Thursday 19 March 2009
[Sir John Butterfill in the Chair]
A Surveillance Society?
[Relevant documents: Fifth Report from the Home Affairs Committee Session 2007-08 HC 58, the Government’s Response Cm 7449, and the Information Commissioner’s Response Session 2007-08 HC 1124.]
Motion made, and Question proposed, That the sitting be now adjourned.—(Mark Tami.)
I am most grateful to the Liaison Committee and the House for allowing us to debate the Home Affairs Committee’s fifth report, which asked whether Britain is becoming a surveillance society. The purpose of the debate is to discuss the issues raised in the inquiry and to consider developments since the report’s publication. I am delighted to see so many Members present, including the Minister and the hon. Members for Hornchurch (James Brokenshire) and for Carshalton and Wallington (Tom Brake). The latter is a fellow member of the Select Committee.
The increasing potential, over the past decade, for the surveillance of citizens in public spaces and of private communications provided the Committee with the impetus to investigate the issue further. Much of that impetus came from the public sector. Is the state the kindly uncle Vernon or the sinister Big Brother? That is the fundamental question confronting the public every day. The approximately 4.2 million cameras in the United Kingdom capture a person, on average, 300 times a day. Over the past decade, the Home Office has invested £500 million in CCTV equipment, and, in the 1990s, it spent 78 per cent. of its crime prevention budget on installing CCTV equipment.
The boundary between what constitutes a legitimate tool in the fight against crime and an unacceptable intrusion into an individual’s private life is disputed and poses difficult questions. The Committee set out to examine the evidence, with a view to proposing ground rules for the Government and their agencies. We began by taking evidence from the Information Commissioner, and went on to hear from witnesses on matters such as the collection and use of personal information by private sector organisations, the technological developments that might have affected, or that are likely to affect, the storage and sharing of personal information, and the impact of various kinds of surveillance on privacy and individual liberty. We also took evidence on Government databases and information sharing, surveillance and the fight against crime. We completed our inquiry by hearing from the Home Office.
Our inquiry took about one year, during which—this was not our fault—a number of data loss incidents took place that further highlighted our concern about the potential damage caused by the loss of such personal data. In November 2007, child benefit data, including addresses and bank details, on 25 million individuals and 7.25 million families were lost. On 3 February 2008, newspaper allegations claimed that, on two occasions in 2005 and 2006, at Her Majesty’s Prison Woodhill, conversations between my hon. Friend the Member for Tooting (Mr. Khan) and one of his constituents, Mr. Babar Ahmad, who was detained in prison on an extradition warrant, had been the subject of covert recording. There are many other examples, but I shall not embarrass the Government or the Minister by going through every data loss since the inquiry began, although I am sure that the hon. Member for Hornchurch will read out the list. However, I do not hold the Minister or the Home Office responsible for the losses. I raised those incidents simply because we are concerned that, although there might be good reasons for collecting data, loss could occur without proper security and scrutiny.
Data collection clearly benefits the fight against crime, including fraud, but we concluded that it also involves significant risks. Mistakes in, or misuses of, databases can cause substantial practical harm to individuals. For example, if an individual’s personal details are lost, they could be used for negative purposes, as demonstrated by the loss of the data on child benefit recipients. I am also concerned about other databases. However, to be fair to the Minister, the Government have reviewed the security of databases, and will do so again as they pursue the mother of all databases—that to hold the information contained on identity cards.
The Committee concluded that Britain is not a surveillance society—yet—but warned the Government that great care must be taken to avoid it becoming one. We found that the Government must be extremely vigilant in protecting individuals’ information and warned that unless trust in the Government’s intentions in relation to data collection, retention and sharing is carefully preserved, there is a danger that the “surveillance society” tag will be rightly placed upon us.
The right hon. Gentleman is making an extremely important point. Having balanced the evidence, does he consider that our society will be more or less likely to become a surveillance society if identity cards are introduced universally?
I do not think that the chance will be increased. The Select Committee produced a report on ID cards before I became its Chairman. There are arguments on both sides, but I am convinced that the scheme can work, as long as the information collected is preserved very carefully. I would like to be reassured that the information will be stored carefully, otherwise it could be lost and misused. As the hon. Lady knows, having been in the House for some time, the simple loss of a disc containing such information, or its transmission from one employer or agency to another, can cause mayhem. Although I support ID cards, I am worried that the information gathered will not be preserved and protected. We do not have a definitive answer.
I thank the right hon. Gentleman for his honesty and clarity. Having considered all the issues and concerns, which he rightly and reasonably expressed, do he and the Committee think that the systems in place are sufficient to safeguard the enormous amount of information held on universal ID cards?
Honestly, no, the Committee is not absolutely certain, which is why we regularly seek reassurances from Ministers, who will note that this matter was a key finding in the report. I pay tribute to the Minister, who has given evidence on numerous occasions. He is always willing to do so. In fact, we think that he probably enjoys visiting us, although that was never our intention.
We have said to the other Ministers in the Department—including the Under-Secretary of State for the Home Department, my hon. Friend the Member for Hackney, South and Shoreditch (Meg Hillier), who was responsible for such issues before her maternity leave began—that they need to take enormous care because we do not take this matter lightly. We will hold Ministers to account if data disappear.
May I highlight one other concern around identity cards, which is something that I experienced when I lived in France between 1970 and 1980 and which has been confirmed again by a French intern who works for me? Identity cards in France are used to target certain sections of the population—and surprise, surprise, they do not include the white section.
The hon. Gentleman is right to voice that concern. Liberty and other groups fear that people from ethnic minorities will be stopped and asked for their identity cards. However, further east, people from Poland and Hungary think that we are daft because they have identity cards virtually from birth. I am not sure whether the hon. Gentleman was with us when we visited Poland, but we found that people there have a unique number from the day that they are born. It is stored on a computer and everything that they ever do contains that number. That may not be a good example bearing it in mind that that happened when the communists were in control. None the less, people from eastern Europe feel that identity cards are part of their way of life and are quite happy to accept them.
The hon. Gentleman is right that there is concern about identity cards in France, and there are ample examples of difficulties. Citizens in other countries have received such cards and unique numbers from very early on in their lives and they are very happy to keep them.
The report advises strongly against the expansion of surveillance techniques and notes the dangers of function creep—when information is used for purposes beyond that which was originally intended. If someone needs to collect information for a particular reason, they should have the information for that reason but should not use it for other purposes. We sought assurances from the Government that that would be the case.
The Committee was particularly anxious to stop any attempt to use patient data or information held on children for the purpose of predictive profiling for future criminal behaviour rather than child protection. On 9 March 2009, the Home Secretary confirmed that the youngest person to have a DNA profile held on the database was less than a year old and the oldest was over 90. Apparently, DNA was taken to eliminate the baby from a crime scene. What a baby was doing at a crime scene and how they could possibly be considered to be part of a crime scene is beyond me.
We also have examples from Members of the House. The hon. Member for Hammersmith and Fulham (Mr. Hands) has repeatedly written to the chief constable of his area to ask for his DNA to be removed. Again, he was not at a crime scene when his DNA was taken. An elderly relative had died, and the DNA was taken from all his family to eliminate them from the crime scene. The case is known to the Government, and the hon. Gentleman mentions it to me every time he sees me, and I ask him about it every time I see him. He still has not received a reply from his chief constable as to whether those data will be retained.
Following the ruling of the European Court of Human Rights, the Home Secretary announced the removal from the database of the DNA of children under the age of 10. As the House knows, the European Court ruled that the United Kingdom should not indefinitely retain the DNA and fingerprint records of people who are not convicted of a crime.
I raised the matter with the Leader of the House at business questions last week. The Government’s position is that we must have those data because, at some time in the future, someone on the database will commit a crime and, hooray, we will have their DNA so we will not have to look for them. None the less, that is predictive profiling and, in my view, totally unacceptable. We must either put everyone on the database—and I would be very much against that—or we put on the database those who have been convicted of a crime so that we know that they have been involved in criminal activity. We should not put on the database people who may have been stopped quite innocently.
I had a case recently in my constituency of a have-a-go hero. A young man tried to stop a fight between two individuals. The police arrived, arrested everyone and took his DNA. They released him several hours later saying that he should never have been arrested, but they still retained his DNA. Trying to get the young man’s DNA off the database has been cumbersome. The police stopped replying to our letters, so I stopped writing on his behalf. Perhaps I just gave up, but the fact is that there was no point in continuing to write when we were getting no answers.
As part of our inquiry, the Committee considered the Home Office’s responsibilities in relation to the collection and sharing of personal information, including CCTV, identity cards and the national DNA database. We considered how information collected in other public and private sector databases might be shared for use in the fight against crime. We recommended that the Government should show restraint in collecting personal information and constantly questioned whether surveillance activities are proportionate responses to threats.
The DNA database contains samples from 4.6 million people. Currently, 730,000 innocent people’s details are retained on the national DNA database, which is the largest amount per head of population anywhere in the world. The fingerprint database holds 7.5 million entries, including 800,000 innocent people. The UK’s DNA database is 50 times the size of its French equivalent. Our report urged that the Government should only collect information from individuals that is essential, and that it should be stored only for as long as necessary. That includes the retention of innocent people’s DNA.
It is vital that the Government accept the principle of data minimisation, which was recommended by the Committee. Failure to do so might result in the erosion of trust between the individual and the Government, and could change the nature of the relationship between the citizen and the state. The Committee urges the Government to resist the collection of more information and the creation of larger databases. That could be detrimental to the relationship of trust between the Government and individuals. It is crucial that the public are kept fully informed of all data collection motives, and any decision to create new surveillance tools, such as databases, should be based on a proven need.
The decision to use surveillance should always involve a publicly documented process of weighing up the benefits against the risks. Security breaches and the consequences of unnecessary intrusion into individuals’ private lives should be considered as part of the decision. That is essential to ensure the trust of the public in Government and authority organisations, and it is important to ensure that that trust is maintained.
The Committee also determined that the Information Commissioner should lay before Parliament an annual report on surveillance and that the Government should respond formally. I am pleased that the Information Commissioner responded positively to our report and has agreed to that recommendation. I am not sure what the Government’s position is. Perhaps the Minister could tell us whether the Government’s response to the Information Commissioner will also be formally laid before Parliament.
The Home Office should be exceedingly cautious in extending the collection and use of individuals’ personal information. The fight against crime is very real and should be undertaken with a large amount of seriousness and action. There is a distinctive and thin line that currently separates the protection of the public and the preservation of individuals’ liberty.
The Government’s response has, overall, been welcomed by the Committee. I am reassured by their commitment to carry out reviews of the authorities who have access to surveillance powers and look forward to the new code of practice that was promised. I am concerned, however, that they have rejected several of the Committee’s recommendations intended to prevent abuse of the information held on the national identity register. They have also responded negatively to our recommendations to ensure that privacy impact assessments for new data collection or storage projects are not just tick-box exercises.
I hope that the Government will look again at the Committee’s concern about the lack of control over how CCTV operatives deploy cameras and about the effectiveness of CCTV. The inability of individuals to access camera footage is dealt with in the CCTV code of practice published by the Information Commissioner. I have had several cases in which constituents who have been arrested by the police and wish to prove their innocence have asked those who have the cameras whether a film can be made available, but often they are told that the film is unavailable. In fact, I cannot think of a single case in which film has been made available to allow a constituent to prove their innocence.
There are constantly articles in the media about privacy and surveillance, and that interest further demonstrates the public concern and the passion for the issue. I am delighted that the Government have decided this week to drop their proposal for a Government super-database from the Coroners and Justice Bill. There has been widespread concern about those proposals from many sectors, and those concerns are valid and ought to be taken into account. The Committee would be delighted if the Government had decided to drop that proposal as a result of our excellent report, but I think that they probably realised, having looked at it, that it was totally impractical. The Secretary of State for Justice and Lord Chancellor has said that he will redraft the provisions. I hope that he does not come back with a proposal for an even bigger database or one that will cost even more money, but I will leave that for the Minister to respond to when he comes to talk about the Government’s initiative.
A recent police exercise tried to find out how many CCTV cameras there are in Britain, as no one has figures. The figure I gave at the beginning of the debate is an estimate, as we do not have an absolutely accurate figure, but perhaps the Minister will have that information.
The House of Lords Constitution Committee published its report, “Surveillance: Citizens and the State”, in late January. The Committee was generally more alarmed by the extent of surveillance and the lack of limitations on it than was our Committee, although many of its detailed conclusions echo ours, such as the recommendations to give greater power to the Information Commissioner, remove profiles from the DNA database and commission research on how effective CCTV really is. The figures on the effectiveness of CCTV cause us concern. We are not absolutely enamoured of the information and have not been led to believe that the cameras actually help in the detection of crime, although I think that every Member here today will have had representations from constituents claiming that the only way to stop crime in an area is to put up CCTV cameras. Some even say that we should put up the cameras but not bother to put in the film, because at least that would frighten criminals. I remember the Minister, shortly after he was appointed to his current post, coming to my constituency to deal with that very issue in Humberstone in Leicester, where all the residents gathered around him and said that they wanted cameras put up. Of course, not all crimes are solved by the presence of CCTV cameras. In fact, the use of those cameras in crime detection is quite low.
Finally, I would like to take the opportunity to thank the Minister and fellow Members for attending the debate, and members of the Committee for working extremely hard on the report. I inherited the report six months after it had started. It went on for 12 months and is the longest report that the Committee has undertaken for some time, but it was worth it. Our message for the Government is the importance of retaining the public’s trust when dealing with personal information. The correct balance must be struck between protecting the public, which we all understand, and fighting crime on the one hand and protecting the liberties of the individual on the other. Our real message is this: we have a lot of information and technology, but enough is enough. Let us now pause and consider how best we can use what we have before moving on further and being in danger of creating a surveillance society.
I very much welcome the report, although some of the things that my right hon. Friend the Member for Leicester, East (Keith Vaz) said will lead me to reread some of it. It is easy to talk about balance but difficult to know where that balancing point is—and it can change in a day, depending on events. People’s attitudes on what the limits of the state should be will change dramatically if security is breached and the surveillance created by the state or the private sector proves unequal to the threat and the action. People’s views are not immutable, and they will demand more.
We are all here as democrats and all believe in human rights, transparency in Government, good governance, protection of society, individual liberties and freedom of the press. I start with the point, which not even every Member of the House would agree with, that, frankly, I trust the integrity of my colleagues in the major parties and their willingness to take into account all the factors that lead to key security decisions. I trust them to protect our interests against those within the bureaucracy who might wish—although I doubt it—to use that information inappropriately, and to ensure that a proper line is drawn whereby the citizen has access to the protection of the state to pursue their lives in as free a manner as is humanly, and in governmental terms, possible.
However, there are some nutters out there, and there are Governments composed of whole teams of nutters. Although I am absolutely certain that this is not the case in my constituency, there are those who, if they are not fantasists on the subject, are so dedicated to advocating human rights that they forget that one of the greatest human rights is the right of an individual to walk down to Tesco, or wherever, and come back in one piece.
Human rights can be preserved by actions that might not always fall within the aspirations of or documents produced by Liberty or the Home Affairs Committee. I do not want to be seen as hawkish—I certainly would not put myself in that category—or as demanding that the state do more and more until individual liberties are severely damaged or obliterated, but we must have a sense of reality in this country, and I think that our constituents often have a greater sense of reality than we do.
I have enormous admiration for my right. hon. Friend, leaving aside the question whether it is a human right to go to Tesco. The issue he has raised is about who draws the line: quis custodiet ipsos custodes—who will keep the keeper? Who will keep the keeper and know when the line has been crossed?
My right hon. Friend’s Committee would help to keep the line, but there are others. Almost the first sentence of my speech was that I trust my parliamentary colleagues who will be or are in executive positions. They will not suddenly metamorphose into Genghis Khan—at least, most of them will not—on assuming office. I might be naive, but I have been around for a long time and I believe in their judgment, although I do not always agree with it, on the preservation of human rights and the desire to protect our citizens. I have no anxieties whatever.
Perhaps the hon. Gentleman’s shopping aspirations are higher than Tesco, but the point is made. Anyone going into Tesco—I do not do so on a daily basis, I must add—is subject to surveillance, because the company has a duty of care to its customers as well as a legal liability: if somebody goes in armed with a machine gun and 50 shoppers are killed, it will have a devastating effect on sales.
The point is that going about one’s normal business cannot proceed in a society under a degree of threat without some intrusion into what can be seen as the pure freedom to choose exactly what to do. There is conflict and we must recognise that. It does not take a genius to work it out that there is an enormous threat to our national security from those who wish to do us harm. Terrorists now have access to weapons that are far more devastating than those their fathers or grandfathers might have had 20 or 30 years ago. Whole shops, areas and towns could be obliterated.
We are also aware of the growth of crime whereby what might otherwise be perfectly legitimate models of behaviour and legitimate non-intrusive equipment can be turned against society as a whole. Money can disappear. Terrorists can pass information among themselves. People find it difficult to go out now or to fly because of perceived threats, whether real or imagined. Given all that, although we are not in a Hobbesian state of nature, few people can argue that we should have licence to do what we wish.
The report states clearly—this deserves to be repeated—that we are not living in a surveillance society by its use of a question mark after the words “surveillance society” in the title. I agree that we must be certain that the Government do not go too far in reducing liberties, but we must also be certain that they go far enough in protecting us, even if that involves further intrusion into our lives authorised by Ministers, judges and those who are there to impose limitations on the action of the Government or the intelligence services.
No Government will feel happy at being shown to have erred too far in the direction of liberty and too little in the direction of security and the defence of our human right to exist. Globalisation has made our position much more difficult. It requires the skills of the intelligence services, the Government, the police, the private sector and all those engaged in security and protection to ensure that they can do their job. However, the balance that must be struck is almost impossible to determine. It is constantly shifting.
Anyone with a sense of history can see how Governments have used the technology at their disposal, which has not been much, to intrude on people’s lives for right or wrong. A totalitarian Government would not have been possible 75 years ago, because the technology did not exist to permit total control over a population, although Stalin perhaps went the farthest in the mid-1930s. Now, however, the technology exists for total control and there are Governments who not only wish to have total control over their own societies, but might be sufficiently expansionist to wish for total control over countries that have not the slightest desire to fall under their influence.
Finding the median position is difficult, and we rely on the Government to find it. Is it halfway between totalitarianism and licence? I have no idea, but hon. Members know the area in which I am trespassing. The Government have shown their weaknesses in protecting our information and theirs, and there have been some spectacular lapses. I hope that the lessons are being learned from such information loss, which resulted from incompetence and lack of training—not just among those in the public service, but among those hired by it.
I want to focus not only on the role of the state in protecting society, but on the role of the private sector. I will not make a speech on the private security industry, although I could. The Minister is well versed in those issues, as he has been exposed to them endlessly over the past few years. I am sure that any hope he might have to move himself away from the Home Office has to do with that perpetual set of missives. However, he knows clearly that although co-operation between the public and private sectors would have been anathema 10 years ago, when the private sector was totally unregulated and often incompetent and untrustworthy, with the passage of legislation—imperfect though it is, and in need of strengthening and enlargement—it is as certain as is possible that those parts of the private sector subject to regulation are functioning effectively and can be relied on, if required, to work with the Government to assist in national disasters, to hunt criminals, to protect cash in transit vehicles and so on. That has come about. Private sector companies have a role to play, and it is important for the Minister and all the Government.
I should have said, by way of minor criticism of the Home Affairs Committee report, that its terms of reference confined it largely to the work of the Home Office. The Home Office has no monopoly on protecting society, so I hope that my right hon. Friend can persuade other departmental Committees to do a little inquiry, or a big inquiry, on what is happening within their remit, because the full picture can be important.
The security industry has potential for mischief, which is why properly administered regulation is important. It is no longer Fred the night watchman who is involved; the people who work in the industry are professionals. They are not just ex-policemen; they are people who have grown up in security and have expertise of the highest order. There is scarcely a function undertaken by the police that could not be or is not undertaken, pretty effectively, by the private sector somewhere in the world.
It is important that legislation be strengthened, but in several areas where it operates I am reasonably happy. For public space surveillance, or CCTV, a licence is required. There are two types of licence, and at £245 for three years they are good value for money. There are front-line and non-front-line licences. The issue is important.
However, the failures of the system—even the current one—are obvious. CCTV is meant to be almost the interface between the state and society, although I am not sure that I have 300 cameras following me around my constituency. Some of our colleagues would require only one, which could be turned off for much of the time, so my right hon. Friend the Member for Leicester, East must be very busy trawling the streets of Leicester and London if he is being picked up by 300 cameras—I hope that all the footage is not being viewed. However, he has made a valid point.
Most people are quite happy to be monitored. I am not particularly photogenic, but I do not mind walking through a barrage of 300 cameras, because I know that I am safer as a result of that mass coverage.
There should be more effective cameras, which has been clearly demonstrated in my right hon. Friend’s report and in every other report. As we all know, a camera eventually played a big part in identifying the killers of Jamie Bulger. Everyone who watches “Crimewatch” knows how many cases have been solved because of good cameras.
However, too many of the cameras around are imperfect and they will now be swept aside by new technology. If we are to rely more and more on CCTV—it is not an alternative to policing, but a remarkable supplement—the cameras have to be adequate. When we watch footage on television programmes, we can barely see a person’s outline, let alone who they are. The cameras therefore have to be up to standard, and the persons who operate them must work for only a certain number of hours and be properly trained, remunerated and supervised. There is a whole series of factors. One suspects that there have been improvements, but it is up to the Minister and his colleagues to ensure that standards are adhered to, because I am not certain that they have been in every case.
In those circumstances, I do not mind if we require more cameras and more good cameras. If we are caught by a camera on the M6, as some people have been, we get mad as hell, but that is probably because we have been speeding, which is against the law. We do not like it when it happens to us, and some people may not like exposure to cameras, but I would have thought that law-abiding people had no anxieties about their images and the images of those who might seek to do damage to them being recorded.
I went to an airport in northern Europe, which had incredible equipment, but there was just one person monitoring 35 cameras. When he went out—I nearly said when we went out—to answer the call of nature, nobody was monitoring the cameras in that major airport. It is therefore critical that there be enough of a relationship between the personnel and the number of cameras.
On the right hon. Gentleman’s penultimate point about the attitude of law-abiding citizens, does he agree that citizens who are going about their business and not breaking the law in any way might nevertheless fear for their privacy, because they do not intend their whereabouts at any particular point to be a matter for public record? In saying that, I do not disagree with him. CCTV cameras serve an important purpose, but citizens’ concerns about their privacy may relate to more than just whether they are being law-abiding.
I understand the arguments. I would not say that I discount them, but I do not share them. If people go out into a town centre, they need to feel secure, which is more likely if there are more policemen on duty, although whether that has an effect is a point for discussion. However, if there are no policemen, the police will have access to effective cameras.
A few months ago, I had a situation in my constituency, which I have not yet resolved. Two security guards left their post in the establishment where they worked because they were told that a guy was running around with knives. These two security guys—I bet that they were not on much more than the minimum wage—took on this guy unarmed and brought him to the ground, but one of them was stabbed. I want to propose an award for them and I am asking the police whether they will allow me access to the CCTV footage, because there was a camera there. Perhaps that will be prohibited because the incident was none of my direct business, but I suspect that the footage still exists.
What happens if people throw away their CCTV film after a week because they cannot afford the storage, but the police detect a case three months later, thinking that they are on the ball? Perhaps new technology will address that problem. However, my views and those of the hon. Lady are not totally opposed—I am on one side of the line, and she is on the other.
Still on the subject of CCTV, does the right hon. Gentleman acknowledge that paragraph 27 on page 103 of our report highlights the need for the Government to do further research to establish whether its intended effect of preventing crime is being achieved? As taxpayers, we and our constituents want to know that the money being spent on CCTV rather than on more police is being invested effectively.
Absolutely. I applaud the large section of the Committee’s report that deals with CCTV, because I had reached the same conclusions some time previously—I take a big interest in private security. However, I hope that any inquiry would look not just at the effectiveness of police-owned or municipally-owned CCTV, but at the importance and effectiveness of CCTV in the private sector, because the private sector will be far and away the largest purchaser and operator of CCTV.
CCTV is not a panacea and it has to be seen in conjunction with other forms of protection. Frankly, anyone who relies completely on cameras is barking, but I dissent from the idea that my freedom will somehow be impinged on because I am on television so frequently. Avoiding television is not something for which Members of Parliament are renowned, and my right hon. Friend the Member for Leicester, East got on television 300 times—he is not here now, so he is perhaps perambulating around Westminster, which means that he will be on at least 20 cameras.
My last point is that the Security Industry Authority has not got around to including important sectors such as private investigators—it is still agonising. We have the Private Security Industry Act 2001, but it is now 2009, and the SIA and the Government have not got around to regulating investigators. The security commissioner has a pretty strong view on private investigators. A minority of them are almost the lowest form of pond life, and they should be struck off and removed from their so-called profession.
I have no financial interest whatever in the security industry, but I have monitored it. It is wrong to think that we can expunge the private security profession from our consciousness or nobble it with restrictions. A view is gradually emerging—the Minister will obviously take an interest in this—that we should see what can be done about private investigation. These people are not all Eddie Gumshoes; some are operating at the top end of the market. They are hired by the police and big business to do inquiries that the police cannot or will not do, or which they do not have the expertise to do.
My plea to the Minister is that when regulation is proposed it should be imposed sensibly, because if it is not that could be seriously damaging to society.
I do not want to mislead my right hon. Friend, but we are considering the question of regulation of a range of categories of the private security industry in its broadest sense, including those he has mentioned such as private investigators. Bailiffs are another category, and wheel clampers another. All such categories are being considered by the Home Office, to see whether we can take matters forward. I hope that that reassures him a little.
I am delighted and wish I had realised, as I would have offered to give evidence. I gave evidence to the Committee prior to my right hon. Friend’s chairmanship, when it took an interest, rather belatedly, in the question of regulating private security. The report was of fundamental importance in bringing the Government to the table to deal with the security industry.
When I was writing my book on private security, I agonised about how to define private investigators. I got down to about 29 branches of private investigation and then gave up, thinking I had provided enough evidence of its diversity. However, the Minister knows that the sector encompasses the top and bottom ends of the market. I speak not as a consultant, but as someone who just takes an interest. It is vital that what is bad in the sector be prevented. What can happen is that when the legitimate industry is prevented from doing something, it subcontracts to the bottom end of the market, which is only too pleased to investigate and to be unlicensed. That is the most sensitive and complicated of all the relevant areas.
I am sorry that I have gone on too long. I generally agree with the report and congratulate the Committee, and I have read the Government’s response and that of the Information Commissioner. The report takes the argument forward, and is sensible and sane, although I think that the Chairman will agree that there will be variation in where on the line the Government or Back-Bench MPs settle.
We have core support for the principles enshrined in the document. I have said clearly and honestly—some will disagree with me profoundly—that there is a limit to what I would be prepared to accept from Government by way of surveillance, but I am aware, as we all must be, of the dangerous world in which we live. Therefore, hoping to go back to some romantic period in the ’60s or the 1920s—hardly romantic—is fantasy.
We must be cognisant of the fact that the crooks are smarter than the cops in many countries and that unless our society can combat the multiplicity of threats and risks to which our nation is exposed, civil liberties will diminish. We must recognise that a balance must be struck, wherever it is. I do not think that we have yet found that place.
It has been a pleasure to serve on the Select Committee, particularly on the inquiry on a surveillance society. It is a very topical inquiry, and the work has been very detailed, with evidence taken from many different sources. I want briefly to set out some of the ways in which we are currently being watched or catalogued, or in which our personal data are being captured. I do not suggest that all the things I am about to mention are things to be concerned about—some of them are not—but some of them may be.
We have already heard about the 4 million or more CCTV cameras—one for every 14 people, apparently—and that people make 300 CCTV appearances a day in London. There are registration plate recognition cameras and mobile phone triangulation, which allows firms—or the police, when necessary—to work out where people are. Store loyalty cards are of huge value politically, in that we all rely on the data that they provide to fill our canvassing gaps. I imagine that all political parties use data from loyalty cards to help us to identify our supporters. In addition, there are credit card transactions, the London Oyster card, the electoral roll, NHS patient records, personal video recorders, phone tapping, hidden cameras, worker call monitoring, mobile phone cameras and internet cookies. I could go on and on. The list is getting longer almost daily.
The Government are clearly not directly responsible for all those examples of either a growing surveillance society or a society that is very much data-driven. However, they must take responsibility for curtailing the intrusion into our privacy that, increasingly, is being made from public sector and, potentially, private sector projects. We know that the Select Committee report and the Information Commissioner support the view that the Government should move to curb the drive to collect more personal information and establish larger databases.
Perhaps I should respond now to the point that the Minister made in a Delegated Legislation Committee a couple of days ago, when he expressed surprise that a Liberal Democrat supports the concept of databases. I should perhaps have declared an interest; having worked in the computer industry for 13 years before I was elected, I am not unfamiliar with databases. I was responsible for constructing many a large database. It is not the database that is the issue, but access to the data and the security of and controls over that data.
I accept to an extent the hon. Gentleman’s point that it is not just the retention of data that matters, but access to them. If he reads Hansard, he will see that I was making the point that although he was going to vote against the EU data retention directive, he asked me whether that directive included such things as Facebook, MySpace and Bebo, and when I said that it did not, he expressed surprise. In turn, I expressed surprise that he was going to vote against the directive but was almost criticising me for not including such things, which would have resulted in a much bigger database.
I suspect Sir John, that you would not allow us to go too far down the route of repeating the debate of a couple of days ago. However, the issue was the same then as today—control. If Facebook or Bebo are being used as, I suggest, there is evidence to show they are being used, there may be a case for retaining the data. However, it is a question of the controls that are imposed, who has access, and retention. They are the issues that need to be dealt with.
Hon. Members will be familiar with the human rights group Privacy International, which in 2006 produced a report that stated that Britain is the worst western democracy at protecting individual privacy. The two worst countries out of the total in the 36-nation survey were Malaysia and China, but Britain was in the bottom five, with, according to Privacy International, “endemic surveillance”. It listed several areas of concern, including “World leading surveillance schemes” and
“Lack of accountability and data breach disclosure law”.
The list specified that the commissioner has relatively few powers, and mentioned data retention, which we have talked about, as having made great steps forward without the required controls necessarily being in place. It also mentioned the identity card scheme with biometric data and—the subject of much debate a couple of days ago—the use by local authorities and other organisations of the Regulation of Investigatory Powers Act 2000, in a way that was, I believe, never intended, to track people just to identify whether they live where they claim to in relation to securing school places.
Privacy International clearly has strong reservations, as does the Select Committee, about the way in which the Government are dealing with those data, privacy and surveillance issues. When the Select Committee published its report, the then Home Office Minister, now the Minister for Employment and Welfare Reform, the right hon. Member for Harrow, East (Mr. McNulty), stated that the Government were listening and were tackling or reviewing the issues that the report raised. He said that they were taking those matters very seriously. I hope that in the time that the Government have had to consider the report, they have acted on some of the things that they said they would do.
On storing, sharing and securing data, the Select Committee report stated:
“The Home Office should work with the Information Commissioner to raise public awareness of how the Home Office collects, stores, shares and uses personal information.”
We know from the Government’s response that they have taken some action. To see what action they have taken, people should go to the published information charter, for which a website address is given in their response. I hope that the Minister will tell us that a little more action than that has been taken, because I imagine that my constituents who have just received letters about ContactPoint would not necessarily know that they should go to that website to find out how their data will be handled. I suspect that, with the exception of me, probably nobody in my constituency knows that they should look at that website to see how the Government are dealing with that issue and raising public awareness of how data are handled. I hope that the Minister will reel off a substantial list of further actions that have been taken since that issue was raised.
The Select Committee report also said:
“The Home Office should publish a report on an audit of the data collections managed by the Department and its agencies, outlining as far as possible without compromising security the technological and procedural safeguards currently in place.”
We know from the Government’s response that they are addressing that issue, or at least that the Home Office has noted the Committee’s recommendation. The Government’s response goes on to say that work is under way, which will take some time to be completed, and that
“then consideration will be given to which elements it would be possible to publish.”
I want the Minister to tell us how much progress has been made on that and whether anything is in the public domain already. If the Government are considering different types of data collection, how many of those audits have been completed, how many are under way, and when will a full list of them be published so that people can consider them?
The Select Committee has previously inquired into identity cards, which I cannot fail to mention, because that scheme is the greatest example of curtailment of our freedoms. The right hon. Member for Walsall, South (Mr. George) might disagree with me on this issue, but I have concerns about the Tesco trip that he was talking about. Clearly, it must be a priority to ensure that our citizens our safe—that is a given—but many people are concerned that they should be allowed to make that trip to Tesco without being required to produce an identity card. It is no business of anyone else’s what they do when they go about their daily business, if all they are doing is going to Tesco to buy a pint of milk. They should be allowed to do that without someone stopping them in the street, particularly if they are from a black or minority ethnic community, because they are much more likely to be stopped if the controls are very tight.
Such a system would significantly curtail our rights, and it would carry all the associated risks that come with Government IT projects, such as overrunning and the significant risk of data breaches. Also, it would be an ongoing consideration for every citizen that they must provide information to ensure that the register, and therefore their identity card, does not go out of date, leaving them subject to challenge when they enter or leave the country. My experience of France in the 1970s was that the police did not stop people like me when they did their controls in the underground system. Instead, they stopped Algerians, Tunisians and others whom they could clearly identify as being of a different colour. That is a real risk.
We had much discussion about the Regulation of Investigatory Powers Act 2000 a few days ago, which I do not want to go over again. However, the Select Committee raised that issue in its report, highlighting concerns that we need to raise public awareness of how and why communications data might be collected and used. We need much tighter controls on how those data are accessed, how the matter is governed by RIPA, and how various bodies may access data under the guise of RIPA.
Even accepting that some of the data losses of the past year or so were mistakes for which nobody was culpable, does the hon. Gentleman share my concern that, despite that spate of losses, we have not had a firm set of rules from the Government covering how data should be controlled and managed? We need rules on the level of seniority of civil servants who can access such data and on how those data may be sent from one organisation to another. Government Departments still seem to see those losses in isolation, with one Department blaming another for what happened. Our Committee was very concerned that there should be one, firm set of rules for the whole of Government.
I agree entirely, and I thank the right hon. Gentleman for that intervention. We need to have clear safeguards and safety measures in place, but we do not have them. We do, however, have further extensions to databases, such as e-Borders, being rolled out. That is a genuine concern.
DNA retention has been mentioned. We have the largest DNA database in the world—it is far larger than the US’s. There are 1 million people on the database for whom there is no record on the police national computer, and 1 million who were children when they were added. It should be a source of concern that 140,000 people will have their DNA stored for life despite never having been charged with, let alone convicted of, any crime. As the right hon. Member for Leicester, East (Keith Vaz) has said, the Government have only two choices: either no one who is innocent is on the database, or there should be a system like the Polish system of giving all citizens a unique identifier, in which the Government capture DNA from everyone, at birth, so that we are all in the same boat. Having a substantial number of innocent people on the DNA database for an indeterminate length of time is unacceptable. The Government have to address that, and they have to choose where they stand.
Will the hon. Gentleman clarify that point please? I usually understand what he means, but I am not quite sure what he just said. I understand his point that one can argue for a universal database, but I am not clear on his alternative. Is he saying that people should be on the DNA database only if they have been convicted, or if they have been charged? I know his position with respect to arrest, but I am not sure whether he means that they should be on the database when they have been charged or convicted.
I thank the Minister for giving me the opportunity to clarify my position. This picks up the point that the right hon. Member for Leicester, East made about someone whose DNA has been retained on the database in spite of their many requests for its removal and the fact that they are innocent of any crime. I am not saying that people should not go on there, but there should be a clear process to ensure that the DNA of innocent people is removed from the database within a defined period.
May I press the hon. Gentleman on this point? Is he saying that the DNA should go on following arrest, charge or conviction? Actually, I know that he accepts it should go on after conviction, but I do not understand his position regarding arrest and charge. What is he saying?
I am saying that there needs to be a point at which DNA is removed from the database. That is the critical issue. I shall caveat this point slightly by saying that there may be people who have committed serious violent or sexual crimes whom we might want to keep on the database for a period of time, if they are charged but not found guilty. They would be the one exception. Ultimately, we must have clarity from the Government—and possibly from me as well—on what happens to someone’s DNA when they are clearly not involved with a crime. In the example of the one-year-old baby, there is clearly no justification for keeping their DNA on the database—unless the baby was being investigated for the theft of a rusk.
There is nothing wrong with DNA going on the database on arrest, because at that point we do not know whether somebody is going to be subsequently convicted. The point is, if somebody is innocent and is not convicted of a criminal offence, there ought to be a robust process whereby people can write in, get an answer so they know why DNA is being retained, and be told yes or no. If the answer is, “Yes, we’re going to keep it on the database,” the reason why should be given. The issue is that the process does not exist.
I thank the right hon. Gentleman for providing the clarity that I was perhaps not providing myself. Clearly, in relation to the example of the baby, I am sure that all hon. Members agree that the DNA should be removed.
Other hon. Members have talked at length about CCTV, and we need to acknowledge that there might need to be a better level of control or regulation. However, there also needs to be an assessment of whether CCTV is as effective as people assume, because the evidence is uncertain and, during the Committee inquiry, some of our witnesses made it clear that they were also struggling to find the necessary evidence to demonstrate that it is as effective as hon. Members—possibly myself included—think that it is.
I am not responding out of reciprocation. I would like the hon. Gentleman to return to a point he made earlier—he was too quick for me. I am not trying to dramatise the matter, but perhaps somebody should calculate how many people who have committed a murder or a serious crime can bask in the security of the knowledge that there will be no DNA evidence to convict them because it might have been destroyed. I am not trying to accuse the hon. Gentleman of anything; I am sure that he knows I am seeking to make a genuine point. When do we put individual liberty above justice and people’s survival?
The second issue is whether there is a median point between everybody or nobody having their DNA recorded. There could well be a large number of people who would voluntarily submit themselves for inclusion, and if there were a media campaign for people to do that, it would put enormous pressure on others. The hon. Gentleman suggested that there was a stark choice between one side of the argument or the other, but I feel that there are some shades of difference between those points of view.
I thank the right hon. Gentleman for that intervention. He is right to highlight that the issue is perhaps not totally black and white and that there is some grey in between. He is right to ask how many people might have been saved if the relevant DNA had been retained on the database, but one could also ask how many more people would have been saved if the money had been spent on other measures.
The right hon. Gentleman has reminded me of an interesting and sad case in my constituency where a mother’s daughter was murdered and the police requested local men to come forward and give their DNA—I am pleased to say that many local men did so. Again, once those men were eliminated from the police inquiries, they should have had the right to have their DNA removed, if that is what they chose to do. However, if people voluntarily choose to leave their DNA on the database, I am not going to argue against allowing it to remain there.
I shall now mention the child database, ContactPoint, to which I referred earlier. At home, we have just received the letter informing us that, through that system, information will be kept on computer. We clearly called for that system to be scrapped. Perhaps the Minister will accuse me of being against a massive database in relation to that issue, but I am not against massive databases when it comes to child benefits, tax credits or housing benefit, because that is how they work. However, ContactPoint is a massive database that is likely to present a risk, which I think the Government have acknowledged. As with any other database, there can be no guarantees that security is watertight and that at no point in the future will people whom we do not want to access the database be able to do so in a way that could put children at risk.
I shall finish by mentioning some new concerns—I would not say that they were threats necessarily. In the past couple of weeks, Google has launched a couple of services, one of which is Google Latitude. The service is enabled through people’s phones and allows their friends to track where they are on a Google map. I have no problem with a voluntary arrangement whereby people choose to let their friends know where they are. However, there seems to be the potential for people to use the technology in such a way that the owner of the phone does not necessarily know that the service has been enabled. We tested the technology on my phone and, after a certain number of days, a text message is sent to the phone to tell people that the service has been enabled. However, I do not know whether that happens for every device of that kind.
In the past couple of days, Google has launched another application called Street View, through which people can look at different streets in different cities around the country. The technology is moving so fast that my concern is whether the Government, the Information Commissioner and everyone else who needs to be involved can get ahead of the technological curve, or whether they will always be trying to catch up with technology that is continually pushing at the barriers and putting such images into the public domain. Interestingly, the police were asked about Street View, and they said that it was useful, because it would help to cut crime. I am not sure whether that suggests that there will be a working relationship between the police and Google Street View to ensure that those images are shared. If so, I would be interested to know what the data protection issues are and what dialogue took place before that application was made live—it is now live. Will the Minister say precisely what is happening in terms of all those technological developments and what the discussion process is before applications that potentially threaten our privacy are released by commercial companies?
I am afraid that I have lost track of how much time I have left—okay, I have seen how long I have been speaking, and it is probably time for me to finish. The last thing that I want to mention is e-Borders. An alarming article in The Daily Telegraph, to which I hope the Minister will respond, stated:
“By the end of the year 60 per cent. of journeys made out of Britain will be affected with 95 per cent. of people leaving the country being subject to the plans”—
the e-Borders programme—
The Minister will know that we support the e-Borders programme in relation to exit controls, because we need to know who is leaving the country so that we can ensure that, for example, the UK Border Agency knows when asylum seekers have left the country and does not continue to investigate the cases. However, the extent of the details that will be held on the system is concerning— travel plans, addresses, credit card details. In addition, notification is required 24 hours in advance and there is the potential to be fined if that information is not supplied. I hope that the Minister will say that the scale of what is being suggested is not what the Government are truly planning.
I had better finish, Sir John. I just want to say that Liberal Democrats have real concerns about the surveillance society and the privacy issues that the report has highlighted. We have issued our freedom Bill, which sets out how we would respond to things such as ID cards, RIPA, DNA retention and the children’s database. We are at risk of sleepwalking into a surveillance society, and the Minister needs to wake up before the threat becomes reality.
I wish to continue the theme that the hon. Member for Carshalton and Wallington (Tom Brake) ended on. The phrase “sleepwalking into a surveillance society” is precisely the one that the Information Commissioner, Richard Thomas, used. He subsequently questioned whether we had actually woken up in one. Perhaps those questions were in the minds of members of the Home Affairs Committee, on which the hon. Gentleman and the right hon. Member for Leicester, East (Keith Vaz) sit. The questions about the kind of society that we live in and whether it is a surveillance society predated the right hon. Gentleman’s chairmanship of the Committee.
This debate is important. I welcome the publication of the Select Committee’s report and this opportunity to discuss issues that are fundamental to the Government, the citizen and society: what kind of country we want to live in, and how we achieve a balance.
The right hon. Member for Walsall, South (Mr. George) said that he was wrestling with the issues. He would rely on a benevolent state to get the answers right, but I would not want simply to rely on the benevolence of any one individual, party or Government. It is important to get the regulatory and legal framework right. There must be checks and balances through the judiciary and the courts to ensure that fundamental safeguards exist so that, at a time of crisis, arguments cannot be deployed that are later difficult to unwind. Otherwise, fundamental principles and beliefs, and the characteristics that define our country, could be eroded. Once lost, they would be difficult to reassert and re-establish. That is why the report and the issues that it touches on are essential, and why it is important that we engage in this debate this afternoon.
There is little doubt in my mind or, I am sure, in the minds of many other hon. Members, that technological advancements in electronic communications and information technology, and other scientific advancement in areas such as DNA, can offer huge benefits to society. This is not simply some argument pitting the technophobes against the technophiles, or the technology luddites against the technology sophisticates. These are difficult issues that we must address. We must weigh up the overall benefits against the impact that the growth, speed and pace of change may have on all of us.
One of the fundamental reasons why this debate is important is that people have not had much chance to stop and think about the changes—they have simply happened. Yes, they have been incremental, but the pace of change has been fast and steady. No one has been taking stock, examining or thinking whether we are going where we want to go. It is almost as if we are on a journey from A to Z. We are now at Q and asking whether Z was where we started off wanting to go. Was it the intended end point?
That is why, in the context of all the different facets and issues, it is right and proper that this House, the Government and the Opposition examine the issues carefully. Some of the decisions and choices that we make now will set out a road map that it will be difficult to depart from in the future.
I congratulate the hon. Gentleman on the eloquent way in which he began his speech. At some stage, there obviously will be a general election, and if—I use the word “if”—the hon. Gentleman’s party were successful, he would be the policing Minister and responsible for these issues. Is he giving the House an assurance that, should the Conservatives get into government, there would be no further extension of data collection until there had been a suitable pause to consider whether the data that we have at present are sufficient?
I hope that the right hon. Gentleman will see from my comments, the policies that will be announced and the other statements that will be made in the coming weeks and months that my party takes these matters extremely seriously. We recognise the fundamental challenges that I have alluded to and the need to set out clearly our thoughts, positions and approaches. It would be difficult and churlish of me to say yes or no in the broader sense, because we need to examine and analyse each of the different facets and issues extraordinarily carefully. There are competing arguments about each of them. Therefore, I do not think that simply taking a blanket approach, as the right hon. Gentleman suggests, would be responsible or appropriate. I hope that my comments will allow him to see some of the direction of travel, approaches and thoughts that my party has on some of these essential issues.
The hon. Gentleman made an interesting point about some of the techniques that are being established. People suddenly wake up one morning to find that their house can be searched for on something like Street View, which they did not even know about. Equally, they do not know that there is a facility to have their house removed from such searches. From my discussions with Google, which has been very clear about this, that kind of picture can be removed if someone is concerned about privacy issues.
The issue extends further than that: for example, to social networking sites. Our debate about the surveillance society is dominated by discussion about the Government. However, we must look at what is happening in not only the commercial sector but in people’s interaction with each other. What are the social mores and norms? Is it right and proper to post a video on YouTube of someone one has never met and does not know? What are the take-down procedures, and who makes such decisions? Those are delicate and difficult challenges that this House must address quickly.
I do not intend this afternoon to set out a manifesto on specifically how those issues should be dealt with, because they require careful consideration, as does defining what we are trying to do.
Order. I would be grateful if the hon. Gentleman did not proceed down that line, because it is not within the terms of reference of this debate. Nor are future policy statements from any of the political parties represented here part of this debate. We are debating the Select Committee report.
Unintentionally, I am sure, but our discussion of this report on the surveillance society has highlighted that surveillance can extend in many different directions. At this stage, we may not have fully accepted, acknowledged or followed through on some of those. I hope that you will accept, Sir John, that the argument, although it strayed a bit far, gave the sense that this is a broad debate and that this afternoon we may be looking at only one part of it.
Information sharing can be hugely beneficial to people. When debating issues around privacy and surveillance, it is important to discuss the benefits that information sharing and data retention can have, as well as the ways in which they can prove to be intrusive. I am sure that the Minister will rightly use the example of the Soham murder inquiry, in which major deficiencies were found in how the police shared information. Several improvements were made to the way in which our law enforcement bodies share information and communicate with each other as a consequence of, we hope, some of the lessons that were learned. However, the question is whether there is then a drift—a further extension that may not achieve the appropriate end results or focus on the purpose for which the initiatives were established. Their extent, scope and purpose characterise the debate, and we very much welcome the opportunity to debate them this afternoon.
The challenge is due to the fact that the pace of change in technology has not been mirrored by the pace of change in public attitudes and debate or, indeed, in the legislative and regulatory framework to govern this highly sensitive area of life. There has been incremental change, but the import and significance of such steady change has been recognised or understood only comparatively recently. There has not been a chance to question whether we want or need such a society.
The debate should not simply be framed in terms of the activities of the Government. It is not only the state that can be over-zealous in its surveillance or data-retention activities; private companies that capture data or information about customers for marketing or other purposes, for example, can overreach themselves or cause significant harm if such information is not secured safely or disposed of effectively. In that context, it is important to recognise the work of the Information Commissioner, Richard Thomas. There is little doubt about his contribution to advancing what is an essential debate, or about his continued work in clamping down on issues about information security and an individual’s right to privacy, and in allowing the debate to take place and to further the issues.
The question is about how the Government respond to the debate, and about the wider context of government: the way in which they deliver services in the digital age, and store, retain and share information on all of us. The Committee rightly fastened on to the crux of the argument when it said that
“the Government should adopt a principle of data minimisation. It should collect only what is essential, to be stored only for as long as is necessary.”
Notwithstanding the Government’s statement on openness and their proposals to create an “ask only for what we need” charter for Departments, the current orthodoxy is, I am sorry to say, based on the concept of “need to know”: the Government need to know everything and retain as much information as they possibly can for the more effective provision of welfare, health, education, security and all the other facets of public sector activity; and the state needs to have the ownership rights over that information to do with it what it judges appropriate.
That mindset underpins the national identity card, the interception modernisation programme, the NHS records database and the controversial proposals, debated in Parliament this week, to permit Departments to share such information that they hold with whomever they think fit. I welcome the fact that the Justice Secretary has determined to shy away from those proposals, but that very orthodoxy contains huge dangers and needs, as the Committee’s report rightly highlights, challenging and rethinking in the strongest terms—not just on civil liberties grounds, which are important enough in themselves, but on the ground that the orthodoxy puts us all at greater risk.
The creation of ever bigger stand-alone databases, with their concentration of comprehensive personal data in one place, actively establishes a system that is valuable, vulnerable and attractive to attack. That risk is magnified if data sharing is adopted haphazardly and without consideration of the potential weakest link in the data-sharing chain. The more data that are collected and stored in one place, the bigger the challenges in keeping them safe. We have already seen the risks, as other hon. Members have noted this afternoon. In the past year, information on 30 million people has been lost, and public officials are being sacked or disciplined for data protection or data security breaches at the rate of one every working day.
That is why the Conservative party said that it would create an offence of reckless handling of personal data by the Government, potentially making it an offence for a Crown servant or Government contractor to lose personal data under their control. Unless we rethink and re-engineer the centralised model, we will create huge problems for ourselves in the years ahead. What happens when the information is no longer useful or appropriate? Will the systems that are intended for the information be resilient in 10, 20 or 30 years’ time? How do we safely dispose of sensitive information once we have it?
I was rather amused by a recent article in the consumer magazine Which? on the best way to ensure that sensitive information on one’s computer is safely deleted. Apparently, its advice is that the only foolproof, guaranteed way to ensure that one’s personal data cannot be accessed by anyone else when disposing of one’s PC is to get a large hammer and bash one’s hard drive until it has been smashed into little bits. It is a cautionary parable. Are we really thinking far enough ahead about the implications of our decisions about our data systems? Clearly, there will not be a big enough hammer to take to some systems that we are creating. I am concerned about whether the Government—not necessarily just the Home Office—are thinking the matter through. I liken the current approach to the digital equivalent of digging a bigger and bigger hole and filling it with potentially toxic material without proper consideration of long-term containment, the significant damage caused by leaks and how long the material will need to sit there before it becomes benign. What seems like an asset risks turning into a big long-term liability, and the problem will not be confined to the public sector. The structural solution to the challenge of rethinking the architecture of our IT systems will not be found by the arms of the state or by the private sector acting in isolation.
We also need to think more carefully about the purpose, scope and extent of data sharing. Let me be clear: I am not opposed to data sharing in principle; indeed, I believe that data sharing can be essential for providing greater public protection. However, it must be specific, not general, and its purpose must be clearly defined, with data security and data protection at the forefront. That is why I welcome the Government’s retreat this week from seeking blanket data-sharing powers based on ministerial edict. I hope that they will similarly retreat from policies on the retention of DNA data by ministerial order, because that is equally unacceptable.
The Government have been expanding the DNA database that records the DNA of anyone arrested in England and Wales, regardless of whether they are acquitted or found guilty. The data are recorded indefinitely, and they will be removed only in exceptional circumstances. Indeed, hon. Members will know that only a small number of people have managed to have their data removed from the DNA database by demonstrating exceptional circumstances to chief constables. We agree that the use of DNA samples can be an important evidential tool in prosecuting and bringing crimes to justice. We are all aware of circumstances in which DNA data have formed an important part of the case to prove guilt or, indeed, innocence, thus ensuring that serious criminals have been put behind bars, where they belong.
The fight against crime, particularly organised crime and terrorism, depends on the use of modern scientific techniques of investigation and identification. However, the status of DNA needs to be considered carefully, because, as the European Court of Human Rights has noted:
“The retention of cellular samples is particularly intrusive given the wealth of genetic and health information contained therein.”
The use of that technology must strike the right balance between the promotion of public interest and public safety and the protection of important private-life interests.
The UK’s DNA database is proportionately the largest in the world, accounting for about 7 per cent. of the UK population. The Government argue that this country can claim a pioneering role in the utilisation of DNA technology, but, in doing so, they bear a special responsibility to ensure that they strike the right balance regarding what is permissible, given the potential interference in private life. That is why last December’s European Court of Human Rights judgment regarding S. and Marper was so fundamental. The Court was scathing in its criticism of the current approach of indefinite retention regardless of guilt or innocence, and it dealt with the structure—the fundamental protections and reviews; it did not say that the issue could be dealt with case by case, as the Government’s initial comments seemed to suggest.
What I am saying will not be unfamiliar to the Minister. We have debated these issues before. I am asking the Government to rethink responding to the Court judgment with an order-making power that does not require full parliamentary scrutiny. They said that they want an open debate on this subject. Let them rise to that challenge, rather than push this issue out of view with a vague promise to publish a forensics White Paper by the summer.
The hon. Gentleman is right that this is a fundamental issue that must be addressed. In the meantime, there must be a process for dealing with such cases. People should be able to write to a chief constable and receive a detailed response. The policing Minister is present. He or the Home Secretary could write to the 42 chief constables to remind them of their responsibilities. When people write in, they should write back with an explanation.
The right hon. Gentleman has made an important point. When my colleagues in the other place debated the counter-terrorism DNA database during the passage of the Counter-Terrorism Act 2008, they made exactly that point. They tabled an amendment to ensure that people could find out what information was held on them on such databases. It is important to establish what information is there and to be clear about how to challenge that. There must be a process to ensure that arguments can be raised on the removal of such information if appropriate.
Today’s debate is timely. The Government have informed the Committee of Ministers of their intention to consult and of their compliance to date with the judgment in respect of the relevant samples of S and Marper, as well as the payment of their costs and expenses. That information was considered by the Committee of Ministers today. Can the Minister say anything about the outcome of that meeting? Given this opportunity, will he update us on the Government’s progress in removing the DNA of children under 10 from the DNA database, as was outlined in the Home Secretary’s statement before Christmas?
I was going to cover that matter in my closing remarks, but I will clear it up now. I have been told that all DNA of under-10s has been removed from the database. That also answers the point made by my right hon. Friend the Member for Walsall, South (Mr. George).
I am grateful for the Minister’s response. It is helpful to know that. As he will appreciate, the sensitive issue of the over-representation of children and people from minority ethnic communities has been highlighted. This matter needs to be properly debated in Parliament and appropriate safeguards must be put in place. That opportunity will not be forthcoming if the matter is dealt with by statutory instrument.
Two other Government reviews and consultations on these matters are up in the air. There is a consultation on the interception modernisation programme, which is the Government’s plan to store all our e-mail communications on a new central database. Some have described it as the Big Brother database.
There is also a consultation on the use of the Regulation of Investigatory Powers Act 2000. That Act was originally introduced on national security grounds, but we believe that its powers now have an abusively wide scope. The reasons for accessing and using our data have been extended to include the prevention and detection of crime or disorder, economic well-being, the protection of public health and tax collection. RIPA gives all 474 local councils in England, every NHS trust and fire service, 139 prisons, the Environment Agency and even Royal Mail the authority to access and use communications data. It is not confined to services working to protect national security. That has led to RIPA powers being used in investigations into a wide range of matters that most people would consider to be utterly inappropriate, such as whether pot plants have been sold unlawfully, dog fouling and issues of refuse collection. Even the Home Secretary has described her concerns over the use of RIPA by what she called the “dustbin Stasi”.
Earlier this week, the Minister could not give any clarity on the timetables for the consultations on RIPA or the interception modernisation programme. Can he do so now to avoid the impression that they are simply being kicked into the long grass? Will he confirm that the consultation on RIPA will happen, given the comments in the annexe to the information memorandum on the statutory instrument implementing the second part of the EU data retention directive, which suggested that there was no planned change in policy? We have discussed that previously. If the outcome of the review is unfavourable, will there be policy changes or has the Home Office already set its face against any changes in RIPA and the way in which it applies? I think that the Minister is gesticulating for me to give way.
May I apologise? I was not gesticulating rudely. I thank the hon. Gentleman for giving way again. I sometimes forget to answer one or two questions in my closing remarks. It is not that I do not mean to answer them.
The hon. Gentleman’s patience will not be tried for too much longer because the RIPA review will be out shortly. Notwithstanding the comments he rightly made during the debate on the statutory instrument to implement the EU data retention directive and those he has made today, the Government are open to consultation and to changes in how RIPA is used. Obviously, any changes will be made as a consequence of the consultation. We plan to have an open, fair and honest consultation.
Again, I am grateful to the Minister for providing that clarity.
Some of the statements in the annexe to the information memorandum on the EU data retention directive on telecoms and internet data suggest that there will be no change in policy. Clearly, there has been a change in policy this afternoon. We welcome that approach to the review of RIPA. The review is essential. Greater confidence and trust are required in the use of those powers because they have been over-extended and overused by a number of organisations and agencies in the past.
The right hon. Member for Leicester, East made some valid remarks on CCTV. The Home Affairs Committee report highlighted the value for money of CCTV. The report stated that £500 million has been spent. There is little doubt that millions of pounds have been spent on CCTV cameras. That form of direct surveillance has an important purpose in providing public and national security. The problem is that many of the systems that have been installed do not meet expectations. For example, they are sometimes in the wrong place or the images that are captured are not of sufficient quality to be used in evidence.
The Home Office rightly identified various weaknesses in the “National CCTV Strategy”, which was published in 2007. It recommended:
“Owners of systems should undertake a review of all the CCTV cameras in public space use, detailing their purpose and establishing if they are fit for that purpose.”
“The role of the Information Commissioner needs to include greater powers to enforce licensing requirements of systems and people and needs to be clearer”.
Recommendation R3.2 stated that
“consideration should also be given to whether or not there is a need for any new legislation to tackle invasion of privacy with regard to both public and private CCTV—the latter remains a grey area in many respects”.
Will the Minister say what progress has been made on implementing that strategy?
Will the Minister explain how he expects others to improve their standards when the Home Office does not know the status of its systems? No overall assessment has been made of whether Home Office CCTV systems comply with the Data Protection Act 1998, the CCTV code of practice published by the Information Commissioner and relevant British Standards Institution standards. Does the Minister accept that it is a bit rich for the Home Office to lecture others when it has not got around to checking whether its own house is in order?
Will the Minister explain the Government’s apparent wish to mandate the introduction of CCTV in pubs and other licensed premises on a blanket basis? He will be aware of the concern that the Government’s new mandatory code on licensing will be used to impose such requirements. Why is such a blanket approach proportionate and necessary? How will it reassure the public over fears of a creeping surveillance state?
That brings me neatly to the concerns about identity cards and the ID card database. The Government have still not made a case for the necessity of the entire scheme. The arguments about the need for identity cards from a national security perspective have been shown to be based on weak foundations. Biometric passports and visas are one thing, but requiring the entire population to have compulsory national ID cards is a completely different proposition. Ministers seem to be scouting around for other justifications for their highly controversial policy.
I am grateful for the Minister’s statement, but he will recognise that there is not unreasonable concern—this was discussed when the Identity Cards Act 2006 was being considered—that we are looking at an incremental change and a steady direction of travel that is leading to that end result. I referred to compulsory ID cards not to suggest that the Government’s position is different, but because of the concern that that is the Government’s end point. I shall listen with interest to the Minister’s response as to where the issue currently sits.
The Government’s thinking is confused. A Home Office Minister’s suggestion that it would be appropriate to consider extending the ID card scheme, if it proves popular, to 14-year-olds is certainly an interesting view of market forces. It seems ironic that the scheme, which was argued for as essential and necessary to combat terrorism, should be foisted on children. From 2010, 16 and 17-year-olds will be able to volunteer to have an ID card, apparently to help them to prove their identity when they open their first bank account, take out a student loan or start employment. Yet that line of argument founders when one considers that banks and employers are not seeking ID cards. I know that young people are some of the biggest participants in volunteering, but I somehow do not see them queuing up for an ID card as the next must-have accessory.
In any event, phasing in ID cards in that way is certainly not helpful for age verification, because the plan is to issue them to under-18s. Whether it has dawned on the Government that age verification is about proving age, not proving that one is under age, is relevant. It is a cynical ploy to target young people in that way, and it sends out confusing messages when the Home Office is actively accrediting other proof-of-age programmes.
A broader fear is that if biometric data were compromised, how would the situation be remedied? The comments of Ross Anderson, professor of security engineering at Cambridge university, when giving evidence to the Committee that considered the UK Borders Act 2007—comments that were highlighted in the Select Committee’s report—are germane. He said:
“There is a fundamental security engineering problem with biometrics as opposed to, say, the cryptographic keys in your chip and PIN card. Once your biometrics become compromised, you cannot revoke them; it is not practical to do eye or finger transplants. Therefore, once you start using biometrics on a very wide scale, for all sorts of everyday transactions, the mafia—for want of a better word—will also have your biometrics.”––[Official Report, UK Borders Public Bill Committee, 1 March 2007; c. 100, Q215.]
The professor’s statement was stark, but there are relevant and serious concerns about where we are going with the use of biometrics if it is extended so widely, and how safety and security issues can be properly addressed in the architecture, the protections, and the way in which this technology is starting to be used. A huge amount of care is needed.
In conclusion, I return to the key recommendations in the report. The Government should operate a policy of data minimisation. That is a useful principle to have at the forefront. Too often, the Government harvest information and create databases which, if linked or combined at a future date, would go far beyond the remit for which they were set up. Sadly, the Government seem to have been unwilling to listen to the arguments about surveillance and data, but I hope that the Minister has listened this afternoon. They have sought more and more powers of surveillance of citizens and data tracking, apparently paying little heed to the arguments about an individual’s right to privacy and the sort of society that they might create. There are things that the Government need to know about the public, but the mission creep that has occurred is worrying and disturbing. The Select Committee has highlighted some extremely serious and important issues, and the outstanding question is whether the Government are really committed to doing something about them.
Good afternoon, Sir John. It is a pleasure to serve under your chairmanship. I welcome right hon. and hon. Members to the debate. I shall make some general remarks before going on to the more formal part of my speech. That is what I usually try to do.
This is an incredibly important debate, but let me clear the clutter out of the way, because that will enable us to have a better debate. It is not only the Government who wrestle with the issue of where privacy butts up against national security and the detection and prevention of crime. Obviously, no right hon. or hon. Member here would argue that no data should be retained and no DNA collected, or that there should be no sharing of data. The argument is always where to draw the line.
Those who drafted the European convention on human rights had the same problem. Article 8.1 states:
“Everyone has the right to respect for his private and family life, his home and his correspondence.”
But they had to put in article 8.2:
“There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.”
What we are wrestling with this afternoon is wrestled with all the time. When that is cleared out of the way—when we forget about the wicked people versus good people argument, accept that the debate is serious and fundamental, and that it goes to the heart of our society—we shall start to make better progress. If the debate is caricatured, we cannot make progress.
We debate the matter in many different guises, in many different Committees and in many different areas, and an interesting question that I often pose to the hon. Members for Carshalton and Wallington (Tom Brake) and for Hornchurch (James Brokenshire) is, what would they do? To be fair, the latter knew what he was doing and caveated his remarks about what a Conservative Government would do if they were elected, because he knows that responsibility for making such decisions is difficult. Does one collect the information in the way that one is told to, and how does one access and safeguard it? Views and advice on where the line should be drawn are often conflicting. The debate has highlighted, thoughtfully and interestingly, how we should take the discussion forward.
It is necessary for us collectively to get a grip on the debate and to try to move it on. Before making my formal comments, I shall make some concrete proposals on some of the things that I shall try to do with regard to the report produced by the Committee chaired by my right hon. Friend the Member for Leicester, East (Keith Vaz). He has had to leave for a short while, but I congratulate him, and the hon. Member for Carshalton and Wallington and his Select Committee colleagues, because it is an excellent and challenging report.
If there is one thing that works exceedingly well in Parliament, it is the Select Committee system. This is an exceptionally good report. It is challenging, evidence-based, thoughtful and non-partisan, and it addresses the issues. I am glad that my right hon. Friend has come back into the Chamber, because I think that the Select Committee system overall is one of the best parts of our Parliament and the Home Affairs Committee is one of the best Select Committees. I am not being sycophantic to him. The report is excellent. It challenges the Government to do things, and causes us to stop and think.
This issue involves not only legal change, but cultural change. It is about all of us giving a bit more thought and time to data management. I shall show how the Home Office is at the forefront of that drive. The point about cultural change is serious. The Committee made the point that, culturally, individuals have to change; this is not just about big Government decisions. There is a need for everyone to take more responsibility for the issue.
While walking into the Home Office today—this is not something that was set up—members of staff and civil servants were given a leaflet that said:
“Safeguarding the information we handle is a personal responsibility. All Home Office HQ staff including HQ contract and HQ agency staff must complete the Protecting Information e-learning training by 31st March 2009.
If you have not already done so, you must complete the mandatory Protecting Information e-learning course by 31st March”.
The leaflet tells them how to do that and says:
“It’s up to you”.
Far be it from me to say that that means that, therefore, all the different issues that have been raised this afternoon and in my right hon. Friend’s report have been solved, but it does show that there is some movement in the undergrowth on taking this issue much more seriously.
Also recommended by the Committee was a Home Office information charter, which is now available on the website. We even have an information rights team. That is progress and radical civil service change for you. The serious point, which is very important, is that change is there.
My right hon. Friend the Member for Walsall, South (Mr. George) made a point about the importance of the private security industry, and I agree with him about that. As long as I have been a Home Office Minister, he has come to see me, advised me and challenged me about the role of the security industry as a whole. He and I have had a lot of debate and discussion about the role of the Security Industry Authority and how things should be changed. The private security industry is unrecognisable from what it was previously, and it is thanks to my right hon. Friend and people like him that that change has taken place.
I agreed with my right hon. Friend’s answer to the question put to him by my right hon. Friend the Member for Leicester, East. I do not care how many cameras there are; I want effective cameras. If there needs to be an increase in the number of effective cameras, there needs to be an increase. I think that the public will accept that. They will not accept it if cameras just appear and no thought has been given to that. There could be 300 cameras or there could be three. Their effectiveness and placement are what is important.
The hon. Member for Carshalton and Wallington made a good point, which I will look into. He knows that I try to answer the question and if I do not know the answer, I look into the issue. His idea to look at prior approval for some of the things that appear on the website is probably a difficult one to achieve, but that does not mean that it should not be considered. He is right to say that some of the things that appear are of great concern. Because something is difficult, that does not mean that we should not do it. I had not thought of what he suggested, but I will consider it. It is an interesting perspective on the issue.
When the Minister is considering that, will he consider whether many of these facilities or applications should be ones that people have consciously to opt into, rather than there being an opportunity to opt out? There is some interesting advertising, for instance, driven through the web. People have to opt out of receiving targeted advertising, rather than choosing to opt in.
The hon. Gentleman is pushing it now. I have said that I will consider the idea and now he is trying to take me down the path of what I should decide. I need to consider the idea. Let me consider it and see whether we need to go anywhere with it. In my formal remarks, I shall also deal with his points about access to data and some of the comments that the hon. Member for Hornchurch made about that.
I absolutely agree with the hon. Member for Hornchurch on the importance of the work of the Information Commissioner. In a minute, when I make specific commitments, the hon. Gentleman will see that the role of the Information Commissioner is crucial. Both the hon. Gentleman and my right hon. Friend the Member for Leicester, East think that there is a need to inject more urgency, speed and pace into this area of work. I will take up that point.
Obviously, chief constables have a right to delete DNA from a database if they think that appropriate. That is an operational decision for them. They own the data; it is a matter for them. I think that the hon. Gentleman, supported by my right hon. Friend, was asking me whether I, as Minister responsible for the police, should consider how I could remind them of that process and its importance. I will do that, and do it in a way that is necessary and proportionate, but I will do it. Sometimes, it is important to remind people of such things. I might send them a copy of the report of the debate, so that they can see the points that were made. I hope that that is helpful to my right hon. Friend and to the hon. Gentleman.
Let me say a couple of specific things, drawing on the report. First, let me make some specific commitments to try to drive the issue forward. We have made a commitment to having the national CCTV body. I will try to progress that more quickly so that we have the national oversight body. Let us try to drive that forward. I have already made a point about the RIPA review. I shall make some formal remarks on that in a moment. It will happen shortly. It will be a consultation about how some RIPA authorisations are given and who does that.
The Information Commissioner is talking to the Ministry of Justice about an annual report to Parliament. I will try to ensure that we get that annual report to Parliament so that it can be debated. Again, that is important. I hope that what I have said is helpful, although I cannot give a guarantee. The decision involves the Ministry of Justice with the Information Commissioner, but I will talk to fellow Ministers about the issue to see whether we can progress it. I hope that that also helps my right hon. Friend.
I will make another commitment so that we start to get some meat on the bones of this. I will meet the Information Commissioner and talk to him specifically about some of these issues. I will get his view and, from then on, set up regular meetings with the commissioner to see how all this is progressing, or not.
The communications data consultation document will be published shortly. The hon. Member for Hornchurch mentioned a consultation on DNA. That, too, will commence in the near future.
I say to my right hon. Friend the Member for Leicester, East that I think it would be helpful to his Committee—I hope he will confirm whether that is the case—if the Home Office updated its response to the Committee. If we sent one to him, he could share it with the members of his Committee. I cannot give him a specific time, but perhaps we could do an update in the next two or three months or so and send it to his Committee, specifically addressing some of the points that have been made. I hope that he and the Committee will find that helpful, and then we can take it forward. He may want to do other things as a consequence.
I am a practical person and I hope that I have made practical points and given a practical demonstration of some of the ways forward.
I thank the Minister for making the practical and sensible suggestion—one that we have taken up in the Committee—that there should be a follow-up by the Home Office. I am pleased to hear him suggesting that he would like to provide the Committee with a follow-up report. Is he willing to extend that to all other reports that the Home Affairs Committee might produce, because what is good for the goose must be good for the gander?
That is the second time that the hon. Gentleman has tried to push it. Steady on—let us just see. The commitment that I have made on this report is clear. As my right hon. Friend the Member for Leicester, East knows, I am coming to the Committee the week after next to talk about police reform and some of the changes. I am always willing to come to the Home Affairs Committee. If the hon. Gentleman believes that there is something that I should do that I am not doing, he should talk to the Committee Chairman, and, as my right hon. Friend has done on many occasions, he will then speak to me.
I thank the Minister for the generosity of his comments this afternoon, and the impressive way in which he has dealt with our report. I know that he has not finished his speech, but what he has said so far on our recommendations has been extremely helpful, and we look forward to seeing him again to talk about these specific points.
I thank my right hon. Friend. Having given a progress report, and if he and his Committee feel it appropriate, I am willing to talk to them.
I shall take a few minutes to put some more formal remarks on record. I shall refer also to one or two other matters that were raised during the debate. No one disputes that taking and using DNA to detect crime and help bring offenders to justice must remain a key tool for the police. The DNA database is crucial for public protection—a point made by my right hon. Friend the Member for Walsall, South. Between May 2001 and 31 December 2005, almost 200,000 DNA profiles on the national DNA database that would previously have had to be removed—that is, before legislation was passed in 2001—because the person had been acquitted or the charges dropped, resulted in approximately 8,500 profiles from some 6,290 individuals being linked with crime scene profiles. Those involved nearly 14,000 offences, including 114 murders, 55 attempted murders, 116 rapes, 68 sexual offences, 119 aggravated burglaries and 127 cases involving the supply of controlled drugs.
However, we accept that the current policy of retaining DNA of persons arrested but not convicted needs to be changed to comply with the judgment of the European Court of Human Rights in the S and Marper case. We are committed to consulting the public on a proposed new retention policy, to be embedded in legislation. We will include in the consultation paper all the recommendations in the Committee’s report.
The Minister has said that he will consult on those issues, and that that would be embedded in legislation. Does that mean that the Government are shifting away from relying on order-making powers? At present, the Government’s stance has been that the Home Secretary makes regulations. In other words, a particular outcome is not embedded in legislation. Is the Minister indicating a shift of approach?
I am explaining the approach that the Government are taking with respect to the consultation. The hon. Gentleman knows that measures contained in the Policing and Crime Bill will give the Home Secretary the power to make orders by statutory instrument to change legislation to take account of the consultation. I am outlining to the House the fact that the consultation will be wide-ranging and will include the various points made in the Committee’s report.
Closed circuit television has been a vital weapon in fighting crime for many years. The police, local authorities, transport bodies and law enforcement agencies have all seen the benefits of using it. Indeed, the events of 7 and 21 July 2005 underlined the use of CCTV as an investigative tool. Between 1999 and 2003, the Home Office made available £170 million to help fund 680 schemes across the country. Subsequent funding streams for a range of crime reduction and community safety initiatives were available for CCTV, if local authorities considered it necessary. Such initiatives included Communities against Drugs, the safer communities initiative, Building Safer Communities, the basic command unit fund and the Safer, Stronger Communities fund.
However, there are also concerns about the use of CCTV. For one reason or another, its uses have attracted accusations of invasion of privacy rather than it being treated as a measured and sensible precaution to safeguard national security, protect the public from crime and to detect crime. If CCTV is to work, it must be operated in a way that commands the confidence of the community it serves.
The Home Affairs Committee report made a number of recommendations on CCTV, including the establishment of a national body, the undertaking of further research into the effectiveness of CCTV as a deterrent to crime, the creation of standards to enhance the value of CCTV images and a review of retention periods for CCTV footage. All those issues will be addressed as part of the work being undertaken by the national CCTV strategy board.
One reason why an update would be useful is that the Campbell Collaboration has produced a report on research conducted by the National Police Improvement Agency on the effect of closed circuit television on crime. It was published on 2 December 2008, and it may be of interest to the House. I shall read the text of the review:
“Results of this review indicate that CCTV”—
this shows that I am not being biased; I could have missed out this word, but I shall not—
“has a modest but significant desirable effect on crime, is most effective in reducing crime in car parks, is most effective when targeted at vehicle crimes (largely a function of the successful car park schemes), and is more effective in reducing crime in the United Kingdom than in other countries.”
Those results lend support to the continued use of CCTV in preventing crime in public spaces, but suggest that it be more narrowly targeted than at present. It is an interesting report, and those Members who are not aware of it may wish to read it.
The part of the report highlighted by the Minister is interesting. Will he confirm whether the Home Office is updating its national CCTV strategy in the light of the Committee’s recommendations and the research done by the NPIA? In the context of his comment on CCTV being used appropriately, but regardless of how many cameras there may be, will he comment on my point about licensing conditions and the fact that CCTV might be mandated for use in pubs and other licensed premises in a way would not necessarily take account of the principles that he has been enunciating?
There is a need for us to look at how CCTV is used, and to use the evidence that we have. It is important to ensure that the information gets out—in this case, to the various crime and disorder reduction partnerships, the police and so on.
Creating a national body, as suggested by the Committee, would be a way to do the very thing that the hon. Member for Hornchurch has mentioned. However, I do not want to prejudge that question; I want people to consider whether there is a need to update practice and guidance. However, it must be done on the basis of evidence, and what is being said.
That is exactly the point being made by my right hon. Friend the Member for Leicester, East. Where is the evidence for us to use CCTV in a way that would make a real difference? The Committee’s report starts to point out how that might be done. However, although we have a strategy, we do not have a national body to act as the delivery mechanism by which practice can be changed. That is why it is so important to have such a body, which is what I want to see.
The hon. Member for Hornchurch also asked about CCTV in pubs. I shall be corrected if I am wrong, but I believe that the issue concerns changes to licensing conditions or applications for licences. In some cases, because of their concerns about crime in a particular area, the police have said that if there were to be a change to the licensing conditions, they would recommend the installation of CCTV. If I am wrong, I am wrong; but as far as I am aware that has happened in all sorts of applications in all sorts of circumstances. It is a pretty reasonable way forward. The police were doing it to reduce crime.
While the Minister is on the subject of CCTV guidance, he may recall that the Committee took evidence from a police officer, who was concerned that he had to fill in a 16-page form in order to change the direction in which a CCTV camera was pointing, otherwise it could be considered covert surveillance.
On the other hand, Google Street View allows someone—I have checked this—to see faces in crowds, despite apparently having an automatic system that disguises people’s faces. While police officers have to fill in long forms to change the direction of a CCTV camera, the Google application shows people’s images without constraint. There seem to be some discrepancies.
I hear such things, as well. We are attempting to reduce bureaucracy, and if police do have to fill in 16-page forms to change a camera’s direction, we need to look at that. However, when I have been in CCTV control rooms, including in my own area, someone has been controlling and operating the cameras—
That might be different. Police officers have not raised that with me, but if it is a problem, we need to sort it out. Nevertheless, CCTV remains an important tool in the Government’s crime fighting strategy.
The identity card scheme has been specifically designed to provide a convenient and more secure way for people to prove their identity, and to provide a secure and reliable method for individuals to be identified wherever that is in the public interest. However, we are aware that the collection and storage of personal identity information brings with it a huge responsibility to ensure that the information is handled securely and used only for the purpose for which it is intended. That is why the scheme has been designed to include measures to protect civil liberties, including privacy, and this is backed by legislation.
We have responded to the report’s recommendations. In respect of data minimisation, the national identity register will hold very similar information to that which is already securely held by the Identity and Passport Service on the passport database, and legislation specifically precludes holding anything beyond core identity information. Sensitive personal data about an individual, such as details of criminal or medical history, information about their political or religious beliefs, or financial information related to tax, pensions or benefits cannot be held on the national identity register. The Identity Cards Act 2006 also states that individuals will not be required to carry their identity cards.
I wanted to raise earlier an issue regarding the national identity register. The Select Committee report wanted confirmation that
“the National Identity Register will not be used as a matter of routine to monitor the activities of individuals.”
The Government’s response stated that
“it would be a significant undertaking to use it ‘to monitor the activities of individuals’ and certainly not something that would be practicable to use as a matter of course or in real-time.”
I hoped that the Government would state definitively that they will not use the register to monitor the activities of individuals. The response had more caveats than that.
We will not do that. We have other ways of targeting individuals. I know that the hon. Gentleman disagrees, but the register is aimed at ensuring that we can prove who people are, should they choose to put themselves on it.
Before the first identity cards can be issued to British citizens, we will also appoint an independent national identity scheme commissioner, who will have the sole responsibility of ensuring that the scheme complies with the obligations laid out in legislation. They will have full oversight of the register and the uses to which identity cards are put—the point that the hon. Gentleman made.
The commissioner will publish reports, at least annually, to be laid before Parliament, but should they have any concerns, those may be reported to the Secretary of State or the Information Commissioner, or raised before Parliament. If there is evidence of criminal activity, the matter may be referred to the police.
I say to the hon. Member for Hornchurch that the misuse of data on the register is a criminal offence carrying a penalty of up to 10 years in prison. Last year, the Home Secretary announced that we will shortly be publicly setting out the importance of communications data, explaining the technological changes that will affect our capability and seeking views on options for maintaining it in a way that commands public confidence.
On a small number of occasions, local authorities have used techniques under RIPA in ways that are unacceptable and inappropriate. We must be able to stop them. To emphasise that, in December, my right hon. Friend the Minister for Local Government wrote to all local authority chief executives. These instances were the result of a failure to apply properly the tests in RIPA. To address that concern, we will shortly be holding a public consultation on the full list of public authorities able to use key techniques under RIPA, as well as related codes of practice.
We are also considering—the Committee chaired by my right hon. Friend the Member for Leicester, East made this point—raising the rank at which RIPA techniques are authorised in local authorities to senior executive and giving elected councillors a role. The consultation will take place shortly.
I remain satisfied that the essential framework set out in RIPA is appropriate, but we must ensure that public confidence is maintained. The key in the RIPA framework is the test of necessity and proportionality.
Let me say a couple of words on data security. We take very seriously our responsibilities to protect personal information. Following the report that we are debating today and the Cabinet Office’s data handling review, we have taken a number of key steps. For example, the Home Office has published an information charter setting out the standards that the public can expect from the Home Office when it requests or holds their personal information, how they can get access to their personal data and what they can do if they do not think that standards are being met.
Moreover, we have appointed a senior information risk owner to own and manage information risk, and she reports directly to the permanent secretary. Each of our main agencies and non-departmental public bodies has a senior risk owner.
It is fair to say that more work needs to be done to publicise all such information charters and cultural changes. We must challenge people and change behaviour. However, we need, in the first instance, an information charter, as my right hon. Friend the Member for Leicester, East said. We have one and we must publicise it more than we do. In that way, we will start to protect information.
My right hon. Friend and others also pointed out that the Coroners and Justice Bill has made changes to the powers of the Information Commissioner. It is trying to ensure that the commissioner has the legislative power and the resources to do the things that we all want.
That is my understanding of the situation, and I hope that that reassures my right hon. Friend.
This is a huge debate. If my maths is right, I have spoken for about half an hour. However, one could spend hours on each topic alone. Let me finish where I began. I made some commitments, and outlined some concrete proposals, that will help to bring about the change that we all want. By those commitments, I can be held to account, and we can see where change is happening. If, in one, two, five or 10 years, we are still debating the need for greater data protection and worrying about surveillance in our society, we will not have done our job as effectively as we should have done.
Surveillance and data retention play important roles in protecting society and in reducing and tackling crime, including serious crime. However, that does not alter the fact that such behaviour brings with it serious invasions of privacy and compromises with respect to the individual liberty of the citizen. We have to ensure that we get the balance right.
Question put and agreed to.