Part 2 - The Nine Identity Assurance Principles

Part of Data Protection and Digital Information Bill – in the House of Commons am 3:00 pm ar 29 Tachwedd 2023.

Danfonwch hysbysiad imi am ddadleuon fel hyn

Photo of Marcus Fysh Marcus Fysh Ceidwadwyr, Yeovil 3:00, 29 Tachwedd 2023

It is a pleasure to follow the hon. Members who have spoken in this very important debate. I declare an interest: I am the chair of the all-party parliamentary group on digital identity, so I have a particular interest in the ramifications of data as it relates to identity, but also in wider concepts—some of which we have heard about today—such as artificial intelligence and how our data might be used in the future.

I share quite a lot of the concerns that we have heard from both sides of the House. There is an awful lot more work to be done on the detail of the Bill, thinking about its implications for individuals and businesses; how our systems work and how our public services interact with them; and how our security and police forces interact with our data. I hope that noble Members of the other place will think very hard about those things, and I hope my right hon. Friend the Minister will meet me to discuss some of the detail of the Bill and any useful new clauses or amendments that the Government might introduce in the other place. I completely agree that we do not have much time today to go through all the detail, with a substantial number of new clauses having been added in just the past few days.

I will speak specifically to some of the amendments that stand in my name. Essentially, they are in two groupings: one group deals with the operations of the trust framework for the digital verification service, which I will come back to, and the other general area is the Henry VIII-style powers that the Bill gives to Ministers. Those powers fundamentally alter the balance that has been in place since I was elected as a Member of Parliament in terms of how individuals and their data relate to the state.

On artificial intelligence, we are at a moment in human evolution where the decisions that we make—that scientists, researchers and companies make about how they use data—are absolutely fundamental to the operation of so many areas of our lives. We need to be incredibly careful about what we do to regulate AI and think about how it operates. I am concerned that we have large tech companies whose business model for decades has been nothing other than to use people’s data to create products for their own benefit and that of their shareholders. During the passage of the Online Safety Act 2023, we debated very fully in this House what the implications of the algorithms they develop might be for our children’s health, for example.

I completely agree with the Government that we should be looking for ways to stamp out fraud, and should think about how harms of various kinds are addressed. However, we need to be mindful of the big risk that fears and beliefs that are not necessarily true about different potential harms might lead us to regulate, or to guide the operations of companies and others, in such a way that we create real problems. We are talking about very capable artificial intelligence systems, and also about artificial intelligence systems that claim to be very capable but are inherently flawed. The big tech companies are almost all championing and sponsoring large language models for artificial intelligence systems that are trained on data. Those companies will lobby Ministers all the time, saying, “We want you to enable us to get more and more of people’s data,” because that data is of business value to them.

Given the Henry VIII powers that exist in the Bill, there is a clear and present danger that future Ministers— I would not cast aspersions on the current, eminent occupant of the Front Bench, who is a Wykehamist to boot—may be tempted or persuaded in the wrong direction by the very powerful data-generated interests of those big tech firms. As such, my amendments 278 and 279 are designed to remove from the Bill what the Government are proposing: effectively, that Ministers will have the power to totally recategorise what kinds of data can legitimately be shared with third parties of one kind or another. As I mentioned, that fundamentally changes the balance between individuals and the state.

Through amendment 280 and new schedule 3, I propose that when Ministers implement the trust framework within the digital verification service, that framework should be based on principles that have been accepted for the eight years since I was elected—in particular, those used by the Government in establishing the framework around its Verify online identity service for public services. That framework should be used in the context of the Bill to think about what decision-makers should be taking into account. It is a system of principles that has been through consultation and has been broadly accepted. It is something that the ICO accepts and champions, and it would be entirely right and not at all a divergence from our current system to put those principles in place.

What I would say about the legitimate interest recognition extension—the Henry VIII power—is that there are already indications in the Bill about what will be recategorised. It gives an idea of just how broad the categorisations could be, and therefore how potentially dangerous it will be if that process is not followed or is not correctly framed—for example, in relation to direct marketing. Direct marketing can mean all sorts of things, but it is essentially any type of direct advertising in any mode using personal data to target advertising, and I think it is really dangerous to take such a broad approach to it.

Before companies share data or use data, they should have to think about what the balance is between a legitimate interest and the data rights, privacy rights and all the other rights that people may have in relation to their data. We do not want to give them a loophole or a way out of having to think about that. I am very pro-innovation and pro-efficiency, but I do not believe it is inefficient for companies and users or holders of data to have to make those basic balancing judgments. It is no skin off their nose at all. This should be something we uphold because these interests are vital to our human condition. The last thing we want is an artificial intelligence model—a large language model—making decisions about us, serving us with things based on our personal data and even leaking that personal data.

I highlight that only yesterday or the day before, a new academic report was produced showing that some of the large language models were leaking personal data on which they had been trained, even though the companies say that that is impossible. The researchers had managed to get around the alignment guardrails that these AI companies said they had in place, so we cannot necessarily believe what the big tech companies say the behaviour of these things is going to be. At the end of the day, large language models, which are just about statistics and correlations, cannot tell us why they have done something or anything about the chain of causality behind such a situation, and they inherently get things wrong. Anyone making claims that they are reliable or can be relied on to handle personal data is, I think, completely wrong. I hope that noble Lords and Ladies will think carefully about that matter and re-table amendments similar to mine.

New clause 27 and the following new clauses that the Government have tabled on interface bodies show the extent to which these new systems—and decisions about new systems—and how they interface with different public services and other bodies are totally extensible within the framework of the Bill, without further regard to minorities or to law, except in so far as there may be a case for judicial review by an individual or a company. That really is the only safeguard that there will be under these Henry VIII clauses. The interface body provisions talk about authorised parties being able to share data. We have heard how the cookie system is very bad at the moment at effectively reflecting what individuals’ true preferences might or might not be about their personal data. It is worth highlighting the thoughtful comments we heard earlier about ways in which people can make more of a real-time decision about particular issues that may be relevant to them, but about which they may not have thought at all when they authorised such a decision in a dark or non-thinking moment, often some time before.

I want to say a little more about the operations of the digital verification services system. My amendments 242 to 250 deal with the way in which those operations occur. We should think about whether it is correct that the Minister should in effect just be able to make up whatever the fee system might be. I think that is a problem, and it is something that members of the industries engaged in digital ID, for example, have raised with me. There are some issues about how people or companies may be deregistered from the verification system and the trust mark that will supposedly be put in place by this new Government registration process. That could actually be very serious for an individual, and if they are suddenly said not to be trusted, it could be of massive import to them. There should be some process for thinking about and consulting on how such deregistration decisions are made, what avenues for challenge there may be and so on. I hope those in the other place will think very hard about those things, too.

I know that Ministers have thought about DVS as a voluntary system, rather than something absolutely required in law for everybody handling data. However, we all know that systems that are set up to establish trust become very difficult for someone who wants to run a business or to do things, because if they do not have the trust mark, that will become a real issue. It is also a very simple step from such a system to having a fully regulated body. Even if it is not ostensibly a fully regulated body in law, there would be a chilling effect for those who do not have the trust mark, so I think that is really important to think about properly.

The final amendment of mine that I want to speak to is amendment 281 on zero-knowledge proofs. Many people in the country will not know what they are, and I know about them only because I have been engaged in thinking about digital systems, digital assets, blockchains and all the technical aspects of that for some time. In essence, they are a way that digital systems can share data status—in other words, knowing what someone’s data status is—with each other, third parties and so on, without any risk that that data would be transmitted or seen by anybody else. It is of particular use in relation to privacy and the rights to privacy that we have talked about before.

As currently drafted, the Bill does not differentiate the processing of data in a way that does not expose the data or the status of the data relative to the holders of data from processes that do so. It would be highly valuable if such decentralised systems—zero-knowledge systems—of proof of particular data status were specifically excluded from the legislation, so that it is very clear that they will not fall under potential regulation or the potential chilling effect. The side benefit is that we would also avoid the inevitable centralisation that would otherwise occur of particular big data holders or big data operators that can afford to be registered and do all such things.

I finish by urging the Government to think hard about this stuff. It might seem troublesome, and they might want to forge ahead and do innovative things and all the rest of it, but this is such a serious moment in our history as a species. The way that data is handled is now fundamental to basic human rights and, I would increasingly argue, to the human condition. People such as the likes of Sam Altman and so on in the US are openly talking about AI integration with humans and the acceleration of AI. A big debate is going on between those who want to accelerate things and those who want to decelerate them. It will be accelerated, because we cannot stop researchers and scientists doing things, but if we put the wrong frameworks in place, and allow the wrong data to be shareable in the wrong way, that could have huge consequences for us.

I say to those in the other place as well as to those on the Front Benches that we have not been able to go through this in detail, but we should think about it incredibly hard. It might seem an esoteric and arcane matter, but it is not. People might not currently be interested in the ins and out of how AI and data work, but in future you can bet your bottom dollar that AI and data will be interested in them. I urge the Government to work with us to get this right.