Clause 3 - Information recorded in Register
Identity Cards Bill
6:15 pm

Next clause » « Previous clause Identity Cards Bill


Photo of Mr Patrick Mercer

Mr Patrick Mercer (Shadow Minister (Homeland Security), Home Affairs; Newark, Conservative)

I beg to move amendment No. 18, in page 3, line 25, leave out paragraph (b).

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Derek Conway

Mr Derek Conway (Old Bexley and Sidcup, Conservative)

With this it will be convenient to discuss amendment No. 19, in page 3, line 27, leave out paragraph (c).

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Patrick Mercer

Mr Patrick Mercer (Shadow Minister (Homeland Security), Home Affairs; Newark, Conservative)

These amendments simply strike out paragraphs (b) and (c), thus leaving that clause much more easily understood. The only information that may be recorded in the register is information the inclusion of which in an individual's entry is authorised by schedule 1, and in accordance with subsection (2).

I simply do not understand the meaning of paragraph (b), which states:

''information of a technical nature for use in connection with the administration of the Register''

nor of paragraph (c), which states:

''information of a technical nature for use in connection with the administration of arrangements made for purposes connected with the issue or cancellation of ID cards''.

I should be grateful if the Minister could explain those paragraphs because the clarity of paragraphs (a) and (d) are confused and we may be in danger of function or mission creep. Paragraphs (b) and (c) should be struck out.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Des Browne

Mr Des Browne (Minister of State (Citizenship, Immigration and Counter-Terrorism), Home Office; Kilmarnock and Loudoun, Labour)

I am grateful to the hon. Gentleman for explaining his amendments with such clarity and brevity. As he said, they would remove the ability to record the technical information that is necessary to ensure the integrity and operation of the scheme.

The hon. Gentleman asked about information. The sort of information to which clause 3(1)(b) and (c) refer concerns error, database and events logs, which are essential for problem diagnosis. That is technical information relating to the use of the database, which is essential for the diagnosis of problems should they occur. The logs are also useful for the safe recovery of information in case of failure of the system. They are important in tracing where the information is.

Other examples of necessary technical data include network event information, which could be used to detect and prevent security attacks on the system, and encryption codes, which need to be recorded to validate cards and to protect the integrity of the identity so that it cannot be accessed by those who are not entitled to do so. The clause also covers the keeping of useful records of cards, card reader and biometric reader information, such as current operational status—whether they are working or not—manufacturing information and fault history, which is important for maintenance purposes. The information is technically essential for the security and operation of a such a database and I do not believe that it provides an opportunity for function creep. The information concerned is technical.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Patrick Mercer

Mr Patrick Mercer (Shadow Minister (Homeland Security), Home Affairs; Newark, Conservative)

The Minister has explained with admirable brevity exactly what the paragraphs means. Would it not be useful to put that in the Bill?  

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Des Browne

Mr Des Browne (Minister of State (Citizenship, Immigration and Counter-Terrorism), Home Office; Kilmarnock and Loudoun, Labour)

With respect to the hon. Gentleman, I have given him examples. If I brought an IT expert here to explain all the technical details and information, I suspect that the explanation would be longer than the Bill. Much of the technical information would require a significant explanation. We sought to make the provision generalised. I gave a clear example and a clear undertaking that the information concerned is just technical data for the operational functioning, maintenance and security of the system. I trust that that will be sufficient for the Committee and I invite the hon. Gentleman to withdraw his amendment.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Patrick Mercer

Mr Patrick Mercer (Shadow Minister (Homeland Security), Home Affairs; Newark, Conservative)

I am most grateful to the Minister for his clear explanation. I suggested that examples might be useful, but, that said, the Minister has been helpful and has cleared up the point that I raised. I beg to ask leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Richard Allan

Mr Richard Allan (Shadow Spokesperson for the Cabinet Office, Cabinet Office; Sheffield, Hallam, Liberal Democrat)

I beg to move amendment No. 73, in page 3, line 30, leave out paragraph (d).

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Derek Conway

Mr Derek Conway (Old Bexley and Sidcup, Conservative)

With this it will be convenient to discuss the following amendments:No. 74, in page 3, line 31, leave out subsection (2).

No. 20, in page 3, line 38, leave out 'both practicable and appropriate' and insert 'reasonable'.

No. 75, in page 3, line 41, leave out subsection (3).

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Richard Allan

Mr Richard Allan (Shadow Spokesperson for the Cabinet Office, Cabinet Office; Sheffield, Hallam, Liberal Democrat)

We took a shotgun to the clause to test what it means. Amendment No. 75 refers to subsection (3). Following our previous discussions about witness protection programmes and the circumstances in which it may be sensible to have a technically inaccurate entry in the register, I am starting to understand the point, which is the value of being in Committee, so I shall not focus on subsection (3).

Amendments Nos. 73 and 74, which would knock out subsection (2), are more substantive. We believe strongly that if we are to have an identity register, it should be confined to the specific purpose of an identity register and there should not be mission creep. I understand the argument for putting in additional data for convenience. One way of selling a card is to say, ''You may have to pay 85 quid for this card, but next time you need to open a mobile phone account or a bank account, it will be more convenient for you because we can stick in the extra data that you need.'' Subsection (2) seems to be a permissive provision that allows people to say, ''Can I have some extra data recorded?'' The Government are not doing anybody a favour by doing that. They should restrict the register to specific purposes and the data that are recorded in the register to specific items. They are not doing anybody a favour by including in the Bill powers that allow that to be expanded.

Subsection (2) seems inappropriate. If we are to expand the register, that should be done explicitly rather than by having this catch-all provision, which seems to allow infinite expansion. I recognise that that is with the individual's consent, but I do not think this   appropriate in a proposal that has such a statutory framework and which has been established for specific statutory purposes. I hope the Minister will consider whether the functions of the card should remain narrower and whether the idea that the information can be expanded voluntarily should be taken out of the Bill.

Add an annotation (e.g. more info, blog post or wikipedia article)
6:30 pm
 
Photo of Mr Des Browne

Mr Des Browne (Minister of State (Citizenship, Immigration and Counter-Terrorism), Home Office; Kilmarnock and Loudoun, Labour)

I shall restrict my remarks to the amendments the hon. Gentleman spoke to; I presume he is not arguing for the others. He referred to amendments Nos. 73 and 74, which would remove the ability of an individual to request that voluntary information be recorded. Perhaps there is an issue between us in relation to that. The provision is a consequence of consultations with the public on ID cards. It emerged that the ability to record voluntary information was mentioned frequently as a feature that people would like on their card.

Many people saw the advantage of being able to record information such as donor status, blood group or allergies—we referred to that in an earlier debate. As it is possible to do that, it is the Government's position that the Bill should provide for it, where that information is practicable and appropriate. I do not think we intend to move from that position.

I understand the hon. Gentleman's point that the ability to be able to record additional information undermines the integrity of the card as a method of proof of identity, but I do not accept it. If people are given the facility—if that is practical and reasonable—to put restricted information of that nature on to the card, that is an added advantage of the system. It will not lead to the card being used by the Government or by authorities for any other purpose. That seems an appropriate response and I am content that that is the case.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Richard Allan

Mr Richard Allan (Shadow Spokesperson for the Cabinet Office, Cabinet Office; Sheffield, Hallam, Liberal Democrat)

We will probably have to agree to disagree, although we can do that verbally rather than through a Division. I beg to ask leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Humfrey Malins

Mr Humfrey Malins (Shadow Minister, Home Affairs; Woking, Conservative)

I beg to move amendment No. 112, in clause 3, page 4, line 4, leave out subsection (4) and insert—

'(4) Information which is not personal data, once entered in the Register, may continue to be recorded in the Register for so long as it is necessary for the statutory purposes for it to be so recorded.'.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Derek Conway

Mr Derek Conway (Old Bexley and Sidcup, Conservative)

With this it will be convenient to discuss the following: Amendment No. 76, in clause 3, page 4, line 7, leave out subsection (5).

Amendment No. 77, in clause 3, page 4, line 9, leave out subsection (6).

Amendment No. 113, in clause 3, page 4, line 11, leave out 'consistent with' and insert 'necessary for'.

Amendment No. 78, in clause 3, page 4, line 13, leave out subsection (7).

Amendment No. 128, in clause 3, page 4, line 14, leave out from second 'provision' to 'unless' in line 15 and insert

'that the Secretary of State is authorised to make by this section'.

'(8) The Secretary of State must not make an order under this section unless a draft of the order has been laid before Parliament and approved by a resolution of each House of Parliament.'.

Amendment No. 115, in clause 3, page 4, line 16, at end add—

'(8) Particulars relating to disclosure of information about an individual from the Register which falls within paragraph 9 of Schedule 1 must be retained in that individual's entry in the Register if that disclosure did not have the consent of that individual.

(9) In the case of particulars which are contained in personal data as a result of the requirement specified in subsection (8), the Information Commissioner shall, following consultation with relevant persons including the Commissioner established under this Act, publish criteria which specify the circumstances when such particulars can be removed from the Register.'.

Amendment No. 129, in clause 3, page 4, line 16, at end add—

'(8) No draft order containing a provision that the Secretary of State is authorised to make by this section is to be laid before Parliament unless—

(a) the Secretary of State has prepared and published a report containing a proposal for the making of such provision;

(b) the report sets out the Secretary of State's reasons for making the proposal;

(c) the report has been laid before Parliament and each House has approved the proposal contained in the report, either with or without modifications; and

(d) the draft order gives effect to the proposal so far as approved by both Houses.'.

Amendment No. 26, in schedule 1, page 39, line 20, leave out sub-paragraph (b).

Amendment No. 155, in schedule 1, page 39, line 22, at end insert

'as set out in regulations'.

Amendment No. 143, in schedule 1, page 39, line 32, leave out sub-paragraphs (a) and (b) and insert—

'(a) his National Identity Registration Number and ID card number, which shall be the same;'.

Amendment No. 27, in schedule 1, page 40, line 17, leave out sub-paragraph (l).

Amendment No. 28, in schedule 1, page 40, line 20, leave out sub-paragraph (m).

Amendment No. 29, in schedule 1, page 41, line 10, leave out sub-paragraph (g).

Amendment No. 30, in schedule 1, page 42, leave out lines 1 to 9.

Schedule 1 be the First schedule to the Bill.

Amendment No. 116, in clause 43, page 36, line 16, at end insert—

'''Information Commissioner'' means the Commissioner established by the Data Protection Act 1998 (c. 29);'.

Amendment No. 114, in clause 43, page 36, line 20, at end insert—

'''personal data'' has the same meaning as in section 1 of the Data Protection Act 1998 (c. 29);'.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Humfrey Malins

Mr Humfrey Malins (Shadow Minister, Home Affairs; Woking, Conservative)

I will speak to amendments Nos. 112 and 113, as well as amendment No. 115, and make passing reference to one or two other amendments that stand in my name.

''necessary for the statutory purposes''.

It follows that amendment No. 112 is reasonable and should not be contentious. Its purpose is merely to tidy up the drafting. It is worth adding that article 8 in the Human Rights Act 1998 uses the word ''necessary'' to denote when it is legitimate for a public authority to interfere with private and family life. So, the amendment would help to link the database of registrable facts to that Act. We are always keen to help the Home Office, which is why we are speaking to the proposals in this way.

There are two arms to the amendment. In subsection (1) a test of necessity is explicitly introduced in relation to the retention of recorded information that is not personal data. That is obvious from reading subsection (4). What is not obvious is that the test of necessity is introduced for retention of information that is personal data. If the amendment were accepted, the fifth principle of the Data Protection Act would apply. It states:

''Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.''

The combined result is that personal data and other recorded information that is not personal data can be retained so long as is necessary for the statutory purpose. In the case of personal data, the test of necessity can be independently assessed by the Information Commissioner. That step would reassure the public. Retention criteria can be subject to independent supervision in an independent manner.

The Government have not responded to the argument of the Information Commissioner and others that there are serious problems with the relationship between the Data Protection Act 1998 and the Bill. The Government should give a reasoned analysis on how each data protection principle applies to the Bill. The amendment addresses only the fifth principle; the seven other principles are unaccounted for.

In December 2004, the Information Commissioner issued a document on his website that relates to the other principles in the context of the Bill. On data protection, he says:

''The Commissioner's concerns are largely centred upon the proposed National Identity Register—its administrative and technical arrangements, the amount of information contained in it, the purposes for which it can be used now and in the future, and who may have access to it and for what purposes. The concerns fall into a number of areas:

the extent of the information to be held on the National Identity Register;

the technical and administrative arrangements;

the breadth of organisations with access to the Register;

gaps in the oversight arrangements;

the need for Privacy Impact Assessments; 

the removal of safeguards upon the move to compulsion''.

On the information to be held on the register, the commissioner says that his concerns include

''the nature and extent of the information contained on the . . . database;

retention of certain information once identity has been established;

the creation of the data trail of checks against the Register—with indefinite retention by government of this powerful picture of how its citizens lead their lives.''

He continues:

''The information potentially to be contained in the . . . Register is extensive and disproportionate burdens are placed on individuals to keep this up to date. The continued relevance of all such particulars once identity has been verified upon enrolment is not clear. For example how does the acquisition of a second home after enrolment affect an individual's identity (Schedule 1(1)(g))? These, and other . . . details, seem excessive, not relevant and unnecessarily intrusive.''

He concludes:

''An even more comprehensive picture of how people go about their business will be built up day by day, identity-check by identity-check. The Commissioner must question whether there is a pressing justification for such an intrusion into people's lives''.

Those concerns are not limited to the commissioner. I hope that the Minister will provide the Committee with his privacy impact assessment. It is not enough to say that the Data Protection Act applies to the database. He should say how, in practice, each data protection principle applies to his database. The Government's text permits retention of information that is not necessary for the statutory purposes, as the construction ''consistent with'' the statutory purpose is a low hurdle. Where the information is personal data, the unamended provision does not allow much scope for the Information Commissioner to intervene.

The amendment deals with only one aspect covered by the commissioner—namely that of

''indefinite retention by government of this powerful picture of how its citizens live their lives''

and why there is

''retention of certain information once identity has been established''.

The amendment would do nothing other than state that such processing of personal data must be necessary to the statutory purpose. I hope that I can press the Minister about, in particular, the privacy impact assessment. Has it been done? Will he give it to the Committee by our next sitting?

Amendment No. 115 would ensure that there was no secret access to the audit trail by the police and security services. Many people are worried about access to the so-called audit trail by those authorities. The prospect of secret access was heavily criticised by the Home Affairs Committee, and the Home Office has not properly addressed those concerns.

The audit trail is a double-edged sword. If one is to prosecute misuse of the ID card database, one needs a record of access. On the other hand, such an audit trail will contain a record of whenever the ID card was checked by an organisation against the ID card database. However, paragraph 9 of schedule 1 uses the word ''may'', which means that if the police or national security accessed the audit trail, there may not be a   record of that access. Independent scrutiny of particular accesses by the police and security services will be impossible if there is no record of such access.

Consequently, amendment No. 115 would give the Information Commissioner the responsibility to suggest or identify the deletion criteria in relation to those particulars. Without paragraph 9, one could have audit trail data retained and deleted within a week, which could undermine effective supervision of the use of the audit trail. The Information Commissioner would introduce some element of independence with the retention criteria for that important aspect.

I wish to briefly to refer two other matters. Amendment No. 26 takes us to schedule 1 and the rather odd situation where in paragraph 2 it states:

''The following may be recorded in an individual's entry in the Register—

. . . (b) his signature''.

I cannot see any reason to have his signature. My signature has changed dramatically since I was 15—I am assuming that 16-year-olds are included in the provision. It has changed from quite a nice signature to a dreadful squiggle, but that affects us all. Why on earth include the signature? It will not help anyone at all.

I notice that paragraph 6 states:

''The following may be recorded in an individual's entry in the Register—

. . . (g) particulars of every person who has countersigned an application by him for an ID card or a designated document, so far as those particulars were included on the application''.

Why on earth should someone who countersigns other people's documents—Members of Parliament are always doing this—have their particulars recorded anywhere, and for what purpose would that be done?

I shall not speak to the other amendments, but they are all of some importance in relation to an aspect of the Bill that merits a lot of attention.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr John Robertson

Mr John Robertson (Glasgow Anniesland, Labour)

I wish to speak to amendment No. 155, which would introduce the opportunity for the Secretary of State to set out by regulation procedure governing circumstances where an individual is unable to provide certain biometric data on medical grounds. Clause 41(4) states:

''Subject to subsection (7), every power conferred by this Act on a person to make an order or regulations includes power—

(a) to make different provision for different cases;

(b) to make provision subject to such exemptions and exceptions as that

person thinks fit''.

I seek assurances from the Minister on the treatment that the Government envisage for groups of people who may require different provision for different cases, such as disabled people and, more specifically, those with visual impairment.

The Royal National Institute of the Blind has made a few points on that. The Bill does not explicitly set out procedure for dealing with the collection of biometric data from blind and partially sighted people. I can envisage a number of circumstances where such a procedure could be required—for example, when registering people who have sight that is sensitive to   light and who experience disorientation and extreme discomfort in bright-light conditions. That is relevant because the collection of iris scan data can require shining light into the eye to collect the appropriate data. That may be painful for those with light-sensitive sight conditions, and it would clearly be unreasonable to ask them to endure it.

In addition, many blind and partially sighted people have problems that affect the iris and give rise to distortion in that area, which may make it inappropriate to try to gather iris scan data, as it will not be of sufficient quality. The amendment would give the Secretary of State power to introduce regulations governing the basis on which the failure to provide biometric data on these and other grounds would be acceptable, subject to any conditions the Secretary of State thinks necessary.

That brings me to a second point—the conditions that the Secretary of State might require to be met to prove that a genuine reason existed for not being able to provide the biometric data. Any conditions relating to the iris scan data might require a letter from the relevant medical practitioner verifying the grounds stated by the person for the failure to provide biometric data, such as light sensitivity or other sight problems. However, conditions surrounding exemptions could be set out in regulations, and the Secretary of State might want to consult the relevant organisations. If medical certification has to be provided to allow an individual not to have to provide the biometric data, would they be required to pay the costs of obtaining the medical certificate or would the ID card scheme provide for that?

The RNIB has told me that these scenarios will happen: they are not mythical cases; they exist. I ask the Minister to tell me what the Government propose to do and to give me his comments.

Add an annotation (e.g. more info, blog post or wikipedia article)
6:45 pm
 
Photo of Mr Richard Allan

Mr Richard Allan (Shadow Spokesperson for the Cabinet Office, Cabinet Office; Sheffield, Hallam, Liberal Democrat)

It will be helpful to set out briefly the framework of our concerns, instead of going into greater detail, as we did fairly comprehensively on earlier groups of amendments. There are no absolutes when dealing with personal data. There is a spectrum of concern, which will depend on various things. It depends on the sensitivity of the personal data: clearly some personal data are more sensitive than others.

As the Minister said, some data, such as telephone directories, are already public. There are other sensitive personal data, such as medical records. It depends on the circumstances under which the data are obtained and built into the data protection principles that govern the way in which the Government will manage the data. Data obtained with explicit consent are considered to be different from data obtained in other ways. We are talking here about data that will eventually be obtained by compulsion, with quite serious sanctions associated with the failure to provide them.

The state, however, also has significant additional powers. As we go through the Bill, the areas in which the ID card can be used are so broad that we must accept that the potential harm that can be caused to an individual by inaccurate data will be across a broad spectrum in a way that is not comparable with the potential harm of somebody knowing that someone has a cat or that someone has a baby because they have been buying nappies. The harm that can be caused by negligent or malicious use of such data is on a different scale where border control, access to public services and, in particular, criminal law enforcement activity are involved.

The safeguards that we have are the ones spelt out in the Bill. That is why, through our amendments in this group and elsewhere, we have sought, in a grumpy way, continually to knock out any provision saying the Secretary of State can modify something by regulation, because such provisions reduce our ability to scrutinise the safeguards in place. They mean that we have to depend on the good faith of the Secretary of State. I understand that Secretaries of State always say that they will not introduce regulations that are out of order, and they always say that we have secondary legislation powers, but it is natural that we might want to try to beef up the safeguards, as we have tried to do throughout our consideration of the clause.

The second safeguard in relation to the clause is the Data Protection Act 1998. The debate has focused on the interaction between that Act and the Bill, because it seems to be the fundamental piece of legislation that we are told we need to rely on. That is why the opinions of the Information Commissioner, which the hon. Member for Woking has gone through, are significant, and we have to listen to them. We are in a non-constitutional country. The position of Information Commissioner evolved through law, rather than being set out in a statute or a constitution of the United Kingdom that spells out the position.

We are groping. As the Government bring out different pieces of legislation, we have to test their relative powers against each other. We will not get any certainty on the subject for some time, but we need to take seriously the opinions of those who have the relevant expertise, such as the Information Commissioner. 

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Des Browne

Mr Des Browne (Minister of State (Citizenship, Immigration and Counter-Terrorism), Home Office; Kilmarnock and Loudoun, Labour)

Before the hon. Gentleman moves off that point, he is surely not arguing that countries with a written constitution do not have to go through the process of testing competing provisions, and of comparing their relative merits and ensuring their balance. That is exactly what happens in France, Italy and other countries that have written constitutions. Whether or not a country has a written constitution makes no difference to that.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Richard Allan

Mr Richard Allan (Shadow Spokesperson for the Cabinet Office, Cabinet Office; Sheffield, Hallam, Liberal Democrat)

This is a large area of political theoretical debate, and I shall not go into it. Suffice it to say that the way in which the tests occur are different in common law countries and constitutional countries. A constitutional country will have a constitutional court that decides whether a provision breaches some fundamental right set out in the constitution. Ours is a different tradition, but sometimes we have a more complex equation to work out when considering individual pieces of legislation, because we have to test the whole gamut of Acts that may interact with each other in a common law scenario, rather than consider legislation against a specific set of constitutional provisions. However, I recognise that the Human Rights Act 1998, and, in particular, article 8 of the European convention on human rights—the right to privacy—as well as issues such as the necessity of proportionality are perhaps starting to give us a clearer framework.

We have explored all the items in schedule 1, and I welcome the fact that the Minister said that he would give us further clarity on issues such as addresses. It would be helpful to have an example record before us as we consider the Bill, because we are talking about something that we have not seen yet. The Minister sometimes says, ''Well, it's not going to be like that'', but we have to guess what the record will be like, because we have not been given any examples of what the Government expect it to be like. Whether we are talking about 51 items or 57 varieties of ID card, it would be helpful to have a clear example of what the Minister intends. We will not necessarily hold him to the example, as he may want to change his mind later, but some suggestion would be extraordinarily helpful.

There are some basic principles: the more complex we make the system, the more costly and potentially intrusive it will be. We have sought throughout our proceedings to simplify it. If the Minister is to reject our amendments taking away secondary legislation powers, I hope that he can at least give us assurances that he does not intend to use them to depart radically from what is in schedule 1. Otherwise, it would completely devalue the primary legislative process that we are going through today.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Mr Des Browne

Mr Des Browne (Minister of State (Citizenship, Immigration and Counter-Terrorism), Home Office; Kilmarnock and Loudoun, Labour)

I am obliged, and I will consider the hon. Gentleman's request for a model entry and see whether I can respond to it. I am motivated to do so if at all possible.

By way of quick introduction to my remarks, I should say that, because the area is complicated and hon. Members have dealt with it quickly, my intention is to read a specific response to the amendments that they will have an opportunity to read and consider. If   hon. Members wish to come back to me later in the proceedings, I shall not object to issues being raised, but it is important for me now to read information into the record.

The amendments are all concerned with the information that may be held on the national identity register as set out under clause 3 and schedule 1. I stress that schedule 1 provides a detailed and comprehensive list of the information that may be held on the register. I do not believe that anyone who reads it carefully would consider that there is anything there that would not be expected to be held on an ID card register. It does not allow financial information, medical or tax records or information about religious or political opinion to be held. Indeed, much of the identity information will already be on many Government or, indeed, private sector databases, although I accept that it has not been brought together before.

The information falls into three categories: personal identity information, including biometrics under paragraphs 1; various information relating to the application process and record history in paragraphs 5 to 8 and, finally, the records of the provision of information from the register at paragraph 9. The schedule lists all the information that might be held and information may be added to schedule 1 only by affirmative resolution and only if it were consistent with the statutory purposes of the register as set out under clause 1. That is a key protection against function creep and means that any additions must be for the purposes set out in clause 1(3). Those purposes are, in turn, tied in to the definition of registrable facts under clause 1(5), which could be amended only by further primary legislation. Modifications that would remove or amend, but do not add to the schedule are subject to the negative resolution procedure.

Clause 3(4) allows information to be kept for as long as it is consistent with the statutory purpose of the register as set out under clause 1. That means holding the information must be for the purposes set out in clause 1(3). Amendment No. 112 would remove the requirement to be ''consistent with'' and replace it with a test of necessity for non-personal data. The statutory purposes already contain a necessity test, when information is recorded in the public interest. The test of consistency with the statutory purposes is, in our view, sufficient.

The amendment could lead only to confusion by leaving the retention of information that is personal data for data protection legislation. The Bill sets out in detail the information that may be held and the purposes for which it may be kept, and the same rule governs retention of information whether it is personal data or not. There is no difference of substance between the test under the Bill and that set out in data protection legislation.

Amendment No. 113 would replace ''consistent with'' with a further test of necessity when deciding whether any addition met the statutory purposes. Again, that double test of necessity is unnecessary. The test of consistency with the statutory purposes is, in our view, sufficient. In addition, the clause as drafted already requires parliamentary scrutiny before any   modification of information held under schedule 1, including affirmative resolution procedure to add information to schedule 1. However, the amendment would mean that, when information is not only added to, but removed from or, in some way, altered under schedule 1, regulations would at least require affirmative resolution. Such administrative changes do not seem a necessary use of parliamentary time.

For example, under amendment No. 21, when information became surplus to the requirements of the scheme and we want to remove it from schedule 1, we would have to go back to Parliament via affirmative resolution. We argue that they are more technical changes that are suitable for the negative resolution procedure.

Amendment No. 129 would have the effect that, for all types of modification of information under schedule 1, a super-affirmative resolution would be required. As for amendments Nos. 76 to 78, further primary legislation would be required as the amendments would remove entirely the possibility of modifying the schedule by secondary legislation. That does not seem to be an effective use of parliamentary time. There is already suitable scrutiny to safeguard people's privacy with the balance of negative and affirmative resolution procedure and the requirement that information may be added only if it were consistent with the statutory purposes. We also need to ensure that the scheme is flexible enough to respond to the changing needs of the individual and user organisations.

For example, when information becomes surplus to the requirements of the scheme and we want to remove it from schedule 1, we do not need to go through further primary legislation. Moreover, I refer to the position if the information was somehow altered. That might be as simple as the name of a piece of information changing as a result of other changes outside the scheme. Under the amendments, we would have to go back to Parliament via affirmative, super-affirmative or even primary legislation. Even the minor adding of information, such as changing the photograph from head and shoulders to full length would require that. Already, any addition of information must be consistent with the statutory process and would require parliamentary agreement via affirmative resolution. We argue that that makes the best use of parliamentary time.

Amendment No. 115 would require any information held in the register without the individual's consent—for example, information given to the police, the security services or to a Government Department under clause 19—to be retained and not to be removed. The amendment proposes that records of personal data that have been provided without consent could be removed only if unspecified criteria set by the information commissioner have been met. I do not see the need for the additional oversight of such administrative procedures.

It will be the task of the national identity scheme commissioner to oversee the whole of the operation of the scheme, and he or she will be able to comment on any administrative procedures such as how long information is retained in different parts of the register. It would complicate the scheme unnecessarily if, in addition, there were to be a role for the information commissioner.

Amendment No. 26 would remove the ability to store a signature on the register and would seriously reduce the benefits of the identity card scheme and harm its operation. Following publication of the draft Bill, signature was added explicitly to schedule 1, which deals with information that may be recorded in the register, to put beyond doubt the fact that we need to be able to record signature. There are three key reasons for that. First, most existing identity documents such as passports or driving licences incorporate a signature as standard. Secondly, the provision of a signature for ID cards also supports benefits in visual verification for organisations such as financial institutions that hold signatures in their own systems and use them as an identifier. In that sense, the signature is another identifier, in addition to biometrics. Thirdly, the provision of a signature provides a form of consent from the individual during the enrolment process, and it is appropriate that consent in that fashion be retained.

Amendment No. 143 would require the unique personal number that will be allocated to each registered individual to be the same as the ID card number. Although the national identity registration number will be a key unique number allocated to each individual, there is likely also to be a need to provide a serial or issue number for individual cards that are issued, so the numbers will not be the same.

Amendment No. 27 would remove the ability to hold the number of a designated document if it does not fall elsewhere in the paragraph. It is expected that any currently planned designated document—for example, a passport or residence permit—will already be included in the list in paragraph 4 of schedule 1. However, it is possible that in the future, we will want to designate a document that is not already on the list, and it will be important to be able to hold the number of that document on the national identity register.

Amendment No. 28 would remove the ability to hold information on the date of expiry or period of validity of a document for which the number can be recorded. In the case of work permits or immigration documents, it could be very important to know that. With other designated documents, it may not always be the case that the document and the ID card expire on the same date. The expiry or validity of such documents is therefore a relevant fact that should be held on the register.

Amendment No. 29 would remove the ability to hold details of counter-signatories on the register. In order to counter fraud, it will be important to be able to check whether there has been a fraudulent application. It will be possible to check all the circumstances surrounding the original application,   including the details of the counter-signature, to determine whether the counter-signatory was complicit in a false application. Information about counter-signatories is currently held, for example, with passport application details.

Amendment No. 30 would remove the ability in paragraph 9 of schedule 1 to record the provision of information, with or without consent, from the national identity register. It is important to have the ability to record such information and to have a reliable audit trail. First, it is important that a record is kept of situations in which information has been provided from the register. That will ensure that an individual can obtain details of who has been provided with information recorded in his entry under the Data Protection Act—subject, of course, to certain exemptions contained in that Act in respect of national security or criminal investigations—and that it will be possible for the commissioner to investigate any allegation of improper provision of information. That will reassure individuals on the register that their details cannot be provided without a record being kept of the fact, and it will provide a deterrent effect to anyone attempting to obtain information improperly, as their details will also be kept. That is in line with good practice for data protection.

Secondly, clauses 19 and 20 set out the circumstances in which information recorded in paragraph 9 of schedule 1 can be provided to the intelligence and security agencies for their statutory purposes. The information can also be provided to the police and other agencies involved in preventing or detecting crime, such as the Inland Revenue and Customs and Excise, but only for purposes connected with the prevention and detection of serious crime. The removal of the paragraph from the schedule would seriously restrict the use of the register in providing those organisations with an intelligence picture of persons on it who might be suspects in relation to serious crime or national security. It would be odd if the police or security services could obtain details of a suspect's mobile telephone or credit card usage, but were unable to trace when they had used their national identity card. Paragraph 9 is important because it ensures that the information cannot be misused, and it has important public interest benefits in relation to safeguarding society.

I understand why my hon. Friend the Member for Glasgow, Anniesland (John Robertson) tabled amendment No. 155, but I seek to reassure him that the UK Passport Service biometric enrolment trial is currently considering biometric enrolment, including   for those with visual impairment. The Bill contains provisions for regulations to provide for different needs and gives the necessary flexibility, for example, for special enrolment procedures for people with disabilities. We are working with the Royal National Institute of the Blind to resolve such issues among other organisations.

On the privacy impact assessment, which the information commissioner suggested should be prepared, there is no agreed standard, or any requirement, for such an assessment on legislation being considered by the House. The consultation paper on the draft Bill included, in annexe D, the principles of the Data Protection Act 1998 and how the identity card scheme would comply with it. The Government's position is that that is sufficient response to the issues that have been raised by the commissioner. We have continued to consider what the commissioner says and to take it into account, because he is an important contributor to the discussions on such matters.

I have nothing further to add. I have tried to deal with all the issues that hon. Members raised, but they can look at their leisure at the Hansard report. I have dealt with the issue of the signature. I invite the hon. Gentleman to withdraw his amendment.

Add an annotation (e.g. more info, blog post or wikipedia article)
7:00 pm
 
Photo of Mr Humfrey Malins

Mr Humfrey Malins (Shadow Minister, Home Affairs; Woking, Conservative)

The Minister was right when he said that he would read at great pace and the best opportunity that we would have to understand his words, or otherwise, would be to read them when they come out in print—and perhaps when I have read them, I could seek leave to withdraw the amendment. However, since that is not practical, I beg to ask leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Clause 3 ordered to stand part of the Bill.

Schedule 1 agreed to.

Add an annotation (e.g. more info, blog post or wikipedia article)
Photo of Ms Joan Ryan

Ms Joan Ryan (Government Whip (technically a Lords Commissioner, HM Treasury); Enfield North, Labour)

Although we have covered only three clauses and one schedule of the Bill, I feel that given the detailed consideration that they required, we have made sufficient and reasonable progress today.

Further consideration adjourned.—[Joan Ryan.]

Adjourned accordingly at eight minutes past Seven o'clock till Thursday 20 January at ten past Nine o'clock.

Add an annotation (e.g. more info, blog post or wikipedia article)