Commons Sense

Hansard-based summaries and metrics

<-- Back to proposed bills

Data Protection and Digital Information (No. 2) Bill - Sitting 7

23 May 2023

Proposing MP
Stephanie Peacock Lab
Barnsley South
Type
Public Bill Committee

At a Glance

Issue Summary

Stephanie Peacock supports new clauses and amendments that aim to ease compliance with the Privacy and Electronic Communications (EC Directive) Regulations 2003 through codes of conduct and pre-commencement consultation. Stephanie Peacock discusses an amendment related to the Data Protection and Digital Information Bill, focusing on how organisations use cookies for statistical information collection. Stephanie Peacock discusses amendments to the Data Protection and Digital Information Bill regarding security updates for devices. Stephanie Peacock is addressing concerns about the Data Protection and Digital Information Bill's regulation 6B which aims to enable users to express cookie consent through browsers, expressing worries about competition impact, liability issues, and technological readiness. The statement discusses amendments related to cookie consent regulations and changes to unsolicited direct marketing communications under the Data Protection Act. Stephanie Peacock discusses clauses in the Data Protection and Digital Information (No. 2) Bill that relate to unsolicited direct marketing communications, definitions of 'direct marketing', and soft opt-in rules for charities and non-commercial organisations. Stephanie Peacock addresses concerns regarding clause 85 of the Data Protection and Digital Information Bill, which imposes a duty on telecoms providers to report potential breaches of direct marketing regulations. Stephanie Peacock discusses her amendment regarding clarification on content monitoring obligations for direct marketing regulations. The statement discusses proposals under Schedule 10 and Clause 86 of the Data Protection Bill, focusing on increasing fines for breaches of privacy and electronic communications regulations. Stephanie Peacock discusses the need for careful consideration in making adjustments to the legal framework for trust services in the UK. The statement addresses the amendment to allow specified public authorities to share information with businesses to improve service delivery. The clause allows for regulations to enact international agreements for sharing information for law enforcement purposes, and Stephanie Peacock questions whether any targets for such agreements have been identified at this stage. The statement discusses amendments to the Registration Service Act and Births and Deaths Registration Act to allow for electronic registration of births, stillbirths, and deaths. The statement discusses amendments to the Births and Deaths Registration Act, aiming to allow birth and death records to be stored digitally instead of on paper. The statement discusses the importance of information standards in health care and the impact of the Data Protection and Digital Information Bill on IT and data sharing in healthcare services.

Action Requested

Peacock expresses support for the introduction of voluntary codes of conduct under new clause 2, which will allow representative bodies to create guidance for their members on complying with PEC regulations. She also supports new clause 7, which allows consultations regarding the Bill's measures to begin before the Bill comes into force.

Key Facts

  • New clauses and amendments aim to ease compliance with PEC regulations.
  • Representative bodies can design voluntary codes of conduct for their members.
  • Consultation requirements can be satisfied by pre-commencement consultation.
  • Amendment 116 aims to narrow the exemption for collecting statistical information.
  • Current rules require organisations to get freely given, specific and informed consent for cookies.
  • Clause 79 seeks to reduce cookie fatigue by exempting audience measurement cookies from consent requirements.
  • Amendments 49 to 51 remove user options to object or disable security updates.
  • Regulation 6B requires consultation with the Information Commissioner and other parties before new regulations are made on consent management tools.
  • Government amendment 54 adds the Competition and Markets Authority (CMA) as a required consultee for future consultations.
  • Amendment 117 seeks to remove new regulation 6B from the Bill.
  • Regulation 6B aims to allow users to set cookie preferences through browser-level settings.
  • Google Chrome has a 77% market share on desktops and over 60% overall including mobile devices.
  • The Competition and Markets Authority will be consulted before new regulations are made under 6B.
  • Researchers found people often agree to cookies just to make banners disappear or access services quickly.
  • The clause removes consent requirements for low privacy risk cookie uses.
  • The Information Commissioner will have additional power to investigate unsolicited direct marketing communications, including those generated but not received.
  • Clause 80 introduces measures for the Information Commissioner to investigate organisations responsible for unsolicited direct marketing communications.
  • Clause 81 lifts the definition of 'direct marketing' from the Data Protection Act 1998 and places it into PEC regulations.
  • Clause 82 extends soft opt-in rules to charities and non-commercial organisations.
  • Amendment 118 aims to provide clarity on the obligation for telecoms providers not to monitor communications.
  • Telecoms providers have raised concerns about the technological feasibility of identifying instances of unlawful direct marketing.
  • BT Call Protect, used by 4.4 million customers, averages 2.35 million calls diverted per week.
  • Amendment 118 proposed by Stephanie Peacock seeks to clarify that providers are not obligated to monitor individual communication contents.
  • The amendment includes provisions for illustrative examples of reasonable suspicion regarding contraventions of direct marketing regulations.
  • The Committee voted against the amendment with Ayes 4 and Noes 8.
  • Clause 86 updates the ICO’s powers in respect of enforcing PEC regulations with same investigatory and enforcement powers under GDPR.
  • The maximum penalty for serious breaches will increase to £17.5 million or 4% of a company’s annual turnover, whichever is higher.
  • Labour proposes blocking overseas scam calls using UK numbers and registering legitimate companies as exceptions.
  • Trust services include electronic signatures, seals, timestamps, delivery services, and website authentication.
  • These clauses aim to adjust the legal framework for trust service products within the UK.
  • The adjustments are intended to ensure flexibility in case EU regulations become inadequate.
  • Clause 92 amends section 35 of the Digital Economy Act to allow public authorities to share information with businesses for better service delivery.
  • Clause 93 creates a delegated power for the Secretary of State and concurrent powers for Welsh and Scottish Ministers to make regulations implementing international law enforcement agreements.
  • New clause 5 defines 'appropriate national authority' in relation to these powers.
  • Clause 93 allows regulations to enact international agreements for information sharing in law enforcement.
  • Stephanie Peacock seeks information from the Minister regarding identified targets for such agreements.
  • Clauses 94 to 98 amend acts related to registration services.
  • Currently, births and deaths are recorded electronically alongside paper systems since 2009.
  • New section 25 allows the Registrar General to determine electronic forms for registers.
  • Clause 96(2) inserts a new section 38B regarding signing requirements for non-paper registers.
  • Since July 1, 2009, birth and death records are held both in paper and electronic format.
  • The amendments cover clauses 94 to 98.
  • One recommendation from the 2022 UK Commission on Bereavement was online death registration.
  • Currently, the Tell Us Once service is limited to Government and public sector bodies.
  • 61% of adult respondents reported experiencing practical challenges when notifying organisations about a loved one's death.
  • Information standards are crucial for data sharing in health care.
  • Variability in technical and IT security standards hinders interoperability.
  • MedConfidential raises concerns about new section 251ZE regarding accreditation of information technology.
Assessment & feedback
Summary accuracy