European Union (Amendment) Bill

moved Amendment No. 16A: 16A: Clause 2, page 1, line 12, after ““excluding”” insert— ““(i) Article 1, paragraph 45, inserted Article 25a TEU, relating to the adoption of decisions on personal data, unless the Secretary of State has given an undertaking to Parliament that he will not vote in favour of, or otherwise support, any decision that requires the processing of personal data which does not contain standards and penalties relating to the reckless loss of data that are less onerous or exacting than any which are set by the United Kingdom Parliament, unless (a) in each House of Parliament a Minister of the Crown has moved a motion that the House approves Her Majesty’s Government’s intention to support the adoption of a specified draft decision, and (b) each House has agreed to the motion without amendment; and (ii) ”” The noble Lord said: I shall also speak to Amendment No. 38. New provisions on the handling and sharing of data appear in several places in this treaty and since I have always believed that debates in this House are at their most constructive when we do not stray too widely, I would like to concentrate on data sharing and protection within the common foreign and security policy, and to look at how the new Article 25A is in danger of falling short of the new right in Article 16B to the protection of personal data. Many of my concerns and questions will be very similar to those that can be raised regarding the new provisions for police co-operation and so on, but there will be a better opportunity to examine those matters when we reach the amendments which are dealing with home affairs. The information that is referred to in new Article 25A will be some of the most sensitive data that Governments will ever handle. For example, it will cover information gathered by the intelligence services of European Union countries and other countries allied with us. Much of this information will have been shared with us by those who expect the data to be as strongly and as closely protected as possible. So my first question to the noble Baroness the Lord President is: how will this Government handle a request made by one of our colleague countries in the European Union for relevant information made available to us, for example, by the United States? The answer to that question will be interesting, but I hope it will also have taken into account whether the Government have thought about the special relationship between the British and United States intelligence services becoming seriously restricted by the possibility that, in future, some information will have to be passed on to 26 other countries whose relationship with the United States may not be as close as ours. The controversy surrounding the agreements between the European Union and the United States concerning passenger name records shows just how dangerous this area can be. The possibility of our sensitive personal data being passed out of the hands not only of our Government but even of the European Union without proper safeguards is real. What safeguards will the Government ensure are put in the rules and procedures to stop this happening in future? I am not saying that data should never be shared for the purposes of common foreign and security policy—that would be nonsense. I am, however, deeply concerned that the safeguards that will be put in place under this new provision will not be adequate. It would be wrong of me, at a time when the Government are listing all their mistakes—I have that vision of Andrew Marr asking the Prime Minister, ““What other mistakes have you made?””—to point out that the Government have suffered many embarrassments during the past year or so as a result of their inability to keep personal data secure. If they are unable to keep sensitive data secure, how can they be confident about the capability of others to do so? We on these Benches frequently criticise this Government for presiding over some pretty astounding examples of bureaucratic inefficiency, but it is undeniable that many of our colleague countries in the European Union are even more flawed in that regard. My Amendment No. 16A highlights a new offence of reckless loss of data. This Chamber has managed to insert this change in the criminal justice Bill. I am unaware of what discussions are taking place, but I understand that the principle of it at least is being accepted in another place even as we speak. It would be wrong of the Government to approve the sharing of data with other countries which do not maintain equally rigorous laws to protect personal data. It is a matter not just of carelessness, but of wilful misuse. Many countries in the European Union, some of which are our closest friends, suffer from high levels of inefficiency when protecting data and have highlighted examples of wrongful behaviour by their officials—if I can put it as euphemistically as that. Many of the countries with which we deal outside the European Union also suffer. We have even less influence with them with which to encourage their reform. It is clear that the rules and procedures by which these data will be protected are crucial, yet this treaty hands over the final say to independent authorities.