Baroness Kidron:

Moved by Baroness Kidron

51: Clause 123, page 153, line 14, leave out “may by regulations” and insert “must, as soon as reasonably practicable and no later than 12 months after the day on which this Act is passed, make and lay regulations to”Member’s explanatory statementThis amendment removes the Secretary of State’s discretion on whether to lay regulations under Clause 123 and sets a time limit for laying them before Parliament.

My Lords, these amendments have to do with research access for online safety. Having sat on the Joint Committee of the draft Online Safety Bill back in 2021, I put on record that I am delighted that the Government have taken the issue of research access to data very seriously. It was a central plank of what we suggested and it is fantastic that they have done it.

Of the amendments in my name, Amendment 51 would simply ensure that the provisions of Clause 123 are acted on by removing the Government’s discretion as to whether they introduce regulations. It also introduces a deadline of 12 months for the Government to do so. Amendment 53 seeks to ensure that the regulators will enable independent researchers to research how online risks and harms impact different groups, especially vulnerable users, including children. Given the excitements we have already had this evening, I do not propose to press any of them, but I would like to hear from the Minister that he has heard me and that the Government will seek to enshrine the principle of different ages, different stages, different people, when he responds.

I note that the noble Lord, Lord Bethell, who has the other amendments in this group, to which I added my name, is not in his place, but I understand that he has sought—and got—reassurance on his amendments. So there is just one remaining matter on which I would like further reassurance: the scope of the legal privilege exception. A letter from the Minister on 10 January explains:

“The clause restates the existing law on legally privileged information as a reassurance that regulated services will not be asked to break the existing legislation on the disclosure of this type of data”.

It seems that the Minister has veered tantalisingly close to answering my question, but not in a manner that I can quite understand. So I would really love to understand—and I would be grateful to the Minister if he would try to explain to me—how the Government will prevent tech companies using legal privilege as a shield. Specifically, would CCing a lawyer on every email exchange, or having a lawyer in every team, allow companies to prevent legitimate scrutiny of their safety record? I have sat in Silicon Valley headquarters and each team came with its own lawyer—I would really appreciate clarity on this issue. I beg to move.

My Lords, I can only support what the noble Baroness, Lady Kidron, had to say. This is essentially unfinished business from the Online Safety Act, which we laboured in the vineyard to deliver some time ago. These amendments aim to strengthen Clause 123 and try to make sure that this actually happens and that we do not get the outcomes of the kind that the noble Baroness has mentioned.

I, too, have read the letter from the Minister to the noble Lord, Lord Bethell. It is hedged about with a number of qualifications, so I very much hope that the Minister will cut through it and give us some very clear assurances, because I must say that I veer back and forth when I read the paragraphs. I say, “There’s a win”, and then the next paragraph kind of qualifies it, so perhaps the Minister will give us true clarity when he responds.

My Lords, I wanted to add something, having spent a lot of time on Part 3 of the Digital Economy Act, which after many assurances and a couple of years, the Executive decided not to implement, against the wishes of Parliament. It worries me when the Executive suddenly feel that they can do those sorts of things. I am afraid that leopards sometimes do not change their spots, and I would hate to see this happen again, so Amendment 51 immediately appeals. Parliament needs to assert its authority.

Ministers here and in another place need to remember that, while they are in Parliament, they are making laws to control their successors as well as their departments. They are not really sitting in here as part of their departments. They may be heads of those departments, but the laws they pass are to control their departments and themselves, and we need to remember that from time to time. What happened over the Digital Economy Act was shameful and the Executive should hang their head in shame and pass something such as this to show their good will in the future.

I thank the noble Baroness, Lady Kidron, for introducing this group, and the noble Lord, Lord Clement-Jones, and the noble Earl, Lord Erroll, for their comments and contributions—particularly the salutary words of the noble Earl, Lord Erroll, on the role of the Executive here, which were very enlightening.

I agree with the noble Baroness, Lady Kidron, that Parliament should have the opportunity to scrutinise this secondary legislation. Online safety research is essential: as our lives become more and more digital, we must assess how it impacts us as people, and especially children, who are particularly vulnerable to online harms. This cannot be achieved unless researchers are able to access the unadulterated raw data. Therefore, I am sure that noble Lords—and our colleagues in the other place—would wish to scrutinise the legislation creating this access to ensure it is fit for purpose. This is why I support the spirit of Amendment 51.

Following on from this point, facilitating online harms research by making access requests enforceable under a pre-existing online safety regime, as per Amendment 52, certainly seems to me like a sensible measure. It would enable this vital research, as would Amendment 54, which removes the need to create a bespoke enforcement system for online safety research access.

Amendment 53 would also enable independent research into how online risks and harms impact different groups. This information would be extremely valuable to a broad range of stakeholders including social media platforms, data controllers, schools and parents and parliamentarians. It would help us all identify groups who are at heightened risk of online harm, what type of harm they are at risk of, which measures have reduced this risk, which have exacerbated it and what we can all do to reduce this danger.

There are many people undertaking online safety research across the globe and we should look to help these researchers access data for the purposes of safety research, even if their location is outside the UK. Of course, adequate safeguards would need to be in place, which may be dictated to some extent by the location of the researcher. However, online safety research is a benefit for all of us and Amendment 55 would keep barriers to this research to a minimum.

I am sure we would all like to think that all data holders and processors would wish to assist with prevention of online harms. However, where commercial and moral imperatives compete, we sadly cannot always count on the latter winning out. Therefore, Amendment 56 is a sensible addition that would prevent contractual exclusion of research access on online safety grounds, ensuring that online safety risks cannot be hidden or obscured.

I thank the noble Baroness, Lady Kidron, for the amendments on researchers’ access to data for online safety research, an incredibly important topic. It is clear from Committee that the Government’s proposals in this clause are broadly welcomed. They will ensure that researchers can access the vital data they need to undertake an analysis of online safety risks to UK users, informing future online safety interventions and keeping people safe online.

Amendment 51 would compel the Secretary of State to make regulations for a researcher access framework, and to do so within 12 months. While I am sympathetic to the spirit of the noble Baroness’s amendment, a fixed 12-month timescale and requirement to make regulations may risk compressing the time and options available to develop the most effective and appropriate solution, as my noble friend Lady Jones outlined in Committee. Getting this right is clearly important. While we are committed to introducing a framework as quickly as possible, we do not want to compromise its quality. We need adequate time to ensure that the framework is fit for purpose, appropriately safeguarded and future-proofed for a fast-evolving technological environment.

As required by the Online Safety Act, Ofcom is currently preparing a report into the ways in which researchers can access data and the barriers that they face, as well as exploring how additional access might be achieved. This report will be published in July of this year. We are also committed to conducting a thorough consultation on the issue prior to any enforceable requirements coming into force. The Government intend to consult on the framework as soon as practicable after the publication of Ofcom’s report this summer.

Sufficient time is required for a thorough consultation with the wide range of interested stakeholders in this area, including the research community, civil society and industry. I know that the noble Baroness raised a concern in Committee that the Government would rely on Ofcom’s report to set the framework for the regime, but I can assure her that a robust evidence-gathering process is already under way. The framework will be informed by collaboration with key stakeholders and formal consultation, as well as being guided by evidence from Ofcom’s report on the matter. Once all interested parties have had their say and the consultation is completed, the Government expect to make regulations to install the framework. It is right that the Government commit to a full consultation process and do not seek to prejudge the outcomes of that process by including a mandatory requirement for regulations now.

Amendment 53 would seek to expand the list of examples of the types of provision that the regulations might make. Clause 123 gives non-exhaustive examples of what may be included in future regulations; it certainly does not limit those regulations to the examples given. Given the central importance of protecting children and vulnerable users online, a key aim of any future regulations would be to support researchers to conduct research into the different ways that various groups of people experience online safety, without the need for this amendment. Indeed, a significant driving force for establishing this framework in the first place is to improve the quality of research that is possible to understand the risks to users online, particularly those faced by children. I acknowledge the point that the noble Baroness made about people of all ages. We would be keen to discuss this further with her as we consult on specific requirements as part of developing regulations.

I will touch on the point about legal privilege. We believe that routinely copying a lawyer on to all emails and documents is not likely to attract legal privilege. Legal privilege protects communication specifically between legal advisers and their clients being created for the purpose of giving or receiving legal advice, or for the sole or dominant purpose of litigation. It would not be satisfactory just to copy everyone on everything.

We are confident that we can draft regulations that will make it entirely clear that the legal right to data for research purposes cannot be avoided by tech companies seeking to rely on contractual provisions that purport to prevent the sharing of data for research purposes. Therefore, there is no need for a specific requirement in the Bill to override a terms of service.

I thank the Minister for his very full answer. My legal adviser on my right—the noble and learned Lord, Lord Thomas of Cwmgiedd—let me know that I was in a good place here. I particularly welcome the Minister’s invitation to discuss Ofcom’s review and the consultation. Perhaps he would not mind if I brought some of my researcher friends with me to that meeting. With that, I beg leave to withdraw the amendment.

Amendment 51 withdrawn.

Amendments 52 to 56 not moved.

Consideration on Report adjourned until not before 8.07 pm.