As is usual, this is my summary of the extract of all the main Party Manifestos that relate to data protection and human rights (Article 8 and 10) issues.
The main controversy relates to the Conservative manifesto which hints at leaving the ECHR after the next General Election in 2022 and raises the prospect of the establishment of a national population register.
I explain any controversy in comments associated with the relevant parts of the manifestos below. However, in summary:
- All Parties, except the Conservatives and UKIP, are wholly committed to the European Convention of Human Rights; Conservatives are lukewarm on Human Rights and its commitment to the Human Rights Act is just for the next Parliament.
- All Parties are in favour of Leveson II, except for the Conservative Party; this means that custodial sentences via Section 55 of the Data Protection Act will not be commenced if Mrs May is returned as Prime Minister and are unlikely to appear as part of the UK’s implementation of the GDPR. UKIP are silent on Leveson.
- The Conservative Party wants to establish a Data Use and Ethics Commission that risks a clash with the role of the Information Commissioner; the Commission has been set up to advise on the wider (but ethical) use of personal data.
- The Conservative Party also want “Health and Social care guardians” to be placed on a statutory footing; this overlaps with the statutory role of data protection officers (a requirement for public bodies under the GDPR) who also have such care guardians.
Anyway here goes; happy reading. Whatever your views: vote not veto.
“We will not bring the European Union’s Charter of Fundamental Rights into UK law. We will not repeal or replace the Human Rights Act while the process of Brexit is underway but we will consider our human rights legal framework when the process of leaving the EU concludes. We will remain signatories to the European Convention on Human Rights for the duration of the next parliament.” Comment: I think the commitment to ignore the Charter is unsustainable for data protection as non-adherence to CJEU rulings on the data protection elements of the Charter will jeopardise any post-Brexit adequacy determination (assuming there is one). It is also unsustainable for any data controller want to offer services into the EU irrespective of Brexit outcome, as the GDPR is directly applicable to such controllers; such controllers cannot ignore the CJEU.
“Protections for people’s data online, backed by a new data protection law. Safety for children online, and new rights to require social media companies to delete information about young people as they turn eighteen.” Comment: there is no mention that these objectives are a requirement of the GDPR.
“To create a sound ethical framework for how data is used, we will institute an expert Data Use and Ethics Commission to advise regulators and parliament on the nature of data use and how best to prevent its abuse. The Commission will help us to develop the principles and rules that will give people confidence that their data is being handled properly.” Comment: there is a hint here that if the Commission finds something “ethical” it will become “lawful” through legislation (such as the wider data sharing elements of the Digital Economy Act which authorises data sharing which is “not necessary” for the functions of public bodies; the standard established by Schedule 2, paragraph 5 of the DPA). There is also no mention that the GDPR is intended to put data subjects in control of the processing of their personal data via the stronger consent requirements.
“Alongside this commission, we will bring forward a new data protection law, fit for our new data age, to ensure the very best standards for the safe, flexible and dynamic use of data and enshrining our global leadership in the ethical and proportionate regulation of data.” Comment: there is no mention that the UK has to implement the GDPR; this commitment is not a Conservative initiative, it is a European one.
“We will put the National Data Guardian for Health and Social Care on a statutory footing to ensure data security standards are properly enforced.” Comment: Implicitly, this infers that data security standards are not properly enforced by the Data Protection Act (and I agree with this implication). As security standards can be reinforced by the enhanced enforcement powers in the GDPR, this commitment in the manifesto is otiose.
That is why we shall roll out Verify, so that people can identify themselves on all government online services by 2020, using their own secure data that is not held by government. We will also make this platform more widely available, so that people can safely Verify their identify to access non-government services such as banking”. Comment: the Government’s Verify identity scheme was under pressure; it appears that the pressure is off.
“We will set out a strategy to rationalise the use of personal data within government, reducing data duplication across all systems, so that we automatically comply with the ’Once-Only’ principle in central government services by 2022 and wider public services by 2025.”. Comment: : this “once-only” objective infers the establishment of a national population register using the wide data sharing powers in the Digital Economy Act 2017; big databases such as the one associated with the discarded National Identity Card could well be back on the agenda.
“We will not proceed with the second stage of the Leveson Inquiry into the culture, practices and ethics of the press.” Comment: this should not be understood as a “quid pro quo” for the Party’s support in the Brexit supporting tabloid press; the abandonment of Leveson II is unique to the Conservatives.
“The Conservatives threaten our Human Rights Act and may withdraw us from the European Convention of Human Rights. Labour will retain the Human Rights Act”.
“Labour is committed to growing the digital economy and ensuring that trade agreements do not impede cross-border data flows, whilst maintaining strong data protection rules to protect personal privacy.”
“We will implement the recommendations of part one of the Leveson Inquiry and commence part two which will look into the corporate governance failures that allowed the hacking scandal to occur.”
“We will vote against any attempts to scrap the Human Rights Act or withdraw from the European Convention on Human Rights and we will strengthen the UK’s commitment to international human rights law.”
“Introduce a digital bill of rights that protects people’s powers over their own information, supports individuals over large corporations, and preserves the neutrality of the internet.”
“In light of the press’s failure to engage in effective self-regulation, seek to ensure delivery of independent self-regulation, and commence part two of Leveson.”
“Roll back state surveillance powers by ending the indiscriminate bulk collection of communications data, bulk hacking, and the collection of internet connection records.” Comment: this commitment is unique to the Lib Dems.
“End the ministerial veto on release of information under the Freedom of Information Act, and take steps to reduce the proportion of FOI requests where information is withheld by government departments.” Comment: this commitment is unique to the Lib Dems.
“The European Convention on Human Rights (ECHR) is enshrined in the Scotland Act 1998, ensuring that human rights are protected by the Scottish Government and all Scottish legislation. The SNP re-affirms its commitment to the Council of Europe, the ECHR and their institutions. We will fight to protect human rights across the UK. SNP MPs will oppose any attempts by the UK government to scrap the Human Rights Act and withdraw the UK from the ECHR." Comment I did not find anything on data protection.
“Repeal Labour’s Human Rights legislation and remove the UK from the jurisdiction of the European Court of Human Rights and introduce a new UK Bill of Rights.” Comment I did not find anything on data protection.
“Defend the Human Rights Act and UK membership of the European Convention on Human Rights, and reinstate funding for the Equality and Human Rights Commission.” Comment I did not find anything on data protection.
WELSH NATIONALIST, DUP, SINN FEIN etc
Could not find anything on the topics; I will add it if someone provides a URL.
Forthcoming Amberhawk’s courses in early summer
- DP Practitioner Course: starts 6 June (Leeds)and 11 July (London)
- DP Foundation Course: starts 4 July (London)
- Next GDPR Workshop: 20 July (London)
Happy reading: just Google “xxxxx Party Manifesto 2017” where xxxx is the name of the Party.