Commons Sense

Hansard-based summaries and metrics

<-- Back to proposed bills

Data Protection and Digital Information (No. 2) Bill - Sitting 6

18 May 2023

Proposing MP
Philip Hollobone Con
Kettering
Type
Public Bill Committee

At a Glance

Issue Summary

The statement discusses clauses 48 to 53 of the Data Protection and Digital Information (No. 2) Bill, which relate to the governance and oversight of digital identities in the UK through establishing a register for digital verification service providers. The statement discusses clauses related to public authority's power to disclose information to registered persons and proposes government amendments. The statement discusses provisions related to data sharing between public authorities and digital verification service providers, including safeguards for information shared with HMRC and other tax authorities. The statement discusses the powers granted to the Secretary of State under Clause 58 of the Data Protection and Digital Information (No. 2) Bill to require information from accredited conformity assessment bodies or registered digital verification service providers for governance and oversight purposes. Philip Hollobone discusses clause 61 of the Data Protection and Digital Information (No. 2) Bill, which defines key terms for smart data sharing schemes. MP Philip Hollobone discusses amendments related to customer data protection under the Data Protection and Digital Information (No. 2) Bill. The MP discusses amendments related to smart data schemes in the Bill, emphasizing the need for careful regulation and impact assessments. Philip Hollobone is discussing clauses 62 and 63 of the Data Protection and Digital Information (No. 2) Bill. MP Philip Hollobone is discussing clauses 64 and 65 of the Data Protection and Digital Information (No. 2) Bill, which relate to business data and provide regulations for sharing and publishing such data. The statement discusses several clauses in the Data Protection and Digital Information (No. 2) Bill, focusing on provisions related to decision makers, enforcers, financial penalties, fees, levies, and financial assistance for smart data schemes. The statement discusses clauses in the Data Protection and Digital Information (No. 2) Bill that relate to confidentiality, data protection, and regulation-making powers for smart data schemes.

Action Requested

The Secretary of State must establish and maintain a public register of certified digital verification service providers. The statement outlines requirements for certification, application, fees, removal from the register, and revisions to the trust framework.

Key Facts

  • Clause 48 requires the establishment of a public register for digital verification service providers.
  • Certification by an accredited conformity assessment body is required before registration.
  • The Secretary of State can charge providers a fee for application and ongoing fees after registration.
  • Government amendments 6 and 7 are proposed.
  • New clause 3 pertains to information disclosed by the Welsh Revenue Authority.
  • New clause 4 relates to information disclosed by Revenue Scotland.
  • Clause 54 allows public authorities to share information with DVS providers if requested by an individual.
  • Clause 55 includes safeguards for HMRC information sharing, ensuring taxpayer confidentiality.
  • The Secretary of State must produce a code of practice under clause 56 and consult the Information Commissioner.
  • Clause 58 grants the Secretary of State power to require information from accredited conformity assessment bodies or registered DVS providers.
  • Clause 59 allows for delegation of governance and oversight functions to another person if appropriate as the market grows.
  • Clause 60 requires an annual report on the functioning of this part, with the first report published within 12 months of clause 47 coming into force.
  • Clause 61 defines key terms such as business data, customer data, and data holder.
  • Business data includes standard prices, charges or tariffs, and information on service performance.
  • Amendment 46 clarifies the definition of business data to ensure consistency in understanding.
  • Amendment 113 allows the Secretary of State or Treasury to invite relevant sectoral regulators to contribute to or conduct impact assessments.
  • Amendment 114 mandates consultation with representatives from affected industries before making regulations.
  • Amendment 115 sets a six-month deadline for publishing a target date and arrangements for an impact assessment of smart data schemes.
  • The Government's impact assessment estimates costs of £610 million to £732 million for the telecoms sector.
  • Ofcom consulted on the proposal in 2020.
  • BT identifies that a working regime will require steps to guarantee security, interoperability, quality, intelligibility and comparability of sensitive data.
  • Clause 62 provides the principal regulation-making power to establish smart data schemes in relation to customer data.
  • Subsection (3) of clause 62 allows an authorised person who receives customer data to exercise the customer’s rights on their behalf.
  • Clause 63 outlines provisions that smart data scheme regulations may contain when relating to customer data.
  • Clause 64 provides regulation-making power for smart data schemes related to business data.
  • Regulations allow business data to be provided to customers or third-party recipients and may be published widely.
  • These regulations aim to increase transparency around pricing, enhancing competition and benefiting consumers and smaller businesses.
  • Clauses 66 to 72 relate to smart data regulations.
  • Clause 66 appoints decision makers who approve and monitor third parties accessing customer and business data.
  • Clause 67 enables public bodies to enforce regulations with civil or criminal penalties.
  • Clause 68 limits investigatory powers of enforcers to protect privileges and confidentiality.
  • Clauses 69, 70, 71, and 72 provide for financial penalties, fees, levies, and financial assistance.
  • Clauses 73 to 77 relate to confidentiality and data protection.
  • Clause 75 requires regulation makers to review regulations at least every five years.
  • Clause 76 repeals sections 89 to 91 of the Enterprise and Regulatory Reform Act 2013.
Assessment & feedback
Summary accuracy