The Minister will be delighted to hear that I will speak only briefly to this amendment, because I do not want to steal my noble friend Lady Hamwee’s thunder. This amendment would remove exemption to data subjects’ rights where personal data is being processed for the maintenance of effective immigration control or for the investigation or detection of activities that would undermine it. The amendment would remove paragraph 4 of Schedule 2 in its entirety. There is no attempt to define this new objective; nowhere in the Bill or its Explanatory Notes are notions of effective immigration control, or the activities requiring its maintenance, defined.
The immigration exemption is new in the Bill; there was no direct equivalent under the Data Protection Act 1998. This is the broad and wide-ranging exemption that is open to abuse. The exemption should be removed altogether, as there are other exemptions in the Bill that the immigration authorities can, and should, seek to rely on for the processing of personal data in accordance with their statutory duties and functions. The current provision, under the heading “Immigration”, removes all rights from a data subject that the Home Office wishes it did not have. Such removals are not restricted to those who have been found guilty of immigration offences, but apply to every data subject, including Home Office clerical errors. It is exactly those errors that data protection regulates.
In particular, there is a concern that the application of the effective immigration control exemption will become an administrative device to disadvantage data subjects using the immigration appeals process. Since the exemption has nothing to do with crime, national security, public safety or the protection of sources, such a prospect appears a distinct possibility without a rational explanation. The immigration authorities should be able to justify the inclusion of this exemption on the basis of hard evidence. The Home Office should be able to provide examples of subject access requests where personal data were released to the detriment of the public interest.
This is not the first time the Government have attempted to limit data protection rights on immigration control grounds. Clause 28 of the Data Protection Bill 1983 had an identical aim, setting out broad exemptions to data subject rights on grounds of crime, national security and immigration control. The Data Protection Committee, then chaired by Sir Norman Lindop, said that the clause would be,
“a palpable fraud upon the public if … allowed to become law”,
because it allowed data acquired for one purpose to be processed for another. In the House of Lords, my late and much-missed noble friend Lord Avebury mounted a robust and ultimately successful opposition to Clause 28 in 1983. He raised concerns almost synonymous with those we raise today. His objections and those of several Members of the House have the same resonance now as they did then. I beg to move.
9.30 pm