My Lords, this is quite a disparate group of amendments. I support Amendment 195ZA, which I have signed. I thought that the noble Baroness, Lady Jones, and the noble Lords, Lord Kamall and Lord Vaux, have made clear the importance of having a provision such as this on the statute book. It is important that an individual can choose whether to use digital or non-digital means of verifying their identity. It is important for the liberty and equality of individuals as well as to cultivate trust in what are essentially growing digital identity systems. The use of the word “empower” in these circumstances is important. We need to empower people rather than push them into digital systems that they may not be able to access. Therefore, a move towards digitalisation is not a justification for compelling individuals to use systems that could compromise their privacy or rights more broadly. I very much support that amendment on that basis.
I also very much support the amendments of the noble Baroness, Lady Jones, which I have signed. The Delegated Powers and Regulatory Reform Committee could not have made its recommendations clearer. The Government are serial offenders in terms of skeleton Bills. We have known that from remarks made by the noble Lord, Lord Hodgson, on the Government Benches over a long period. I am going to be extremely interested in what the Government have to say. Quite often, to give them some credit, they listen to what the DPRRC has to say and I hope that on this occasion the Minister is going to give us some good news.
This is an extremely important new system being set up by the Government. We have been waiting for the enabling legislation for quite some time. It is pretty disappointing, after all the consultations that have taken place, just how skeletal it is. No underlying principles have been set out. There is a perfectly good set of principles set out by the independent Privacy and Consumer Advisory Group that advises the Government on how to provide a simple, trusted and secure means of accessing public services. But what assurance do we have that we are going to see those principles embedded in this new system?
Throughout, it is vital that the Secretary of State is obliged to uphold the kinds of concerns being raised in the development of this DVS trust framework to ensure that those services protect the people who use them. We need that kind of parliamentary debate and it has been made quite clear that we need nothing less than that. I therefore very much support what the noble Baroness, Lady Jones, had to say on that subject.
5.45 pm
I turn now to Amendment 184A and the Clause 80 stand part notice. Amendment 184A is a probing amendment because, as we know, the Government are enthusiastic about their new One Login government identity scheme but many of us are not clear on how the two identity schemes will interact—that is, how the DVS trust framework will interact with One Login. I would like to hear what the Government have to say about that because, of course, there is an issue of public trust in terms of what the Government are doing around joining up digital identity right across every government department. This includes whether the DVS scheme will be part of that—that is, whether the Government will access information in that way or the One Login scheme will be totally stand-alone.
I come on to Amendments 289 and 300 on digital identity theft. It strikes me as rather extraordinary that we do not have an identity theft offence. This is the Metropolitan Police guidance for the public:
“Your identity is one of your most valuable assets. If your identity is stolen, you can lose money and may find it difficult to get loans, credit cards or a mortgage. Your name, address and date of birth provide enough information to create another ‘you’”.
It could not be clearer. It goes on:
“An identity thief can use a number of methods to find out your personal information and will then use it to open bank accounts, take out credit cards and apply for state benefits in your name”.
It then talks about the signs that you should look out for, saying:
“There are a number of signs to look out for that may mean you are or may become a victim of identity theft … If you think you are a victim of identity theft or fraud, act quickly to ensure you are not liable for any financial losses … Contact CIFAS (the UK’s Fraud Prevention Service) to apply for protective registration”.
However, there is no criminal offence.
Interestingly enough, I mentioned this to the noble Baroness, Lady Morgan; I am sad to say that I do not think she could be present today. Back in October 2022, her committee—the Fraud Act 2006 and Digital Fraud Committee—produced a really good report, Fighting Fraud: Breaking the Chain, which said:
“Identity theft is often a predicate action to the criminal offence of fraud, as well as other offences including organised crime and terrorism, but it is not a criminal offence. Cifas data
shows that cases of identity fraud increased by 22% in 2021, accounting for 63% of all cases recorded to Cifas’ National Fraud Database”.
It goes on to talk about identity theft to some good effect but states:
“In February 2022, the Government confirmed that there were no plans to introduce a new criminal offence of identity theft as ‘existing legislation is in place to protect people’s personal data and prosecute those that commit crimes enabled by identity theft’”.
I do not think the committee agreed with that at all. It said:
“The Government should consult on the introduction of legislation to create a specific criminal offence of identity theft. Alternatively, the Sentencing Council should consider including identity theft as a serious aggravating factor in cases of fraud”.
The Government are certainly at odds with the Select Committee chaired by the noble Baroness, Lady Morgan. I am indebted to a creative performer called Bennett Arron, who raised this with me some years ago. He related with some pain how he took months to get back his digital identity. He said: “I eventually, on my own, tracked down the thief and gave his name and address to the police. Nothing was done. One of the reasons the police did nothing was because they didn’t know how to charge him with what he had done to me”. That is not a good state of affairs. Then we heard from Paul Davis, the head of fraud prevention at TSB. The headline of the piece in the Sunday Times was: “I’m head of fraud at a bank and my identity was still stolen”. He is top dog in this area, and he has been the subject of identity theft.
This seems an extraordinary situation, whereby the Government are sitting on their hands. There is a clear issue with identity theft, yet they are refusing—they have gone into print, in response to the committee chaired by the noble Baroness, Lady Morgan—and saying, “No, no, we don’t need anything like that; everything is absolutely fine”. I hope that the Minister can give a better answer this time around.