Serious Crime Bill [HL]

moved Amendment No. 113: 113: Schedule 6, page 68, line 5, at end insert— ““( ) The code of practice and any revisions to it prepared under subsection (1) shall be subject to the approval of the Information Commissioner; and, following his approval, to approval by affirmative resolution of both Houses of Parliament.”” The noble Lord said: I shall speak also to Amendment No. 114A. New Section 32F, which we have been discussing, provides that the Audit Commission must prepare and keep under review a code of data-matching practice. It sets out that all those bodies and other persons involved in the process must have regard to the code of data-matching practice and requires the commission to consult all bodies identified in new Section 32B(2) before preparing or altering the code of data-matching practice and such other bodies as the commission sees fit. The two amendments aim to raise questions about the involvement of the Information Commissioner in the design and production of the code of practice. Amendment No. 114A inserts the words, ““the Information Commissioner’s Office”” into new Section 32F(2) to ensure that he is specified in the Bill as someone who must be consulted by the Audit Commission. I am sure that the noble Baroness will suggest that he is covered by the words, "““such other bodies or persons as the Commission thinks fit””—" although at Second Reading, she highlighted the fact that the national fraud initiative regularly consults the Information Commissioner and will continue to do so. In light of concerns expressed throughout debates on this part and the fact that it is confirming usual practice, it is important that he is named in person in the Bill. That way there can never be any remote possibility that the Audit Commission would fail to think of him. Amendment No. 113 tries to address the issue in an alternative way and inserts a new sub-paragraph after paragraph (1). It would ensure that there are two hoops through which the code of practice has to jump before approval to enable checks that the data use to which it refers is justified and proportionate. First, the Information Commissioner would have to sign it off and then Parliament would have a chance to consider it. As we have discussed, the code of practice is a key component to ensuring the trust of the public in the Audit Commission and in other bodies which handle our personal data. Is there not a conflict of interest for the organisation that has the responsibility of doing that data matching in drafting the code of practice? I believe that the Information Commissioner should have more control over the code of practice rather than merely being consulted. That would ensure that it is produced in an independent and transparent manner. If the Information Commissioner has no control over the content of the code, how can he protect data subjects properly? I beg to move.