Draft Data Protection Act 2018 (Qualifying Competent Authorities) Regulations 2025 Debate
Full Debate: Read Full DebateDepartment: Home Office
Matt Vickers
Main Page: Matt Vickers (Conservative - Stockton West)Department Debates - View all Matt Vickers's debates with the Home Office
Draft Data Protection Act 2018 (Qualifying Competent Authorities) Regulations 2025
Matt Vickers Excerpts(2 days, 10 hours ago)
General CommitteesRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Matt Vickers (Stockton West) (Con)
It is a pleasure to serve under your chairmanship, Sir Jeremy. I congratulate the Minister on her new role in what I am sure will be the first of many encounters. In what can be a divisive Department, I am pleased to begin with an issue on which we can agree.
The Data Protection and Digital Information Bill, put forward by the previous Government during the last Parliament, sought to enable joint processing between qualifying competent authorities and intelligence services under part 4 of the Data Protection Act 2018. As the Minister summarised, it was rightly recognised that there was an increasing expectation that law enforcement and the intelligence services would work jointly in operational partnerships, particularly in response to lessons learned from the tragic terrorist incidents at the Manchester Arena and Fishmongers’ Hall.
Under the existing regime, it is understandable that sharing data across Data Protection Act regimes proves cumbersome, making the necessary decision making in our national security infrastructure more challenging. Removing those obstacles and allowing partnerships to process data under a single regime is a step to be welcomed. Any measure that enables more effective and efficient use of data to enhance our national security is to the benefit of us all. Indeed, it is essential that we learn from the events of the past. We owe it to the victims of these abhorrent acts of terrorism. As such, we should welcome the change in the Government’s Data (Use and Access) Act 2025 and the regulations debated today.
Regarding joint processing, it has been noted previously that the controls and safeguards under part 4 of the 2018 Act will apply. Although I am aware that each body has expertise to manage the use of data, the creation of a single regime can pose specific challenges. Therefore, considering that some of the data used in such cases may be particularly sensitive, have Ministers engaged sufficiently with the relevant agencies and competent authorities to ensure that they are prepared to use the new rules effectively and without incident? In addition, although the use of designation notices by the Home Secretary is an integral part of the new regime, I must ask Ministers whether they are satisfied that the process for providing notices for joint controllership of specific processing will be effective.
Although I appreciate that, for security reasons, the Minister will not be able to provide details as to why one competent authority has been included, it will be useful to receive assurances that robust systems are in place to ensure that such processes include appropriate safeguards and that the data being used is in line with the notice. These safeguards are critical, as we all recognise the public’s desire for their data to be protected while ensuring that national security is maintained. I therefore welcome the draft regulations and hope they are implemented effectively.