Companies could be forced to publish an annual data transparency statement detailing the behavioural data they are purchasing from third parties, and how it is used, stored and transferred, under new proposals set out by the House of Lords.
In the latest of a long line of reports in the wake of the Cambridge Analytica scandal, the Lords’ communications committee has waded into the debate about Internet regulation. It also recommends that the Information Commissioner’s Office is given the powers to conduct impact-based audits where risks associated with using algorithms are greatest.
Regulating in a Digital World, published at the weekend, notes that over a dozen UK regulators have a remit covering the digital world but there is no single organisation which has complete oversight.
As a result, regulation of the digital environment is fragmented, with gaps and overlaps, allowing big tech companies to ride roughshod over consumers and regulators, with snail-like responses to privacy concerns, data breaches and anti-social content.
Responses to growing public concern have been piecemeal and inadequate, the report states, and calls for a new Digital Authority to be established to co-ordinate the existing regulators, continually assess regulation and make recommendations on which additional powers are necessary to fill gaps.
The plans go against calls for a new independent regulator outlined by the Department of Digital, Culture, Media & Sport last month.
The chairman of the committee, Lord Gilbert of Panteg, said: “One of the reasons that setting up a new regulator is expensive is because we never close down another one. This isn’t that; it’s deliberately not that.
“I’d say to government, stop creating lots of little bodies, create an overarching framework, have a good look at the existing bodies and work out whether they’re the right ones for the future.”
The new Authority should play a key role in providing the public, the Government and Parliament with the latest information. It should report to a new joint committee of both Houses of Parliament, whose remit would be to consider all matters related to the digital world, the report states.
The Authority would be guided by 10 principles to inform regulation around digital services. The principles include: accountability, so processes must be in place to ensure individuals and organisations are held to account for their actions; and policies and parity, meaning there should be the same level of protection online as offline.
Lord Gilbert added: “The Government should not just be responding to news headlines but looking ahead so that the services that constitute the digital world can be held accountable to an agreed set of principles.
“Self-regulation by online platforms is clearly failing and the current regulatory framework is out of date. The evidence we heard made a compelling and urgent case for a new approach to regulation.
“Without intervention, the largest tech companies are likely to gain ever more control of technologies which extract personal data and make decisions affecting people’s lives. Our proposals will ensure that rights are protected online as they are offline while keeping the Internet open to innovation and creativity, with a new culture of ethical behaviour embedded in the design of service.”
‘Bully’ Facebook ‘deliberately broke data privacy laws’
Germany goes to war with Facebook over data sharing
Irish confirm seven GDPR probes as Facebook turns 15
Watchdog collars Facebook over messenger merger plan
3 million EU users hit by Facebook security breach
Facebook hit with €10m fine over dodgy data practices
Facebook bids to overturn £500,000 data abuse fine
Facebook admits over a million Brits hit by data scandal
Cambridge Analytica row ‘lets genie out of the bottle’