As I recall it, the hon. Member for Wansbeck was talking about whether he would be in a position to do that where he had been elected within a union. I have made it clear that that would not be appropriate for union officers, because they need to be independent of the process. What is clear is that there will be an order published about assurers, which I will come on to shortly, and hopefully that will answer the question. We need to look at the terms of the order as it develops—it may well be that the hon. Gentleman has a promising career ahead of him as an assurer. It will be up to unions themselves to define the assurer’s contract terms, subject to minimum requirements, to ensure that they fit the nature of the organisation and are not disproportionately costly.
Various Members have raised concerns about data protection, and that an assurer’s access to membership details could risk breaching data protection rules. I
hope to provide reassurance to Members that that concern is unfounded, but I recognise that it has been expressed. The assurer will be bound by current data protection rules, as well as by the additional confidentiality provisions set out in clause 37. The assurer owes a duty of confidentiality to the trade union, which is built into the appointment. They must not disclose the names and addresses of members, except where the member consents, where it is required for the purposes of their functions under the Act, or for criminal proceedings. They must also take all reasonable steps to ensure that there is no prohibited disclosure by other parties.
A certification officer, and any inspector appointed by the certification officer, have access to membership data, but that is immediately limited to the performance of their functions in relation to the register and the audit requirements under TULCRA—the Trade Union and Labour Relations (Consolidation) Act 1992. It cannot be used for any other purpose. The duty concerns just the register of members’ names and addresses under section 24 of the 1992 Act. Other information should not generally need to be provided; the minimum amount only will be needed. Information is, of course, sensitive personal data. We absolutely accept that people’s names and addresses—often their home addresses—and whether they are members of a union are sensitive data. That will, therefore, fall under the protection of existing data protection rules. That will apply to any other personal data accessed under the powers in this Bill.
The hon. Member for Edinburgh South (Ian Murray) raised the ability of the certification officer to provide documents and a test of what a good reason would be. The certification officer will be able only to request documents that are relevant and where there is good reason to do so—a consistent test that is used elsewhere under the TULCRA legislation. For example, it is already applied by the certification officer for investigations of financial affairs.
It is important to note that there is no evidence of a problem with how the certification officer has exercised discretion. Indeed, respondents to the targeted consultation we undertook over the summer said that they did not feel there was necessarily a problem. I do not believe that hon. Members are necessarily making the charge that they would be concerned about how individuals undertake their duties. However, it is important to note that the test is available. If a union believes that the certification officer is overstepping their remit, it can withhold the information, and, ultimately, there is a right of appeal if there is an order made by the certification officer requiring production of the information.