The Government’s difficulties in getting its data protection reforms over the line and on the statute book have been laid bare once more after ministers have been forced to secure an extension to the Data Protection & Digital Information Bill (No2), with just weeks to spare before it expired.
Secretary of State Michelle Donelan brought the motion in the House of Commons late last week, extending the time before which the Bill will lapse by 280 days to December 12 2024. Without such action, the Bill would have lapsed on March 8, 12 months after its first reading.
The reforms are now making their way through the House of Lords, having had the “second reading” just before the Christmas recess and are currently in the Committee Stage, although how long this will take is open to debate.
A key problem the Lords face is ploughing through the 240 last-minute amendments to the Bill, waved through on the third reading in the House of Commons in November.
At the time, Labour MP for Rhondda Sir Chris Bryant urged the House to re-commit the Bill to a public committee due to the huge number of changes, arguing that MPs could not possibly get through so many in one day. He concluded: “I feel ashamed to say it, but I hope the Lords are able to do the line-by-line scrutiny that we have been prevented from doing today.”
One of the most controversial amendments will give the Department of Work & Pensions powers to force banks to hand over personal information for any benefit claimant, from universal credit to child benefit and pensions.
The plans, which the Government insists are needed to fight fraud, have been widely criticised by privacy organisations and Opposition MPs. They have also irked Information Commissioner John Edwards, who has questioned whether ministers have shown the new powers are “proportionate”.
In a recent letter to The Times, Edwards wrote: “While I agree that the measure is a legitimate aim for Government, given the level of fraud and overpayment cited, I have not yet seen sufficient evidence that the measure is proportionate.”
Quite how this is all going to pan out is anyone’s guess but Mishcon de Reya senior data protection specialist Jon Baines points out that Government had previously said it wanted the Bill to receive Royal Assent by this spring, and with a general election looming by the end of the year, time is of the essence.
He added: “Whether the difficulty in getting the Bill passed is simply down to lack of space in the parliamentary diary, or to more substantive issues, is a matter for debate. Although there has been little dissent from the Commons, several members of Lords were notably inquisitive about it in its second reading in that House in December.
“The fact that – in its various iterations – the Bill has now been kicking around Parliament for close to two years, combined with the ticking of the election clock, may mean that time will simply run out on it. If that happens, it would be down to the next Government (from whichever party that may be formed) to decide which way data protection law is to develop in the UK.”
If it is not settled by then and Labour does win the election, Sir Chris Bryant could finally get a rewrite, after all.
Related stories
Regulator wades into row over ‘data snooping’ by DWP
That was then, this is now… for data protection reforms
Data reforms face delay over Parliamentary ‘ping-pong’
Data reforms to be rubber-stamped by MPs next week
Govt urged to pass data reforms ‘for the sake of SMEs’
Data reforms under fresh fire for favouring big business
Decision Marketing Data Clinic: Data reforms explained
Privacy organisations fume at ‘weakened data laws’