Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what assessment she has made of the impact of US providers switching off their 3G networks on the communications service experienced UK citizens travelling to the US; and what obligations exist for UK providers to inform their customers of the impact of that decision in the US.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
Switching off 3G mobile networks is a global trend as operators free up spectrum to focus on the provision of newer 4G and 5G services. In the US, all 3G networks have already been switched off. This might affect the experience of UK customers travelling to the US, in particular for customers with an older phone model. In some cases, UK customers might not be able to make calls or access data unless they are connected to WiFi.
There is no specific obligation for UK mobile providers to inform their customers of changes to network provision in other countries. However, Ofcom is speaking to providers to ensure that they are informing customers of this impact and some providers have been proactively sending messages to potentially affected groups. Customers should speak to their mobile network provider before leaving the UK to understand the impact of 3G switch off on their roaming experience.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, whether her Department has made an assessment of the (a) safety and (b) security of Tik Tok’s ability to track typed text inputs, clicked links, keystrokes, and screen taps.
Answered by Damian Collins
The UK has strong safeguards and enforcement regimes to ensure that data is collected and handled responsibly and securely. Companies registered in the UK are subject to our legal framework and regulatory jurisdiction.
Wherever they are in the world, organisations that process the personal data of individuals in the UK for the purposes of providing goods and services or monitoring behaviour must comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA18). Organisations which fail to comply may be investigated by the Information Commissioner’s Office and where appropriate subject to enforcement action, including fines.
The Government is improving the privacy and security of all apps, including through an upcoming Code of Practice which sets baseline security and privacy requirements for app developers and app store operators.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what steps a charity can take to remove former trustees from the Charity Commission website once the trustees have been voted out at a general meeting but refuse to remove their names voluntarily.
Answered by Nigel Huddleston - Financial Secretary (HM Treasury)
Charity trustees of registered charities have a responsibility to keep the charity’s registered details up to date with the Charity Commission for England and Wales. Where an individual is no longer a trustee, their details need to be removed from the charity’s registered information on the public register of charities.
If the individual is unable or unwilling to do this, another trustee or someone else within the charity acting on behalf of the trustees can make the change. If the charity has any difficulty accessing digital services they can contact the Charity Commission’s Contact Centre for support.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what assessment she has made of the potential merits of bringing forward legislative proposals on the role of data intermediaries to provide citizens with a means to gather copies of their own data produced by the digital products and services that they use.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
In November 2021 the government published the National Data Strategy Mission 1 Policy Framework which outlines our intention to develop a thriving data intermediary ecosystem. We recently consulted on whether the government should enable data intermediaries as part of the Data: A New Direction consultation. The Government is considering responses to this consultation and will publish its conclusions in due course.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, if she will publish any risk assessment undertaken on the loss or revocation of the Adequacy Agreement with the European Commission relating to data transfers from the UK to the EU and vice-versa which arise from the changes proposed in the consultation document entitled Data: a new direction.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
As the Department responsible for securing adequacy from the EU, DCMS has a robust internal process for monitoring the risk of those decisions being revoked or amended. As the government made clear in the Data: a new direction consultation, we believe it is perfectly possible and reasonable to expect the UK to maintain EU adequacy as it designs a future regime.
The UK is firmly committed to maintaining high data protection standards - now and in the future. We will continue to operate a high-quality regime that promotes growth and innovation, and underpins the trustworthy use of data. EU adequacy decisions do not require an ‘adequate’ country to have the same rules, and our view is that the changes proposed in the consultation document are compatible with maintaining flows of personal data from Europe.
The UK has two EU adequacy decisions, under the General Data Protection Regulation and the Law Enforcement Directive. We recognise the importance of the EU adequacy decisions to public services, law enforcement and national security cooperation, and economic activity across a broad range of sectors. The Data: a new direction consultation included an assessment of the impact of a change in adequacy status with the EU arising as a result of proposed reforms. We will further address concerns raised about the risk to these decisions in the Government response to the consultation.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what assessment she has made of the impact on the creative industries of the ending of the Adequacy Agreement with the European Commission in data protection.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
UK Government recognises the importance of the EU-UK data flows to cooperation and economic activity across a broad range of sectors, including the creative industries.
The UK Government published an assessment of the impact of changes to our adequacy status with the EU as part of the Data: a new direction consultation. This assessment estimates that the total direct, financial impact on UK businesses economy-wide would be approximately £1.4 billion over five years. The assumptions underlying this estimate are currently being updated by the department and a statistical model that will estimate the sectoral impact will follow.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, whether she had discussions with the Secretary of State for Justice, prior to publication of that Department's proposals in the document entitled Human Rights Act Reform: a Modern Bill of Rights, on the potential risks to the adequacy agreement from proposals in that document relating to the human rights regime that affect the UK General Data Protection Regulation and Data Protection Act 2018, as identified by the Information Commissioner.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
As was set out in the Bill of Rights consultation, the UK remains fully committed to the international human rights treaties to which it is party.
The Bill of Rights will ensure those rights in the European Convention on Human Rights can be interpreted in the UK context, with respect for our legal traditions and the will of elected lawmakers.
The UK has two EU adequacy decisions, under the General Data Protection Regulation and the Law Enforcement Directive. As the European Commission itself has made clear, a third country is not required to have exactly the same rules as the EU in order to be considered adequate. Indeed, there are thirteen other countries which have EU adequacy, including Israel, Japan, New Zealand and Canada. All of these nations pursue independent and varied approaches to data protection and human rights.
The UK is firmly committed to maintaining high data protection standards and ensuring that rights and liberties are protected - this will not change. Our view is that reform of UK legislation on human rights is compatible with maintaining free flow of personal data from international partners.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, whether she has asked the National Cyber Security Centre to investigate the security of the HIKVISION surveillance cameras; and if she will make a statement.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
The Government does not comment on the details of national security assessments.
As set out in the National Cyber Strategy this year, the government takes the security of all sectors of the economy, including consumers, seriously.
The Department is leading on a number of aspects in the National Cyber Strategy. We are taking forward legislation to protect consumers in the Product Security and Telecommunications Infrastructure Bill, and working with the National Cyber Security Centre to assist private and public sector users of connected devices, such as surveillance cameras, to operate in a safe and secure way.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, with reference to her Department's consultation entitled Data: a new direction, for what reason that consultation did not assess the risk of not having an adequacy agreement relating to data transfers from the UK to the EU.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
The Data: a new direction consultation included an assessment of the impact of a change in adequacy status with the EU arising as a result of proposed reforms.
The UK is firmly committed to maintaining high data protection standards - now and in the future. Protecting the privacy of individuals will continue to be a national priority. We will continue to operate a high-quality regime that promotes growth and innovation, and underpins the trustworthy use of data.
EU adequacy decisions do not require an ‘adequate’ country to have the same rules, and our view is that the proposed reform of UK legislation on personal data is compatible with maintaining free flow of personal data from Europe.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what steps she is taking to help protect consumers from the sale of mobile tracking data (a) within the UK and (b) abroad.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
Organisations seeking to use cookies and similar technologies that track information about people accessing online services have to comply with the Privacy and Electronic Communications Regulations 2003 (PECR), the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Subject to relevant exemptions, any use of cookies and similar technologies requires the provision of clear and comprehensive information as well as the consent of the user or subscriber.
The legislation does not expressly prohibit or permit the selling and sharing of people’s data, but regulates the circumstances in which data sharing can take place. The ICO has published a statutory Code of Practice on data sharing which contains practical guidance for organisations on how to share data fairly and lawfully, and how to meet their accountability obligations. The Code is available here.
The ICO has a number of powers to tackle the unlawful processing of personal data, including the power to serve enforcement notices requiring organisations to stop the processing or to erase the data, and the power to serve civil monetary penalties. The ICO can also investigate and prosecute criminal offences under the DPA. Those guilty of such offences can be subject to unlimited fines in the courts.