Skip to main content

Data Protection Act 2018 (Amendment of Schedule 2 Exemptions) Regulations 2024

Volume 836: debated on Tuesday 5 March 2024

Considered in Grand Committee

Moved by

That the Grand Committee do consider the Data Protection Act 2018 (Amendment of Schedule 2 Exemptions) Regulations 2024.

Relevant document: 13th Report from the Secondary Legislation Scrutiny Committee

My Lords, this instrument, which was laid before the House on 31 January 2024, would amend paragraph 4 of Schedule 2 to the Data Protection Act 2018, more commonly known as the immigration exemption. The Government are amending these provisions following the Court of Appeal judgment on 11 December 2023, which found the immigration exemption incompatible with provisions in the UK GDPR. The court suspended the effect of the judgment until 11 March 2024 to allow the Government time to make the necessary amendments.

I will briefly outline what the immigration exemption does and the changes being made by these regulations. Parliament included the immigration exemption in the Data Protection Act 2018. It provides a legal basis to derogate from certain data subject rights where their exercise is likely to prejudice effective immigration control. For example, a data subject has the right to request and receive details of what personal data is held about them and how it is being processed. Under the provisions of the immigration exemption, the Government may limit the information provided in response to that request if, for example, the provision of that information would tip off the data subject that they were about to be subject to immigration enforcement. The immigration exemption is therefore an important provision in the DPA 2018 that allows the Government to protect the functioning of the immigration system. This was noted specifically by the Court of Appeal in its judgment.

The Court of Appeal’s judgment noted two technical deficiencies in the current exemption. First, the safeguards to be applied to the immigration exemption needed to be in the legislation itself; this is being amended by the regulations’ new paragraph 4A, which inserts the safe- guards on the use of the immigration exemption previously contained in the immigration exemption policy document into the legislation.

The court also determined that the risks to rights and freedoms of individuals were not sufficiently set out in the legislation. This is being remedied by new paragraph 4A(3), which specifically sets out the rights and vulnerabilities that should be taken into account when exercising the exemption. By including these explicitly in the legislation, we are providing increased clarity on the safeguards that are already applied when exercising the provisions of the exemption.

The Government are also choosing explicitly to include provisions as to the balancing exercise that must be undertaken when determining whether the exercise of data rights is likely to prejudice effective immigration control and, if it is necessary and proportionate, to restrict such rights as a result. The draft regulations were subject to consultation with the parties to the judicial review proceedings as well as the Information Commissioner’s Office. The ICO issued a public response to the consultation confirming that it was content with the regulations.

The Government have acted to meet the requirements of the Court of Appeal’s judgment while continuing to ensure that there are necessary safeguards in the legislation to protect effective immigration control. I commend the regulations to the Committee.

My Lords, I thank the Minister for that explanation. I have to say that my recollection is that the issue is much wider than the exemption and ensuring that there is no tip-off to somebody who is about to be visited by immigration enforcement. Let me give an example that was borne out after the Act was passed: solicitors acting for data subjects were unable, as we had anticipated, to find out what the Home Office thought it knew—I put it that way deliberately —about their clients.

I have some general points to make; I will do so fairly quickly. It would be optimistic to think that the Home Office had taken from this saga that objections and criticisms—in the form of amendments, obviously—can be helpful because we could have avoided a lot of effort in rectification. My noble friend Lord Clement-Jones will go into some of the history; I must admit, I do not recall much detail except for being teased frequently by the noble Baroness, Lady Williams, when she was the Home Office Minister, because I brought up our objection to the immigration exemption so often.

I feel strongly that it should not have to be for non-governmental organisations that are no doubt strapped for cash to do so much in order to get things right. I appreciate that that is part of our democracy; I do not object at all to the fact that they can do so, of course, but they should not have to. An application, an appeal, another judicial review, another appeal—at what cost to those organisations and the taxpayer! I emphasise that there is an exclamation mark, not a question mark, at the end of that sentence.

This saga is one of those episodes that vindicates the role of the courts, often in language that I, for one, relish. We have spent a lot of time in the Chamber recently discussing the role of the courts in our constitution; to give one example of the language, I really liked the understated use of

“over-broad derogations from fundamental rights”.

As the Minister said, the litigants were consulted before the publication of the SI. The Secondary Legislation Scrutiny Committee reports that it made three points, of which one, on oversight, was rejected by the Home Office and one was regarded by the Home Office as not necessary. Can the Minister tell the Committee what these were and why they were not pursued?

On the detail of the instrument, I note that it will be a matter for the Secretary of State to balance the risks to the individual and the risks to the state. I happen to think that it is in the public interest to apply exemptions with a very light touch, but of course it is no secret that the Liberal Democrats have problems with the Home Office’s immigration policy, and I fear that the reputational ship is well on its way. Clearly, there is an imbalance of power. That is inevitable, but it is not easy for the individual data subject to exercise his rights, and we should be aware of that.

Can the Minister also tell us what the Home Office will do to ensure that there will be transparency of decisions so that it can appropriately be held to account? Mechanisms must be written into the procedures. New paragraph 4B of Schedule 2 provides for a record of decisions and reasons. How will that be published and what will happen to it?

Will the Minister also comment on the capacity of immigration enforcement—and whoever else needs to—to look at prospective decisions on a case-by-case basis for each disapplication? I recognise that that will not necessarily be a straightforward and easy exercise, but it certainly requires a great deal more than, “It’s okay; it’s immigration, so we can just rely on the exemption”. Case-by-case decision-making is very important.

Finally, I note that the Explanatory Memorandum tells us that there is no full impact assessment because the instrument

“does not substantively alter the safeguards and considerations for applying the Immigration Exemption”.

I have to say that I thought that was the point.

My Lords, this set of regulations is a step forward, but with all the caveats that my noble friend made, and I have some more.

As the Minister confirmed, these regulations are the result of the Open Rights Group case—the Court of Appeal judgment in the3million & Anor, R (on the application of) v Secretary of State for the Home Department & Anor—which confirms the earlier High Court judgment in March 2023. In broad terms, the Court of Appeal found that the immigration exemption in Schedule 2 to the Data Protection Act 2018 conflicted with the safeguards in Article 23 of the UK GDPR, as the Minister said. This was because the immigration exemption was drafted too broadly and failed to incorporate the safeguards prescribed for exemptions under Article 23 of the UK GDPR. It was therefore held to be unlawful and was disapplied.

These regulations follow two previous attempts by the Home Office to craft an immigration exemption which contained sufficient safeguards to satisfy the requirements set out in Article 23 of the UK GDPR. This is the third shot at it. In order to make the immigration exemption compatible with the requirements of Article 23, as the Minister explained, the Government added a number of safeguards to the exemption which were not there before. These are set out in the regulations. They are worth stating because they are really important requirements, which were omitted previously.

They include requirements to: make decisions on the application of the exemption on a case-by-case basis; make separate decisions in respect of each of the relevant UK GDPR provisions which relates to the data subject; make fresh decisions on each occasion where there is consideration or restriction of any of the relevant UK GDPR provisions in relation to the data subject; take into account all the circumstances of the case, including the potential vulnerability of the data subject, and so on; and apply the exemption only if the application of the particular UK GDPR provision would give rise to a substantial risk of prejudice that outweighs the risk of prejudice to the interests of the data subject, ensuring that the application of the exemption is necessary and proportionate to the risks in the particular case.

You would think it rather extraordinary that those are excluded from the previous regulations. In addition, a record must be made of the decision to apply the exemption, together with the reasons for that decision. There is also a rebuttable presumption that the data subject will be informed of the use of the exemption.

The ICO welcomed them in its letter to the Home Office as, in its view, satisfying the requirements of the Open Rights Group case. In its view, the proposed changes will ensure that the exemption complies with Article 23(2) of the UK GDPR and ensure that there are appropriate safeguards to protect individuals. Since it took part in the case as an interested party, this is of considerable reassurance. I congratulate the Open Rights Group and the3million on not one but two notable successes in court cases which have forced the Home Office to amend the exemption twice.

It is a pity that the Government did not listen to my noble friend Lady Hamwee when we debated the immigration exemption during the passage of the then Data Protection Bill in 2017. I pay tribute to her tenacity in trying to ensure that this exemption is fit for purpose and compliant with the UK GDPR. We had the subsequent first version of the regulation in January 2021. If the Home Office had listened to my noble friend, it might have spared itself some grief.

In fact, it is worse than that. When we debated the Government’s attempt to comply with the first court judgment back in January 2022, my then noble friend Lord Paddick—who is still my actual friend—my noble friend Lady Hamwee and I all warned that the method they were adopting would be non-compliant with Article 23(2) and the judgment of October 2021. I explicitly said that

“we are quite clear on these Benches that this new SI does not at all reflect the safeguards required by the GDPR and by the Court of Appeal’s decision … I can only wonder what kind of advice the Minister has had. How has she”—

this was the noble Baroness, Lady Williams, as my noble friend referred to—

“been able to convince herself that this SI will not meet the same fate as the previous provisions?”—[Official Report, 31/1/22; col. 698.]

Finally, it seems that we have compliance, six years after Royal Assent. What have the total legal costs been in all the legal challenges? I ask that with a question mark rather than my noble friend’s exclamation mark. The barristers’ bills must have come in by now. If the Minister does not have them to hand, will he write? I hope that there are several red faces in the Home Office, but I am afraid that this is all of a piece with its approach to border and immigration policy, which has been even more exposed than usual in recent days, with the publication of the former chief inspector’s reports.

What reflections does the Minister have on this saga, as my noble friend rightly described it? Is there any intent to change how the Home Office goes about compliance with law, the advice it takes and the judgments it makes on that advice? My noble friend asked about transparency in future and the report of the Secondary Legislation Scrutiny Committee, which is still not totally satisfied with these regulations. There is a whole series of questions about the human impact of the use of this illegal exemption since it was created. How many individuals have been impacted and in what respect? What redress do they have? As my noble friend asked, why has there been no impact assessment? Surely, the human impact has been considerable.

That is not the sum total of the implications of these regulations. In truth—I am indebted to Bates Wells for its analysis of this—the effect of these regulations is significant and not confined to the field of immigration. The regulations are clear evidence of how data protection rights and standards in the UK have been weakened as a result of the Retained EU Law (Revocation and Reform) Act 2023, or REULA. The Government could easily restore data protection rights to what they were before the end of 2023 using the vehicle of the Data Protection and Digital Information Bill, which we will start debating in Committee on 20 March. This would help ensure trust in the UK’s data protection standards and support, rather than undermine the Government’s efforts to make the UK what they aspire for it to be—a “technology superpower” by the end of this decade.

When the UK stopped being subject to EU law at the end of 2020, the European Union (Withdrawal) Act—EUWA—saved EU rights and obligations that applied in the domestic statute book as a result of the UK’s EU membership. This meant that the GDPR was retained as domestic law and was renamed the UK GDPR. The Data Protection Act 2018 also continued to apply. Importantly, EUWA also preserved the relationship between existing domestic laws and what had been EU law by keeping the principle of the supremacy of EU law on the statute book. This simply ensured that the relationship between different parts of the UK’s domestic law remained as before, thus creating continuity and certainty. In terms of data protection law, this meant, for instance, that in a conflict between the UK GDPR and the DPA 2018, the UK GDPR would take precedence.

However, at the end of 2023, REULA deleted the principle of the supremacy of EU law and turned the statute book on its head. Domestic law, whenever enacted, now takes precedence over the parts of the domestic statute book that were previously EU law. There are exceptions to this rule, but they do not apply to the relationship between the DPA 2018 and the UK GDPR. The Open Rights case, which has culminated in the Government drafting these regulations, was brought after the UK left the EU but before the relevant provisions of REULA came into effect. It is an example of how the preservation of the principle of the supremacy of EU law continued to guarantee high standards of data protection. In a conflict between the DPA 2018 and the UK GDPR, the DPA 2018 will now take precedence —the opposite of what parliamentary draftsmen intended when the provisions of the Act were written and a change which clearly lowers the standard for the protection of personal data in the UK.

The safeguards that will be in place for data subject rights in an immigration context will now be far more extensive than the protections that exist in other areas. For example, where personal data is being processed for the prevention or detection of crime, the apprehension or prosecution of offenders or the assessment or collection of a tax or duty, a controller will not need to be nearly as meticulous in applying safeguards as they would be in an immigration context. The same is true where personal data is being processed for other purposes, including discharging regulatory functions relating to legal services, health services and children’s services or by public bodies in discharging their statutory functions.

Before the end of 2020, it would have been possible to bring a challenge to other exemptions in Schedule 2 to the DPA 2018 based on the same arguments that were successfully advanced in the Open Rights case: that the exemptions in Schedule 2 are incompatible with the requirement for protections as set out in Article 23 of the UK GDPR and are therefore unlawful and must be made more protective in the interests of data subjects. REULA removes this ground of challenge because it is now impossible to argue that the exemptions under the DPA must comply with the safeguards set out in Article 23 of the UK GDPR. This is because the removal of the principle of the supremacy of EU law and the new rule introduced by REULA means that any inconsistency between the UK GDPR and the DPA 2018 must be resolved in favour of the provisions of the DPA. In other words, the broad exemptions under the DPA trump the safeguards in the UK GDPR, thus making the safeguards inapplicable.

A litigant in this situation may be able to argue that the courts should make an incompatibility order under Section 8 of REULA which would delay, explain, remove or constrain the consequences of the Schedule 2 condition trumping data subject rights, but this is a less certain remedy than would have existed before. In practice, this means that data subject rights in UK law will be less certain and less protective than before. This is clearly demonstrated by the significantly higher levels of protection which will exist in the context of immigration when compared with other areas. An example of how this plays out in practice is that a pensioner making a subject access request relating to their pension payments will have fewer safeguards to ensure that their rights are protected compared with an individual whose data is being processed for immigration purposes.

I am sure that the Minister is eagerly anticipating the question of whether he agrees with my interpretation of where we are with the relationship between the Data Protection Act 2018 and the UK GDPR. If so, the Lords stages of the Data Protection and Digital Information (No. 2) Bill provide an opportunity for the Government to reverse the damaging effects of REULA by restoring UK data protection standards to what they were before the end of 2023. The Bill should be amended to ensure that the safeguards, as now, will apply in an immigration context across the board to protect all data subjects, including other vulnerable individuals, such as children. Will the Minister undertake that the Government will do that?

Falling data protection standards in the UK also create wider risks. The free flow of data from the EU to the UK is based on the UK and the EU having essentially equivalent data protection standards. If UK standards fall, as the regulations clearly prove that they have, this risks the free flow of data from the EU to the UK, causing significant barriers to trade as well as costs and red tape for UK businesses. I look forward to the Minister’s reply and to our debates on the new data protection Bill.

My Lords, I am pleased to follow the noble Baroness, Lady Hamwee, and the noble Lord, Lord Clement-Jones. I agree with much of what they said. I thank the Minister for his introduction to this important SI.

In May 2021, the Court of Appeal ruled that the wording of the exemption at the time did not comply with GDPR because it did not provide sufficient safeguards against abuse or risks to data subjects. In December 2021, the Government laid an instrument intending to rectify this by introducing guidance. However, officials then found that the guidance was not sufficient and a further Court of Appeal judgment required the Government to come forward with safeguards that they have now put into the legislation. We support the SI in doing that.

I have a couple of questions for the Minister regarding that. Paragraph 5.2 of the Explanatory Memorandum states that the High Court said that,

“the balancing test between the rights of individuals and the maintenance of effective immigration control should be set out more explicitly in the legislation”.

Can the Minister say a little more about how the Government intend that test to work and the criteria for the balance between the rights of the individual versus the rights of immigration control? How is it different from before? Presumably there was some sort of test even if it was not in any legislation. Is there any oversight of how this operates, anywhere that this has to be reported so that there is oversight of it? Who applies for the exemption? Who starts the process of saying, “We think that there should be an exemption in this case”. What is the process for that?

Like the noble Lord, Lord Clement-Jones, I am interested to know how many times this has been used over the past few years. How many exemptions have taken place? What is the status of those who have had this applied to them where their data was not compliant with the law? Presumably they were subject to some sort of immigration sanction. Can the Minister say anything about this?

There is a question that I always ask. Sometimes it is irrelevant, but I ask it anyway. Does it impact on anyone leaving the country? Obviously, it impacts on people coming in, but I am never sure about anyone leaving the country, which is a weakness in our immigration system. We spend a lot of time talking about people coming in, but I sometimes wonder whether counting people out might be an idea as well.

The Explanatory Memorandum talks of the need to consider any,

“potential vulnerability of the data subject”

Does this SI impact on unaccompanied children and children more generally or are children exempt and it is just applicable to adults? I am not sure. I apologise if that is in there, but I could not see it anywhere, so I just wonder whether it applies to children or just to adults. There is some criticism that the Government rejected the idea of including storage and retention periods in the Bill. Can the Minister say why they rejected that?

The Information Commissioner’s Office welcomed the changes, saying that the legislation now sets out that the use of exemptions must be necessary, proportionate and applied, as the noble Lord, Lord Clement-Jones, and the noble Baroness, Lady Hamwee, said, on a case-by-case basis, taking into account the potential vulnerability of the person concerned and the impact on their rights and freedoms. However, the Information Commissioner went on to say that it is important that these regulations are explained to immigration staff and that training will be involved. I wonder, as the Information Commissioner asked, what steps the Government will take to ensure that this new SI is implemented properly and according to the new rules. What training will there be for staff?

It is a welcome step forward, as the ICO said, that the Government are now trying address this. It has perhaps taken longer than it should, but they are now trying to address a very real issue that was identified by the courts. As such, we welcome it.

I thank all noble Lords for their contributions. I shall start with justification and the public interest, which is obviously at the core of this. Parliament included the immigration exemption as part of the Data Protection Act 2018, as has been noted, for the legitimate purpose of effective immigration control. The Court of Appeal declared in its judgment,

“that there can be no dispute that the Immigration Exemption has a legitimate aim and indeed seeks to advance important public interests.”

We agree with the court: the immigration exemption is vital to prevent the release of information which would otherwise prejudice effective immigration control. I particularly welcome its endorsement by the noble Lord, Lord Coaker.

I want to be clear with noble Lords what those important public interests are. Through targeted use of the immigration exemption, we are able to maintain our capability at the border to prevent criminals and those who seek to cause us harm threatening our country as well as to support other agencies and international partners. We are able to frustrate and prevent sham marriages and protect the integrity of ongoing immigration removal and enforcement action and forgery investigations. The immigration exemption is also used to protect people being forced into a marriage and to prevent individuals absconding when there is a planned immigration visit. The central aims are to protect our citizens, ensure the integrity of the border and prevent abuses of the immigration system.

The noble Lord, Lord Coaker, asked about the balancing test. I will come on to the use of the exemption in practice, but it is always clear that the balancing test has to be carried out, and will now be explicitly in the Act. In practice, I can reassure noble Lords that the exemption is employed at around 70% of subject access requests relating to immigration and the Border Force. The amount of data that is restricted by the use of the exemption is, in the vast majority of cases, very little. It is not simply the case that where one piece of information is found to be prejudicial to immigration control, the Home Office does not respond to a request. The piece of information may be redacted as a result, but otherwise a full response will be given. It must be both necessary and proportionate to use the exemption, and this must be balanced against the risk to an individual’s rights. These existing standards will now be set out explicitly in the legislation.

I acknowledge that there was a difference of opinion in the House over whether the previous regulations amending the immigration exemption in 2022 met the requirements of Article 23 of the UK GDPR. The courts have agreed with the Government on a wide range of issues in the hearing. They declared that in two areas in particular the amended exemption did not, and the Government respect that ruling. We are confident that these regulations meet the requirements of the judgment in full, and we are supported by the ICO in that opinion.

The noble Baroness, Lady Hamwee, asked whether we consulted the claimants. They were consulted as part of the development of the provisions, and they suggested some additions to the provisions. We accepted suggestions to provide detail on applicable storage periods in the Explanatory Memorandum. We did not accept a suggestion to alter the existing model of ICO oversight of the exemption. The existing model of ICO oversight of the Home Office is robust, and data subjects are able to challenge use of the exemption. I welcome the noble Lord, Lord Clement-Jones, acknowledging the ICO’s part in this.

We also rejected the suggestion to specify in the legislation the wording that must be provided to data subjects when informing them that the provisions of the exemption have been applied. The provisions of the exemption are already accessible to data subjects and adding that detail to primary legislation would be unhelpful.

As regards how the ICO assesses the Government’s use of the immigration exemption, it already assesses the Home Office as part of its statutory role as regulator. Those assessments are published as data protection audit reports, setting out the findings and any recommendations. Should a data subject disagree with the decision to apply the immigration exemption in their case, the usual redress mechanisms to contact the ICO are available.

The noble Lord, Lord Coaker, asked about the application of these rules to children. The immigration exemption applies to all immigration data, but there are special considerations in relation to minors, which are set out in the ICO’s guidance.

The subject of an impact assessment also came up, which relates to oversight and transparency more generally. It is important that these regulations retain the presumption that a data subject should be informed that the immigration exemption has been used—for example, to redact information provided to them in response to a subject access request. That allows the data subject to challenge that decision, should they believe that the application of the exemption is not justified. The ICO has appropriate powers to investigate whether the immigration exemption has been applied appropriately in a specific case. This is in addition to its overall assessment of the Home Office’s data protection practices, which include the use of the immigration exemption more broadly.

An impact assessment was carried out as part of the inclusion of the provision for the immigration exemption in the Data Protection Act 2018. A further supplementary impact assessment was conducted as part of the amendment to the exemption by the SI in 2022. This is noted in the Explanatory Memorandum. Given that there is no substantive change to the safeguards and scope of the exemption, we have not completed a new IA for this instrument.

I am sorry; the Minister seems to be moving on from the impact issue. Clearly there was a period when the old regulation, which is now being superseded, was in operation and individuals were impacted. In a sense, an inappropriate exemption was used. What data does the Minister have about those individuals and the impact on them? What redress do they have? The Minister skated over the ICO’s redress mechanism. Is there no direct mechanism to the Home Office?

I did not skate over it at all; I referred to it explicitly and am happy to do so again, if it would help. I do not know if there is any specific redress to the Home Office. I would imagine not, given that it is explicit that data subjects should go via the ICO. If I am wrong on that, I will clarify.

I have no particular data on the subjects who may have been covered by this before the court’s decision, so I will have to find out, come back and write to the noble Lord if there is anything useful to add.

The Home Office already has relevant guidance and training in place for those exercising the immigration exemption provisions, but we are undertaking a review of those materials to ensure that they align with these regulations. That will be completed in time for the 11 March deadline to amend the current exemption. The instrument is making existing safeguards explicit in the legislation, which are already captured in the existing training and guidance, so we do not expect substantive changes to be needed.

The costs of the court case are not yet settled, but I am happy to commit to write once they have been.

There are a couple more bits to say. How often is the exemption used? The honest answer is not very often. I think I referred to this earlier, so it is probably redundant to say it again but, for the record, in the year ending October 2023, the immigration exemption was applied in around 70% of subject access requests received in relation to immigration citizenship and the Border Force. Of those, the vast majority had only a small amount of data redacted under the use of the exemption. So I suppose the answer to the noble Lord’s question is that it will have a very minimal impact on people, but I commit to clarify that.

Finally, the noble Lord, Lord Clement-Jones, asked about the relationship between the DPA and retained EU law. The official answer is that the focus of this SI is the immigration exemption and that discussions of the rules and the implications for the DPA 2018 are probably best debated as part of the DPDI Bill, which will, I believe, come to the House on 20 March. The unofficial answer is that I cannot comment on the noble Lord’s disposition because I did not really understand it and I do not have much knowledge of this subject. However, I note that we have left the EU: the people voted. Our rules can now be amended to our own circumstances, and of course, that applies across the entire legal suite. It was a pretty clear vote by the people of this country; I know that that does not suit the Liberal Democrats.

In closing, I hope that I have satisfactorily answered the points that were made and that noble Lords understand the necessity—

Before the Minister ends, can I go back to the record the Home Secretary is to keep under the schedule’s new paragraph 4B? It provides that, when he makes a decision, he must keep a record and the reasons for it. In essence, my question is about whether this will be public to any extent or whether transparency will be confined to the data subject. Also, I do not expect the Minister to go into any detail on this now or to comment, because he gave the figure, but 30% seems very high to me. The Immigration Law Practitioners’ Association has commented in the past—not the immediate past but, then again, I have not asked it—about the difficulty data subjects and, in particular, their legal representatives face because they simply do not know what the Home Office thinks it knows about their clients, which is an important starting point for any legal representation and any claim. I make this point because it really needs to be made.

I thank the noble Baroness for making her point. As regards what is required of the Home Secretary, for obvious reasons, it will not be public, although I agree that transparency is important when it comes to culture; we talked about that earlier in the context of the police, where similar rules apply. It will, however, be available to the ICO and subject to the usual transparency rules at the ICO’s request.

As I have already noted, we understand the necessity of these changes in order to ensure compliance with the Court of Appeal’s judgment and to increase clarity around the use of the immigration exemption. With that, I commend the draft regulations to the Committee.

Motion agreed.