Amendment 1

Part of Online Safety Bill - Third Reading – in the House of Lords at 4:00 pm on 6 September 2023.

Alert me about debates like this

Photo of Lord Parkinson of Whitley Bay Lord Parkinson of Whitley Bay Parliamentary Under Secretary of State (Department for Culture, Media and Sport) 4:00, 6 September 2023

The committee will have a reply from me before it meets tomorrow. Again, I apologise. It should not be up to the committee to let the Minister know; I ought to have known about it.

I am very grateful to noble Lords for their support of the amendments that we have tabled in this group, which reflect the collaborative nature of the work that we have done and the thought which has been put into this by my ministerial colleagues and me, and by the Bill team, over the summer. I will have a bit more to say on that when I move that the Bill do now pass in a moment, but I am very grateful to those noble Lords who have spoken at this stage for highlighting the model of collaborative working that the Bill has shown.

The noble Baroness, Lady Ritchie of Downpatrick, asked for an update on timetables. Some of the implementation timetables which Ofcom has assessed depend a little on issues which may still change when the Bill moves to another place. If she will permit it, once they have been resolved I will write with the latest assessments from Ofcom, and, if appropriate, from us, on the implementation timelines. They are being recalculated in the light of amendments that have been made to the Bill and which may yet further change. However, everybody shares the desire to implement the Bill as swiftly as possible, and I am grateful that your Lordships’ work has helped us do our scrutiny with that in mind.

The noble Lord, Lord Allan, asked some questions about the remote viewing power. On proportionality, Ofcom will have a legal duty to exercise its power to view information remotely in a way that is proportionate, ensuring, as I said, that undue burdens are not placed on businesses. In assessing proportionality in line with this requirement, Ofcom would need to consider the size and resource capacity of a service when choosing the most appropriate way of gathering information. To comply with this requirement, Ofcom would also need to consider whether there was a less onerous method of obtaining the necessary information.

On the points regarding that and intrusion, Ofcom expects to engage with providers as appropriate about how to obtain the information it needs to carry out its functions. Because of the requirement on Ofcom to exercise its information-gathering powers proportionately, it would need to consider less onerous methods. As I said, that might include an audit or a skilled persons report, but we anticipate that, for smaller services in particular, those options could be more burdensome than Ofcom remotely viewing information.

On live user data, Ofcom would generally expect to require a service to use a test dataset, as I said in opening this debate. Additionally, Ofcom can process users’ data only in a way that is compatible with UK data protection law, and the extent to which steps would require Ofcom to view personal data is also relevant to its proportionality assessment.

We agree with my noble friend Lady Stowell and the noble Lord, Lord Knight, that ongoing parliamentary scrutiny of the regime will be crucial in helping to reassure everybody that the Bill has done what we hope it will. The creation of the new Department for Science, Innovation and Technology means there is another departmental Select Committee in another place which will provide an enhanced opportunity for cross-party scrutiny of the new regime and digital regulation more broadly. Your Lordships’ Communications and Digital Committee will of course continue to play a vital role in the scrutiny in this House. As I set out at Report, to support this, the Government will ensure that the relevant committees in both Houses have every chance to play a part in government consultations by informing them when they are open. While we do not want the implementation process to be delayed, we will, where possible, share draft statutory instruments directly with the relevant committees before the formal laying process. That will be on a case-by-case basis, considering what is appropriate and reasonably practical. Of course, it will be up to the committees to decide how they wish to engage, but it will not create an additional approval process, to avoid delaying implementation.

A number of noble Lords mentioned press coverage about encryption, which I am aware of. Let me be clear: there is no intention by the Government to weaken the encryption technology used by platforms, and we have built strong safeguards into the Bill to ensure that users’ privacy is protected.

While the safety duties apply regardless of design, the Bill is clear that Ofcom cannot require companies to use proactive technology on private communications in order to comply with these duties. Ofcom can require the use of a technology by a private communication service only by issuing a notice to tackle child sexual exploitation and abuse content under Clause 122. A notice can be issued only where technically feasible and where technology has been accredited as meeting minimum standards of accuracy in detecting only child sexual abuse and exploitation content. Ofcom is also required to comply with existing data protection legislation when issuing a notice under Clause 122 and, as a public body, is bound by the Human Rights Act 1998 and the European Convention on Human Rights.

When deciding whether to issue a notice, Ofcom will work closely with the service to help identify reasonable, technically feasible solutions to address child sexual exploitation and abuse risk, including drawing on evidence from a skilled persons report. If appropriate technology which meets these requirements does not exist, Ofcom cannot require its use. That is why the powers include the ability for Ofcom to require companies to make best endeavours to develop or source a new solution. It is right that Ofcom should be able to require technology companies to use their considerable resources and expertise to develop the best possible protections for children in encrypted environments. That has been our long-standing policy position.

Our stance on tackling child sexual abuse online remains firm, and we have always been clear that the Bill takes a measured, evidence-based approach to do this. I hope that is useful clarification for those who still had questions on that point.