Ask Your MP to Improve the UK's Data Protection Bill!

Last chance! Here is how to ask your MP to support strong data privacy:

  1. Email your MP using any or all of the points below to start your message
  2. You must personalise your message, for example to say why you feel passionate about this issue or what aspects particularly concern you.
  3. Make sure you put: "Urgent: Data Protection Bill - Amendments for Report State on 9 May" in the subject title
  4. Use the ‘Contact’ box above to send your email

 

Points to raise in your letter

RE: Data Protection Bill - Amendments for Report State on 9 May

I support Privacy International's House of Commons briefing which highlights key concerns relating to the Data Protection Bill. You can find the briefing here [1].

As your constituent I am asking you to support key amendments to the Bill. 

  • A strong data protection framework is essential for the protection of human rights (including the right to privacy) and key to ensuring consumer trust in the digital economy.  The recent outcry around the data practices of Facebook and Cambridge Analytica further demonstrates the need for individuals to have rights over our data, those processing our data to be under stringent obligations, and for there to be effective enforcement against those who fail to respect these rights and obligations.

  • There is a high risk that certain provisions in the current draft of the Data Protection Bill undermine data protection the UK, leaving our personal data open to abuse. As my MP, please support proposed amendments that seek to address these key concerns.

Tabled amendments

Delegated powers

  • The Bill has many regulation making powers, and grants an unacceptable amount of power to the Secretary of State to introduce secondary legislation, bypassing effective parliamentary scrutiny.

Please vote in support of amendments proposed to Clauses 10, 16, 35, 86 and 113 which address these concerns

Exemptions that are open to abuse

  • The Bill includes wide-ranging conditions for data processing, as well as exemptions to the obligations and rights in the Bill/GDPR. One of these is on immigration.

Please vote in support of the amendment to paragraph 4 of Schedule 2 to delete the immigration clause.

Automated decision-making

  • Profiling and other forms of decision-making without human intervention should be subject to very strict limitations, in order to address issues such as discrimination. The Bill provides insufficient safeguards for automated decision making and requires further concrete safeguards.

Please vote in support of the amendments proposed to clauses 14, 49, 50 and 96 to provide safeguards against certain automated decision-making.

Remaining issues with the Bill

Whilst amendments on collective redress, political parties and national security certificates have been tabled at every stage of the Bill, I am disappointed that these vital amendments to ensure basis data protection rights and safeguards have not been put forward at the final report stage.

I encourage you to table amendments (see Privacy International’s briefing on amendments here [2]). If you are unable to table amendments I encourage you to raise these issues at the report stage to note your concern that they are outstanding issues that should be monitored for future reform.

Collective Redress

The Bill does not provide for qualified non-profit organisations to pursue data protection infringements of their own accord, as provided by EU General Data Protection Regulation (GDPR) in its article 80(2). Data protection violations such as those highlighted in the Cambridge Analytica/ Facebook scandal demonstrate the wide ranging and systematic nature of problematic data protection practices that affect millions on people in the UK and beyond. It is essential to permit digital rights and consumer organisations to take action to ensure data breaches, dangerous security flaws, and unlawful conduct are remedied in an effective and efficient manner. [3]

Political Parties

In spite of the furor over the use of data in elections by the likes of Cambridge Analytics, the Bill includes a provision which facilitates the use of personal data by political parties without consent. This provision should be deleted or at the very least restricted. [4]

National Security Certificates

Provisions in the Bill provide wide exemptions from the data protection principles on the basis of national security. These certificates are timeless and retrospective in nature, lack transparency and oversight, and there is no means to challenge them. Concrete safeguards are needed. [5]

Intelligence Services, cross-border data transfers

The Bill provides for almost unfettered powers for cross-border transfers of personal data by intelligence agencies without appropriate levels of protection; this is an infringement of the requirements of Council of Europe’s modernised Convention 108. Unregulated intelligence sharing raises serious concerns for human rights and accountability of intelligence agencies, as Privacy International has documented in its reports. [6]

Please act now to protect data privacy.

[1] https://privacyinternational.org/report/1703/submission-data-protection-bill-public-bill-committee 

[2] https://privacyinternational.org/advocacy-briefing/1863/privacy-internationals-proposed-amendments-data-protection-bill-report-stage

[3] https://privacyinternational.org/blog/1050/why-we-need-collective-redress-data-protection

[4] https://www.independent.co.uk/news/uk/politics/cambridge-analytica-uk-party-personal-voter-data-facebook-breach-conservatives-labour-a8269021.html

[5] https://privacyinternational.org/blog/1862/national-security-certificates-broad-exemptions-data-protection-regime-will-have

[6] https://privacyinternational.org/report/1741/secret-global-surveillance-networks-intelligence-sharing-between-governments-and-need