck between supporting civil registration officials using the discretionary data-sharing powers and building appropriate safeguards in the code of practice to protect individuals’ privacy and prevent the unlawful disclosure of data.
Before data is shared, the code of practice provides that privacy impact assessments and data-sharing agreements should be drawn up and agreed with public authorities to include such things as how data is to be used, stored and retained. Data should be used only for the purpose it has been provided for and retained only for as long as is necessary.
Data-sharing agreements should prevent the creation of a database or the linking of registration data in any way. Any breach would have to be reported to the Information Commissioner’s Office, which has the power to impose penalties where appropriate. Details about all data-sharing agreements under the powers will be made available by civil registration officials within a publicly available register. There will be one register for all the data-sharing agreements relating to civil registration, public service delivery and debt and fraud powers.
The register will require the same data fields to be completed on the register for each of the delivery provisions. That will ensure consistency and transparency about how the powers are being used. It will set out the purpose and anticipated benefits of each data share and clarify the controllers of data under the respective data-sharing agreements, including data retention periods.
The code of practice, along with the other codes of practice in part 5 of the Act, was subject to a six-week public consultation that concluded on 2 November 2017. The majority of respondents were broadly positive on the content of the civil registration code of practice and found it to be clear. Suggestions on how the code could be improved, which included providing more information on data controller responsibilities, were taken on board and reflected in further revisions to the code of practice prior to its being laid before Parliament.
The final point I would like to make to fellow Members is that we are working within Government to have the register of information-sharing agreements available on gov.uk to coincide with the data-sharing powers becoming fully operational. I commend the code to the Committee.
Margot James
I thank the right hon. Gentleman for the good questions that he has raised. In answer to his concern that there are a number of SIs all relating to various codes of practice with regard to information sharing, he cites Estonia as a model. I agree with him that Estonia has many benefits in terms of the way it has embraced the digital economy—we would all welcome that—but we have to remember that Estonia has a population of 1.3 million, which is half the size of a small city in this country, so the challenges are very different. None the less, we have a national system of personal verification and that is on GOV.UK Verify. That is the UK platform, which is open to the public sector.
The right hon. Gentleman talked about the provisions improving various functions of government and that is precisely what they are designed to do. There will be one register relating to all the data-sharing agreements—civil registration, public service delivery, and debt and fraud powers—available on a searchable basis across the public sector. It is hoped that the immigration system would benefit from that fully searchable database. I will look into that and will write to him if I can say anything more specific about that, other than that people will have access to an up-to-date fully searchable database, which will be an improvement.
The second example the right hon. Gentleman rightly draws our attention to is the system for deaths when the person belongs to a religion where people need to be buried within 24 hours. He calls for greater collaboration between the coroner’s office, the registration office and the NHS. I think the measures will assist in improving the dialogue between those three arms, but I believe, from bitter experience, that it will take quite a lot of awareness raising of the new system of data management and the availability of civil registration data on a fully searchable platform before the improvements we all want to see actually take root. The system will allow electronic information to be shared with NHS bodies, which should speed up data-sharing processes, subject to IT limitations. We have some way to go before we bed this down, but the potential is there. I commend the code of practice to the Committee.
Question put and agreed to.
Draft Digital Government (Disclosure Of Information) Regulations 2018;
Draft Information Sharing Code Of Practice: Code Of Practice For Public Authorities Disclosing Information Under Chapters 1, 3 And 4 (Public Service Delivery, Debt And Fraud) Of Part 5 Of The Digital Economy Act 2017
Margot James Excerpts(5 years, 11 months ago)
General CommitteesRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Chair
For clarity, we are considering both the regulations and the code of practice; I will call the Minister to move the motion, and speak to both. At the end of the debate, I will put the question on the first motion, and ask the Minister to move the remaining motion formally.
The Minister for Digital and the Creative Industries (Margot James)
I beg to move,
That the Committee has considered the draft Digital Government (Disclosure of Information) Regulations 2018.
The Chair
With this it will be convenient to consider the draft Information Sharing Code of Practice: Code of Practice for public authorities disclosing information under Chapters 1, 3 and 4 (Public Service Delivery, Debt and Fraud) of Part 5 of the Digital Economy Act 2017.
Margot James
It is a pleasure to serve under your chairmanship, Mr Hosie. The purpose of the regulations is to allow information sharing between specified bodies for specific purposes. They will also amend the Digital Economy Act 2017. Alongside the regulations, an information sharing code of practice for the public service delivery, debt and fraud provisions has been laid before Parliament, to be approved by a resolution of each House.
The public service delivery power supports the improvement or targeting of public services. In order to exercise the power, the Government must set specific purposes for data sharing via regulations. Those purposes must meet criteria defined in the primary legislation. The regulations seek to establish four objectives for data sharing under the public service delivery power. Those objectives will address multiple disadvantages, fuel poverty, water poverty and targeted assistance in retuning televisions.
I am sure that hon. Members would agree that the Government have a duty to support the citizens we serve and to ensure that the most vulnerable in society get the help that they need. The formulation of each of the public service delivery objectives has been guided by that principle. Data sharing is an effective and sometimes vital way of identifying individuals and households experiencing problems that reduce their life chances.
I will provide hon. Members with some details about each of the four objectives. First, the multiple disadvantages objective would allow for data sharing between specified public authorities to help to identify individuals or households that face two or more disadvantages. Disadvantages could include factors that in combination with each other limit the life chances of individuals or households, for example by affecting their health, emotional wellbeing or social and economic chances. The objective was initially developed to support the troubled families programme, which supports the identification of families across England for targeted support. It is also intended to be available for similar programmes across the UK.
On television retuning, to meet the increasing demand for mobile data, the Government have agreed to £600 million of funding so that the 700 MHz band —currently used for digital terrestrial television— can be allocated for mobile broadband. As a result, 150,000 households might need to either replace or realign their aerial to continue receiving all channels. The powers will help to identify those who are on certain benefits and might require further support to ensure that they continue to receive digital terrestrial television services.
The fuel poverty objective will provide a gateway for specified public bodies to share information between themselves to help to identify households living in fuel poverty, to ensure that they get the support that they need. It will also enable specified public bodies to flag to energy suppliers those who are eligible. The aim is to enable more vulnerable households and families to receive automatic rebates in the same way as more than 1 million pensioners do through the warm home discount scheme. However, that can happen only if the state can inform energy suppliers which of their customers should receive the benefits.
The water poverty objective would allow the sharing of information between public authorities to help to identify those who may be living in water poverty and help to ensure that they receive the necessary support. The information could be shared by public authorities with water and sewerage companies to help them better to target their support schemes, such as social tariffs, as allowed by powers in the Digital Economy Act. That Act specifies the conditions for disclosure of information to energy suppliers. One condition is that information disclosed under the powers must be used by the recipient in connection with a specified support scheme. The amendment is designed to enable information to be shared to identify, for coverage by price protection, vulnerable customers at risk of fuel poverty. Five million vulnerable households are already protected by a safeguard tariff, and we are keen to ensure that the delivery of such protections can be assisted through the ability of suppliers to match customer data with the data held by Government.
For the data sharing powers in part 5 of the Digital Economy Act to become operational, codes of practice must be approved by Parliament. The information sharing code of practice provides guidance on the use and disclosure of information under the public service delivery, debt and fraud provisions, as well as explaining the legal framework. We worked with other Departments, the devolved Administrations and the Information Commissioner’s Office, as well as civil society groups with privacy interests, to develop the code. The four relevant instruments were all subject to a six-week public consultation in autumn 2017, ahead of their being laid in May of this year. They were also made available in draft form for parliamentarians to consider during the Committee stage of the Digital Economy Bill in November 2016. The aim of those efforts was to strike the right balance between supporting practitioners to ensure that they can make use of the powers and building in safeguards to protect individuals’ privacy and prevent the unlawful disclosure of data.
Public authorities and other participants intending to use the information sharing powers in chapters 1, 3 and 4 of part 5 of the Digital Economy Act must have regard to the information sharing code of practice when disclosing or using information under those chapters. Failure to do so may result in loss of the ability to disclose, receive and use information under the powers.
I commend these provisions to the Committee.
Margot James
I thank both hon. Gentlemen for their remarks. In addressing some of the questions raised by the shadow Minister, I will first point out that we have made great efforts to protect the welfare state and public services as we sought to deal with a very challenging deficit. I would like to see the public services in the context of our abilities to direct those services more towards those who really need them. That is the strategy we have adopted.
For example, in the area of energy, which I spent some time on in my opening remarks, we are talking about benefits such as winter fuel payments, cold weather payments and warm home discounts. Those benefits are alive and well, and valued by the several million people who receive them. What we seek to do through the safeguards is to ensure that, when there is discretion from energy companies about how to target some of those benefits, they can use intelligence about the people who are likely to need them most to deliver those benefits even more effectively. That is what we are debating.
The right hon. Gentleman rightly points out that we need safeguards. We need to ensure that information sharing is proportionate, that it is only used by the recipient for the purposes for which it is intended and that it is not retained for any longer than necessary. We are putting a number of safeguards in place. The data sharing powers must be exercised in compliance with the safeguards under the Data Protection Act 2018 and the Human Rights Act 1998. There is also a minimum amount of data required to meet the objectives for sharing information; that is another safeguard that we have put in place.
Any further changes to the list of public authorities permitted to share data under the codes of practice can be made only via regulations that are subject to the affirmative procedure, and we have involved the Information Commissioner’s Office throughout the development of those codes. I reassure the right hon. Gentleman that we have given great consideration to safeguards and that they have been put in place. He also asked about the question of data exchange on the whole household if only one individual meets the criteria. The purpose of the objective is to assist individuals or households with a combination of disadvantages. The problems of one household member can affect the outcomes of others in the same household; in particular, children growing up in a workless family are almost twice as likely as children in working families to fail at all stages of their education.
As a result, 150,000—I am so sorry. You will be pleased to know that I was about to wind up, Mr Hosie, and—
Margot James
I have given the right hon. Gentleman an opportunity to intervene. I apologise to my hon. Friends for that.
Liam Byrne
Will the Minister confirm what latitude she is giving councils and the DWP to share information? I think that that is the principle clarification that we were looking for.
Margot James
The right hon. Gentleman did indeed raise that important point. It should not be the case, of course, that people need to job-hop to find out what is going on when they have only the good of citizens in mind. What is important is that the DWP will, according to the safeguards that we have built in, be able to share information for certain purposes. For example, if the Department has information about someone’s fuel poverty status they will be able to share information with local authorities. Likewise, if it has information that meets any of the other objectives that I outlined, it will be permitted to share it directly with local authorities.
Liam Byrne
I did not mean to intervene again, but my constituency has the highest youth unemployment in Britain and down the years we have been bedevilled by a lack of co-operation between the DWP and the city council. The city council often wants to target young people who need local authority-run job and employment creation schemes. It is unable to run outreach schemes that target individuals effectively, because it cannot get the information from the DWP, so it has to resort to the rather inefficient approach of targeting whole postcodes. That is the sort of thing I am driving at.
Margot James
The right hon. Gentleman eloquently underlines the need for the measures that we are putting in place. We should not have to target whole populations to find the percentage of people, whatever it may be, who would particularly benefit from a programme that a local authority might want to put in place.
As long as the various protections in the information sharing code of practice, which I have gone through, are met, there is no reason why the DWP and local authorities will not be able to work together. They are permitted to share information under the Digital Economy Act 2017—and the powers in question are permissive. The right hon. Gentleman mentioned that we may need to raise awareness of the powers that the DWP now has under the provisions, and I take that on board as something to which my Department can contribute.
Question put and agreed to.
DRAFT INFORMATION SHARING CODE OF PRACTICE: CODE OF PRACTICE FOR PUBLIC AUTHORITIES DISCLOSING INFORMATION UNDER CHAPTERS 1, 3, AND 4 (PUBLIC SERVICE DELIVERY, DEBT AND FRAUD) OF PART 5 OF THE DIGITAL ECONOMY ACT 2017
Resolved,
That the Committee has considered the draft Information Sharing Code of Practice: Code of Practice for public authorities disclosing information under Chapters 1, 3 and 4 (Public Service Delivery, Debt and Fraud) of Part 5 of the Digital Economy Act 2017.—(Margot James.)
Oral Answers to Questions
Margot James Excerpts(5 years, 11 months ago)
Commons ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Dr Rupa Huq (Ealing Central and Acton) (Lab)
The Minister for Digital and the Creative Industries (Margot James)
The live music industry is a vital part of the UK’s economy, contributing £1 billion annually. We have announced that the agent of change principle will now be included in the national planning policy framework, helping to protect music venues when new housing is built. We will continue working across Government, and with the industry and the Musicians Union, on a range of measures to support the live music industry.
Dr Huq
From Arcade Fire at Wembley to Lovebox at Gunnersbury Park, big gigs in west London are booming, but small venues are on the brink of extinction. The Spinning Wheel in Ealing is now a Sainsbury’s and The Castle in Acton is earmarked to become student housing. What are the Government doing to protect our pubs from rocketing business rates, greedy developers and, now, the shortage of CO2 that is threatening to take the fizz out of beer for fans?
Margot James
The hon. Lady mentions business rates. A £300 million rate relief fund is available to councils to provide flexible support to businesses, including music venues, which I accept cannot hike prices in order to protect themselves. I would draw her attention to successful small venues, such as Base Studios in Stourbridge, which has adopted a very entrepreneurial route and is thriving.
Stephen Crabb (Preseli Pembrokeshire) (Con)
As thousands of fans pour into Wales this weekend for the Ed Sheeran concerts, what would my hon. Friend say to a disabled constituent of mine who was left incredibly distressed after paying more than £450 more for her tickets, owing to the so-called drip pricing tactic that Viagogo continues to use? I really thought that the Government were making progress on this. Why are people still being ripped off?
Margot James
I assure my right hon. Friend that the Government are making progress. We have reformed the Consumer Rights Act 2015 to give more protection to consumers when they are purchasing from secondary ticketing sites. We have also brought in ban the bots legislation so that it is now illegal to use electronic means to secure more tickets that the number the original organisers state as a maximum.
Mr Jim Cunningham (Coventry South) (Lab)
Margot James
I am a great admirer of the Ricoh stadium, although I am not sure it would qualify as a small music venue. Coventry benefits, of course, from being the city of culture in 2022, and I am sure that that will galvanise a huge amount of effort in support of what the hon. Gentleman requires.
Alan Mak (Havant) (Con)
The Minister for Digital and the Creative Industries (Margot James)
The UK has a world-class ecosystem for AI, and the Government are determined to maintain our position at the forefront of those technologies. That is why we published a sector deal in April, bringing together Government, industry and academia to provide almost £1 billion of investment to support growth in that sector.
Margot James
I congratulate my hon. Friend on all his work in this area. We have a full agenda following the publication of the sector deal, which will ensure that the benefits of AI are effected across the country. Tech Nation now has an AI programme that will support ecosystems across the country.
Liam Byrne (Birmingham, Hodge Hill) (Lab)
If we are to be a world leader in AI, we will need more computer scientists. This week, Roehampton University reported on the total collapse in the number of students studying ICT at GSCE level. Will the Minister set out her target for the number of students studying technology over the next year, and say what she will do to ensure that more girls in particular study ICT, because that is where the collapse is worst?
Margot James
I very much share the right hon. Gentleman’s concerns. We must encourage girls to study science, technology, engineering and maths, not just computer science, and programmes have been designed to do just that. We have made progress by making computer science mandatory in schools, which is a good first step. I am sure we will build on that, and recover the lost students at GSCE level to which the right hon. Gentleman rightly refers.
Peter Aldous (Waveney) (Con)
Jeremy Quin (Horsham) (Con)
The Minister for Digital and the Creative Industries (Margot James)
We are clear on the continued need to improve broadband and mobile connectivity in rural areas. Broadband UK’s superfast programme has achieved 95% coverage, and continues to connect more rural premises. The broadband universal service obligation, implemented by 2020, will ensure that rural areas are not left behind.
Jeremy Quin
How is the Minister ensuring that new housing developments are fully equipped with broadband during the construction phase?
Margot James
We have an agreement with the Home Builders Federation that all new developments by members of that organisation will deliver full broadband to the premises as those developments progress. I regularly meet a barrier-busting taskforce to consider how we can build on that voluntary agreement—not all builders are members of the federation—so that all residents of new-build developments receive the full-fibre premises to which they should be entitled.
Chris Elmore (Ogmore) (Lab)
May I urge the Minister, when she is looking at mobile phone signals for rural communities, not to forget the south Wales valleys? The three and a half valleys that I represent, the Ogmore, Garw, Llynfi and Gilfach valleys, have massive problems with mobile phones signals, so please can she make sure she does not forget them?
Margot James
The valleys in south Wales, like the great rural areas of Scotland, present challenges, but challenges that will be overcome. I can assure the hon. Gentleman that they are an absolute priority.
Scott Mann (North Cornwall) (Con)
Will the Minister look at the productivity lag that the broadband and mobile notspots cause in our constituencies? Will the Department assess what could be achieved if we had greater broadband and mobile coverage in those areas?
Margot James
I certainly will look at the issues my hon. Friend raises. I am very aware of these notspots. We are working constantly with Broadband UK and mobile operators to close them in the shortest possible time.
Mr Alistair Carmichael (Orkney and Shetland) (LD)
Ofcom’s figures show that 4G rollout across the whole of the UK is now at 52%, up from 38%. In Scotland, however, that figure is only 29%, up from 15%. When can we expect Scotland’s coverage to catch up with that in the rest of the country?
Margot James
If we take coverage from at least one provider, we see that 50% of Scotland now has mobile coverage. I accept that that is obviously not enough, but that does provide coverage for indoor voice for at least 90% of Scottish premises. However, we still have a great deal more to do.
Mr Philip Hollobone (Kettering) (Con)
Luke Graham (Ochil and South Perthshire) (Con)
The Minister for Digital and the Creative Industries (Margot James)
We will certainly review the white space option. Fixed wireless solutions are already widely available in those hard-to-reach areas, but the universal service obligation will deliver high-speed broadband connectivity through wired or wireless technologies.
Tom Watson (West Bromwich East) (Lab)
One in five children in their last year of primary school are obese. What plans does the Secretary of State have to restrict further junk food advertising on television?
Chris Green (Bolton West) (Con)
Margot James
The Government want all of the UK to benefit from 5G, and the future telecoms infrastructure review will create the right policy and regulatory environment to support this aim. After these questions, I will be visiting one of the 5G test bed pilots that is already up and running in Guildford, so I can assure my hon. Friend that across the whole UK, towns as well as cities will benefit from our commitment to 5G.
Conor McGinn (St Helens North) (Lab)
Thangam Debbonaire (Bristol West) (Lab)
In Bristol, Bristol Plays Music and the Music Trust are developing a cultural curriculum with Bristol Old Vic and various other arts organisations. Will the Secretary of State or the Culture Minister, the hon. Member for Stourbridge (Margot James), visit Bristol when this curriculum is implemented, and will the Culture Minister support it being used in other schools across the country?
Margot James
I look forward to hearing more about that excellent venture. I recently met the hon. Lady at an excellent meeting with the Musicians’ Union, and I admire her passion and share it.
Several hon. Members rose—
Post-Council for Transport, Telecoms and Energy
Margot James Excerpts(5 years, 11 months ago)
Written StatementsRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister for Digital and the Creative Industries (Margot James)
The Transport, Telecoms and Energy Council (TTE) took place in Luxembourg. Lord Ashton of Hyde represented the UK at the telecoms session of the Council, on 8 June.
Member states (MS) were asked to vote on a general approach (GA) on the Cybersecurity Act regulation. The UK voted in favour of this GA, after having received waivers from the European Scrutiny Committee (ESC) and European Union Committee (EUC).
This Council went on to hold a progress report/policy debate on the proposed regulation concerning e-privacy, in which the presidency urged MS to help drive progress on the e-privacy regulation.
The Austrian delegation then set out its work programme as the incoming presidency for the second half of 2018. As part of its commitment to completing various digital single market (DSM) initiatives, the Austrian delegation highlighted the importance of continued work on the e-privacy regulation and made clear its ambition to achieve a GA on a .eu top level domain name during the course of its presidency. The Austrian delegation also noted that the next TTE telecoms Council would be held on 4 December 2018.
This session of the Council went on to engage in a policy debate on the directive on the reuse of public sector information (PSI).
The presidency then provided information on the directive on the European electronic communications code (EECC); the regulation on the Body of European Regulators for Electronic Communications (BEREC); and the regulation on a framework for the free flow of non-personal data in the EU.
To conclude this session of the Council, the Commission provided information on the state of play of the DSM.
[HCWS778]
Transport, Telecoms and Energy Council
Margot James Excerpts(5 years, 11 months ago)
Written StatementsRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister for Digital and the Creative Industries (Margot James)
The Transport, Telecoms and Energy Council (TTE) will take place in Luxembourg. Lord Ashton of Hyde will represent the UK at the telecoms session of the Council on 8 June.
This Council will begin with a progress report/policy debate on the proposed regulation concerning ePrivacy.
This meeting of the Council will then ask member states to vote on a general approach (GA) on the Cybersecurity Act Regulation. DCMS has deposited clearance/waiver requests with the European Scrutiny Committee (ESC) and European Union Committee (EUC) and will hope to support this GA at Council.
This session of the Council will also hold a policy debate on the directive on the re-use of Public Sector Information (PSI).
Also tabled for this session is information from the presidency on the directive on the European Electronic Communications Code (EECC) [Recast], and the regulation on the Body of European Regulators for Electronic Communications (BEREC).
In addition, information will be provided from the Commission on the state of play of the Digital Single Market (DSM).
To conclude this session of the Council, there will be information from the Austrian delegation, setting out their work programme as the incoming presidency for the second half of 2018.
[HCWS743]
Secondary Ticketing
Margot James Excerpts(5 years, 11 months ago)
Commons ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister for Digital and the Creative Industries (Margot James)
I congratulate my hon. Friend the Member for South Norfolk (Mr Bacon) on securing this debate, which is timely given the start of the summer sporting season with many events to which fans will want fair access.
It has become ever more difficult to buy tickets at face value with powerful new technologies being deployed against the interests of consumers. However, as my hon. Friend acknowledged, there is a role for responsible secondary ticketing platforms, if only to give fans the opportunity to resell at a reasonable price tickets for events they are genuinely no longer able to attend. Nevertheless, I am concerned that these genuine fans are being crowded out on these platforms by professional resellers, who harvest hundreds of tickets on the primary market with no intention of using them themselves.
The Government recognise that the process of distributing and buying tickets can often be a cause of public frustration and concern. We are determined to crack down on unacceptable behaviour and have made quite a bit of progress to date, which is not to say that there is not more to do, and I thank my hon. Friend for his suggestions for further consideration.
The Consumer Rights Act 2015 imposed a duty on sellers to provide information to fans including the face value of the ticket, information to enable the buyer to identify the particular seat or standing area at the venue, information about any restriction limiting the use of the ticket to persons of a particular description, and information about the identity of the seller—for example, if they are an operator of a secondary ticketing facility or an event organiser. Section 105 of the Digital Economy Act 2017 introduced an additional requirement for ticket sellers to provide a unique ticket number, where one has originally been given, when putting a ticket up for resale. This provision is now in force, and I know that some event organisers are beginning to look at how it can be used, along with other measures, to improve access and protections for fans.
Under the secondary legislation, we also introduced the “anti-bot” provision which is well on course to come into force next month. This will make it a criminal offence to purchase more tickets than the maximum permitted for an event where the purchase is made electronically through the use of software designed for the purpose and where the intent is to obtain financial gain. We hope these regulations will significantly improve the current situation.
The legislation is of limited use unless properly enforced, so I welcome the Competition and Markets Authority’s recent announcement that it has secured commitments from three of the four largest secondary platforms on additional information on cost to be provided with tickets being resold through their platforms, and that it has notified the outlier Viagogo of its intention to pursue court action if it does not fall into line and address the CMA’s concerns satisfactorily.
The Government are also now giving approximately £15 million annually to National Trading Standards for national and cross-boundary enforcement. It has committed to take forward investigations against power-sellers from within its annual budget, and I thank trading standards officers across the country for the excellent work they are now doing in this area.
The Advertising Standards Authority has recently taken action against the main four secondary ticketing sites, banning the misleading presentation of pricing information on their websites. Companies will now have to be clear and transparent. In addition, Google has introduced new rules for ticket resellers, requiring certification on the Google platform. To apply for certification, it will require solid information.
I do not have time to tell the House everything the Government are doing but hope I have been able to give a flavour of the majority of our actions.
Question put and agreed to.
Draft Breaching Of Limits On Ticket Sales Regulations 2018
Margot James Excerpts(6 years ago)
General CommitteesRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister for Digital and the Creative Industries (Margot James)
I beg to move,
That the Committee has considered the draft Breaching of Limits on Ticket Sales Regulations 2018.
It is a great pleasure to serve under your chairmanship, Mr Evans. The regulations will be an important addition to our efforts to stamp out unacceptable behaviour in the ticketing market. The activities of the secondary ticketing market are of interest to many parliamentary colleagues, including everyone here today, I am sure. The Government recognise that the process of distributing and buying tickets can be a cause of great public frustration and concern. We have probably all experienced the frustration of waiting for tickets to go on sale, our fingers hovering over the keyboard in the final countdown, only to find that all the tickets seem to have been mysteriously snapped up in seconds. What is even more frustrating is seeing those same tickets reappearing on secondary sites almost instantaneously at a massive mark-up.
Ian Murray (Edinburgh South) (Lab)
Does the Minister feel that there is any cartel between the ticket reselling companies and the promoters of certain concerts, as tickets can be sold quickly before they even go on public sale?
Margot James
I could not comment very clearly on that. The hon. Gentleman raises a murky area, but given that so many of the tickets have been hoovered up by computer bots, I suggest that perhaps it is not all the result of cartel activity.
There is evidence that the cause of the problem is largely software bots that automate the ticket purchasing process on the primary market to circumvent limits on the maximum number of the tickets that are supposed to be purchased at any one time. The issue was specifically addressed by Professor Waterson in his May 2016 independent review of consumer rights provisions relating to online ticket sales. His view, which the Government share, was that ticket sellers should adopt strategies to prevent automated ticket purchasing by bots, although he noted that there was some uncertainty about the existing legal position on their use.
The regulations clarify the law by making it a criminal offence to purchase more tickets than the maximum permitted for recreational, sporting or cultural events in the UK, where the purchase is made electronically through the use of software designed for that purpose, and where the intent is to obtain financial gain.
Patricia Gibson (North Ayrshire and Arran) (SNP)
Does the Minister agree that one reason why those bots are used to hoover up tickets is the massive profits that can be made? Has she given any consideration to the possibility of bringing in a maximum percentage cap on resale tickets? If she has not, will she? That would remove the profit motive, and the big players would go because the profits would not be big enough.
Margot James
Thought has been given to that and to other ways of capping tickets. Indeed, Professor Waterson considered it in his review, but he recommended against it. Experience in other markets has shown that people find it quite easy to get round any cap. Certainly, the market would not go away, but it might be pushed elsewhere, and there would be difficulties in defining a measurable base value of any cap. Also, rapidly changing routes to market, for example through social media platforms in addition to secondary ticketing sites, would make any legislation extremely difficult to police.
Graham P. Jones (Hyndburn) (Lab)
To expand on that point, we talk about software bots, but in the olden days there was the practice of using mass telephone banks, and there still is today. We are aware that many calls from normal consumers do not get through. Companies have people sitting there with massive telephone banks, waiting for one line to get through. When the red light comes on, they pick up the phone and they can buy tickets as an individual, still using technology as part of that methodology. Is that something the Government are aware of? Will the regulations shut down that practice?
Margot James
The draft regulations cover any electronic means and make it a criminal offence to purchase tickets in bulk electronically, through the use of software. I might have to come back to the hon. Gentleman on whether that includes phone banks and whether electronic means include telephones. I shall make some more progress before I come back to him on that.
The draft regulations apply to events in the United Kingdom, but they cover activity to obtain tickets in any jurisdiction. The intended offence will be summary only, with a maximum punishment of an unlimited fine in England and Wales or an exceptional summary maximum in Scotland, as magistrates courts in Scotland do not have the power to impose unlimited fines. The relevant section of the Digital Economy Act 2017 was not commenced in Northern Ireland because of the ongoing suspension of the Northern Ireland Executive, but the intention is for it to be commenced and for this instrument to apply to events in Northern Ireland once legislative consent can be secured.
Ian Murray
Regulation 3(b) defines the offence that the Minister has just covered as not only
“to obtain tickets in excess of the sales limit”,
but
“with a view to any person obtaining financial gain.”
What is the definition of “financial gain”? Might we have a situation in which someone buys 50,000 tickets for a certain concert and sells them in such a way that financial gain would be difficult to determine?
Margot James
A possibility might be for charity, but for someone to obtain that number of tickets it would probably be for financial gain. One of the reasons why we included “financial gain” as a requirement to prove a case against someone breaking this law was so that we could be sure that we did not include in criminality people who want to go together in a large group—family or friends—and who have a legitimate reason for purchasing more than the set amount of tickets ruled on by the primary provider.
The draft regulations will, we hope, significantly improve the existing situation in which so many tickets for an event can disappear within seconds of them going on sale. The regulations should be seen alongside other measures that we are taking to address that behaviour in the ticketing market, such as the ticket information requirements set out under the recently strengthened Consumer Rights Act 2015; the enforcement work of National Trading Standards, the Competition and Markets Authority and the advertising industry’s own regulator, the Advertising Standards Authority; and adoption by event organisers and ticketing agencies of technological solutions such as blockchain and ticketless tickets.
I hope that hon. Members will agree that the draft regulations are a necessary additional tool in helping fans to improve their chances of securing tickets at fair prices.
Margot James
I thank hon. Members for their comments. I am sorry that I shook my head at the shadow Minister when he cited the price of World cup final tickets. Although I am the Minister responsible for ticketing, among many things, since I had not sought tickets for the final I really did not know that they were changing hands for that sort of money. I was shocked and surprised by that—perhaps I should not have been.
Liam Byrne
Is the Minister shocked and surprised enough to do anything about it?
Margot James
I can always rely on the shadow Minister to make some gibe or another, and that was quite a good one. We are doing a lot. As I tried to explain in my opening remarks, the regulations are important primarily in tackling the use of bots, but they should be seen in the context of other measures we are taking, including what the CMA and ASA are doing on the responsibility of secondary sites to include all the charges as soon as someone registers an interest in purchasing a ticket, rather than leaving that until right at the end. We are taking a panoply of measures, and we are not finished yet. I agree that we still have more work to do, but none the less this is an important milestone.
The hon. Member for Hyndburn asked about phone banks. The definition will fall to be decided by the courts in individual cases, but we do believe that the regulations could tackle the issue of phone selling as well, coming under the auspices of electronic means. The definition of an electronic communications network is a broad one.
On large-scale sellers being classified as traders or licensed, which Professor Waterson inquired into, the CMA announced in April that three of the four major secondary sites have committed to improving information, including on who is buying from whom so that people know whether a seller is a business so that they can benefit from asserting additional rights under consumer legislation.
Graham P. Jones
The Minister talks about clamping down on sellers, but obviously many of them operate outside or in and around venues. I suspect that, for some venues where there might be 50,000 tickets, 1,000 of those tickets change hands outside the venue. What is she doing to ensure that those ticket sellers are caught? They are probably the people picking up the tickets from the bots. Is she going to do something about those sellers?
Margot James
To the extent that the sellers outside venues have committed to fulfil ticket requests made by people online—people think that they have purchased those tickets—they would be caught by the regulations, because we are preventing bots from harvesting huge numbers of tickets. I do not think we will be able to eradicate that kind of activity overnight. The purpose of the draft regulations is to prevent the use of electronic means for the wide-scale purchase of tickets for profit. The draft regulations do not capture the old-fashioned ticket tout, who still operates at big events. I agree with the hon. Gentleman that that problem still prevails.
I am glad to be reminded that touts outside venues come under the purview of trading standards departments. We have invested more money in trading standards enforcement so that they can tackle the issue, irrespective of the draft regulations. Trading standards departments have more resources and money for enforcement activity against illegal reselling.
Graham P. Jones
I am surprised at the argument that the Minister offers to the Committee, because as far as I am aware, trading standards departments have been cut back significantly. They are one of the departments most hit by austerity in most local authorities. Does the Minister have any figures on the number of trading standards officers employed in 2010, compared with the number in 2018?
Margot James
We are digressing from the debate at hand, but I am willing to answer the hon. Gentleman’s question. Trading standards budgets are a matter for local authorities, and the reduction in their budgets across the country has varied local authority by local authority. I am pleased to say that a large amount of money—approximately £12 million—was found from the Department for Business, Energy and Industrial Strategy’s budget earlier this year to reinforce trading standards activity nationally. Some of that money will undoubtedly find its way into enforcement in the area we are debating. I am pleased to say that trading standards activity will be reinforced.
On the point that was raised about secondary sites selling seats in home areas to away fans, football has separate rules that provide for health and safety. The draft regulations are aimed not at that but at tickets that have been acquired via electronic means being resold for profit. We have been very careful to focus them on the activity that is doing the most harm to the ticketing market, which is the mass harvesting of tickets online through the use of software. They will apply only where there is an intent to obtain financial gain.
Question put and agreed to.
Data Protection Bill [Lords]
Margot James ExcerptsWednesday 9th May 2018
(6 years ago)
Commons ChamberRead Full debate Data Protection Act 2018 View all Data Protection Act 2018 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Consideration of Bill Amendments as at 8 May 2018 - (9 May 2018)
The Minister for Digital and the Creative Industries (Margot James)
I beg to move, That the clause be read a Second time.
Madam Deputy Speaker (Mrs Eleanor Laing)
With this it will be convenient to discuss the following:
Government new clause 14—Destroying or falsifying information and documents etc.
Government new clause 15—Applications in respect of urgent notices.
Government new clause 16—Post-review powers to make provision about representation of data subjects.
Government new clause 17—Reserve forces: data-sharing by HMRC.
New clause 3—Bill of Data Rights in the Digital Environment—
‘Schedule [Bill of Data Rights in the Digital Environment] shall have effect.’
This new clause would introduce a Schedule containing a Bill of Data Rights in the Digital Environment.
New clause 4—Bill of Data Rights in the Digital Environment (No. 2)—
‘(1) The Secretary of State shall, by regulations, establish a Bill of Data Rights in the Digital Environment.
(2) Before making regulations under this section, the Secretary of State shall—
(a) consult—
(i) the Commissioner,
(ii) trade associations,
(iii) data subjects, and
(iv) persons who appear to the Commissioner or the Secretary of State to represent the interests of data subjects; and
(b) publish a draft of the Bill of Data Rights.
(3) The Bill of Data Rights in the Digital Environment shall enshrine—
(a) a right for a data subject to have privacy from commercial or personal intrusion,
(b) a right for a data subject to own, curate, move, revise or review their identity as founded upon personal data (whether directly or as a result of processing of that data),
(c) a right for a data subject to have their access to their data profiles or personal data protected, and
(d) a right for a data subject to object to any decision made solely on automated decision-making, including a decision relating to education and employment of the data subject.
(4) Regulations under this section are subject to the affirmative resolution procedure.’
This new clause would empower the Secretary of State to introduce a Bill of Data Rights in the Digital Environment.
New clause 6—Targeted dissemination disclosure notice for third parties and others (No. 2)—
‘In Schedule 19B of the Political Parties, Elections and Referendums Act 2000 (Power to require disclosure), after paragraph 10 (documents in electronic form) insert—
‘10A (1) This paragraph applies to the following organisations and individuals—
(a) a recognised third party (within the meaning of Part 6);
(b) a permitted participant (within the meaning of Part 7);
(c) a regulated donee (within the meaning of Schedule 7);
(d) a regulated participant (within the meaning of Schedule 7A);
(e) a candidate at an election (other than a local government election in Scotland);
(f) the election agent for such a candidate;
(g) an organisation or individual formerly falling within any of paragraphs (a) to (f); or
(h) the treasurer, director, or another officer of an organisation to which this paragraph applies, or has been at any time in the period of five years ending with the day on which the notice is given.
(2) The Commission may under this paragraph issue at any time a targeted dissemination disclosure notice, requiring disclosure of any settings used to disseminate material which it believes were intended to have the effect, or were likely to have the effect, of influencing public opinion in any part of the United Kingdom, ahead of a specific election or referendum, where the platform for dissemination allows for targeting based on demographic or other information about individuals, including information gathered by information society services.
(3) This power shall not be available in respect of registered parties or their officers, save where they separately and independently fall into one or more of categories (a) to (h) of sub-paragraph (1).
(4) A person or organisation to whom such a targeted dissemination disclosure notice is given shall comply with it within such time as is specified in the notice.’’
This new clause would amend the Political Parties, Elections and Referendums Act 2000 to allow the Electoral Commission to require disclosure of settings used to disseminate material where the platform for dissemination allows for targeting based on demographic or other information about individuals.
New clause 10—Automated decision-making concerning a child—
‘(1) Where a data controller expects to take a significant decision based solely on automated processing which may concern a child, the controller must, before such processing is undertaken—
(a) deposit a data protection impact assessment with the Commissioner, and
(b) consult the Commissioner (within the meaning of Article 36 of the GDPR), regardless of measures taken by the controller to mitigate any risk.
(2) Where, following prior consultation, the Commissioner does not choose to prevent processing on the basis of Article 58(2)(f) of the GDPR, the Commissioner must publish the part or parts of the data protection impact assessment provided under subsection (1), relevant to the reaching of that decision.
(3) The Commissioner must produce and publish a list of safeguards to be applied by data controllers where any significant decision based solely on automated processing may concern a child.
(4) For the purposes of this section, the meaning of “child” is determined by the age of lawful processing under Article 8 of the GDPR and section 9 of this Act.’
New clause 11—Education: safe use of personal data—
‘(1) The Children and Social Work Act 2017 is amended as follows.
(2) In section 35 (other personal, social, health and economic education), after subsection (1)(b) insert—
‘(1A) In this section, “personal, social, health and economic education” shall include education relating to the safe use of personal data.’’
This new clause would enable the Secretary of State to require that personal information safety be taught as a mandatory part of the national PSHE curriculum.
New clause 12—Health bodies: disclosure of personal data—
‘(1) In section 261 of the Health and Social Care Act 2012 (Health and Social Care Information Centre: dissemination of information) after subsection (5) insert—
‘(5A) A disclosure of personal data may be made under subsection (5)(e) only if it is made—
(a) to and at the request of a member of a police force, and
(b) for the purpose of investigating a serious offence.
(5B) In subsection (5A)—
“personal data” has the meaning given by section 3 of the Data Protection Act 2018;
“police force” means—
(a) a police force within the meaning of section 101 of the Police Act 1996, and
(b) an equivalent force operating under the law of any Part of the United Kingdom or of another country; and
“serious offence” means—
(a) a serious offence within the meaning of Part 1 of Schedule 1 to the Serious Crime Act 2007,
(b) an offence under the Offences Against the Person Act 1861, the Sexual Offences Act 2003, the Explosive Substances Act 1883, the Terrorism Act 2000 or the Terrorism Act 2006, and
(c) the equivalent of any of those offences under the law of any Part of the United Kingdom or of another country.’
(2) In section 13Z3 of the National Health Service Act 2006 () at the end insert—
‘(3) A disclosure of personal data may be made under subsection (1)(g) only if it is made—
(a) to and at the request of a member of a police force, and
(b) for the purpose of investigating a serious offence.
(4) In subsection (3)—
“personal data” has the meaning given by section 3 of the Data Protection Act 2018;
“police force” means—
(a) a police force within the meaning of section 101 of the Police Act 1996, and
(b) an equivalent force operating under the law of any Part of the United Kingdom or of another country; and
“serious offence” means—
(a) a serious offence within the meaning of Part 1 of Schedule 1 to the Serious Crime Act 2007,
(b) an offence under the Offences against the Person Act 1861, the Sexual Offences Act 2003, the Explosive Substances Act 1883, the Terrorism Act 2000 or the Terrorism Act 2006, and
(c) the equivalent of any of those offences under the law of any Part of the United Kingdom or of another country.’
(3) In section 14Z23 of the National Health Service Act 2006 (clinical commissioning groups: permitted disclosure of information) at the end insert—
‘(3) A disclosure of personal data may be made under subsection (1)(g) only if it is made—
(a) to and at the request of a member of a police force, and
(b) for the purpose of investigating a serious offence.
(4) In subsection (3)—
“personal data” has the meaning given by section 3 of the Data Protection Act 2018;
“police force” means—
(a) a police force within the meaning of section 101 of the Police Act 1996, and
(b) an equivalent force operating under the law of any Part of the United Kingdom or of another country; and
“serious offence” means—
(a) a serious offence within the meaning of Part 1 of Schedule 1 to the Serious Crime Act 2007,
(b) an offence under the Offences against the Person Act 1861, the Sexual Offences Act 2003, the Explosive Substances Act 1883, the Terrorism Act 2000 or the Terrorism Act 2006, and
(c) the equivalent of any of those offences under the law of any Part of the United Kingdom or of another country.’
(4) In section 79 of the Health and Social Care Act 2008 (Care Quality Commission: permitted disclosures) after subsection (3) insert—
‘(3A) A disclosure of personal data may be made under subsection (3)(g) only if it is made—
(a) to and at the request of a member of a police force, and
(b) for the purpose of investigating a serious offence.
(3B) In subsection (3A)—
“personal data” has the meaning given by section 3 of the Data Protection Act 2018;
“police force” means—
(a) a police force within the meaning of section 101 of the Police Act 1996, and
(b) an equivalent force operating under the law of any Part of the United Kingdom or of another country; and
“serious offence” means—
(a) a serious offence within the meaning of Part 1 of Schedule 1 to the Serious Crime Act 2007,
(b) an offence under the Offences against the Person Act 1861, the Sexual Offences Act 2003, the Explosive Substances Act 1883, the Terrorism Act 2000 or the Terrorism Act 2006, and
(c) the equivalent of any of those offences under the law of any Part of the United Kingdom or of another country.’’
This new clause would prevent personal data held by the NHS from being disclosed for the purpose of the investigation of a criminal offence unless the offence concerned is serious, which is consistent with the NHS Code of Confidentiality and GMC guidance on confidentiality. It would also mean that any such disclosure could only be made to the police, and not, for example, to Home Office immigration enforcement officials.
New clause 24—Safeguards on the transfer of data for lethal force operations overseas—
‘(1) A transferring controller may not make any transfer of personal data outside the United Kingdom under Part 4 of this Act where—
(a) the transferring controller knows, or should know, that the data will be used in an operation or activity that may involve the use of lethal force, and
(b) there is a real risk that the transfer would amount to a breach of domestic law or an internationally wrongful act under international law.
(2) Where the transferring controller determines that there is no real risk under subsection (1)(b), the transfer is not lawful unless—
(a) the transferring controller documents the determination, providing reasons, and
(b) the Secretary of State has approved the transfer in writing.
(3) Any documentation created under subsection (2) shall be provided to the Information Commissioner and the Investigatory Powers Commissioner within 90 days of the transfer.
(4) A “transferring controller” is a controller who makes a transfer of personal data outside the United Kingdom under Part 4 of this Act.
(5) For the purposes of subsection (1)(b),
(c) “domestic law” includes, but is not limited to,
(i) soliciting, encouraging, persuading or proposing a murder contrary to section 4 of the Offences Against the Person Act 1861,
(ii) conspiracy to commit murder contrary to section 1 or 1A of the Criminal Law Act 1977,
(iii) aiding, abetting, counselling, or procuring murder contrary to section 8 of the Accessories and Abettors Act 1861,
(iv) offences contrary to section 44, 45 and 46 of the Serious Crime Act 2007,
(v) offences under the International Criminal Court Act 2001.
(d) “International law” includes, but is not limited to, Article 16 of the 2001 Draft Articles on the Responsibility of States for Internationally Wrongful Acts.
(6) The Secretary of State must lay before Parliament, within six months of the coming into force of this Act, guidance for intelligence officers on subsections (1) and (2).
(7) The Secretary of State must lay before Parliament any subsequent changes made to the guidance reported under subsection (6) within 90 days of any changes being made.’
Amendment 18, in clause 7, page 5, line 24, after “subsections” insert “(1A),”.
Government amendment 22.
Amendment 19, page 5, line 24, at end insert—
‘(1A) A primary care service provider is not a “public authority” or “public body” for the purposes of the GDPR merely by virtue of the fact that it is defined as a public authority by either—
(a) any of paragraphs 43A to 45A or paragraph 51 of Schedule 1 to the Freedom of Information Act 2000, or
(b) any of paragraphs 33 to 35 of Schedule 1 to the Freedom of Information (Scotland) Act 2002 (asp 13).’
Government amendments 23 and 24.
Amendment 4, in clause 10, page 6, line 37, leave out subsections (6) and (7).
This amendment would remove delegated powers that would allow the Secretary of State to vary the conditions and safeguards governing the general processing of sensitive personal data.
Amendment 5, in clause 14, page 8, line 11, at end insert—
‘(2A) A decision that engages an individual’s rights under the Human Rights Act 1998 does not fall within Article 22(2)(b) of the GDPR (exception from prohibition on taking significant decisions based solely on automated processing for decisions that are authorised by law and subject to safeguards for the data subject’s rights, freedoms and legitimate interests).
(2B) A decision is “based solely on automated processing” for the purposes of this section if, in relation to a data subject, there is no meaningful input by a natural person in the decision-making process.’
This amendment would ensure that where human rights are engaged by automated decisions these are human decisions and provides clarification that purely administrative human approval of an automated decision does make an automated decision a ‘human’ one.
Amendment 6, page 9, line 36, leave out clause 16.
This amendment would remove delegated powers that would allow the Secretary of State to add further exemptions.
Government amendment 143.
Amendment 7, in clause 35, page 22, line 14, leave out subsections (6) and (7).
This amendment would remove delegated powers that would allow the Secretary of State to vary the conditions and safeguards governing the general processing of sensitive personal data.
Amendment 151, in clause 49, page 30, line 19, at end insert—
‘(1A) A controller may not take a significant decision based solely on automated processing if that decision affects the rights of the data subject under the Human Rights Act 1998.’
Amendment 2, in clause 50, page 30, line 28, at end insert—‘and
(c) it does not engage the rights of the data subject under the Human Rights Act 1998.’
This amendment would ensure that automated decisions should not be authorised by law if they engage an individual’s human rights.
Amendment 8, in clause 86, page 51, line 21, leave out subsections (3) and (4).
This amendment would remove delegated powers that would allow the Secretary of State to vary the conditions and safeguards governing the general processing of sensitive personal data.
Amendment 3, in clause 96, page 56, line 38, after “law” insert—
‘unless the decision engages an individual’s rights under the Human Rights Act 1998.’
This amendment would ensure that automated decisions should not be authorised by law if they engage an individual’s human rights.
Amendment 9, page 63, line 27, leave out clause 113.
This amendment would remove delegated powers that would allow the Secretary of State to create new exemptions to Part 4 of the Bill.
Government amendments 25 to 37.
Amendment 20, in clause 144, page 81, line 11, leave out “7 days” and insert “24 hours”.
This amendment would reduce from 7 days to 24 hours the minimum period which must elapse before a controller or processor has to comply with an assessment notice which has been issued by the Commissioner and which the Commissioner has stated should be complied with urgently.
Government amendments 38 to 71.
Government new schedule 3—Transitional provision etc.
New schedule 1—Bill of Data Rights in the Digital Environment—
‘The UK recognises the following Data Rights:
Article 1—Equality of Treatment
Every data subject has the right to fair and equal treatment in the processing of his or her personal data.
Article 2—Security
Every data subject has the right to security and protection of their personal data and information systems.
Access requests by government must be for the purpose of combating serious crime and subject to independent authorisation.
Article 3—Free Expression
Every data subject has the right to deploy his or her personal data in pursuit of their fundamental rights to freedom of expression, thought and conscience.
Article 4—Equality of Access
Every data subject has the right to access and participate in the digital environment on equal terms.
Internet access should be open.
Article 5—Privacy
Every data subject has the right to respect for their personal data and information systems and as part of his or her fundamental right to private and family life, home and communications.
Article 6—Ownership
Every data subject has the right to own and control his or her personal data.
Every data subject is entitled to proportionate share of income or other benefit derived from his or her personal data as part of the right to own.
Article 7—Control
Every data subject is entitled to know the purpose for which personal data is being processed. Data controllers should not deliberately extend the gathering of personal data solely for their own purposes. Government, corporations, public authorities and other data controllers must obtain meaningful consent for the use of people’s personal data. Every data subject has the right to own curate, move, revise or review their personal data.
Article 8—Algorithms
Every data subject has the right to transparent and equal treatment in the processing of his or her personal data by an algorithm or automated system.
Every data subject is entitled to meaningful human control in making significant decisions – algorithms and automated systems must not be deployed to make significant decisions.
Article 9—Participation
Every data subject has the right to deploy his or her personal data and information systems to communicate in pursuit of the fundamental right to freedom of association.
Article 10—Protection
Every data subject has the right to safety and protection from harassment and other targeting through use of personal data whether sexual, social or commercial.
Article 11—Removal
Every data subject is entitled to revise and remove their personal data.
Compensation
Breach of any right in this Bill will entitle the data subject to fair and equitable compensation under existing enforcement provisions. If none apply, the Centre for Data Ethics will establish and administer a compensation scheme to ensure just remedy for any breaches.
Application to Children
The application of these rights to a person less than 18 years of age must be read in conjunction with the rights set out in the United Nations Convention on the Rights of the Child. Where an information society service processes data of persons less than 18 years of age it must do so under the age appropriate design code set out in section 123 of this Act.’
Government amendments 72 and 73.
Amendment 16, in schedule 2, page 140, line 15, at end insert—
‘(1A) The exemption in sub-paragraph (1) may not be invoked in relation to offences under—
(a) sections 24, 24A, 24B or 24C of the Immigration Act 1971,
(b) section 21 of the Immigration, Asylum and Nationality Act 2006, or
(c) sections 33A and 33B of the Immigration Act 2014.’
Amendment 15, page 141, line 17, leave out paragraph 4.
Government amendments 141 and 142.
Amendment 10, page 152, line 24, leave out paragraph 19 and insert—
‘19 The listed GDPR provisions do not apply to personal data that consists of information which is protected by legal professional privilege or the duty of confidentiality.’
This amendment would ensure that both legal professional privilege and confidentiality are recognised within the legislation.
Government amendments 139, 74 and 75.
Amendment 11, in schedule 11, page 196, line 39, leave out paragraph 9 and insert—
‘9 The listed provisions do not apply to personal data that consists of information which is protected by legal professional privilege or the duty of confidentiality.’
This amendment would ensure that both legal professional privilege and confidentiality are recognised within the legislation.
Government amendments 140 and 76 to 80.
Amendment 21, in schedule 15, page 206, line 11, at end insert—
‘(1A) A warrant issued under subparagraph (1)(b) or (1)(c) of this paragraph does not require any notice to be given to the controller or processor, or to the occupier of the premises.’
This amendment would make it clear that a judge can issue a warrant to enter premises under subparagraphs 4(1)(b) or 4(1)(c) without the Commissioner having given prior notice to the data controller, data processor or occupier of premises.
Government amendments 81 to 85.
Amendment 12, page 208, line 13, leave out
“with respect to obligations, liabilities or rights under the data protection legislation”.
This amendment would ensure that both legal professional privilege and confidentiality are recognised within the legislation.
Amendment 13, page 208, line 21, leave out from “proceedings” to the end of line 23.
This amendment would ensure that both legal professional privilege and confidentiality are recognised within the legislation.
Government amendments 86 to 138.
Madam Deputy Speaker (Mrs Eleanor Laing)
Order. Will people who are leaving the Chamber please do so quietly? The Minister is making an important speech and people want to hear it. It is just rude to make a noise—unless you happen to be in the Chair.
Margot James
I propose to start my remarks by addressing the Government amendments to strengthen the powers of the Information Commissioner.
The investigation of the Information Commissioner’s Office into Cambridge Analytica is unprecedented in its scale and complexity. It has, necessarily, pushed the boundaries of what the drafters of the Data Protection Act 1998 and the parliamentarians who scrutinised it could have envisaged. Although we recognise that the Bill already expands and enhances the commissioner’s ability to enforce the requirements of the data protection legislation in such circumstances, the Government undertook to consider whether further provision was desirable in the light of the commissioner’s experience. Following extensive discussions with the commissioner and in Committee, we concluded that such provision is desirable. Our amendments will strengthen the commissioner’s ability to enforce the law, while ensuring that she operates within a clear and accountable structure. I will give a few examples.
First, amendments 27 and 28 will allow the commissioner to require any person who might have knowledge about suspected breaches of the data protection legislation to provide information. Previously, information could be sought only from a data controller or a data processor. That might be important where, for example, a former employee has information about the organisation’s processing activities.
Secondly, new clause 13 will allow the commissioner to apply to the court for an order to force compliance when a person fails to comply with a requirement to provide information. Organisations that might previously have been tempted to pay a fine for non-compliance instead of handing over the information will find themselves at risk of being in contempt of court if they do not comply.
Thirdly, amendments 30 and 45 will allow the commissioner to require controllers to comply with information or enforcement notices within 24 hours in some very urgent cases, rather than the seven days provided for in the existing law. Amendment 38 will allow the commissioner, in certain circumstances, to issue an assessment notice that can have immediate effect. Those amendments will allow the commissioner to obtain information about a suspected breach or put a stop to high-risk processing activities in a prompt and effective way. They will also allow her to carry out no-notice inspections without a warrant in certain circumstances.
Fourthly, new clause 14 will criminalise the behaviour of any person who seeks to frustrate an information or assessment notice by deliberately destroying, falsifying, blocking or concealing evidence that has been identified as relevant to the commissioner’s investigation.
Finally, we have taken this opportunity to modernise the commissioner’s powers. Storing files on an office server is rapidly becoming a thing of the past. Amendment 79 will enable the commissioner to apply for a warrant to access material that can be viewed via computers on the premises but that is held in the cloud.
When strengthening the commissioner’s enforcement powers, we have been mindful of the need to provide appropriate safeguards and remedies for those who find themselves under investigation. For example, when an information, assessment or enforcement notice containing an urgency statement is served on a person, new clause 15 will allow them to apply to the court to disapply the urgency statement. In effect, they will have a right to apply to the court to vary the timetable for compliance with the order. A court considering an application from the commissioner for an information order will be able to take into account all the relevant circumstances at the time, including whether an application has been brought by the person concerned under new clause 15 and whether the person has brought an appeal against the notice itself in the tribunal. These amendments have been developed in close liaison with the Information Commissioner. We are confident that they will give her the powers she needs to ensure that those who flout the law in our increasingly digital age are held to account for their actions.
I now turn to the representation of data subjects. I am very grateful to Baroness Kidron for her continued engagement on this subject. In particular, we agree that children merit special protection in relation to their personal data and that the review the Government will undertake shall look accordingly at the specific barriers young people and children face in enforcing their rights. Government new clause 16, as well as amendments 61, 62, 63, 70 and 75, ensures that they will.
Government new clause 17 concerns maintaining contact with ex-regular reserve forces. This will allow Her Majesty’s Revenue and Customs to share contact detail information with the Ministry of Defence to ensure that the MOD is better able to locate and contact members of the ex-regular reserve.
New clause 12, on data sharing by health bodies, is in the name of my hon. Friend the Member for Totnes (Dr Wollaston), who chairs the Health and Social Care Committee. I know she and the Committee have significant and legitimate concerns about the operation of the memorandum of understanding between NHS Digital and the Home Office, which currently allows the sharing of non-clinical information, principally address information, for immigration purposes. The Select Committee has argued for the suspension of the MOU pending the outcome of a review of its impact by Public Health England. New clause 12 seeks to adopt a more long-term approach by narrowing the ability of NHS Digital to disclose information in connection with the investigation of criminal offences. The aim is to narrow the MOU’s scope, so that it only facilitates the exchange of personal data in cases involving serious criminality.
The Government have reflected further on the concerns put forward by my hon. Friend and her Committee. As a result, and with immediate effect, the data sharing arrangements between the Home Office and the NHS have been amended. This is a new step and it supersedes the position set out in previous correspondence between the Home Office, the Department for Health and Social Care and the Select Committee.
I know my hon. Friend and her colleagues have been particularly exercised by the contents of a letter dated 23 February from both the above-mentioned Departments to her Select Committee, in which it is stated that
“a person using the NHS can have a reasonable expectation when using this taxpayer-funded service that their non-medical data, which lies at the lower end of the privacy spectrum, will not be shared securely between other officers within government in exercise of their lawful powers”.
The bar for sharing data will now be set significantly higher. By sharing, I mean sharing between the Department of Health and Social Care, the Home Office and, in future, possibly other Departments. No longer will the names of overstayers and illegal entrants be sought against health service records to find current address details. The data sharing, relying on powers under the Health and Social Care Act 2012, the National Health Service Act 2006 and the Health and Social Care Act 2008, will only be used to trace an individual who is being considered for deportation action having been investigated for, or convicted of, a serious criminal offence that results in a minimum sentence of at least 12 months in prison.
The Government have a long-held policy on what level of serious criminality is deserving of deportation, given statutory force by the UK Borders Act 2007. When a custodial sentence of more than 12 months has been given, consideration for deportation must therefore follow. Henceforth, the Home Office will only be able to use the memorandum of understanding to trace an individual who is being considered for deportation action having been convicted of a serious criminal offence, or when their presence is considered non-conducive to the public good—for example, when they present a risk to public security but have yet to be convicted of a criminal offence.
Alison Thewliss (Glasgow Central) (SNP)
Can the Minister give me more reassurance about the Home Office and its activity in this regard? At the moment, I have constituents who, under paragraph 322(5) of the immigration rules, face being deported for making legitimate changes to their tax return through HMRC data being accessed. Will she reassure me about what the Home Office can do to make sure that this is not abused and misused for the purposes of meeting immigration targets?
Margot James
I will write to the hon. Lady and I hope to give her reassurance. This new higher bar concerns NHS data and that would obviously not catch within it errors on a tax return.
As now, the memorandum of understanding would also continue to operate when there are concerns about the welfare and safety of a missing individual—for example, vulnerable children and adults. That has always been the case. Personal information will only be disclosed to the Home Office or agencies under the purview of the Home Office. This is a significant restriction on the Home Office’s ability to use data held by the NHS. It is estimated that the change will exclude over 90% of the requests that have been satisfied to date.
Sir Edward Davey (Kingston and Surbiton) (LD)
The Minister talks about a memorandum of understanding giving reassurance to the House. I refer her to part 2 of schedule 2, which talks about exemptions from the general data protection regulation in respect of crime and taxation. Surely, the rights of individuals to have their data protected under that provision would address all these issues, and it would potentially supersede the memorandum of understanding.
Margot James
I will come on to the exemptions in terms of criminal activity and immigration in a wider context than NHS information in due course.
My right hon. Friend the Minister for Immigration is committed to sending a copy of an updated MOU to the Health and Social Care Committee shortly, but as I have indicated, the significant narrowing of the MOU will have immediate effect. This commitment is consistent with the intention underpinning new clause 12. I trust that on that basis, my hon. Friend the Member for Totnes and her colleagues will not press new clause 12. I am sure that if she has any questions, she will intervene on me, or that when she makes her remarks later, I might be invited to intervene on her. I thank my hon. Friend and all her Committee members for their work to establish higher principles in this area.
I turn to Opposition amendments 16 and 15 and Government amendments 141 and 142, on immigration. Amendment 15 would remove the provisions relating to effective immigration control in schedule 2. In responding to the amendment, I want to address some of the continued misunderstandings that have arisen around the purpose and scope of the provision, and I hope to persuade the House that this is a necessary and proportionate measure to protect the integrity of our immigration system. It has been suggested that the provisions have no basis in the GDPR, but article 23 expressly allows member states to restrict certain specified rights for the purpose of safeguarding
“other important objectives of general public interest of a…Member State”.
The maintenance of effective immigration control is one such objective.
Sir Edward Davey
Will the Minister confirm that article 23 of the GDPR does not specify immigration?
Margot James
It does not rule out immigration and it does allow the restriction of certain specified rights—not wholesale restrictions—for the purpose of safeguarding
“other important objectives of general public interest”.
The purpose is to provide a derogation for member states wide enough that they can pursue an overall Government policy in the general public interest. I would conclude that immigration is one such example. It has been suggested that the provisions represent a blanket carve-out of all a data subject’s rights. That is certainly not the case. I would like to reassure the right hon. Gentleman that we are being very selective about the rights that could be disapplied. The exemption will be applied only on a case-by-case basis and only where it is necessary and proportionate.
Liam Byrne
Has the Minister learnt nothing from the Windrush scandal? Here we have a Department of State that is not fantastic at keeping records. The idea of selectively carving out particular rights of particular people who need this information to fight tribunal cases strikes me as lunacy, given what we have learnt about the dysfunction at the Home Office.
Margot James
Perhaps if I continue my remarks, I can reassure the right hon. Gentleman that of course lessons have been learnt, not least by the Home Office itself, as both the former Home Secretary and the current Home Secretary have made abundantly clear to the House.
The exemption in the amendment is to be applied only on a case-by-case basis and only where it is necessary and proportionate. It cannot and will not be used to target any group of people. Nor does the application of the exemption set aside all a data subject’s rights; it sets aside only those expressly listed. A further limitation is that it can be applied only where compliance with the relevant rights would be likely to prejudice the maintenance of effective immigration control.
Liam Byrne
Effective safeguards for crime prevention are already written into the Bill, which gives the Minister the power she is seeking to fulfil the purpose she is setting out for the House. If we selectively discard rights for selected people, we come pretty close to arbitrary decision making, and it is practically impossible to do that consistently and in way make it defendable in a judicial review. These provisions will result in injustice and cases that the Home Office loses, so just dump them now!
Margot James
The right hon. Gentleman should know that different structures govern crime and immigration. I reiterate that we are disapplying these rights selectively—the data subjects will hang on to the majority of their rights—but it cannot be right for the Home Office to have to furnish someone who is in contravention of immigration law with information it has been given.
Yvette Cooper (Normanton, Pontefract and Castleford) (Lab)
I am shocked by what the Minister is saying. These provisions were drafted before the Windrush scandal broke, and she is not learning the lessons at all. She says she wants these decisions made on an individual basis and in a way that is necessary and proportionate, but necessary and proportionate to achieve what? None of us knows what her definition of immigration control is. Does it mean meeting the net migration target, which is what we normally hear Ministers say? Necessary and proportionate to meet the net migration target could mean anything.
Margot James
I understand that it is a matter of interpretation. I also understand that the Home Office is considering these matters in the fallout from the Windrush case. I am sure that, as Chair of the Home Affairs Committee, the right hon. Lady will have ample opportunity to question the new Home Secretary on exactly what he might mean by “necessary and proportionate”. When someone is seeking access to data from the Home Office to prove their immigration history, such as in the Windrush cases, there will be no basis for invoking the immigration exemption in the Bill. I trust that that provides the right hon. Lady with some comfort.
Margot James
I will give way for the last time to the right hon. Lady, if the right hon. Gentleman does not mind.
Yvette Cooper
That is not what the Bill says. That may be what the Minister intends, but if that is what she intends, she should change the Bill.
Margot James
I shall have to write to the right hon. Lady once I have communicated with Home Office Ministers. According to my understanding, the Bill says that the exemption applies—
Liam Byrne
On a point of order, Madam Deputy Speaker. We are being invited to pass an important piece of legislation which hands important new powers to Her Majesty’s Home Office, yet there is not a Home Office Minister on the Front Bench to respond to the points that we are making about the details of that legislation. What steps can we take to summon a Home Office Minister this afternoon, so that our questions can be answered?
Madam Deputy Speaker (Mrs Eleanor Laing)
I understand the right hon. Gentleman’s point of order, but the fact is that the Minister, who is a very capable Minister, speaks for the Government, who are seamless. The Minister who is currently at the Dispatch Box is in a position to speak for all Ministers on this matter, which is why she has this responsibility and is responding to the questions that are currently being asked of her.
Margot James
Thank you, Madam Deputy Speaker. I might as well give way to the right hon. Member for Kingston and Surbiton (Sir Edward Davey) now.
Sir Edward Davey
I am grateful to the Minister. To help other Members consider amendment 15, let me point out that one of the data protection provisions that are being exempted for immigration purposes is the right to make subject access requests. It is critical to the rule of law for people and their representatives to know on the basis of what information the Home Office has made its decisions. The Bill provides no safeguards, no balance, and no restrictions to the use of that law by Home Office officials. As we heard from the right hon. Member for Normanton, Pontefract and Castleford (Yvette Cooper), those are simply not in the Bill. It is entirely wrong for the House to be asked to pass a Bill that does not contain real safeguards for the people involved, given what happened in the Windrush cases.
Margot James
I will continue to make some progress, as I feel that those points have already been made.
The application of the exemption does not set aside all data subjects’ rights, but only those expressly listed. A further limitation is that exemptions can be applied only where compliance with the relevant rights would be likely to prejudice the maintenance of effective immigration control.
Margot James
It is an established term. It is used in the Immigration Act 2014 and the Freedom of Information Act 2000 uses a similar term, namely “operation of immigration controls”.
Mr Ranil Jayawardena (North East Hampshire) (Con)
Without this immigration exemption, might not the Home Office have to disclose sources of tip-offs, which would not be conducive to ensuring that illegal immigration is properly controlled?
Margot James
I think it highly likely that if, for example, someone were to undertake a full data subject review of whatever information the Home Office held about them—as was posited earlier by the right hon. Member for Kingston and Surbiton—the review would contain sources of information as well as the information itself. A further limitation is that exemptions can be applied only where compliance with the relevant rights would be likely to prejudice the maintenance of immigration control. This “prejudice” test must be applied first, and as a result the situations in which the exemption can be used are limited. The Government recognise the concerns that have been expressed in this debate.
Stuart C. McDonald (Cumbernauld, Kilsyth and Kirkintilloch East) (SNP)
Can the Minister give us a couple of examples to illustrate why these additional powers are necessary, and where the other powers in the Bill—in relation to criminal offences and investigations, for example—would not already suffice to do everything that the Home Office wishes?
Margot James
We are permitted under GDPR to make these exemptions and are doing so in a very selective way and on a case-by-case basis, so it will not result in a widespread denial of people’s data rights.
The exemption should be as limited as possible, which is why we have brought forward amendments 141 and 142. These amendments will ensure that migrants enjoy the rights afforded under all of the data protection principles, except where a restriction on those principles is a consequence of restricting one of the other rights coming within the scope of the exemption.
I now turn to Opposition amendments 18 and 19 on primary care providers, and Government amendments 22 to 24 on parish councils. Parish and community councils are not exempt from the new law. None the less, by describing parish and community councils as “public authorities” the Bill gives these councils additional obligations above and beyond those placed on other small organisations, including that they must appoint a data protection officer. We have been working to minimise the impact of this requirement, and have concluded that as parish and community councils process very little personal data, the burden they would face would be disproportionate. Amendments 22, 23 and 24 therefore take these councils out of the definition of “public authorities” for data protection purposes.
Mr Jayawardena
I commend my hon. Friend the Minister on amendment 24, which recognises that councils are often so tiny—indeed, some are not even parish councils, and some do not employ any staff—that it would be wholly disproportionate to treat them in the way originally intended. I commend the Minister for listening to so many Members who made these points and recognising that parish councils must be treated separately.
Margot James
I thank my hon. Friend for his comments. He and other colleagues across the House made these arguments, and given that such organisations are often very small and process only small amounts of personal data, we have decided to take parish councils out of the definition of “public authorities” for data protection purposes. Their status in respect of other legislation, including the Freedom of Information Act, is unaffected, however.
Similar arguments have been advanced in respect of primary care providers, but although I have sympathy with amendments 18 and 19, primary care providers are different from parish councils in that they process sizeable quantities of sensitive health data, whether that be an individual’s mental health status, the fact that they are pregnant, or details of their prescription for a terminal illness. All of these matters are highly personal, and in the world of health, data protection is rightly paramount.
The Dean Street Express case in 2015 illustrates the potential harm that even a single data breach can cause. In that incident, the names and email addresses of almost 800 people, many living with HIV, were disclosed to other recipients. It does not seem unreasonable that bodies who process that kind of data should have a single point of contact on data protection matters.
Government amendments 139 and 140 relate to legal professional privilege. We recognise the importance of protecting legal professional privilege and that is why in the Bill we have replicated the existing measures and exemptions for legal professional privilege found in the Data Protection Act 1998, which have worked well for many years.
Amendments 10 and 11 seek to widen the legal professional privilege exemptions found in schedules 2 and 11. They offer some thoughtful changes that are intended to recognise the broader range of material covered by a lawyer’s ethical duty of confidentiality. We agree that the Bill could be clearer, and have tabled amendments 139 and 140 in response.
Sir Mike Penning (Hemel Hempstead) (Con)
It is interesting that we are making lots of exemptions for the Government, parish councils, lawyers and so on. I spoke to some lawyers this morning, and they were not convinced by the measures either. However, small businesses seem to be disproportionately affected, and there is real confusion out there. As I say, a lot of work has been done to protect the Government, parish councils and lawyers, but what about the little people—the people who make this country grow? There is even confusion in the Information Commissioner’s Office, which gave the wrong advice in briefings here to MPs’ staff only the other week. What are we going to do to protect the small people? They think that they are doing the right thing, but they have probably been ill advised. They are spending a lot of money trying to get things right, but there is real confusion out there.
Margot James
My right hon. Friend raises several important points. As for the effect on small businesses, he will be reassured to learn that the issues with the processing of highly personal data that I was discussing do not apply to the majority of SMEs. They will not have to appoint a data protection officer, so that is one comfort.
As for training and guidance, I am sorry that colleagues and their research staff attended courses that were put together before the Bill was even in Committee, and thus did not take numerous amendments into account—not least the amendment clarifying the rights of Members of Parliament and other elected individuals. I apologise for that confusion.
I draw businesses’ attention to the excellent ICO website, which contains good sources of guidance for SMEs, including frequently asked questions. The ICO also provides an advice line for any follow-up questions on subjects that businesses might not be clear about. Ultimately, there is a need for better data protection, and that is not just what is set out in the GDPR. Dreadful examples, such as the case of Facebook and Cambridge Analytica, have demonstrated the need for more rigorous data rights and for greater security of data.
Sir Mike Penning
The Minister is being ever so generous in giving way not just to me, but to Members from across the House, and I thank her. Returning to the parliamentary stuff—we are only a small part of all this—some of the staff present at the briefing I mentioned left in tears, and I know that for a fact, because a member of my staff was there. Believe it or not, even though the ICO knew that the briefing was completely flawed, it has today issued certificates of attendance saying that it was the right thing for staff to have done.
More important, however, are the SMEs. Small businesses have approached me today to tell me that they have been told to delete all their data unless they get permission from the relevant people. Companies that did work for people three, four or five years ago—even last year—must get permission to hold their addresses so that they can fulfil, for example, warranty agreements. Other companies are getting completely different advice, and the lawyers are getting different advice. There seems to be a rush to protect Government agencies, local government, parish councils and lawyers, but not enough is being done to protect the small people of this country—the people who account for so much of our money.
Margot James
I thank my right hon. Friend for his points. I want to reassure the small businesses that he mentions. I sympathise with businesses that are getting conflicting advice, and with those that are approached by firms of consultants who appear to be exaggerating the scale of the task of complying with the legislation. I am afraid that that always happens when there is change; people think that they can exaggerate the impact and the implications of a change and—who knows?—perhaps they will be remunerated for helping businesses to comply.
I also want to reassure my right hon. Friend about the specific case that he mentioned, in which companies were being advised that they needed to delete all the data for which they did not have consent. I want to reassure him that the vast majority of businesses will not have to delete the personal data that they hold. If they have gained the personal data lawfully, there are five, if not six, lawful bases on which they can process that personal data, of which consent is only one. I draw his attention particularly to legitimate interests, which is a lawful basis for processing data. For example, if a small firm has been supplying a much-needed service to people for a number of years, it is in the pursuit of its legitimate interests to communicate with its database of customers or new prospects, and it does not need to have consent. I would advise people not to delete their data without very careful consideration, or without consultation with the ICO website in particular.
Margot James
I will give way to my right hon. Friend in a second. I want to respond to my right hon. Friend the Member for Hemel Hempstead (Sir Mike Penning) on the alleged discrimination involved in our taking steps to protect lawyers, parliamentarians, local councillors and so on but not to protect small businesses. The reason is that small businesses are less affected, in the sense that most of them do not process huge quantities of personal data. They therefore come under the purview of the ICO to a lesser extent, and enforcement is less likely to focus on organisations that do not process highly personal data. Those organisations do not need to appoint a data protection officer. I hope that I have gone some way towards allaying my right hon. Friend’s—
Margot James
I will come back to my right hon. Friend in a moment, but I did say that I would give way to my right hon. Friend the Member for Broxtowe (Anna Soubry).
Anna Soubry
I thank my hon. Friend for that information, but it was mainly complete news to me, as I suspect it was to my right hon. Friend the Member for Hemel Hempstead too. We have a really serious problem here. I just cannot overestimate the amount of concern among small businesses. Medium-sized businesses with more than 250 employees have the benefit of a team of people, but this is a real crisis for small businesses and I am afraid that the lack of information is truly troubling. There are solutions, and perhaps we should discuss them in a different debate, but as a Government we have an absolute duty to get this right. There are devices available—HMRC sends out tax returns, for example—and there are many opportunities to get this information out there. At the moment, however, there is a lot of disinformation, and as my right hon. Friend the Member for Hemel Hempstead says, these businesses are the lifeblood of our economy. They do not know what is happening, and they are worried.
Margot James
I sympathise with the points that my right hon. Friend has raised. In fact, we have secured almost £500,000 to launch an information campaign to bolster what the Information Commissioner’s Office is already doing for small businesses. I also draw her attention to the need for this legislation, and to the need for businesses and all of us in public life to respect people’s data rights. The landscape has changed. We now live in a digital world, and there is so much abuse of people’s privacy and data that I must bring her attention back to the need for the Bill. Of course she is right, however, to say that people need to be properly informed, and that is what the ICO is doing and what the Government campaign that we are about to launch will also do.
Sir Mike Penning
What the Minister said at the Dispatch Box a moment ago was also news to me. I have been campaigning and pushing on this for months—I spoke to the Secretary of State over the bank holiday weekend—and I was going to vote against the Bill this evening. Yes, we need data protection, but we do not want to destroy or frighten our businesses in the process. However, I take my hon. Friend at her word, and I will vote for the legislation this evening.
Margot James
I quite agree. In fact, both the Secretary of State and I were small business owners before entering this place, so I feel what my right hon. Friend says very deeply. I must commend my hon. Friend the Member for Mid Worcestershire (Nigel Huddleston) on the excellent advice that his office has put together on what it will be doing in this respect. For the benefit of my staff, I have set out exactly what my office will be doing to comply with the legislation. If my right hon. Friend has any concerns about his own situation—
Sir Mike Penning
I am not worried about us; I am worried about small businesses.
Margot James
In that case, I will proceed no further down that path. I am glad that I have been able to reassure my right hon. Friend and thank him for raising those important points.
Chi Onwurah (Newcastle upon Tyne Central) (Lab)
I thank the Minister for that clarification, but I am not sure that it is clear enough. She will undoubtedly be aware that the Windrush documents were supposedly destroyed as a result of data protection requirements. There remains a significant possibility that there will be a wholesale destruction of data, some of which might be important, useful and legitimately kept, unless the Government take further action.
Margot James
I commend the hon. Lady for that observation, because she has a fair point. I will raise her concern with the Information Commissioner. My right hon. Friend the Member for Hemel Hempstead said that some businesses have been advised that they should delete their data, so I can see where the hon. Lady is going on that. It raises the prospect that some organisations might use this as an excuse to delete data that it would be in the data subject’s interests to preserve.
I have not been able to address every amendment in the time available, but I am mindful of the number of colleagues who wish to contribute, and we have less than 60 minutes remaining. I have addressed most of the matters that came up in the Public Bill Committee, and the Government’s position will remain the same on many of them.
In short, we have enhanced the ICO’s enforcement powers, we have changed the way we share data, we have reached out to parish councils, we have narrowed the immigration exemption and we have responded to calls to better protect lawyer-client confidentiality. We have also dealt—effectively, I hope—with the concern expressed by my hon. Friend the Member for Totnes about the sharing of data between the Department of Health and Social Care and the Home Office.
Liam Byrne
May I start by welcoming the new powers for the Information Commissioner, which we called for in Committee? Nobody who observed the debacle of the investigation into Cambridge Analytica will have needed persuading that that those powers are necessary—it took the court five or six days to issue the requisite search warrants, and that time might well have been used by Cambridge Analytica to destroy evidence—so I am glad that the Minister has heeded our calls and introduced the proposals this afternoon. We are happy to give them our support.
I will speak to a number of new clauses and amendments in the group, particularly new clause 4, which is our enabling clause for creating a bold and imaginative Bill of data rights for the 21st century. I want to make the case for universal application of those rights, including their application to newcomers, who need rights in order to challenge bad decisions made by Governments, which is why our amendment 15 would strike out the immigration provisions that have so unwisely been put into the Bill. I will also say a few words about new measures that are needed in the Bill to defend the integrity of our democracy in the digital age.
The Minister took the time to make a comprehensive speech, which included an excellent explanation of the Government amendments, so I will be brief. Let me start with the argument for a Bill of data rights. Every so often we have to try to democratise both progress and protections. In this country we are the great writers of rights—we have been doing it since Magna Carta. Over the years, the universal declaration of human rights, the UN convention on the rights of the child, the charter of fundamental rights, the Human Rights Act 1998, the Equality Act 2010 and, indeed, the original Data Protection Act have all been good examples of how good and wise people in this country have enshrined into charters and other legal instruments a set of rights that we can all enjoy, that give us all a set of protections, and that help us to democratise progress.
Liam Byrne
My hon. Friend is right. We have been on the receiving end of a huge number of data breaches in this country—really serious infringements of basic 21st-century rights—which is why we need a bold declaration of those rights so that the citizens of this country know what they are entitled to. Unless we get this right, we will not be able to build the environment of trust that is the basis of trade in the digital economy. At the moment, trust in the online world is extremely weak—that trust is going down, not up—so we need to put in place measures now, as legislators, to fix this, turn it around and put in place preparations for the future.
The Government’s proposal of a digital charter is a bit like the cones hotline approach to public service reform. The contents of the charter are not really rights but guidelines. There are no good methods of redress or transparency. Frankly, if we try to introduce rights and redress mechanisms in that way, they will basically fail and will not lead to any kind of change. That is why we urge the Government to follow the approach that we are setting out.
I put on record my profound thanks to Baroness Kidron and the 5Rights movement. Her work forms the basis of the bill of rights we are proposing to the House: the right to remove data, as enshrined in the GDPR—that right is very important to children—the right to know; the right to safety and support; the right to informed and conscious use; and the right to digital literacy. Those are the kinds of rights we should now be talking about as the rights of every child and every citizen.
Margot James
The right hon. Gentleman makes some good points. I agree with the rights he is talking about, but those rights exist under the GDPR and are intrinsic to the Bill, so I see no need for his amendment.
Liam Byrne
There is no right to digital literacy under the Bill, which is why we propose the five rights as the core of new schedule 1 in which, as the Minister knows, we go much further. The provision sets out rights to equality of treatment, security, free expression, access, privacy, ownership and control, the right not to be discriminated against as a result of automated decision making, and rights on participation, protection and removal.
Rights are sometimes scattered through thousands and thousands of pages of legislation, which is where we are on data protection today. That is why from time to time, as a country, we decide to make bold declaratory statements of what principles should guide us. These are methods of simplification and consolidation, and we are pretty good at that in this country. When we press our proposal to enable the creation of such a bill of rights to a Division a little later, we hope that it will be the call that the Government need to begin the process of consultation, thought, argument and debate about the digital rights that we need in this century and what they need to look like. Rights should not be imposed from the top down; they should come from the grassroots up, and the process of conversation and consultation is long overdue. To help the Government, we will accelerate that debate during this year.
The second point I wish to make is about amendment 15, which would ensure that the rights set out in the GDPR would stretch to everyone in this country. It would mean that the Government would not be permitted to knock out selective rights for certain people who just happen to be newcomers to this country. The proposal to withhold data rights from migrants and newcomers is a disgrace and does not deserve to be in the Bill. In Committee, Ministers were unable to tell us why the Bill’s crime prevention provisions could not be stretched to accommodate their ambitions for immigration control. The Minister has not been able to give us a succinct definition of “immigration control” today, and we have not been able to hear about the lessons learned from Windrush. Frankly, the debate has been left poorly informed, and we have had promises that letters will be sent to hon. Members long after tonight’s vote.
Dr Sarah Wollaston (Totnes) (Con)
I rise to speak to new clause 12, which was tabled in my name, that of my colleague, the hon. Member for Stockton South (Dr Williams), and those of other members of the Health and Social Care Committee and Members from all parties.
I wish to speak about the importance of medical confidentiality, because it lies at the heart of the trust between clinicians and their patients, and we mess with that at our peril. If people do not have that trust, they are less likely to come forward and seek the care that they need. There were many unintended consequences as a result of the decision enshrined in a memorandum of understanding between the Home Office, the Department of Health and NHS Digital, which allowed the sharing of addresses at a much lower crime threshold than serious crime. That was permitted under the terms of the Health and Social Care Act 2012, but patients were always protected, in effect, because the terms of the NHS constitution, the guidance from the General Medical Council and a raft of guidance from across the NHS and voluntary agencies protected the sharing of data in practice.
This shift was therefore particularly worrying. There were many unintended consequences for the individuals concerned. The Health and Social Care Committee was also deeply concerned about the wider implications that this might represent a shift to data sharing much more widely across Government Departments. There was a risk, for example, that the Department for Work and Pensions might take an interest in patients’ addresses to see whether people were co-habiting for the purpose of investigating benefit fraud. There was a really serious risk of that.
I am afraid that the letter that we received from the Department of Health and Social Care and the Home Office declining to withdraw from the memorandum of understanding made the risk quite explicit. I would just like to quote from the letter, because it is very important. I also seek further clarification from the Minister on this. The letter states that
“it is also important to consider the expectations of anybody using the NHS—a state provided national resource. We do not consider that a person using the NHS can have a reasonable expectation when using this taxpayer-funded service that their non-medical data, which lies at the lower end of the privacy spectrum, will not be shared securely between other officers within government in the exercise of their lawful powers in cases such as these.”
I profoundly object to that statement. There was no such contract in the founding principles of the NHS. As I have said, it is vital that we preserve that fundamental principle of confidentiality, including for address data. I was delighted to hear the Minister’s words at the Dispatch Box, but can she just confirm for me absolutely that that statement has now been superseded?
Margot James
Yes, I can confirm absolutely that the statement that my hon. Friend quoted from the letter of 23 February has been superseded by today’s announcements.
Damian Collins
The significance of the Bill and the importance of data and data protection to the economy and the whole of society is reflected in this debate. The fact that amendments have been tabled on Report through the work of three different departmental Select Committees shows how wide-ranging this issue is.
I principally want to talk about amendments 20 and 21, which stand in my name and those of other members of the Digital, Culture, Media and Sport Committee and which are addressed by Government amendments, too. Before I do so, I want to add that the Chair of the Home Affairs Committee, the right hon. Member for Normanton, Pontefract and Castleford (Yvette Cooper), made a very important point about the fact that some people—particularly those involved in immigration cases—may not have full access to the data rights enjoyed by others. If the Minister can provide any further clarification, I will be happy to give way before I move on.
Margot James
After the exchange I had with the hon. Member for Newcastle upon Tyne Central (Chi Onwurah), I wanted to confirm that the Home Office will certainly not destroy any data for which there is still a legitimate and ongoing need not just for the Home Office but for data subjects.
Damian Collins
I am grateful to the Minister for that further clarification.
Amendments 20 and 21 get to the heart of an issue that has been raised by a number of Members, which is the power of the Information Commissioner to act in data investigations. The Minister, the right hon. Member for Birmingham, Hodge Hill (Liam Byrne) and others have referenced the Cambridge Analytica data breach scandal, which is a very good example of why these additional powers are needed. We raised that in the Select Committee with the Secretary of State. The Information Commissioner raised it with us and it was raised on the Floor of the House on Second Reading.
The ability to fine companies for being in breach of data rules is important, but what is most significant is that we get hold of the data needed by investigators, so that we understand who is doing what, how they are doing it and how wide-ranging this is. It is crucial that the Information Commissioner has the enforcement powers she needs to complete those investigations.
In the case of Cambridge Analytica, an information notice was issued by the Information Commissioner to that company to comply with requests for data and information. Not only did Cambridge Analytica not comply, but Cambridge Analytica and Facebook knew that. That information notice expired at 5 o’clock on the evening of the day when that deadline was set; it was the beginning of the week. Before the notice had expired and a warrant could even be applied for, Facebook had sent in its own lawyers and data experts to try to recover data that was relevant to the Information Commissioner’s request.
The Information Commissioner found out about that live on “Channel 4 News” and then effectively sent a cease and desist note to Facebook, telling it to withdraw its people. She might very well not have been made aware of what Facebook was doing that evening, and data vital for her investigation could have been taken out of her grasp by parties to the investigation, which would have been completely wrong. Not only did that happen—thankfully, Facebook stood down—but a further five days expired before a warrant could be issued—before the right judge in the right court had the time to grant the warrant to enable her to complete her work. We live in a fast-moving world, and data is the fuel of that fast-moving world, so we cannot have 19th or even 20th-century legal responses. We must give our investigatory authorities the powers they need to be effective, which means seizing data on demand, without notice, as part of an investigation, and having the ability to see how data is used in the workplace or wider environment.
The Government are bringing forward amendments, which I think have the support of the House, that will give us one of the most effective enforcement regimes in the world. They will give us the power to do something we have not been able to do before, which is to go behind the curtain to see what tech companies, even major tech companies, are doing and make sure they comply with our data rules and regulations. Without that or an effective power to inspect, we would largely be in the position of having to take their word for it when they said they were complying with the GDPR. Particularly with companies such as Facebook that run closed systems—they have closed algorithms and their data is not open in any way—there are very good commercial reasons for doing so, but there are also consumer safety reasons. We must have the power to go in and check what they are doing, so the amendments are absolutely vital.
There are further concerns. The shadow Minister, the right hon. Member for Birmingham, Hodge Hill, was right to raise concerns about honesty and transparency in political advertising. Both the Information Commissioner and the Electoral Commission are examining the use of data in politics, as well as looking at who places the ads. It is already a breach of the law in the UK, as it is in other countries, for people outside our jurisdiction to run political advertising during election campaigns in this country.
In the case of Facebook, it is unacceptable that its ad check teams have not spotted such advertising and stopped it happening when someone is breaking the law. If this were about the financial services sector, we would not let a company say, “Well, we thought someone was breaking the law, but we weren’t told to do anything about it, so we didn’t”. We would expect such a company to spot it and to take effective action. We need to see a lot more progress on this, particularly in relation to the placement of micro-targeting ads and dark ads. The Institute of Practitioners in Advertising has called for a moratorium on the micro-targeting of political ads, which may be seen only by the person who receives an ad and the person who places it.
When the chief technology officer of Facebook, Mike Schroepfer, gave evidence to the Select Committee, I asked him whether, if someone set up a Facebook page to run ads during a campaign and micro-targeted individual voters before taking down the page at the end of the campaign and destroying the adverts, Facebook would have any record that that advertising had ever run, he said that he did not know. We have written to him and Mark Zuckerberg saying that we need to know, because unless we know, a bad actor could run ads in huge volumes, investing a huge amount of money in breach of electoral law, and if they did not declare it, there would be no record of that advertising ever having been placed.
Brendan O'Hara
I will be very brief, Madam Deputy Speaker, because we are incredibly tight for time.
There is so much in the Bill that I would like to talk about, such as effective immigration control, delegated powers and collective redress, not to mention the achievement of adequacy, but I will concentrate on amendment 5, which appears in my name and those of my hon. Friend the Member for Cumbernauld, Kilsyth and Kirkintilloch East (Stuart C. McDonald) and the hon. Member for Brighton, Pavilion (Caroline Lucas).
The amendment seeks to provide protection for individuals where automated decision making could have an adverse impact on their fundamental rights. It would require that, where human rights are or could be impacted by automated decisions, ultimately, there will always be a human decision maker at the end of the process. It would instil that vital protection of human rights in respect of the general processing of personal data. We believe strongly that automated decision making without human intervention should be subject to strict limitations to promote fairness, transparency and accountability, and to prevent discrimination. As it stands, the Bill provides insufficient safeguards.
I am talking about decisions that are made without human oversight, but that can have long-term, serious consequences for an individual’s health or financial, employment, residential or legal status. As it stands, the Bill will allow law enforcement agencies to make purely automated decisions. That is fraught with danger and we believe it to be at odds not just with the Data Protection Act 1998, but with article 22 of the GDPR, which gives individuals the right not to be subject to a purely automated decision. We understand that there is provision within the GDPR for states to opt out, but that opt-out does not apply if the data subject’s rights, freedoms or legitimate interests are undermined.
I urge the House to support amendment 5 and to make it explicit in the Bill that, where automated processing that could have long-term consequences for an individual’s health or financial, employment or legal status is carried out, a human being will have to decide whether it is reasonable and appropriate to continue. Not only will that human intervention provide transparency and accountability; it will ensure that the state does not infringe an individual’s fundamental rights and privacy—issues that are often subjective and are beyond the scope of an algorithm. We shall press the amendment to the vote this evening.
Brendan O'Hara
I would give way, Minister, but I am very pushed for time.
I would like to voice my support and that of the SNP for amendment 15 on effective immigration control. We believe that the exemption is fundamentally wrong, disproportionate and grossly unfair, and we call on the Government to stop it.
Madam Deputy Speaker (Dame Rosie Winterton)
I can now inform the House that I have completed certification of the Bill, as required by the Standing Order. I have confirmed the view expressed in the Speaker’s provisional certificate issued on 8 May. Copies of the final certificate will be made available in the Vote Office and on the parliamentary website.
Under Standing Order No. 83M, a consent motion is therefore required for the Bill to proceed. Copies of the motion are available in the Vote Office and on the parliamentary website, and have been made available to Members in the Chamber. Does the Minister intend to move the consent motion?
Margot James
indicated assent.
The House forthwith resolved itself into the Legislative Grand Committee (England and Wales) (Standing Order No. 83M).
[Dame Rosie Winterton in the Chair]
Data Protection Bill (English Votes for English Laws)
Margot James Excerpts(6 years ago)
Written StatementsRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister for Digital and the Creative Industries (Margot James)
I am today placing in the Library of the House the Department’s analysis on the application of Standing Order 83L in respect of the Government amendments tabled for Commons Report stage for the Data Protection Bill [HL].
[HCWS668]
Ticket Touting: Musical Events
Margot James Excerpts(6 years ago)
Westminster HallRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Westminster Hall is an alternative Chamber for MPs to hold debates, named after the adjoining Westminster Hall.
Each debate is chaired by an MP from the Panel of Chairs, rather than the Speaker or Deputy Speaker. A Government Minister will give the final speech, and no votes may be called on the debate topic.
This information is provided by Parallel Parliament and does not comprise part of the offical record
The Minister for Digital and the Creative Industries (Margot James)
It is a pleasure to serve under your chairmanship, Sir Christopher. I congratulate the hon. Member for Perth and North Perthshire (Pete Wishart) on securing this debate. The Government, along with brilliant groups such as UK Music and the British Phonographic Industry, have consistently championed the British music industry and the incredible talent that makes it such a success story and a brilliant export for this country. We have produced the Beatles, the Stones, Adele, Amy Winehouse and so many more. The live music industry is a vital part of the ecosystem, contributing £1 billion to our economy in 2016.
Our live music scene is clearly thriving, but it is far from easy for fans to experience it. We have all experienced the frustration of waiting for tickets to go on sale—our fingers hovering over the keyboard, only to find that all the tickets have been mysteriously snapped up in seconds. Given the time constraints of this job, I have slightly fallen out of the practice of trying to get tickets for events in recent years, so I was absolutely appalled when I heard about the practices now going on from my hon. Friend the Member for Selby and Ainsty (Nigel Adams). It is so frustrating to see tickets reappearing on secondary sites almost instantaneously, at the huge mark-ups that have become commonplace.
The secondary market has a place. Real fans, who are sometimes unable to attend an event, should have the means of making sure that their tickets do not go to waste. However, the Government recognise that the process of distributing and buying tickets often causes momentous public frustration and concern. We are determined to crack down on unacceptable behaviour in the ticketing market, and to improve fans’ chances of buying tickets at a reasonable price. There is absolutely no inertia in the Government, and I was sorry to hear the tone of the remarks made by the hon. Member for Perth and North Perthshire.
We are determined to get on top of this issue. I will outline recent measures that we have taken, but first I will address specific concerns about the relationship between primary and secondary ticketing sites. Competition is fundamental to that relationship, and competition decisions are made independently of Government, and of Ministers, by the Competition and Markets Authority. I encourage the hon. Gentleman to make his points directly to the CMA. I assure him that there is no lethargy in the CMA or in Government about these matters.
We have already taken several measures. The Consumer Rights Act 2015 imposed a duty on sellers and secondary ticketing facilities to provide buyers with certain information about tickets, such as their face value and any restrictions limiting their potential use. Section 105 of the Digital Economy Act 2017 introduced a provision for an additional requirement under the CRA for ticket sellers to provide a unique ticket number, where one has originally been given, when putting a ticket up for resale. I am pleased that that provision is now in force, and that some event organisers are looking at how it can be used to improve access and protections for the ticket-buying public.
Luke Graham (Ochil and South Perthshire) (Con)
I congratulate the hon. Member for Perth and North Perthshire (Pete Wishart) on securing the debate; he has certainly sold more tickets to his public performances than I ever have. The Minister made a specific point about having a unique identifier for consumers. What consultations have taken place with people in the industry, and industry experts, to ensure that that is carried across? Such events can be really beneficial for our constituencies—particularly those like mine, where we used to host T in the Park.
Margot James
I thank my hon. Friend for his intervention. We are in constant contact with the industry. My officials have been in touch with the major event organisers UK Music to get the message out there that this is a powerful tool, which event managers and primary ticketers can use to oblige secondary sites to include the unique number on anything that they offer for resale.
I am also pleased, because I had personal involvement in this in my previous job at the Department for Business, Energy and Industrial Strategy, that last week I laid the draft regulations under section 106 of the Digital Economy Act, making a provision to ban the use of bots, and the purchase and resale—for profit—of more tickets than provided for by caps set by event organisers. I hope that that will be successful as well. Of course, the legislation has to be properly enforced.
Christine Jardine (Edinburgh West) (LD)
Will the Minister tell me why the reselling of music venue tickets, which as we have heard is hugely damaging to the industry, is not comparable with sports tickets? It is actually illegal to have secondary sales on those.
Margot James
I think the hon. Lady is slightly mistaken. I believe it is only professional football that has that protection, for historical reasons. The rest of sport is dealt with in the same way as the music industry.
I welcomed the CMA’s announcement last week, as part of its ongoing enforcement investigation, that it had secured commitments from three of the largest secondary ticketing platforms to provide additional information. It will come as no surprise to hon. Members that the one secondary site that has not yet co-operated is Viagogo, which is controlled from abroad. I believe it is based in Switzerland, which presents an extra challenge. I echo the remarks made by the hon. Member for Perth and North Perthshire, advising customers not to use Viagogo’s services until it comes within the law. The CMA is concerned that all ticketing sites, secondary and primary, accept their responsibilities to consumers.
The Government are also giving approximately £15 million to National Trading Standards for national and cross-boundary enforcement. I welcomed the NTS’s announcement at the end of last year that its officers had conducted raids on a number of properties across the UK, resulting in four people being arrested under suspicion of breaches of the Consumer Protection from Unfair Trading Regulations 2008. I congratulate National Trading Standards and local trading standards officers on their excellent work.
In addition, the Advertising Standards Authority has recently taken action against the main four secondary ticketing websites, banning the misleading presentation of pricing information on those websites. Companies will have to show prices in a clear, transparent and upfront manner before consumers make their purchasing decision. Hopefully, that will put an end to the drip-pricing practice that has been commonplace.
Clearly, enforcement bodies are taking the matter seriously. We are prepared to go after those who flout the law or abuse the ticketing market. The ticketing industry and online platforms need to take action, and we are attacking the situation on a number of fronts.
Google recently introduced new rules for ticket resellers advertising through its AdWords platform, requiring them to be certified. To apply for certification, they will need to comply with a number of rules to improve transparency, and stop implying that they are a
“primary or original provider of event tickets”.
We are getting at them through Google as well, and industry is becoming increasingly adept at using technology to improve the ticketing experience, exerting greater control over the transfer of tickets through the use, for example, of blockchain and “ticketless” tickets attached to fans’ mobile phones.
Mrs Hodgson
I welcome what the Minister has said. She has outlined the plethora of instruments and laws that we now have. As someone who has worked on this for 10 years, I feel that it is all starting to come together. I know she takes this issue seriously, but will she commit to keeping a very close personal eye on it? As those of us who have fought Viagogo and the secondary market for years know, they are slippery characters. I doubt they will ever comply, so we will be back here revisiting this issue.
Margot James
I thank the hon. Lady and congratulate her on her work over the years, and on her chairmanship of the all-party parliamentary group. I will stay across this issue. I have exactly the same suspicion: that the company that we have already mentioned in no uncertain terms will drag its feet and fight all the way. We will have to be across that, and I welcome the hon. Lady’s continued involvement in helping us. I also welcome the work that the Society of Ticket Agents and Retailers and sports bodies have undertaken with the CMA to look at ways to ensure that terms and conditions are considered to be fair, particularly in instances where tickets were put on sale many months before the performance.
I recognise that there is no magic bullet to solving the worst excesses of the secondary ticketing market; it requires concerted and consistent effort. I have laid out our efforts as they stand. I thank the hon. Lady for her comments about how we are now pulling together a number of strands to deal with the issue. We are making good progress, but I have no doubt that there is more to do. We must ensure that the UK is a vibrant place for fans to experience great music.
Question put and agreed to.