Skip to main content

Data: Personal Information

Volume 709: debated on Thursday 2 April 2009

Debate

Moved By

To call attention to the regulation, collection and retention of personal data and its impact on personal privacy, liberty and freedom; and to move for Papers.

My Lords, in recent times it has become customary at this point in our proceedings to offer up some sort of anecdote or witticism as a means of buying time before launching forth into the body of one’s text. My limited oratorical steers skills do not stretch that far, so I merely confine myself to the hope that it is neither the subject matter of today’s debate nor the fact that I have risen to my feet that has prompted the exodus of so many of your Lordships from the Chamber.

With that out of the way, and now that the general hubbub has abated somewhat, I begin, as I did last week, by declaring my various interests in this field: as an unpaid adviser to the Enterprise Privacy Group, Privacy International and 80/20 Thinking. I should perhaps also say that I have no wish to be unduly partisan in introducing the debate. This is far too important an issue for any of us to use it as an opportunity to indulge in party political grandstanding.

Against that background, I say again that I am fully cognisant of the potential utility of data and information across the whole panoply of public policy. I agree with the statement made by the Minister last week that,

“Information is fundamental to the delivery of modern public services and public protection because it helps citizens to receive the services to which they are entitled, front-line staff to have the information that they need to do their jobs effectively and public services to be accurate and efficient”.—[Official Report, 25/3/09; col. 658.]

I also accept that the imperatives driving policy in this field are, in the main, well-intentioned and worth while. Moreover, I acknowledge that where to strike the balance between data privacy and the legitimate right of the state to manage and process those data for the public good is an especially vexed issue.

Why, therefore, have I, and an ever increasing phalanx of like-minded citizens, been so persistent in expressing our concerns and anxieties about how our established right to privacy, via Article 8 of the ECHR, is under such insidious attack? At an aggregated level, the answer is pretty straightforward. The stark reality is that, over the past 10 years or so, the UK has earned an unenviable reputation for being a world leader in how to impose a whole raft of surveillance technologies upon its citizenry: the DNA database, CCTV cameras, the National Identity Register, the NHS National Plan for IT, and so on.

The Government may seek to pray in aid both the Data Protection Act and the Human Rights Act as the means whereby they have guaranteed that those technologies are subject to appropriate and adequate safeguards. However, as the Joseph Rowntree Reform Trust report, Database State, observes, the Data Protection Act is a “defective implementation” of the EU data protection directive in a number of respects. For example, how can an individual mitigate the harmful consequences of illegal data processing when he has no way of knowing that it has taken place? Quite apart from this, and because data protection and data security are two sides of the same coin, its manifest flaws have been brought into very much sharper focus in recent times after the HMRC data scandal and the relentless flood of breaches and losses both within government and the commercial sector that followed that debacle. In effect, the legitimate and reasonable expectation that the Data Protection Act, buttressed by the Human Rights Act, would embed and entrench the primacy of the data interest of the citizen, as codified by the data protection principles, has been just so much wishful thinking.

What has happened instead is that policy avenues have been pursued, particularly in the context of the public services reform and security agendas, which actively and explicitly seek to subordinate the citizen’s data interest to that of the state. This gives traction to a fundamental change of the relationship between the state and citizen whereby, as the Joseph Rowntree Reform Trust report maintains:

“Increasingly users who should feel like a citizen or customer—responsible and in control—feel instead like a suspect or recidivist”.

Nowhere is this process more apparent than in the strategy document, Transformational Government, published by the Cabinet Office in November 2005. On the face of it, its core presumption, that,

“Government must move to a shared services culture—in the front office, in the back office, in information and infrastructure, and thereby release efficiencies through standardisation, simplification and sharing”,

gives the impression of being eminently sensible and well intentioned, perhaps even innocuous. That may explain why it has received scant scrutiny by Parliament so far. However, its ongoing rollout appears to be aimed at a structural and cultural entrenchment across the whole of Government of the supremacy of the state’s data interest by means of reliance on a network of interconnected databases seeded with ever more information about us. Albeit that the Secretary of State for Justice has recently withdrawn them, the data-sharing proposals on the face of the Coroners and Justice Bill were just the latest manifestation of this trend. Moreover, there is a palpable sense in which this agenda is being almost exclusively driven by administrative convenience and political expediency rather than any innate respect for or understanding of the privacy rights of the individual citizen.

Here, I represent the words that I quoted earlier from the Minister in a rather more succinct way. Information and data, in their myriad forms, are the lifeblood of the exercise of power. Thus, in the context of developing policy, state control of statistics runs the risk of being, in the words of Sir Michael Scholar, “corrosive of public trust”. He adds that,

“having good statistics is like having clean water and clean air. It’s the fundamental material that we depend on for an honest political debate”.

Therefore, it is to the Government’s credit that they have legislated for the independence of statistics. Nevertheless, in much the same way that political control of statistical data can grant the holder control over the policy agenda, so control of an individual’s personal and sensitive information can grant dominance over the individual himself. It is precisely this that, in the information age, makes identity theft such a harrowing crime: the dual sensations of violation and helplessness arising from a realisation that one is no longer in control of one’s own life. The fact of the matter is that our personal and sensitive data are the core statistics of our own unique lives and, by extension, the wholesale collection, retention and sharing of our data by government is equivalent to a state-sponsored and thereby legitimised form of identity theft.

In this context, David Goodhart, the founder and editor of Prospect magazine, has recently suggested that:

“It might be useful if we started to see our data as similar to tax, something we willingly surrender to the authorities in return for various benefits”.

There is some credibility to this view. Personal data are imbued with considerable commercial and political value, the relinquishing of which can generate benefits and advantages for the ways in which we live our lives. To that extent and when aggregated, they can be perceived as part of the nation's stock of social capital. But, in much the same way that we would not tolerate a tax system that stripped us of all our earnings, so we should resist systems that increasingly look as if they are being designed to impoverish every one of us in data terms.

Implicit in David Goodhart's approach is a presumption that the anxieties that I have expressed are no more than a storm in a teacup; that the state has a legitimate right, if not responsibility, to deploy technological advancement to the benefit of the greater good. Indeed, it may very well be that, as a result of such influences as the internet itself and celebrity culture, society does not value the “complex bundle of issues” that constitute privacy as highly as perhaps it once did. Be that as it may and at risk of repeating myself, privacy is an established right, articulated in the ECHR. With that in mind, its protection should not, as it were, be reduced to the lowest common denominator. More importantly, as the Willcock v Muckle case in 1951 demonstrates, once sacrificed it is hugely difficult, if not impossible, to recover it.

Your Lordships will be well aware that the Database State report made a number of recommendations to address some of these problems. I am supportive of these although I fear that the Minister, on behalf of the Government, will approach them with too much of a closed mind. That said, a more fundamental issue is at work here. Because of the apparently irreconcilable conflict of interest between the data interests of the state and those of the citizen and because of an intrinsic and ingrained inability of government to guarantee adequate security of data, the appropriateness and legitimacy of the state as being the default administrator/processor/manager of our data is called into question. Quite apart from this, it has been the case for some time now that the imperatives that drive government policy in this field, essentially to use data management processes to improve public services and to enhance the fight against terrorism and serious crime, are deliverable in a much less invasive—and, it has to be said, less costly—way than the route chosen by the current Administration. As it happens, only last week I attended a seminar with Microsoft where the technological advances in this field, based on a citizen-centric data sharing platform with no diminution of the state's legitimate rights of access, were outlined.

To repeat, I am unconvinced that it is appropriate that the state should be both poacher and gamekeeper of our personal information. Rather, the tasks and functions of data management should be, at the very least, delegated to an authority that is wholly independent of government, perhaps even, if advances in technology permit, devolved to the level of the individual user, as a means of re-establishing the primacy of the data interests of our citizenry. Dare I say it, adhering to the current myopic obsession with data-sharing across ever larger databases that record each and every moment of our lives runs the risk of creating systems that are so bloated, if not obese, that they grind to a halt and collapse under their own weight. To give your Lordships some feel for the simple arithmetic here, I refer to a number of Questions for Written Answer tabled by my honourable friend, Eleanor Laing, in another place. For example, these have revealed that the customer information system of the DWP, the database that it is intended will be the principal source of information for the National Identity Register,

“holds 92 million person related records and 9,800 data fields”.—[Official Report, Commons, 26/3/09; col. 614W.]

That is to say 960 billion separate fields of data. That is just one database.

Perhaps more tellingly Stephen Timms, on behalf of the Treasury, makes this observation:

“There are many data categories of different kinds within each of the identified systems. A count of them all could be produced only at disproportionate cost”.—[Official Report, Commons, 25/3/09; col. 405W.]

As the Ideal Government blog puts it:

“It’s official. HMRC now collects so much personal data that they can’t afford or can’t be bothered to provide Parliament with the number of fields of data they collect”.

In effect we may already be at the point whereby, far from generating a utilitarian information-rich data management system, the Government are already experiencing data overload.

In conclusion I cannot improve upon the assessment in the Database State report, which says that the situation in which we find ourselves is one where:

“All aspects of our lives will be surrounded by masses of data collected without our consent, and shared well beyond the purposes for which they were originally collected. Citizens are starting to realise this, and are progressively losing trust in government”.

Bluntly, enough is enough. It remains only for me to say that I very much look forward to the contributions of other noble Lords in the debate and in due course the response of the Minister. I beg to move.

My Lords, the whole House will be indebted to the noble Earl, Lord Northesk, for having introduced this topic today. It is not by any means the first time that these issues have been raised, and indeed the Constitution Committee of this House has produced a most worthwhile report. I have not yet seen the Government’s response, but I do not doubt that the Minister will inform us about its detail.

More importantly, perhaps, is that the Government are not, I believe, an inflexibility on this issue. I agree with the noble Lord who has spoken that it is not sensible to have a partisan approach to these issues. They are of such a scale that it is more effective if we are of one mind about what needs to be done rather than simply to poke holes in each others’ cases.

I have to say that I was considerably impressed by the final report, produced last June by the Cabinet Secretary, Sir Gus O’Donnell, Data Handling Procedures in Government. There seemed to be little wrong with what was proposed in those procedures. What we have yet to know, and it is the most important question, is how they will be implemented in practice.

It was said at the time that the intention was to describe the implementation of the principles enunciated in that central report in an annual report by the Cabinet Office to Parliament. They included the use of encryption and penetration testing of systems, standardising and enhancing management of information risk, and identifying individuals in the departments and public agencies who would be personally responsible. They also promised quarterly risk assessments within the department, mandatory training for staff and, perhaps most importantly for this House and another place, privacy impact assessments when new policies or processes are being considered.

It was also generally concluded that greater scrutiny and monitoring, including of information risk, were required in statements on internal control which would be made available to the National Audit Office and the Information Commissioner. Furthermore, it was recognised that there needs to be very great transparency about these matters in annual reports to Parliament. A number of other things have happened since then, including the recognition that the Information Commissioner should have the power to carry out spot checks on public departments and agencies, but alas not in line with the recommendation of the Constitution Committee. Such powers have not been considered yet for extension to the private sector. In the light of the evidence that has been accumulating of such things as blacklisting of workers who are held by employers to be unsuitable for employment and the trading in such information, there is good reason to believe that, notwithstanding the cost of these inspections, it would be appropriate to give consideration to extending the right of intervention beyond the public sector.

As the noble Earl, Lord Northesk, made plain, everyone who reflects on these matters is aware of the value of information in policy making. It is certainly right that we should not bring that to a halt, but it is also right in parallel to consider on every occasion the implications for privacy of the extension of these developments. Since the development of technological capability is proceeding at such a pace, we have a duty to consider processes that enable a very full understanding to be enjoyed by the decision-makers and proper accountability for the amplification of this process, particularly the process of sharing information for purposes that were not intended when it was collected and which are not strictly the reason for the data being stored. It is right to ask what the Government’s thinking is about that cross-use of information and whether a system of opting in and opting out by the individuals affected might be both practical and desirable.

I recently heard the Minister dismiss the Joseph Rowntree report in an answer. I do not want to exaggerate, but his response suggested that he doubted the methodology. That being so, we have to ask him how he proposes to view the findings of the Joseph Rowntree Reform Trust, because it was a powerful report. Its findings indicated that a very large number of the systems that are in place would not pass muster if they were tested against the Data Protection Act, never mind the Human Rights Act. The trust said that 11 of 46 database projects examined almost certainly breached human rights legislation and 29 systems were considered problematic, including having legal problems. I imagine that very few of us will have done any serious trawling over the precise examples that the trust gave. I have not done so myself. None the less, that is a significant charge by a body that consisted of significant specialists in the area with strong not merely academic but commercial backgrounds in the field. The individual challenges that have been made by the trust need to be examined and answered, because I know that it is not the Government’s intention that their practices in this sphere should run counter to the legislation, which they themselves are responsible for enacting and, in some cases, modifying in the light of experience.

Speaking of the legislation which the Government have enacted, I very much hope that the Minister will take the opportunity of this debate to explain what the Government regard as necessary and proportionate in evaluating the “holding of data protection”, those being the words from the jurisprudence of the European Court of Human Rights. Another point made by the Constitution Committee of this House was that the Government should give a clear definition. That is right because what is necessary and proportionate can vary very much from one department to another. It is quite clear that, in seeking to prevent crime, the Home Office will have a very different view of information from that of the Department for Work and Pensions. Consequently, we need clarity about the criteria being applied across the board if data is to be shared across the board.

There are wider questions about whether data should be so shared. A number of bodies, including some in this House, have recommended that it is a mistake to seek to accumulate data right across government and to centralise it and that it is better for it to be held locally. Those arguments need to be addressed and consideration needs to be given to whether locally accumulated evidence cannot also be useful centrally, perhaps with some of the personal information extracted from it, so that the proper concerns of the public about invasion of privacy are addressed.

I wish to put a number of other questions to the Minister in this relatively brief intervention, considering the scale of the subject. I wonder whether the Government can give any information about their intention to put communication data, concerning e-mails, telephone communication and the internet, on a large, centralised database. The general expectation about an anticipated Bill has given rise to considerable concern because it is widely recognised that those who access these things can scan people’s life histories with very little advantage accruing to the individuals but much accruing to those who want to advertise.

I would like to ask the Minister whether the Government will think again about the response made some time ago to the recommendation of the Joint Committee on Human Rights and whether, when they propose to extend their data collection in a particular sphere, they should include that proposal in amendable primary legislation rather than in subordinate law. I have heard and read the arguments about the need for flexibility. The trouble with subordinate legislation is that you take it or you lose it and it is not really the best way of ventilating concerns on a complex issue of this kind. I know that things are moving rapidly, but that is part of the general public concern. There is a real need to reassure the public that these matters are taken seriously by all political parties and that we are anxious to build in procedures which enable us to anticipate the difficulties and the intrusions into privacy which may arise.

My Lords, on Saturday 14 March there appeared on the front page of the Daily Telegraph as the principal news item the headline:

“Trips abroad to be logged”.

The report continued:

“Every holiday, Channel hop or sailing weekend must be registered in advance … The travel plans and personal details of every holidaymaker, business traveller and day-tripper who leaves Britain are to be tracked by the Government ... Anyone departing by land, sea or air will have the trip recorded and stored on a database for a decade. Those leaving from any international station, port or airport will have to supply detailed personal information as well as their travel plans. So-called ‘booze cruisers’ who cross the Channel for a couple of hours to stock up on wine, beer and cigarettes will be included. Weekend sailors and sea fishermen will have to comply if they plan to travel to another country, or face possible criminal prosecution. The owners of light aircraft will also be brought under the system, known as e-borders, which will eventually track 250 million journeys annually. Even swimmers attempting to cross the Channel and their support teams will be subject to the rules. Travellers will have to supply information such as passport and credit card details, home and email addresses and exact itineraries”.

The Government propose that these rules might apply to the Crown dependencies, such as the Isle of Man and the Channel Islands, as well as Northern Ireland, but after yesterday’s defeat of the Government in this House, I do not know how that stands, and I doubt whether they do.

There are no prizes for guessing what all this is supposedly in aid of. It is for catching terrorists—catching at the ports, or wherever, suspects whom the security services are supposed to be keeping an eye on, but have not kept a sharp enough eye on. Rather than focus on the people they need to catch, the Government propose a blanket screening of everyone. It is part of the e-borders programme. I can understand the usefulness of keeping tabs on people coming into this country, but to log every single inhabitant of Britain who goes on holiday seems to me to be a log too far. I, and I expect some of your Lordships, should like to know how much all this is going to cost.

I have a letter from the noble Lord, Lord Bach, in which he tells me that it is not the case that travellers will have to apply for permission to travel or to submit an itinerary, as reported by the Daily Telegraph, but that the information will be collected from booking agents, who will have to ask travellers for their passport details and to provide such other information as they may possess, like telephone numbers, e-mail addresses and credit card details. I am sure that your Lordships would be delighted for the Government to hold their credit card details, since their record of keeping personal data secure is nothing short of abysmal. As most people buy travel tickets with credit cards nowadays, the booking agents are very likely to have the details. Details of baggage are also requested, including the number and description of pieces. I wonder what that means—Vuitton or Marks & Spencer?

All this is in the Immigration and Police (Passenger, Crew and Service Information) Order 2008, which concerns information required about people coming into this country. Can the Minister kindly tell the House under what order these regulations are to apply to people leaving this country—that is, emigrants? The order that I have just referred to concerns immigrants.

Once upon a time, not so long ago, this was a wonderful country to live in. Our ancient freedoms, fought for for nearly 800 years, were the envy of the world. And what has happened to them? Habeas corpus, dating from 1215, has been severely curtailed. The presumption of innocence has been eroded. Freedom of speech and pen is only permissible as long as your views are politically correct. Our e-mails and the internet sites we visit on our computers are tracked by the security services. The police and certain petty officials may break into our houses. A lot of this appears to be cribbed from the German Reichstag Fire Decree of 1933. When thieves break into our homes, we are not allowed to hurt them, whatever they may do to us. We have to get permission to make comparatively minor alterations to our homes. Health and safety rules interfere with everything we do, even the temperature of our bathwater. I could go on.

Much of that emanates from the boys in Brussels. Then very soon we are all to have identity cards and, while the information on them to start with will be fairly basic, the Government have not ruled out adding more personal details at a later date: see the answer of the noble Lord, Lord Brett, to the noble Baroness, Lady Hanham, last Thursday. The travel-based database, on top of all the rest, is too much. Britain is getting more and more like Soviet Russia before glasnost, and a totalitarian Government—which no country is completely safe from—will find everything already in place for total control. I think the terrorists have won.

My Lords, this is a welcome and timely debate and I join others in thanking the noble Earl for offering it to us. It is no good being luddite about modern communication systems. Government at all levels is not only bound to make full use of them but has a duty to do so because citizens have a right to the best possible service from public authorities. The benefits are multiple. Such systems help bodies such as the National Health Service to fulfil its primary purpose of care and are crucial to research in disease, the monitoring of public health and the protection of patients.

I suspect that the public widely accept the need for information collection—the collection of DNA or the use of cameras, for example—for law enforcement and for the safety and security of the citizen. However, we know that there are costs: the unnecessary gathering of personal information; overloaded and insecure systems; and data being inaccurate and out of date. There is also the persistent problem of security, as we have seen in recent times. That is why I believe that it would help us enormously if the Government would set out the principles and values that will always underpin their use of modern information systems and data gathering and continually affirm what is set out in the Data Protection Act and such places as Article 8 of the ECHR.

At the centre of this is a contract between the citizen and the public authorities. If I want the National Health Service to provide me with a service, I must accept that it will need information about me that helps it to provide what is needed. Matters concerning the life of each of us as individual citizens are of course the property and responsibility of the person concerned. We do not hand over those property rights to the state. The contract must be clear that the information held by the service will be used for the purposes for which it has been given and by persons with a direct interest in the service offered. If I am to have confidence in the service holding that information, I must be assured about its confidentiality and security. I have no difficulty in the information being widely used, provided that it stays within the broad framework of the service.

Inevitably with modern systems there will be a lot of data held without direct consent. Much of this, as with the 2009 data retention regulations, is concerned with security and tackling crime. However, we need publicly known, understood and accepted regulation of such systems, which needs to protect the privacy of the individual and to reassure the public that no abuse of power is either intended or possible. For example, I will be interested to know from the Minister the Government’s response to the July 2008 Data Sharing Review Report from the Information Commissioner and Dr Mark Walport, which I think proposed that the commissioner should be given a statutory duty to produce a code of practice on data sharing and to issue context-specific guidance on its consistent application. That is the sort of field that we need to be in.

That leads me to talk about transparency and accountability. These two are inextricably linked. If the authorities are clear about who and what is involved, where information is held and what the values and rules are under which all this happens, then real public accountability is possible. I assume that the Information Commissioner has a key role and needs the powers necessary in assuring us of that accountability.

My last point—my contribution is at a more general level in this debate—concerns what is manageable. The problem with modern communication systems is that we think that they will do it all for us, so increasingly vast sums of money are poured into them and there are growing levels of frustration as complex and massive systems do not work as well as had been hoped. We do not ask: what are the boundaries around what can be delivered through these systems? Therefore, not only must we be clear about the potential benefit that any new system will bring but we must also be clear that it can be managed and delivered and that it will be safe.

As all of us know in the organisations of which we are a part, it is all too easy in complex modern democracies for powerful state bodies, for perfectly good reasons, to launch new systems, only for us all to wake up and realise that questions about the rights and liberties of the citizen have not been addressed but are looming ever larger and undermining public confidence. That is why I believe that we need to affirm the contractual nature of this issue: the need for clear and publicly stated values and principles, for openness and effective accountability, and for systems that we can both manage and have real confidence in. In that way, we can make full use of the benefits of contemporary communications and information systems, thereby strengthening the capacity of public services to deliver good services to the people and strengthen our common life in our society.

My Lords, I join those who have already thanked my noble friend for securing this important and timely debate. I wish to say how much I agree with the powerful points that he made.

As the contributions to the debate have already shown, all sides of your Lordships’ House are well versed in and understand the argument that the collection and retention of personal data are necessary for the efficient running of public services, and to aid our security services and the police in the fight against terrorism and serious organised crime. However, as has also been said, unchecked this justification is leading to an exponential increase in the amount of personal information that is collected, retained and accessed by all manner of different bodies. The Information Commissioner has said that personal information has become the “lifeblood” of government and business, and that is certainly the case, but it is also true that this can be tolerable only if the information is used properly and intelligently.

My noble friend mentioned the report produced by the Joseph Rowntree Reform Trust called Database State. It assessed 46 of the UK’s national databases and found that fewer than 15 per cent of them were effective, proportionate and necessary with a proper legal basis for any privacy intrusions. That in itself seems to be quite a statement of the rocky basis on which a lot of present practice now sits. Tellingly, it also found a quarter to be,

“almost certainly illegal under human rights or data protection law”,

because of problems with privacy and effectiveness. These included the National DNA Database and the national identity register. The report recommended that many centralised databases be scrapped or substantially redesigned—again, another point about the basis on which we are operating being rocky.

The Rowntree report is rightly critical of the centralisation of data in the UK. I look forward to the Minister’s conclusions on the report. I agree that some data—I stress “some”—need to be retained and collected. As a shadow Security Minister, I could hardly think otherwise. However, the data have to be stored securely and—the important point—only accessed by legitimate persons for legitimate reasons, under suitable controls and safeguards.

The process must be regulated by law on a detailed basis, not left to the exercise of executive discretion within the far-too-loose regulatory framework of RIPA. In establishing regimes for data collection and retention, the Government have not given due regard to privacy or the need for public trust in three areas: the amount of data collected, how it is retained and how it is used. I fear that they are deservedly running into a high level of suspicion.

I will look at one matter with which the House dealt recently and on which further things should be said. I refer to the potential legislation on communications data. Last week, your Lordships’ House considered a statutory instrument that extended the range of communications data that must be retained by service providers, to include details of our internet access, internet e-mails and internet telephony. The Minister—the noble Lord, Lord West—was unable to tell us the meaning of the broad terms that the statutory instrument uses, such as “internet e-mail” and “communications data”, and the extent to which they would cover third-party applications. This is a technical point, but it is important and it affects our freedoms. We need to know the answer to this question and I beg the Minister to address the question of third-party applications.

It is also unclear whether it would be possible to distinguish between the content of a communication and the fact of its occurrence for internet protocols where these pieces of information are contained in the same data stream. This is a technical problem, because in practice, in this kind of data stream, the gap between the so-called envelope and the contents does not exist in the way that it does with other forms of telephony. There is a problem in distinguishing between these things, but it is a distinction on which the Government are relying for their reassurance that people’s rights to privacy over content will not be infringed without a properly processed warrant. If you cannot distinguish between these two things, you cannot protect content and may therefore be invading privacy without a warrant.

This means that we do not know how these regulations, which have now passed into law, will operate in practice. The Government have not been able to satisfy these Benches that last week’s statutory instrument did not create a vehicle through which the interception modernisation programme could be carried into practice without further primary legislation. The draft Queen’s Speech led us to believe that primary legislation would be forthcoming and that the powers contained in the SI would be transposed in a Bill of primary legislation. Instead, the SI has been transposed separately, and against the background of the Home Secretary having cast doubt in a recent speech on the need for primary legislation.

Are we going to get any primary legislation? The Government would do well to come clean on their intentions, since failure to do so obliges one to examine the scenarios that could develop without primary legislation. It is not hard to imagine a scenario—with or without primary legislation—in which, because of the vast quantities of information collected, and an inability to separate communications data from content, it would be argued that access must now be made more efficient by having a centralised database that holds the data in a standardised format. So, without Parliament ever having given its agreement, the Government could then come to hold a vast database of communications. In case the House thinks that I am engaging in a flight of fancy, can the Minister confirm the accuracy of reports that a prototype of a centralised database for communications data is under construction? It is vital that he answers this point in his response.

If such a central database were to come into existence, it could be interrogated using data-mining technologies, pattern recognition and deep packet inspection. I am aware of the arguments used in justification for this: for instance, that it would increase the chances of successful pre-emption of crime. That may be so, although we do not have proof of this thesis. However, it is clear that there is a counterpart downside: access so easy and so extensive would carry with it a loss of governance and system control. It could get us very near being treated as guilty unless and until proven innocent.

It is not just that legislation in the field of surveillance and data processing does not contain sufficient detail and specificity to allow Parliament to scrutinise the proposed measures effectively. Other noble Lords have made the point that we have seen over the years a constant creeping of surveillance powers. Your Lordships’ House will be familiar with the examples of local councils snooping on ordinary people for things such as dog fouling and putting rubbish in the wrong bins. That is why I am very unhappy that during our consideration of the statutory instrument last week the noble Lord, Lord West, said that the other place was “confused” in its consideration of the instrument because it debated access to communications data and not only the retention of those data. Frankly, it is putting it rather kindly to say that he cautioned your Lordships’ House against making a similar mistake of confusing data retention and access. It is not your Lordships’ House that is confused—you retain data so that you can have access to them. There is little useful distinction to be made between retention and access in practice—the two go hand in hand. Does the noble Lord accept that you cannot separate those two issues so cleanly? You cannot look at one-half of the legislative framework in isolation from the other. If you do, you get exactly what we have seen over past years: a constant creeping of powers of surveillance and a concomitant decline in public trust as legislation is misused against ordinary people.

This is a constant theme in this House. This House is not full of hysterics; it is full of sane, ordinary people of experience and it is concerned about the powers that are being used and developed by the state which can invade the privacy of ordinary individuals without good reason.

As many noble Lords know, the Regulation of Investigatory Powers Act 2000 stands out as an example of these creeping powers. When the Act was passed, local authorities were not included in the list of public authorities that could access communications data. During the passage of the Bill, the then Home Secretary and Minister of State responded to concerns expressed that it would extend the power to a range of public sector bodies, including local authorities, by giving assurances that such powers would not be made available to them. But lo and behold, in 2003 two orders were passed that gave a number of additional public authorities, including local authorities, access to communications data and the power to use directed surveillance and covert human intelligence sources.

The then Minister of State said about the previous assurances that had been given:

“Clearly, if an assurance has been given you like to try and ensure that that assurance is maintained, but … sometimes there are things that happen two, three, four, five, six years later … despite the assurance that was made there is a need to change”.

In its report, Surveillance: Citizens and the State, the Select Committee on the Constitution concluded,

“we are concerned lest this reversal set a precedent for future unforeseen policy changes in the field of surveillance”.

I have two comments. First, it is hard to see what has so changed in our national life that it is necessary and right to give all 474 local councils in England, every NHS trust and fire service, the Environment Agency, and even the Royal Mail and the Royal Pharmaceutical Society access to communications data or surveillance powers, or how that increases the security of the nation. Secondly, it would be a sad day when the House could no longer place reliance on assurances from Ministers.

It is not surprising that the Rowntree report found that over two-thirds of the population no longer trust the Government with their personal data. How will the Government address this huge deficit in trust? The issue has been accurately described by my noble friend as the creeping subordination of the individual to the state.

I suggest that we need five things. The first is an emphasis on having separate disaggregated databases rather than centralised databases. That is not to say that there should be no information-sharing between different systems and users but—this is the second thing that is needed—there certainly needs to be greater regulation and oversight of the transfer of data. Thirdly—this is related—I would like the role and office of the Information Commissioner greatly enhanced. I welcome the recommendations of the Select Committee on the Constitution that the Government should consult the commissioner at an early stage of policy and legislative development, that he should have a greater role in advising Parliament on surveillance and data issues and that he should help the Government undertake a review of the law governing citizens’ consent to the use of their personal data. I suggest that we need greater independence and much greater governance in this whole area.

Fourthly, I would like to see legislation in this field contain sufficient detail to allow Parliament to scrutinise proposed measures effectively. Explanatory Memorandums in this sort of legislation are very important, and they need to be much more helpful to legislators when they are trying to understand and grapple with some of the difficult technical issues which, as I say, have great import for our civil liberties. Here, again, I look to the Minister to confirm whether a prototype of a centralised database for communications data is under consideration. That is the point I referred to earlier, and it is relevant to whether in practice we are going down the road of a centralised database in the area of communications, even if we are not authorised to explicitly.

Finally, we need a review of RIPA as soon as possible, and the powers it hands out need to be substantially curtailed. I look forward to hearing the Minister’s response.

My Lords, I join other noble Lords in thanking my noble friend Lord Northesk for bringing this important debate to us today. He highlighted the importance of the difficulties of data sharing, the need for good management of those data and the balance between data held and the rights and privacy of information for people.

I shall speak mainly on the issue of data where it concerns our children and young people. The quantity of legislation concerning data collection, transfer and use is daunting. I shall start with SI 2006/2601, the Education (Information about Individual Pupils) (England) Regulations 2006. The instrument was made on 21 September 2006, was laid before Parliament on 3 October and came into force on 31 October. It laid a duty on school governing bodies to supply scheduled information within 14 days of a request from the local authority or the Secretary of State. The information for the local authority relates to each child in its schools and consists of their gender, date of birth, unique pupil number, surname, first name, ethnic group, date of admission to the school, first language, year group, usual mode of travel to school, address, details of special educational needs, whether in care, whether eligible for free school meals, education details, whether on the gifted and talented register and absence details. Details on pupils who have been excluded are also required. I wonder whether that is all really necessary.

Within days of these data being transmitted to the local authority, they are forwarded electronically to the Department for Children, Schools and Families. The governing body of a secondary school in Warwickshire wrote to the department expressing its concern about the dangers of holding information about young people on a single database and seeking the reasons for doing so. The department responded with three pages of text, in the course of which there was the following statement:

“Data is needed at the individual pupil level to ensure that funding is accurately allocated (for example, to ensure pupils are not double counted in instances where pupils are legitimately dually registered at two institutions; or where there are ‘duplicate pupils’, that is where a pupil has not deregistered from one school on moving to another)”.

The cost of compiling and holding records for 11 million youngsters is surely hundreds of times greater than the cost of any dual funding, even if it were not simpler to lay on the local authorities a duty to ensure that double counting did not happen within their jurisdiction.

On 1 September 2007, access to the database was extended to further education institutions, primary care trusts, work-based learning providers, researchers into educational achievement, learning providers registered with the UK register and institutions in higher education. In 2008, the Statistics Board was given access to most of the information on the database, including all personal identification. Have there been any other statutory instruments or manoeuvres used to widen access even further? Do the Government plan to use these data for any other purposes, such as allowing potential employers to access them, either to check on applicants or to hunt for possible future staff?

This database is not the only one that the Government have wasted our money on. A Written Answer in the other place on 22 April 2008, at col. 2028W of Hansard, showed that ContactPoint had so far cost £103 million, with a further £121 million to be spent by March 2010, at an annual running cost of £41 million. ContactPoint has been the subject of much questioning, particularly from Members in another place. It will be able to access national data sources from within the DWP, the DCSF, the Department of Health and the Office for National Statistics and compare fragments of data that are duplicated therein.

On 17 March 2008, the Member for Basingstoke pointed out, at col. 604 of Hansard, that nine other children’s databases feed into ContactPoint, which is maintained by the DCSF in addition to the national children’s database and the Connexions database, which supplies information about children’s choices beyond school. I was concerned about this when we took the Children Bill through in 2004, and my noble friend Lord Northesk spoke at great length about it. At Second Reading, I raised the whole question of data and data processes, saying:

“Indeed, it appears that we are not to have any influence over the four data processes: the creation, amendment, access and destruction of data held on children. Who will be responsible for setting up each of the databases and the rules governing their operation?”.

I asked whether that would be just one national database and, of course, we have found that it is not. I said:

“Who will be allowed to add, amend or delete information? Who will be able to access the information held on the databases and what rules will govern that access? Who will delete the completed records? What rules or anticipated rules will there be? Will they be mandatory or will exceptions be made? More importantly, will young people have access to their own information? What access will families have to the information held on the lists? Is it envisaged that each LEA will have a local data base containing information on each child at the authority’s schools? Will the name of a child coming to the attention of one of the other authorities for a serious reason ‘go forward’ to the national data base?”.

These questions have not been answered adequately. I went on:

“Finally, who will ultimately expunge the records, or will they carry on throughout a child’s life into adulthood? These are questions which are certainly not tackled within the Bill. I am not the only one who is frightened that these personal records may be held by the state for time immemorial. This could have real repercussions on jobs, insurance and many other aspects of daily living”.—[Official Report, 30/3/04; cols. 1299-1300.]

Will the Minister also tell us whether, following my comments on the Children Bill, any other statutory instruments have had the same effect? What is the Government’s thinking on that?

Many of these children need help and I am not belittling the need to hold data on children, but surely it has got to the stage of perhaps being disproportionate. I am sure that I am not the only person to criticise the Government for their data collection mania. Deloitte carried out a review of the security of ContactPoint. The Government decided on 13 February 2008 to publish only the executive summary of the Deloitte report, as reported at col. 2635W of Hansard on 5 March 2008, and then decreed that the resultant risk assessment, to be completed by May 2008, would remain unpublished. Why? The Government exist for the defence of the realm. These records held centrally, when taken with the increasing statutory provision for interdepartmental data sharing, will mean that young people who will now be on the database will have every detail of their lives—including place of employment from HMRC, sickness records from their PCT, marriage, car ownership, court appearances, parenting and housing—recorded by the state. We have reached a frightening stage.

I turn to a more recent letter, which the noble Lord sent on 31 March to the noble Baroness, Lady Maddock, in response to the 27th report of the Select Committee on the Merits of Statutory Instruments from the 2006-07 Session. The report drew special attention to the draft Children Act 2004 Information Database (England) Regulations 2007. These are very important. Paragraph 8 of the report, which covers the 2006 regulations, says:

“We stressed the concern expressed by some commentators about whether a database covering all children in England was a justified and proportionate response to the need to improve communication among professionals in relation to the smaller (though significant) number of children in need of specialist help”.

In paragraph 11, the committee points out that the DCSF’s summary states that there were 256 responses to the consultation, and explains that,

“approximately one-third of the formal responses came directly from young people and parents. The majority of responses from this group expressed their opposition to the establishment of ContactPoint”.

I wonder how much bearing that had on the outcome.

Finally, I turn to comments in paragraph 23, which deal with and are equally clear about the desirability of improving communication between professionals involved in the provision of services for children. The committee was not persuaded that the scheme provided by the regulations was an entirely appropriate approach to that objective. The report says:

“We do not consider that the Government have demonstrated conclusively that a universal database is a proportionate response to the problem being addressed, or that the additional benefits of a universal approach justify the additional costs and risks, as compared with a selective approach which would not include a child in the database unless or until the child’s needs for specialist or targeted services became apparent”.

In the letter that the noble Lord sent to the noble Baroness, Lady Maddock, he said that access is restricted to those,

“who need it as part of their work”.

I picked up on this sentence. I asked the Minister to clarify who would need it as part of their work. It seems to be a very open door. The second comment that I want to pick up on is:

“Mechanisms will be in place to prevent trawling”.

Perhaps the Minister could tell us more about that. I picked up on two more comments in his response. One was:

“It is important and appropriate to cover every child in England because any child or young person could require the support of additional services at any time”.

I do not belittle that; I agree with it. The letter goes on:

“It is not possible to predict accurately in advance which children will have additional needs— estimates show that 3-4 million children and young people will need additional targeted and specialist services at any one point in time”.

What about the others? Finally, I pick up on the comment at the end of the second page:

“The Department for Children, Schools and Families has consistently made it clear that it will not extend ContactPoint beyond its current phase”—

perhaps the noble Lord will tell us what that current phase is—

“until the Department is satisfied that all issues identified in the early stages of implementation are addressed”.

I shall listen with interest to the Minister’s response.

My Lords, it is a sheer privilege to follow my noble friend Lady Byford, with the question “Who will expunge the records of these children?” ringing in my ears. The point was made that the Government should deal with this assault on the individual by primary legislation. I do not need to say why. My next point is that the Minister has been asked highly important, relevant and critical questions which need an answer. He cannot answer all of them orally today, but they have to be answered. Will he undertake today to send all who speak in this debate a letter answering every single question? I refer not only to the questions of my noble friend but those from the noble Lord, Lord Maclennan, and other noble Lords, particularly my noble friend Lady Neville-Jones. This is not a joke. I really mean what I am asking. We must have answers to those questions. We have to know where the Government stand on this. We have no idea at the moment, or, at least, I have no idea.

I should have opened by saying that it is a great privilege to support my noble friend Lord Northesk. As one of the originators in understanding the data protection system, he has studied this matter for years and has always put his knowledge and expertise at the House’s disposal. I am very grateful to him for having done so again today in opening this debate.

This is not a prepared speech; I came to listen. I agree with every word that the noble Lord, Lord Maclennan, said. We usually, but not always, agree. On this occasion, I compliment him on his speech. It was beautifully prepared; he asked some questions; and they have to be answered.

I agree also with every word of the Church’s appreciation of the legal aspect of this matter—I shall come to another legal aspect in a moment which has not been quite touched on. The same goes for the contribution of my noble friend Lady Neville-Jones, who as a former security officer speaks with considerable authority on this matter, certainly as regards primary legislation. I want to say a word of appreciation also for what the noble Lady, Lady Saltoun, said. She gave an example of hideous, ridiculous, unacceptable interference with humanity which went right beyond the realms of inconvenience. One owes her a word of gratitude for having brought it to our attention.

I do not want to take much time. I turn to the legal aspect and the need for primary legislation. We have no domestic privacy law, nor have we ever had. Whether you are for it or against it is quite irrelevant; it is a matter of fact. We accepted into our law the European Convention on Human Rights. I shall not deal with article this and article that, and one thing and another—this is not a legal speech. We accepted the principles of that convention, drafted largely by members of the English Bar, years ago, and they are now used as part of our privacy law.

One has to accept that judges, on the facts and circumstances of each particular case, have to try to interpret those articles as they relate to a case. The judgment in the case of Max Mosley is related only to the facts and circumstances of that case; it is not of general application to all cases. You will find in the context of the problems arising from this question that the courts here will do their best to interpret the impact of the law on the case. Whether and how that will work is at this stage wholly unpredictable. Given that serious point, the Government must now really get down to the business of introducing their own legislation in conformity with the Human Rights Act.

My Lords, many different approaches have been taken to this matter of security and freedom. I am sure that the Minister will answer the questions as they have been raised or, even, as the noble Lord, Lord Campbell, mentioned, write to us if there are any for which there is not time for an immediate answer today.

The crucial issue of freedom versus security has come up time and again. One extreme would be to tag us all so that exactly where we were and everything that we were doing could be known. I am told that mobile phones can nearly do that now: we can be located wherever we are. The other extreme, however, does not really exist, because we are all bound by law and to act within its framework. The problem always is where you draw the line between freedom and security. I shall raise just three concerns today.

Any scheme which limits freedom must be as fair and near-foolproof as possible. Plato spoke of the philosopher kings. Although they might succeed, our society is one of human beings, who make mistakes. We have all, therefore, to take extra special care. When we legislate, especially, we have a tremendous responsibility, because what we do here affects every person within the kingdom.

The Home Office needs to look closely at some of its recent projects, because they raise grave doubts as to its general approach. I have brought up in this House on a number of occasions the problem of the passport personal interview offices. The Home Office website says that 69 offices are up and running, so anybody going for a passport for the first time has now to have a personal interview. But it does not work like that, because there are supposed to be 22 remote-community personal video links, which I do not see as having been established. There are therefore some parts of the country, such as Anglesey and west Sutherland, which has a widely scattered population, that do not have that facility. The network is not complete. Is it fair for the system to be instated at all when it does not affect everybody in the same way? What are the Government doing to get the passport personal interview network really up and running so that 100 per cent of the people are dealt with in exactly the same way?

How realistic and effective is this project? I asked about three months ago how many applications there had been. If memory serves me right, about 246,000 personal passport interviews had taken place. That was good; they were going to sieve out those who were not worthy of a British passport. But not one applicant had been refused. I ask the Minister, very sincerely, how effectively the passport personal interview network is proceeding. First, I question whether the passport personal interview offices, as an example of what the Home Office is doing, are really effective. Secondly, any network of information needs to be secure. In March 2009, a memory stick containing information on hundreds of police investigations went missing in Edinburgh. It was not encrypted. In January 2009, a disk containing personal details about 2,000 staff of the British Council was lost. In December 2008, Leeds Council apologised for losing a memory stick containing unencrypted details of 5,000 nursery age children. In September 2008, Ministry of Defence computer files with records of thousands of serving and former RAF staff were stolen. And so it goes on: incidents in Surrey, Lancashire and Glasgow, all in the past six months. Altogether, in the 12 months ending in December 2008, 29 million personal records were lost. Surely the whole system is not fit for purpose.

Finally, I turn to the financial priorities. In a time of economic hardship, can we afford some of these new projects? The noble Baroness, Lady Neville-Jones, mentioned ID cards. In October 2006, the Home Office gave the cost of their introduction as £5.4 billion, but by May 2008 it had increased by 37 per cent. The total cost now must be in the region of £11 billion to £12 billion. Is this good money given the current economic climate? On 24 March, just a week ago, the Home Secretary said in another place that it would cost £40 million to scrap the scheme. Is £40 million ever well spent? In Wales, we used to say—I am sure that it is said everywhere—that a stitch in time saves nine. To save in this way would be a help in the present economic climate.

There are many other grounds for following on the remarks of other noble Lords this afternoon, but on these grounds alone Her Majesty’s Government should sit down and think again about their whole approach to these matters.

My Lords, like other noble Lords who have spoken, I thank my noble friend Lord Northesk for opening this debate with such a thoughtful, informed and balanced speech. It has generated a fascinating debate. Many people have got a lot off their chests and I hope that both Ministers have been listening carefully. In common with other speakers, my noble friend acknowledged that there was a difficult line to be found between the need of the state to protect its citizens and an overenthusiastic embracement of technological developments to keep vast amounts of data on them. Each speaker has acknowledged that there is a role for some data collection but that it probably needs to be selective rather than generalised.

It is becoming an increasingly perplexed issue, and one which exercises anyone who has any role to play in ensuring that the state’s powers are not allowed, even with good intentions, to stray over the line of legitimate, but controlled, intervention in unbridled enthusiasm for keeping detailed information about all of us. The right reverend Prelate the Bishop of Chelmsford and my noble friend Lady Neville-Jones both raised the question of the need for the public to have confidence in the requirements for the collection of any data. I think we would all agree with that. If the public do not have confidence then the Government have no control at all of what is happening and there is a complete disbelief in the need for what is being done. That is an important issue.

We have had some startling examples recently about the use of information. I find it quite remarkable that the Government have so far been unable to give a solid reply to the European Court of Human Rights judgment that the retention of an innocent person’s DNA or fingerprints is an infringement of their privacy under Article 8 of the European Convention on Human Rights. This has more than called into question the current situation where DNA and fingerprints taken from people during criminal investigations is then held in perpetuity on the DNA base irrespective of whether they were found to be a continuing part of police inquiries.

The judgment of the European Court of Human Rights accords with the strictures of the Government’s own DNA ethics committee, the Home Affairs Committee of the other place and the Economic Affairs Committee of this House. We have had debates on all those reports. It is quite remarkable to me that the Government so far have refused to budge. Although the noble Lord, Lord West, told the House very recently in responding to a question from me that consideration was being given to the matter, there is apparently no timescale. It is hard to know what is delaying the Home Office’s response. I hope that the Minister will be able to tell us where the Government stand on this issue and what they are going to do about implementing the recommendation of all these bodies. All the committees have said that DNA and fingerprint samples of people found to be guilty may be retained, but for a short period; the others should all be destroyed—a short period, not a lifetime.

Unfortunately, there are now far too many examples of the Government finding good reasons for legislating for, or refusing to temper, the increasing propensity for retaining or collecting of data and information on this country’s citizens. We have had endless examples of those today. The shadow Minister for Security, my noble friend Lady Neville-Jones, repeated in her excellent speech her concerns about the latest EU directive, which this Government appear to have enthusiastically supported, that all e-mail and internet traffic should be kept indefinitely so such information can be interrogated at any time to check on the position and the activities of anyone suspected of crime or terrorism. She rightly exposed the enormity of this proposal when the statutory instrument was introduced last week and she has done so cogently again today. She has also raised the extremely important question as to why this very radical measure has been left to a statutory instrument and has not apparently been brought to Parliament in primary legislation. That may not be correct and primary legislation is to follow, but there is yet no evidence of it. The Minister may be able to reassure us today that this matter is not going to be left just on the basis of a statutory instrument on the EU directive.

We have also heard some discussion on the Government’s intention to introduce identity cards. They have already done so for those obtaining visas to come to this country and have introduced a database on all children born in this country. My noble friend Lady Byford has given very strong reasons for concern about this. The children’s database had its genesis in the report of the noble Lord, Lord Laming, on the tragic Victoria Climbié case. We understand the enormous concerns that there were about the lack of co-ordination and co-operation among the statutory agencies. Such concerns have, of course, raised their head again. There are, nevertheless, anxieties about the details of every child, whether vulnerable or not, being recorded in a way where state employees have access to them. My noble friend Lady Byford gave a far better exposition on that than I could.

There is an ability within that legislation for some anonymisation of information to be permitted, but it is extremely limited, so that information is available to a great many people and organisations. We all have to question whether it is desirable or necessary that every child in this country should be known or have its name on a database which can be accessed by a lot of people, who may or may not have good intentions.

We can also extend the question of information exchange to the Prüm framework which allows law enforcement information to be shared between some EU member states without similar or proper data protection. This country is not a signatory to the treaty, but the exchange of information has now been extended by the EU to cover all its states. Again, there are probably very good reasons why some information, particularly in the judicial and criminal fields, should be exchangeable, but to have swathes of data on people who have no possible likelihood of being implicated being transferred to other countries and their agencies is very dubious.

Other noble Lords have referred to the Joseph Rowntree report, which I hope all Home Office Ministers have read closely. The noble Lord, Lord Maclennan of Rogart, and my noble friend Lady Neville-Jones also drew attention to it. It has been published recently and is another example of a respected organisation raising great anxieties about how data are collected, managed and held by government bodies. The Minister shakes his head in disbelief; I hope that he has read the report, because that is precisely what it does. It has put the known databases into a traffic light system. Red is for those which it believes are likely to be illegal under human rights or data protection law and should be scrapped; amber is for those which it believes may be completely unlawful; and there are very few green, which it believes may broadly be in line with the law. That is quite a devastating critique of the database situation.

The report is refreshingly frank about the current situation, but one statement stood out. Recommendation 5 says:

“Citizens should have the right to access most public services anonymously”.

That is a maxim with which many of us would agree. I suggest, again, that the report is required reading for everyone in government who is dreaming or thinking of producing yet another database. Is it not a shocking state of affairs that so many authoritative voices should be raised in alarm at the current situation, and still we are left with the Government’s main justification that every matter which has been raised is needed either in the name of security or in the rather amorphous interests of the people of this country?

It is not only the collection of data which is becoming increasingly offensive; it is also the increasing ability for organisations and IT systems to share that information across a wide front. Of course we are told that it is all sensitively held and subject to password access. However, no one has yet, I believe, done a systematic analysis of whether the holding of such comprehensive details is safe, which it clearly is not; whether it is secure, which it clearly is not; and whether it is justified, which it may not be, in terms of the amount of the useful effect it generates.

The Minister responsible for security has said on many occasions in this House that the DNA database and now the garnering of millions of details of passenger information under the e-borders system can be justified on the grounds of security and criminal investigation alone. That contention is well and truly open to question, particularly where that information is held in perpetuity.

The noble Lady, Lady Saltoun, spoke about the enormity of the requirements for anyone having to provide advance details of travel. The questions raised by the letter in the press were not totally addressed when I asked the Minister about what that information will be and why it will be needed. The question raised by the noble Lady about people providing information if they are going off for a booze cruise, for example, has not been laid to rest.

The questions that need to be asked have largely been asked this afternoon. They relate to the balance of rights between the state and the individual, the length of time for which any data should be held, the proper justification for it being held, the impossibility of an individual being able to have any information about themselves taken off—the expunging of the information about which my noble friends Lady Byford and Lord Campbell of Alloway asked—and any idea whether that individual’s knowledge of what is held on him is sufficient for him to decide to demand its removal. We recently discussed finding a way of getting information on your DNA off the DNA base. It is virtually impossible.

We have learnt recently that immensely powerful cyber systems can be used to hack into any computer program, however well protected, and access any data on it. As my noble friend Lord Northesk said, we all know that the Government have a dismal record on holding data securely. The noble Lord, Lord Roberts, identified a considerable number of examples which have occurred in the very recent past. It is important that everything that is held is held securely, and that clearly is not being done.

There is a balance to be struck between making sufficient use of the technology involved for good and legitimate purposes and the impact on the preservation of privacy. The evidence gathered so far, and the appalled reaction of those who have reported on this country’s current position, should lead us to keep asking more and more questions about what is going on and to get sensible and responsive answers.

The right reverend Prelate the Bishop of Chelmsford rightly asked for proper guidance for the use and sharing of data. While he was largely in favour of the collection of some data, he quite rightly stressed the need for transparency and manageability and a recognition of the need for confidence in the system.

This country is now one of the most surveyed in the world. That in itself says something about our proud boast to be the most free. There is a very good maxim that the state should be ignorant of its citizens’ lives unless they are corrupt or criminal. That is certainly not happening at present.

A great many serious questions have been asked today. My noble friend Lord Campbell of Alloway has asked for written answers if the Minister is not able to answer the questions he raised today. I have some sympathy with the Minister if he cannot answer them now, but I hope that he will agree that some of them, at least, justify written responses and will see that that is done.

My noble friend Lord Campbell also drew attention to the fact that we have no privacy laws. Perhaps it is time we did to protect us from intrusive interference, however good the reasons.

We need a far more robust and honest debate between the Government and the citizens of this country about what is being done in their name. The subordination of the citizens of the state must not happen by default. Today’s debate is a mini-start in that direction. I hope that it will and can be extended before any further “good ideas” are invented to protect us from harm.

My Lords, I want to make it plain that I was not suggesting that we should have a new privacy law by primary legislation at all. I was trying to explain that, as we do not have a privacy law, we can and have to implement the Human Rights Act. I do not want it put on record that I advocated a different approach by primary legislation; I have not done that.

My Lords, if I misunderstood my noble friend, I apologise and am perfectly happy for that to be withdrawn from my remarks.

My Lords, I am grateful to all those who have spoken in this important debate and particularly to the noble Earl, Lord Northesk, for this Motion for Papers. It has been clear, from the serious way in which the debate has been conducted, that this is a very important subject. One of the most important points that the noble Earl made was in not wanting the debate to become party-political grandstanding. By and large, noble Lords have achieved that end; toward the end of the debate, great efforts were made by those who are normally used to such grandstanding to resist the temptation. Those attempts were not always successful, but the conduct of this debate has, by and large, been a credit to the House and I pay credit to the noble Earl for his interest and expertise in the subject. I hope to be able to provide the House with some reassurances on the Government’s position on, and action in, this area.

The Government believe—as does the House, from my general impression—that the use of personal data is essential to delivering efficient and effective joined-up public services: first, to tackle crime; secondly, to protect the public, and, thirdly and importantly, to help people get access to the benefits to which they are entitled, to new opportunities in their lives, and to developments and support. We want to create services that improve people’s lives and are simple and easy for them to use. Huge advances in technology make that more possible but, as the noble Baroness said when starting her speech, it is essential to balance the provision of better services with the proper respect for individual privacy in a free society. That balance is, we believe, maintained by a strong legislative framework that is already in place; namely, by the Data Protection Act and the Human Rights Act.

I shall set out the Government’s view in this area. We all have an interest in data being held securely and properly used. The shared interest is in delivering the improved public services that we want and the public are right to expect. The secure, co-ordinated and responsible use of personal data brings real advantages for individuals, public services and the UK economy as well as in crime prevention. Every crime prevented adds to the freedom of those who are not offended against. People want and expect efficient and joined-up services from Government; in order to deliver them effectively and efficiently, it is essential to share information between different parts of Government and with private organisations.

As my right honourable friend the Home Secretary commented in her recent speech on protecting rights and society:

“Do we, today, live in what critics call a surveillance society? I don’t believe so, not for one moment. But I welcome the debate … We are—all of us, as citizens, consumers, businesses and Government—now presented with a host of new ways to capture, analyse and use data. And there are clear benefits”.

I offer a few examples of those benefits to the House. The NHS national programme of IT is delivering front-line systems and services—to provide major benefits for patients, staff and NHS organisations—and system reform. It is providing essential services to support patient care and the smooth running of the NHS, which could not now properly function without it. There are also services such as: the NHS care records service; a picture archiving and communications system, which makes X-ray accessible by computer; electronic transmission of prescriptions from GPs to pharmacies, and electronic booking of first outpatient appointments at the time of referral at GP surgeries, which incorporates patient choice.

I noticed that those programmes have not been mentioned or attacked today, but one that has, which surprised me, is ContactPoint. That is of considerable importance and interest. I ask the noble Baroness, Lady Hanham: what is her party’s real policy on it? The Department for Children, Schools and Families is rolling out ContactPoint, whose first phase of implementation to local authorities started on 26 January. It is one of those databases that the Rowntree trust report considered to be almost certainly illegal—an astonishing judgment in a supposedly respectable academic report. I shall say more on Rowntree in a bit.

The ContactPoint system helps to improve services to children with a strong emphasis on early intervention and prevention. Practitioners can spend days trying to find out who else is working with the same child, or unknowingly duplicating work that another service is already carrying out. There are 11 million children and young people in England; at any one time, around 30 per cent of children require specialist service of some sort while up to 50 per cent will have additional needs at some point during their childhood. We cannot predict which, or when. ContactPoint, which I do not know whether the party opposite supports, will enable the delivery of co-ordinated support for those children and young people. The schemes I have mentioned are delivering a service to the public.

On ContactPoint, there were many questions asked by the noble Baroness, Lady Byford, including: who will use it? Its use will be restricted, and strictly limited to those who need it as part of their work. Authorised users will include those working in health, education, youth justice, social care and voluntary organisations, to help ensure more co-ordinated service provision for children and young people. It will not be used by a hugely wide section of the population, but by those who need it in order to help children. Another question posed was: what happens to a record when a young person turns 18? The system’s supplier, known as Capgemini, has automated transfer of data beyond 18—the age when it ends—into the archive. We are told that is for six years, in line with the limitations act, and then destroyed. There is a facility for some young adults’ records to stay on ContactPoint until they are 25, but only for limited reasons and with explicit consent.

My Lords, the children themselves or their parents. I am going on to say—because the noble Baroness asked a very good question—what power the children themselves have in relation to seeing their records. They have the power to do that under the general power that there is for people to see how their records are accessed. So that is something that she need not worry about.

The criticism of ContactPoint, which will hold a very small amount of detail on individual children, is surprising. I can cite in aid of ContactPoint a whole number of organisations which this House respects hugely in the field of children, from Barnardo’s to the NSPCC and other organisations—including KIDS, which looks after disabled children particularly—which think that this is an excellent database and that it will help. Most particularly, our colleague the noble Lord, Lord Laming, in his recent report, said:

“There are definite advantages to electronic record keeping in place of the previous often inaccessible paper files. Technology offers the potential for professionals to share information more effectively, to make information more accessible, and to use systems to manage the workflow of children’s services. The new ContactPoint system will have particular advantages in reducing the possibility of children for whom there are concerns going unnoticed”.

If the noble Lord, Lord Laming, is speaking so highly of it, perhaps this House should speak more highly of it.

My Lords, I do not think that anybody is objecting to children being on the database who need to be on the database. It is the universality that perhaps the Minister could address his remarks to, not the specific. That is where the whole of this debate seems to have gone—on the balance between the universality and the specific.

My Lords, it is that, as I understand it, that the children’s organisations and the noble Lord, Lord Laming—although I cannot of course speak for him—are praising. It is the universality of it that is its virtue here. If it is not to be universal, how is it to be limited and restricted? Maybe we will hear in due course what proposals the Official Opposition have in regard to ContactPoint. Listening carefully to the noble Baroness, I got the impression that they were opposed to it; if they are not, perhaps she will be good enough to say so.

Having mentioned ContactPoint, I move on to DNA, which again was the subject—

My Lords, before the Minister moves on, just to try to introduce that element of balance into his description, I should say that he has no doubt recorded that the Government’s own, commissioned security report on ContactPoint from Deloitte said:

“It should be noted that risk can only be managed, not eliminated, and therefore there will always be a risk of data security incidents occurring”.

Naturally, with that advice from such a quarter, one is interested in knowing how the Government intend to minimise such incidents.

My Lords, the Government are convinced that the security side of this database is good. Of course, we will be watching it with extreme care to ensure that when it is set up it is as secure as it possibly can be.

DNA was also mentioned in the speech of the noble Baroness, Lady Hanham. I hope that the House would agree that the use of DNA in investigations is one of the breakthroughs for modern policing, and it is an area where Britain is leading the world. No one disputes that taking and using DNA to detect crime and help bring offenders to justice must remain a key tool available to the police. It is crucial to public protection. The application of DNA profiling to crime detection has shown enormous results. Between May 2001 and December 2005 there were approximately 200,000 DNA profiles on the National DNA Database which would previously have had to be removed before legislation was passed in 2001 because the person was acquitted or charges dropped. Of these 200,000 profiles, approximately 8,500 profiles from some 6,290 individuals have been linked with crime-scene profiles, involving nearly 14,000 offences. These include 114 murders, 55 attempted murders, 116 rapes, 68 sexual offences, 119 aggravated burglaries and 127 of the supply of controlled drugs.

Is anyone seriously suggesting that that information and any resulting arrests that there may be are not of benefit to the public in this country? Research carried out in 2005 estimated that sampling persons who were arrested but not charged between April 2004 and December 2005 yielded a match with a crime scene in more than 3,000 offences, including 37 murders, 16 attempted murders and 90 rapes. These are serious crimes which have a major impact on victims and their families and friends and on local neighbourhoods and communities where the crimes occur. It impacts on the wider public confidence, too. It is the Government’s job to do what we can to ensure that those criminals are brought to book.

The National DNA Database continues to contribute to public protection.

My Lords, those figures are really quite astonishing. They are the argument used by those people outside this House who believe that there should be a national DNA database for all individuals within the United Kingdom.

My Lords, I have heard the arguments myself, and I could not possibly comment on them this afternoon.

My Lords, how many crimes have been solved that were not on a database? How many murderers—not the 114 whom the Minister mentioned—have been found, arrested and prosecuted who were not originally on a DNA database?

My Lords, the noble Lord always poses interesting questions. I do not know the answer to his question, but I shall make sure that I write to him with that information, if it is available.

My argument is in favour of DNA. Now I have to face the fact that the current policy for retaining DNA of persons arrested but not convicted needs to be changed—the noble Baroness is right that it does—to comply with the European Court of Human Rights judgment. We have made it clear that we will implement the judgment of the court. The court found that our blanket policy of retaining the fingerprints and DNA of people who had been arrested and not convicted, but against whom no further action was taken, was in breach of Article 8. However, the court did indicate—and it is important to point this out—that it agrees with us that the retention of fingerprint and DNA data,

“pursues the legitimate purpose of the detection and therefore prevention of crime”.

That is a key point in the judgment and reflects the recognition by the court of the importance of DNA in fingerprints and in helping to detect offenders and bring them to justice. However, the judgment recognises that other jurisdictions do not apply a blanket destruction order to biometric data of those arrested and not convicted, and recognises the need for an approach which discriminates between different categories of offending and defined periods of storage. That is why my right honourable friend the Home Secretary on 16 December said that she would be examining ways in which the retention of samples and fingerprints will be considered, taking into account factors such as age, risk and the nature of the offences involved. Those will be set out in a forensics White Paper to be published this year.

In the brief time I have left I shall deal first with Rowntree and then with some of noble Lords’ questions.

As far as Rowntree is concerned, the Government believe that the Data Protection Act 1998 is an effective and proper implementation of the relevant directive. It does not seem as though Rowntree thought so. We take our obligations under the Data Protection Act and the Human Rights Act very seriously and we agree that collection, use and sharing of personal information must be lawful and proportionate, but we do not accept that the databases are illegal as the report suggests. With great respect to its authors, I must say that the report appears to confuse political and legal issues. Privacy is important, but there is also a public interest in maintaining databases. They ensure, as I said, better delivery of public services and can be vital in detecting and preventing crime. Interestingly enough, the DNA database is one of those that have a red traffic light against them in this report.

I hope that I am not being unfair to its authors when I say that the report appears to be very much headline without any argument or analysis in each of the 46 cases that it looks at. It is not clear how the authors have made their assessments. How, for example, is the Office for National Statistics, which the noble Earl mentioned in his opening remarks, rated as amber? This is a non-ministerial department, not a database. The inclusion seems to be based on the fact that the ONS will run the forthcoming census in 2011. How are Directgov and the Government Gateway assessed as amber? The authors readily state that these are portals rather than databases and the report notes that they do not hold personal data. Local government’s use of CCTV is rated as amber. Again, there is no database, but the amber light is based on the fact that CCTV is an overinvestment. I am not sure that that view will be held widely by the general public, who regard CCTV as a protection for them rather than, as the authors of this report seem to suggest, something against their interests.

Of course reports like this make a useful contribution to the debate and scrutiny of the matter, and we are still looking carefully at it and will have something to say in due course. However, I ask noble Lords, if they have not already done so, to read the article by David Aaronovitch in the Times the day after the report came out. He made a very good point. He said that it was a pity that among the authors of the report there were no people who disagreed with the basic principle that databases were a bad thing. I have had my say on that now; I have been given the opportunity to do so twice. If the noble Baroness and others will pray this in aid every time we have a debate of this kind, I recommend that they consider whether it is really such a great work of academic brilliance that they can rely on its judgments in the arguments that they bring to the general public.

I have a host of questions to answer. I will have to adopt the advice given freely as always by the noble Lord, Lord Campbell of Alloway, which is that I will have to write to noble Lords with answers to their questions as best I can. I do not promise to be able to answer every one of them.

With the greatest respect, I have to say to the noble Lady, Lady Saltoun, that her analysis of the situation is completely over the top and does not represent the truth in any way. I wrote to her after her helpful question when I was answering an Oral Question last week. I wrote to her as quickly as I possibly could, as I did to the noble Baroness, Lady Maddock, who I see is in her place, on the matters that appeared in the Telegraph article to which she referred. I do not think that she acknowledged my letter in what she had to say today. If the noble Lady did, I apologise.

My Lords, I did acknowledge the Minister’s letter. I also acknowledged the fact that the Telegraph got it a little wrong. People were not going to have to produce the information themselves; booking agents were going to have to produce it.

My Lords, I am sorry but, with the greatest respect to the noble Lady, that is not a little wrong. The newspaper made a fundamental error on that occasion. There is no question of passengers having to apply for permission to travel, nor will they be required to submit an itinerary. If they had to do that, it would be a serious restriction on their freedom and liberty. I would then agree with the noble Lady, but that is not what they have to do even though that is what the newspaper suggested. I do not think that that is a little wrong; it is a fundamental point.

I make this point, too: e-Borders enables the UK Border Agency to check people before they reach the UK. Since the pilot started, e-Borders has screened over 82 million passenger movements in and out of the UK against immigration, customs and police watch lists. That has led to over 3,000 arrests for crimes, including serious offences such as murder, rape and assault. It has led to significant counterterrorist interventions as well, which we obviously cannot hear more about, and has resulted in fraudulently used British passports being impounded and the confiscation of drugs and tobacco. A considerable number of passengers have been identified and refused leave to enter. Is it seriously being suggested that, in the world in which we live, we should just forget all that and use the easy phrase “surveillance state”? I do not think so.

My Lords, I agreed that it was perfectly reasonable to refuse people leave to enter the country. I questioned whether it was not particularly necessary in a great many cases to refuse them leave to leave the country—they were probably as well got rid of.

My Lords, I am grateful to the noble Lady for reminding me of that.

The right reverend Prelate made a point about affirming our commitment to the Data Protection Act. I do that happily today. It also shows itself in the Cabinet Office review and our response to the Walport/Thomas review. He also asked whether we would implement the recommendation of the Data Sharing Review Report for a code of practice on data sharing. Yes, I can tell him that it is set out in Clause 157 of the Coroners and Justice Bill, which the House will enjoy debating, starting with Second Reading on 27 April. I look forward to his support in those debates.

The noble Lord, Lord Maclennan, as always, put some interesting questions about primary legislation, as did the noble Baroness, Lady Neville-Jones, who asked whether primary legislation should be used for data-sharing gateways in preference to secondary legislation. Already, a large number of data-sharing gateways are enacted in primary legislation. It is our policy that, for significant data-sharing powers, primary legislation remains appropriate. The noble Lord acknowledged that data-sharing powers cover a diverse spectrum. It is appropriate, provided that they are used properly, that a variety of legislative measures should be used to enact them. Not everything should be done by primary legislation.

The noble Baroness, Lady Neville-Jones, and the noble Lord, Lord Maclennan, asked about government databases removing personal data from their archives when the information is not necessary any more. I have been advised that the third data protection principle of the Data Protection Act 1998 already provides that data can be legitimately processed only where they are not excessive. Thus, there is an existing obligation on all data controllers, including the Government, not to process information that is unnecessary.

A number of noble Lords were interested in the important topic of why central databases are used instead of local ones. Neither the Data Protection Act nor the data protection directive before it explicitly makes any requirement in relation to local or central databases. The legislation requires that data processed must not be excessive. It is therefore the obligation on each data controller to consider what scale of data is necessary for the purposes of the database. National systems sometimes offer greater benefits in this age of greater mobility where citizens can access services across many boundaries and borders. Maybe there is not just one answer to that question.

The noble Baroness, Lady Neville-Jones, was concerned that I answer in particular her question whether there is a prototype for the central database. There has been, we believe, widespread misrepresentation of our plans for future communications data retention. We will set out the future plans in a consultation document to be published shortly. Since those plans have not been finalised, I cannot say that there will be a prototype, as plans will be confirmed only after the consultation. We have not commented on reports of a central database for communications data and, I repeat, our plans will be outlined shortly in the consultation.

I have spoken for half an hour now, as noble Lords were generous in not speaking for the fully allotted time. I thank noble Lords very much for what they said in this important debate. It is important that we should exchange these ideas across the Floor of the House, even if sometimes in quite a robust way.

The Government’s ability to deliver and improve the public service changes that we want—to fight crime and to protect citizens—relies on strong public confidence in the ability of public and private organisations to handle personal information securely and effectively. That point has been made by Members from around the House and it is obviously true. We have implemented a range a different measures to improve trust in the arrangements to protect personal data. I hope that I have begun to show, if not completely to the satisfaction of all Members, that both in our legislation and in our reviews of working practices we are committed to a legal framework and culture that instil confidence in every citizen in the protection of their personal data, a confidence to which they are entitled. I am grateful to the noble Earl for introducing this debate.

My Lords, this has been an excellent debate and I thank all noble Lords who participated. I genuinely enjoyed all the contributions, including that of the Minister, although I am perhaps a little disappointed that, in relation to the Joseph Rowntree Foundation report, he may have resorted to shooting the messenger because of dissatisfaction with the message.

As the debate has progressed, two specific themes seem to have emerged. First, the debate has articulated the deep anxiety and uncertainty that inform the perceptions of so many of your Lordships—and of the wider public—about the Government’s data management agenda. Secondly, other than with the Minister, it appears to have engendered a broad consensus on the proposition that, in this field, less is more. As the right reverend Prelate observed, there are good reasons why the Government may be well advised to be a little less ambitious and a little less grandiose with this database agenda.

For myself, I am none the wiser as to why the Government continue to favour the most invasive and expensive technological solutions when less invasive and less costly alternatives are readily available. I have no doubt that we will return to these matters in innumerable debates in the future and, no doubt to the Minister’s disappointment, the JRF report and, I suspect, other like-minded texts will be prayed in aid in those debates. In the mean time I beg leave to withdraw the Motion.

Motion withdrawn.