HL Deb 11 March 1997 vol 579 cc167-239

3.8 p.m.

The Minister of State, Department of Social Security (Lord Mackay of Ardbrecknish)

My Lords, I beg to move that the House do now resolve itself into Committee on this Bill.

Moved, That the House do now resolve itself into Committee.—(Lord Mackay of Ardbrecknish.)

On Question, Motion agreed to.

House in Committee accordingly.


Clause 1 [Information held by tax authorities]:

Baroness Hollis of Heigham moved Amendment No. 1: Page 1, line 19, after ("may,") insert ("subject to section (Code of Practice on privacy) below,").

The noble Baroness said: In moving Amendment No. 1, the paving amendment, I speak also to Amendment No. 18, which is the substantive amendment.

With these first amendments, let me state on behalf of these Benches what we seek to achieve in the Bill by way of amendment. We made it clear at Second Reading that we support the broad thrust of the Bill: to use the new resources of information technology and therefore data matching to share information between central government and local government to target benefit fraud. We all agree that fraud is intolerable and should not be tolerated especially where it is serious, organised, high value, white collar landlord fraud. It is estimated that perhaps £1 in £5 of housing benefit is being fraudulently claimed. The new and sophisticated information technology makes this attack on fraud possible although we have some worries. With 600 different computer systems within the DSS alone we are not sure how intelligently and accurately computers will speak to each other.

Nonetheless, we are not convinced that the Government are tackling the issue of landlord fraud as seriously as they should. Therefore on Thursday from these Benches we shall move amendments to strengthen that attack and we hope the Government will support us.

We have the experience of Australia where in 1994–95 over 66 million DSS records were matched for accuracy. Most people of course have several files. Of 138,000 cases where there were doubts and which were therefore reviewed, 23 per cent. resulted in benefits being reduced or withdrawn. However, benefits were increased (that is, they had been under-paid) in nearly as many cases as there were of fraud; namely, 19 per cent. of cases.

Therefore, given that our first line of amendment is to tackle the issue of landlord fraud, our second line, which we shall pursue later today, is to ensure that the spine of information technology not only removes benefit from those who claim improperly but makes sure that benefit goes to those who need it but are not claiming it. We have seen that means-tested benefits in particular have major problems of take-up.

Thirdly, the Australian experience also showed the need to operate data matching within an adequately drawn code of practice to prevent its misuse or abuse, especially by individuals with access to government systems. With this Bill, we are taking a major step into the field of data protection in order to pursue fraud. These amendments seek to ensure that while we support that invasion in the pursuit of fraud, nonetheless any such invasion is protected, controlled, regulated and surrounded by a statutory code of practice.

Our Data Protection Act was drawn up in 1984—not, I suspect, because the Government were suddenly converted to data protection and privacy but as a means to comply both with our European requirements and those of global corporations which made it a requirement for investing here. Our privacy Act was passed in 1988; in other words, our data protection legislation is some 10 years old. Since then, there has been a growing sophistication in information technology which has outpaced the formal and legal capacity of our society to control and regulate it. If we are to be tough on fraud—as I hope we are—hand-in-hand with that we must be equally tough in our defence of personal privacy. That is the subject of these amendments.

In the United Kingdom, the Data Protection Act is 10 years old and therefore does not deal specifically with data matching. But the registrar interprets the principles to regulate that area. Prior to the proposals in this Bill, wholesale comparison of files between the DSS and local authorities and, with constraints, the Inland Revenue, Customs and Excise and the like, was not permitted unless that disclosure was required in law. Therefore local authorities in particular had to rely on efficiency studies from the Audit Commission and so on.

The Data Protection Registrar has made it clear that in her view a wholesale extension of data matching, which we support in order to exterminate fraud, must be accompanied by a similar extension of regulatory powers to protect the privacy of the individual. Her letter to Mr. Lilley on 10th January this year bears re-quoting. She says: When I commented on the text published for 2nd Reading, I expressed my concern at the very wide powers given in respect of data matching activities. In the light of this concern, I have come to the firm view not only that there should be a code of practice but that it should have statutory force. The existence of appropriate safeguards would go a long way to providing assurance to the public that data-matching exercises will be properly regulated to minimise the possibility of any adverse consequences for innocent individuals".

The Select Committee on the Scrutiny of Delegated Powers, in its 18th report, commenting on the Bill, quoted the registrar's letter. The committee stated at paragraph 8: It considers that a statutory code of practice would afford further protection against the potential misuse of the delegated powers in this bill, which the Government admits are wide-ranging".

The committee added that such a code would be "of great significance" and should therefore be laid before Parliament. Those are the words of a committee of this House.

Why? At the core of the Bill is that information collected for one purpose may be used for another. That flouts most of the principles behind data protection. It certainly flouts the 1981 European convention on data processing. Paragraph 4.3 of the convention states that, personal data should not be communicated outside the framework of social security for other than social security purposes except with the informed consent of the person concerned or in accordance with other guarantees laid down by domestic law".

To flout that principle may be justified—as I believe it is—in pursuit of fraud. But it must not be abused.

As was argued in the other place, it is essential to provide a clear, legal base for the use and disclosure of information, particularly since, with privatisation and the contracting out of so much information technology work, the data collected will be handled by private operators.

The DSS research by Alan Hedges, entitled Confidentiality: the public view (research report 56), was published last year. It showed a real and growing concern about privacy, and a fear that disclosure of personal information which should be only on a need-to-know basis was going beyond that remit and was being used for purposes other than those for which it was collected. The research also showed that taxpayers believed that where information was revealed, it should be limited, controlled and regulated, and that the information should be notified to and agreed by the subjects themselves. The research showed that matters concerning finance and health were regarded as particularly sensitive. The DSS deals with benefits, sometimes issues of health, paternity, cohabitation, immigration and other extremely sensitive issues. The research showed that people were worried about wider access; the loss of privacy; the proliferation of error; the greater possibility of leaks or misuse; and the transfer of power from individuals to organisations and the like. They want to know why information is being collected; who has access to it; under what circumstances it can be disclosed; how long it is kept; how often it is updated; and whether they can check their own records.

In response to a series of case studies presented to people, those views were shown to be very real. In one such example, a large company offers the DSS access to payroll records so that it can check whether the employees are claiming benefit. The respondents were asked: should the DSS accept that offer? Two-thirds of those questioned thought that the DSS would accept the offer; the same two-thirds thought that the DSS should not accept the offer. In other words, DSS official policy of not accepting such an offer was widely endorsed—and equally widely disbelieved. The research therefore showed that the DSS already has a rather poor reputation for its handling of sensitive information, and the notion of a shared, pooled database was widely disliked. Most people believed that they had a tacit bargain with the state: they were required and prepared to provide sensitive information provided that, in return, the state protected its confidentiality. As one man told the researcher, "I think you are allowed to live your life in a reasonable manner without interference from outside agencies".

The Government accept all that in their Green Paper, government.direct, which I wish briefly to quote. It states that, people want to be assured that their interests—such as their reputations, their finances, their entitlements and their prospects in life—are properly safeguarded. Information about them must not be misused, wrongly disclosed, accidentally revealed or fraudulently obtained".

That was the Government's view; and it is one we wholeheartedly support.

This pair of amendments will help both to alleviate public concern and to meet the Government's objectives as listed in the Green Paper, government.direct. What they propose is that there should be a statutory code of practice. What they do not propose is what should be in that code. We believe that that should be a matter for public consultation. It would need to be reviewed as technology is developed. What such a statutory code would do, together with consultation, is to reassure people that in pursuit of fraud the use of and access to highly sensitive personal information are properly controlled.

The Minister may say that sufficient protection is afforded by the EC directive. Perhaps I may assure the Committee that that is not the case because large swathes of government activity are not covered by the EC directive and would therefore go unprotected.

Such a code of practice will in no way hinder data matching. It will merely ensure that it is carried out in a scrupulous manner, especially when combined with later amendments to be moved by my noble friend on reports to Parliament and the like. In other words, it will provide the guarantees that the European convention which the Government signed requires. At the moment the registrar has only the weapon of the principles of data protection, under which a government department cannot be prosecuted because it is exempt. Precisely because so much of government departmental work has been contracted out that the public service ethic is inevitably diluted, so equally the public need greater protection.

We want this Bill to work. We want to pursue fraud vigorously, but we want to do so in ways that do not trample on the civil rights, and especially the legitimate right to privacy and confidentiality of information, to which ordinary citizens are entitled. In the Bill the Government ask for a wholesale extension of powers to invade privacy; to use information collected for one purpose to advance another. We are entitled to demand that such an extension of powers be accompanied by an extension of the guarantees to prevent misuse. I beg to move.

The Chairman of Committees

I must apologise to the noble Baroness and to the Committee for having called her as "Lord Hollis of Heigham", instead of, as she most obviously and attractively is, the noble Baroness, Lady Hollis of Heigham.

Earl Russell

The Minister will remember that we on these Benches are committed to the principles of the Bill, but we are also committed to the principle of trying to balance it with other desirable objectives. One which particularly concerns us is that the Bill should turn out, when we have scrutinised it, to be in accord with our other national and international legal obligations.

There are three points where the Bill may run into legal trouble. As the noble Baroness outlined, the first is Article 8 of the European Convention on Human Rights. The second is the European Data Protection Directive, arising not from the Council of Europe but from the European Community. The third is our own Data Protection Act.

When Parliament intends—as it appears on this occasion Parliament presumably does—that two potentially conflicting Acts should be enforced at the same time, it is usually sensible of Parliament to try to indicate to the court some principles on which potential conflicts between these Acts should be resolved. So far as I can discover, in its present form the Bill makes no attempt to do that. There is nothing about the Data Protection Act in the Bill. So where courts are faced with the potentially conflicting demands of this Bill, if it becomes law, and the Data Protection Act, there is no guidance as to what they should do. That is not a good situation for courts to be put in. If we are creating a situation, as a Parliament we should spell out how we mean it to be handled. I hope that that is something on which consultation may happen in public and, if need be, in private as well. It is not something on which we wish to be unhelpful.

As the Bill stands, its effect—whether or not intended—might be seen by some people as conferring in effect an exemption from the Data Protection Act. Where data matching activities are specifically provided for in law, as in this Bill they are, they may be outside the principles of unfair obtaining and non-disclosure as set out in the Data Protection Act. Whether that is the Government's intention, I do not know. If it is, it is possibly an unwise intention because it may well diminish the confidence with which people will be prepared to supply data for electronic storing. That confidence is already a somewhat tenuous plant. The mistrust of the computer is a fairly deep-seated emotion among many people.

I remember when I was new to your Lordships' House, I was having a conversation with a number of people here. Someone observed: "No one over 50 can cope with these things". A good many recipients of benefit are over 50 and may well share those anxieties. Their behaviour may be influenced accordingly.

Your Lordships have heard the concerns of the Data Protection Registrar. For a responsible public official, they are strongly expressed. It was not a casual utterance. The Secretary of State has indicated a willingness to consider them. At Second Reading the Minister indicated that his mind was not closed. Those misgivings were further reinforced by the Delegated Powers Scrutiny Committee in the passage to which the noble Baroness drew our attention. They are not two unfriendly sources: one is a responsible public servant; the other is a committee in the service of this House, with a distinguished record, to which, I am pleased to say, the Government have a good record for paying attention. Those matters need attention.

It is also possible that by adopting the code of practice suggested in the amendment, we could do something about the danger that the provisions of the Bill might be found to infringe the European Convention on Human Rights, for two tests will be used in the course of assessing that. One is the test of legal certainty, to which we will come on other amendments. The other is the test of proportionality: whether what is done is proportional to the danger it is designed to meet.

Something like this code of practice could go a long way to show that the remedy was in fact proportional to the danger it was designed to meet. That could save us a great deal of trouble and unnecessary argument in the future, which is something to which I hope we will all be sensitive. As the Bill stands, the Data Protection Registrar has no independent monitoring powers over what is done under the Bill. The Secretary of State has monitoring powers and he has a legitimate interest. But it is my contention that that is not the only legitimate interest which needs to be met. Civil liberties and the prevention of fraud are both legitimate interests, but they need to be held in balance with each other. I do not see how the Bill as drafted attempts to hold that balance. The amendment would go a long way to put that right and I hope that when he comes to reply the Minister will look on it with considerable sympathy.

Baroness Gould of Potternewton

I support the provision for a code of practice. It is important that with something like fraud, which we all feel strongly has to be eliminated, we agree on the method of achieving that. No one wants to be in a position where there is a continuation of the current levels of fraud. But at the same time we have to be committed to safeguarding the civil liberties of individuals, in particular the right to privacy which is enshrined in Article 8 of the European Convention on Human Rights to which the noble Earl, Lord Russell, referred. A balance must be struck between those two concepts which could be conflicting unless they are dealt with with great care and sensitivity.

The introduction of a code of practice proposed in the new clause would help to strike that balance which, I am afraid, at present is lacking in the Bill. It would safeguard rights of individuals by providing a clear legal basis for the disclosure of information, which is particularly important when, as has been indicated, it is proposed that information collected for one purpose will be used for another purpose.

The objective of the Bill to use information supplied by disclosing it to other departments and local authorities in order to detect fraud is not in question; but public concerns must be addressed. The Government's Green Paper government.direct specifically stated that people wanted to be assured that their interests were properly safeguarded. It went on to say that: the new methods of service delivery outlined in this Green Paper will be developed in accordance with the requirements of the UK's international data protection obligations. The Green Paper also promised that the Government would consult the Data Protection Registrar, so that the collection, use and disclosure of data could comply with the necessary requirements and meet the necessary standards of protection. But those are empty promises, unless the Government can assure us that public concern is met.

The Bill provides for a vast increase in the scope of data matching, which is a principle that one cannot oppose. But that data matching should be circumscribed by powers which enable the citizen to be protected. One way of doing so is to incorporate that protection in a code of practice, a code of practice which can evolve over time to match best practice internationally, as in Australia and New Zealand, and to match agreements into which we enter.

By autumn next year we shall have to legislate to incorporate into our law the new European directive on data protection. Inevitably, that will provide a new legislative context for the Bill's operation. But it will only apply to data that are specifically guarded by EC legislation and will not apply across government as a whole. It will also take time for the directive to be implemented in the United Kingdom. So protection is required in the interim. A code of practice will provide that protection and will not adversely impact upon data-matching for anti-fraud activity. It will certainly enhance the Bill and provide the protection which the Government seek in their Green Paper government.direct.

If the Government are strictly honest, they have no alternative but to accept the code of practice.

3.30 p.m.

Lord Whitty

I rise to support the amendment and ask for the Committee's support for a code of practice with statutory force.

There have been massive changes in technology since the Data Protection Act and the European convention were introduced. The Chinese walls introduced in that legislation to avoid exactly what we are now discussing—namely, the use of material provided for one purpose being used for another purpose—have been overtaken by technology. The whole concept of data matching is relatively recent. We now have technology whereby computers are able to access information to each other, analyse that information and amend it across different systems and systems run by public authorities. It is a whole new area in which monitoring and vigilance are necessary. In no way do we on this side of the Committee intend that to cut across the enormous job of combating fraud in this area.

However, we know that the most casual omission can be repeated and magnified through borrowed data between systems. We know that it happens in the private credit sector and the public information sector. We know that there are errors in the systems. We also know that there has been some deliberate hacking into the systems. Some hundreds of cases have been uncovered by the Department of Social Security within its own system.

As indicated in their Green Paper, the Government recognise those problems. The Registrar for Data Protection has recognised that concern. As my noble friend Lady Gould said, we must anticipate the implications of the new European directive in this area. There is available some fairly substantial international experience. My noble friend Lady Hollis referred to the Australian example. There are also examples in Europe—in Germany, Sweden, Finland and Denmark—as well as in New Zealand and Canada. We need to look at that experience when drawing up the code of practice.

This Chamber needs to take close cognizance of the report of its own committee published only a few days ago, which made clear that a statutory code of practice in this area would be desirable. We all accept that we must tackle fraud. But we must also safeguard the privacy of the citizen and his civil liberties. There are key, sensitive issues of personal finance, personal health, family relationships, residence and other legal matters. A code of practice would necessarily need to resolve some conflicting objectives, but that is what a code of practice is for. It would need some subtle drafting and I suggest that it would need widespread consultation among both users and providers of those systems. At the end of the day, it would come back to this Chamber, as recommended by the Delegated Powers Scrutiny Committee, and be laid before Parliament.

In considering such a code of practice, I believe that Parliament would fulfil its dual responsibilities: on the one hand, to safeguard public money; and, on the other, to safeguard the rights and privacy of the citizen.

Lord Carter

My noble friends and the noble Earl, Lord Russell, put the case extremely well. When the Minister replies, perhaps he can deal with the point which has been put to us in briefing; namely, that the Bill as drafted has the potential to negate most of the Data Protection Act. I am told that there are eight principles under data protection enshrined in the Act and, in some cases apparently, the Bill could negate all of them. I should be interested to know whether the Minister agrees with that view. I shall not repeat all the eight principles. But the first principle states: The information to be contained in personal data shall be obtained, and personal data shall be processed, fairly and lawfully". The second principle says: Personal data shall be held only for one or more specified and lawful purposes". The third principle states that: Personal data held for any purpose or purposes shall not be used or disclosed in any manner incompatible with that purpose or those purposes". I understand what the Government are trying to do through the Bill. When the Minister replies, can he say whether that view from lawyers is correct; namely, that unless there is a statutory code of practice in it, the Bill would in fact negate almost all the eight principles in the Data Protection Act?

Lord Mackay of Ardbrecknish

This debate and the amendment on which it is based were foreshadowed in the Second Reading when a number of noble Lords spoke in favour of some form of a code of practice for data matching. At Second Reading, I indicated that the Government's mind was not closed on the issue. As I promised, I have carefully looked at all the points made in that debate, most of them merely repeated in this debate. I have also looked carefully at the report of the Select Committee on Delegated Powers and Deregulation in its 18th report. As we have heard, I have also looked carefully at the correspondence that we had with the Data Protection Registrar, Mrs. Elizabeth France; and my colleague Mr. Oliver Heald has met the Data Protection Registrar and discussed this issue with her. She, as the noble Baroness pointed out, believes that we should have a code of practice for data matching and that that code should have statutory force.

Many citizens now expect the increased standards of service and efficiency that computers can bring. The broad support that the proposals in the Bill have attracted has shown that most people accept that, in this day and age, we should use technology effectively to detect fraud. It is no longer acceptable for benefit fraudsters to tell one story to one department and another story to another department and then hide behind artificial constraints on comparing the two stories.

The honourable Member for Birkenhead said on the BBC2 programme "The Sci Files" on 3rd March: While it's totally proper the civil liberties arguments are put forward, it's equally important that the other side of the debate is expressed as forcibly. And the area I'm most interested in—and that is countering social security fraud—I suggest that the arguments are weighed too far in favour of the civil liberties argument". There are of course those—perhaps such as Liberty—who would strike the balance differently: to whom the minimal invasion of privacy involved in having one's data "matched" outweighs the benefits to society of catching fraudsters. But I sense that the bulk of the concern in this Chamber and outside is not about whether data matching should take place but what safeguards should surround it; and I sense that the desire for safeguards is not as a device to prevent effective data matching but is to ensure that, as the Data Protection Registrar says, the innocent do not suffer adverse consequences. I agree with the view of the Delegated Powers and Deregulation Committee that: a cautious approach is particularly important given the comparative novelty of data-matching and the fact that the subject of the data matching will often not know that the process is being carried out". The Government have repeatedly made it clear, and I can assure the Committee again, that in employing the new powers to use information provided in this Bill, the department intends to apply the highest standards of confidentiality and security and to conform strictly to the Data Protection Act, which I hope meets one of the points made by the noble Earl, Lord Russell. Moreover, the Bill contains additional safeguards which reflect the sensitivity and novelty of the powers. The Bill strictly limits the purposes for which information can be used, as well as the circumstances in which information supplied to the DSS can be passed to another person or body. Those are important safeguards, and they are on the face of the Bill. There is no provision to extend them, even by delegated legislation. The provision to extend the types of information which can be supplied is subject to affirmative resolution of both Houses of Parliament—which the Select Committee agreed was appropriate—and the safeguards of purpose and onward disclosure would still apply.

Nothing in the Bill—to respond to the noble Lord, Lord Carter, and the noble Earl—amends the Data Protection Act 1984 or limits the application of that Act to the new powers. The provisions in the Bill will be subject to all the safeguards of the Data Protection Act. They will be operated in accordance with the data protection principles: supply and use of the data will need to be registered in accordance with the Act; and all individuals whose data is used will have rights under the Act, including the rights to obtain a copy of the data held on him and to have that corrected if it is wrong.

I said that I would listen carefully to the concerns which have been expressed, and I have studied the other amendments seeking specific safeguards. As I will explain when we reach those amendments, there are many safeguards in place already, not least in the Data Protection Act itself. However, the debates both here and in another place have shown that, because those safeguards are in other legislation, in statements of departmental practices and in ministerial assurances to Parliament, they are not as accessible as they might be.

So while I am not prepared to accept these amendments to the Bill, I will give the Committee an undertaking that the Department of Social Security will publish a code of practice on data matching and that data-matching exercises under the new powers in the relevant clauses of the Bill will not be conducted until that code has been published. Moreover, the code will be published only after consultation with the Data Protection Registrar, who has indicated that she would be willing to be involved in its preparation. Copies will be placed in the Library of your Lordships' House.

The code will explain what data matching is, what data are matched, how often exercises are to be carried out, what happens when an inconsistency is discovered—I will return to that in a moment—and what happens to the data after the exercise is completed. The code will describe the steps taken to inform benefit claimants that the data they supply to the DSS may be matched with data they have supplied to others. It will describe what happens when an inconsistency is discovered by a data-matching exercise, both where the DSS data is found to be incorrect (but not fraudulent) and also where the data from another department are incorrect but show as a mismatch against the DSS's correct information.

Most importantly, the code will set the procedural and other safeguards to ensure that innocent people are not wrongly accused of fraud. Those will cover measures to minimise the risk of one person being mistaken for another; and describe how apparent anomalies are checked to eliminate clear data errors and how trained fraud officers take action to establish the true circumstances of the case. I do not expect that any code could make an absolute commitment about the actual time taken to clear up a query, as that will depend on the action required and the extent to which the person involved co-operates with the department in resolving the matter.

The code will set out the steps which will normally he taken before a decision is taken to suspend benefit. Let me make it absolutely clear that benefit payment will not be stopped automatically if the computer detects an inconsistency. Benefit entitlement will not be terminated unless further investigation reveals sufficient evidence of fraud or other incorrectness in the payment for the adjudication officer to take such a decision in the normal way; and if there is any change in the benefit paid the claimant will be informed of the reasons and of his or her rights to appeal or review in the usual way. The code will explain that in normal circumstances the claimant will be given an opportunity to explain the inconsistency before action is taken, but that this of course may be impractical where, for instance, the data suggest that the claimant has moved abroad or that the whole identity is fictitious.

In dealing with safeguards, there will also be references to the relevant provisions of the Data Protection Act 1984 and the Computer Misuse Act 1990, as well as the sanctions against staff who breach the rules contained in Section 123 of the Social Security Administration Act. The section on safeguards will also deal with the physical security of the site where data matching is carried out and the way that data are stored, how long they are kept and how they are disposed of.

Finally, though I hope it will not need to be used very often, there would be a section on complaints procedures. I mentioned those at Second Reading. The Benefits Agency already publishes a leaflet called Tell us about it, which is currently being revised and reprinted. It will explain how to contact the customer complaints manager or district manager, and if they cannot resolve matters satisfactorily, how to write to the chief executive, and the role of the ombudsman. The code will also include a reminder of the existing rights to complain to the Data Protection Registrar. A report of the effectiveness of data-matching exercises will be made in the departmental report each year, so that Parliament can monitor the continuing usefulness and propriety of this activity.

I believe that will meet most of the concerns expressed by the Committee during this debate and by the Select Committee. It will provide the necessary assurance that the data-matching powers in the Bill will be exercised properly. Because the code will not be part of the statute, I believe that its contents can be fuller and more descriptive than would be appropriate if it had to have the force of law.

I have been in your Lordships' Chamber long enough, and argued with the noble Baroness and the noble Earl long enough, to have a slight doubt in my mind that they may not be persuaded that I have moved quite far enough, though I hope they will accept that I have moved a considerable distance this afternoon in explaining that we will have a code of practice and giving your Lordships some detail of what it will contain. However, they may suggest that I move a little further and look at the amendment.

I do not want to go into the amendment in detail. As the Committee will be aware, I never rest my case on the fact that an amendment is defective. But it is only fair that I should point out, in case the Committee is asked to give its opinion on the amendment, that there are problems, which is perhaps not surprising in what is an extremely complex area.

First, as drafted, the amendment is very wide. It appears to govern not only the data matching of data from other government departments against that already held by the DSS but also all the existing processes carried out by the department. And by encompassing any enactment amended by this Bill, it ranges widely through central and local government—not just the social security system—in an unsystematic way.

Secondly, the new clause appears to expand, for the social security system, the operation of the Data Protection Act 1984. Subsection (7) provides that any breach of the code of practice by the DSS found by the Data Protection Registrar would be automatically deemed to be a breach of the data protection principles. Such a provision would seem counter-productive. If it had that effect, my right honourable friend the Secretary of State would seem most ill-advised to make the code of practice any more than a restatement of the principles themselves. I doubt that that would reflect the concerns expressed by Members of the Committee and others, and would not go nearly as far as the code of practice I outlined this afternoon.

Thirdly, the amendment seeks to give the Data Protection Registrar a role as a sort of auditor. At Second Reading the noble Baroness said that she wanted the Data Protection Registrar to have, a supervisory role of audit over datamatching activities". Since then her ambition for the registrar has grown. The new clause would significantly extend the role of the Data Protection Registrar, but only in relation to social security, not to other data users. It is unreasonable and illogical to impose on the Department of Social Security a condition which would not apply to any other government department or to any private sector company. There will be an opportunity to consider all the powers of the registrar when it comes to the implementation of the EU data protection directive.

Fourthly, subsection (6) would give the registrar the power to require information to be provided to her. The registrar has no such power at present. This would be a major departure from the existing provisions of the Act, which apply to all data users. She may request information, but if the request is refused and she has reasonable grounds for believing there is a breach of data protection principles, she must apply for a warrant. This is another area where the amendment seeks to make special provision for social security in advance of the general consideration of these matters in the context of the EU data protection directive.

To sum up, there are three main reasons why the Committee should not accept the amendments and should not look to embed a code of practice in statute. When most people talk about a code of practice they mean something that does not have the force of law. When the Data Protection Act itself refers to codes of practice it states that they are for guidance in complying with the existing legal requirements set out in the data protection principles. For instance, I would expect a code of practice for data matching to reflect the additional safeguards which we have in place as well as those necessary to comply with the underlying data protection principles enshrined in Schedule 1 to the Data Protection Act. Action in breach of the code of practice might not be a breach of the underlying principles, but I would expect that the Data Protection Registrar would want to look especially closely at any complaint that suggested a breach of the code to check whether or not the principles had been correctly applied.

Secondly, as the Delegated Powers Scrutiny Committee has said, there is a comparative novelty about data matching, and locking the code of practice into statute would restrict the ability to change it quickly in the light of experience or particular problems.

Thirdly, in the near future, Parliament will need to consider wider questions of future policy in relation to data protection in the context of the implementation of the EU data protection directive. I believe it would be premature to develop a special body of data protection law applying only to social security data matching in advance of the general opportunity to review the law, especially as the concerns of many of your Lordships are not so much about how the Government currently intend to use the powers, on which I hope the Committee accepts my assurances, but about the potential for misuse of future technologies in ways we cannot foresee.

We will continue to comply with the data protection principles. In addition to the safeguards already in the Bill and the assurances about practice which I have given, we will publish a code of practice after consulting the Data Protection Registrar and before conducting data matching exercises using the new powers in the Bill.

With my explanation of why I do not believe it would be right to have a statutory code of practice and with my clear explanation, I trust, of what we envisage would be in the code of practice we intend to set out—I apologise for going on at some length about that code of practice, but as I was bringing it to your Lordships for the first time, it was only right that I did so—I hope that the noble Baroness will see her way to withdrawing her amendment. But if she does not, I hope my noble friends will accept my argument in favour of the code of practice I have offered and support me.

Earl Russell

I am grateful to the Minister for that reply but I am sure he will not be surprised if I ask him a few questions in order to find out quite how grateful I ought to be. I make no complaint whatever about his going on. In fact it was extremely helpful to the Committee. Indeed, so much do I not reprove him for that that I am about to invite him to go on a little longer.

I cannot help thinking that his argument about restrictions which apply only to the Department of Social Security did a little too much for his own purposes. If we should not have restrictions that apply only to the Department of Social Security, then, by the same argument, would it not follow that we should not have privileges of access that apply only to the Department of Social Security? That is not my position at present but the Minister could turn it into my position. I would advise him not to do so.

The point he made about the European directive, where we do have a good deal of work to do, and the argument that perhaps we should not have a massive change in the law ahead of that, do carry some force. But does not that same force suggest that there might be an argument for postponing the Bill until we have the law sorted out in the light of the European directive?

I was extremely pleased to hear about the code of practice. I was extremely pleased to hear that the Bill would be operated according to the principles of the Data Protection Act. I was extremely pleased to hear that the department intends to operate the Bill according to the highest standards. But the crucial question is: who is to be judge of those standards? There were moments in the Minister's speech—only moments—when he reminded me of the old case of the servant who turned up with an open testimonial from his previous employer saying, "During his period of service with me Mr. So-and-so has discharged his duties entirely to his own satisfaction". The key point is: is there to be any independent judge of whether the department has in fact exercised its powers to the highest standard? We all believe that we are exercising our powers to the highest standard and all of us sometimes are wrong.

As the Minister's speech went on, in several passages he indicated that he expects the Data Protection Registrar to have an oversight over the Bill. If that is correct, it is extremely welcome. However, the advice available to me is that, in order to give the Data Protection Registrar that oversight, we would need to amend the Bill to provide for it. Under the present text of the Bill, where data matching activities are specifically provided for in law, as they are in the Bill, issues of unfair obtaining and the non-disclosure requirements of the Data Protection Act do not apply. Is the legal advice available to the Minister the same as that? If it differs, how does it differ? That is the point on which I should be extremely grateful for an answer. If the Bill needs amending in order to allow the Data Protection Registrar the power of monitoring, and if the Minister gets legal advice to that effect, is he prepared to amend the Bill accordingly? If he would say yes, that would advance his cause very materially.

The Minister did not touch at all on the issue of proportionality under the European Convention on Human Rights. I should like to know exactly how his code of practice will impinge on that. That will depend on the details of wording, on which we shall need a certain amount of advice. I do not know whether the Minister is in a position to give that advice, but many of us may need it before we reach any final decision on this question.

I understand what the Minister said about the case for matching data. I can understand and respect as legitimate the view that the balance in favour of civil liberties has been tipped too far. I would not agree with that view but I can see how it can be honourably argued. What I think cannot be honourably argued is that we should do things which are contrary to our international legal obligation. That is a position with which I understand the Government are in full agreement. Nor can it be argued that a sensible Parliament should leave two contradictory provisions on the statute book at the same time. If the Minister can convince me that his code of practice will meet those dangers, I really will be grateful to him.

4 p.m.

Lord Mackay of Ardbrecknish

The problem with answering many of the noble Earl's questions is that I shall have to repeat almost everything that I intend to say on other amendments later on. It is rather a pity that this particular amendment was promoted so high on the agenda and before we had the opportunity to look at some others. We could then have considered it in its appropriate place with Amendment No. 18. However, for some reason the amendment has been promoted to number one, and that causes some difficulty when looking forward to other amendments.

Baroness Hollis of Heigham

Is the Minister saying that he does not share our assessment that this is a major issue in the Bill and therefore that it should be taken as early as possible?

Lord Mackay of Ardbrecknish

I shall be here all evening. It seems to me that if an issue is of great importance it should take its proper place in our deliberations, but I am well used to things being promoted to number one in what I might call in television terms "prime time" and here it is. I am simply saying—

The Earl of Balfour

I believe that my noble friend the Minister will find that Amendment No. 1, which we are dealing with, was grouped with Amendment No. 18 in the Marshalled List. I believe that he said that he wished to speak to Amendment No. 18 when we come to it. I may have misheard.

Lord Mackay of Ardbrecknish

No, I did not say that. I said that a number of the points raised by the noble Earl arise in amendments that we are about to take and I would have been able, without repeating myself, to deal with some of the issues when we come to Amendment No. 18 if that amendment had been in its proper place. But that amendment was promoted to be with Amendment No. 1 in order to bring it up, as the noble Baroness clearly agreed, to prime time. However, I do not want to make too much of that.

I wish to answer the noble Earl quite quickly. I do not believe that it would be sensible to postpone the Bill until the law is changed to take account of the EU directive. I believe that the Bill contains more than just data matching, but the ability to data match is important in the pursuit of fraud. My understanding is that all parties are in agreement about the need to use modern tools in order to make sure that there is not fraud in the system.

As regards the code of practice, I said quite clearly—and I repeat it in case there is misunderstanding—that the registrar will be fully consulted when it comes to making up the code of practice. Indeed, she has agreed to that. I was not very sure of one or two other points that the noble Earl made, but I am able to say to him that the registrar has all the powers under the Data Protection Act. As I said in my main contribution, that Act is still there and the powers and principles are still there. We shall have to abide by them.

The question of proportionality is an interesting one. I should have thought that 30 per cent. of public expenditure, which is what the Department of Social Security's budget covers in these matters, represents a fair amount of proportionality. As regards the size of the fraud mentioned by the noble Baroness, although we do not entirely agree with the figure for housing benefit, I do not believe that in that ball park anyone can doubt that there is not a measure of proportionality.

The main point is that the Department of Social Security has for many years collected a lot of information on people. We have a good record in protecting that information and handling it properly. All the computer processes of personal data by the department and by its contractors are registered under the Data Protection Act. Officials are in regular contact with the Data Protection Registrar and our office to seek advice in advance where there is any doubt about the application of data protection principles to a particular activity. So I believe that we are very well used to dealing with a lot of sensitive information and doing so in a secure and safe manner, in conjunction with the registrar whose role we fully understand and appreciate and whose advice we seek when we feel that we need some help from her to decide how we can treat some of the data that we collect. I hope that these assurances help the noble Earl.

Earl Russell

Bearing in mind the case of Pepper v. Hart, can the Minister give us an assurance that the powers of the Data Protection Registrar impinge on the provisions of this Bill?

Lord Mackay of Ardbrecknish

With the Pepper v. Hart judgment in mind, I simply refer the noble Earl to what I said in my original speech that nothing in the Bill amends the Data Protection Act 1984 or limits the application of that Act to the new powers.

Lord Carter

The noble Earl has raised a very real point. As regards the role of data protection and the registrar, clearly she has a locus in this Bill. That follows the rules laid down in the 1984 Act. If the registrar wishes to enforce compliance with the data protection principles, she serves an enforcement notice on the data user, knowing that failure to comply with such a notice is a criminal offence by virtue of Section 10(9) of the Data Protection Act. However, Section 38(2) of that same Act states that a government department cannot be prosecuted. So if such a department cannot be prosecuted presumably enforcement notices cannot be enforced. The briefing that we have had is that the Data Protection Registrar is powerless to enforce the principles. If there were a statutory code that would help to overcome the problem. If the code is non-statutory, it is all very well saying that the registrar will have to take into account any breach of such a code, but how does all that match with the section of the Data Protection Act which states that a government department cannot be prosecuted? What are the real powers of the registrar in this case? Does not the Bill need amending to make sure that the registrar has the powers that the Minister believes she has?

Lord Mackay of Ardbrecknish

The position on this Bill is that we are here providing a clear legal basis for the data-matching exercise under the Bill so that the disclosure of information for this purpose—say, from the Inland Revenue to the DSS—will be lawful under the Data Protection Act. As regards the powers of the registrar, the Data Protection Registrar can issue enforcement notices against a department if she believes that the data protection principles are being breached. She has existing powers. As I have said, we shall co-operate with her, as we do, and we shall be co-operating with her in the production of the code. She has the power to report to Parliament on any matters about which she is concerned in relation to data protection, including the use of data protection by the Government. I am not sure whether that helps the noble Lord, Lord Carter, but it is as far as I can go at the moment.

Baroness Hollis of Heigham

We obviously welcome the Minister's support of the principle that there needs to be a code of practice. It would be churlish not to recognise that the Government have moved a considerable way in our direction, which we welcome. We also welcome his reaffirmation that such a code of practice shall embody the highest standards of confidentiality and security. That is splendid. The Government had a choice. I am perfectly willing to accept that our amendment may be technically flawed. We do not have the department's resources behind us at the moment.

The Government could have opted for a version of our amendment or brought back a revised and valid one, which put the drawing up, handling and monitoring of a code of practice in the hands of the data registrar. Instead the Government have chosen to go down the path whereby the DSS will draw it up, after consultation, which we welcome. It will draw up a code of practice and monitor compliance with it.

I am still not clear why the Government have chosen that path rather than the one indicated in our amendment. The examples that the Minister gave in his helpful answer relate much more to issues that are normally dealt with by the appeals procedure; for example, benefits sanctions. In other words, they deal with ends rather than means. The code of practice is about methodology and not about the outcome. It is meant to be about implementation and workable practice for organisations like local authorities who have not hitherto dealt with such issues. It will translate the principles of the Data Protection Registrar into a working code of practice. That is the point of it. So local authorities entering into a new field with new powers and new support as well as an inspection by the DSS, know how to carry out the measures with the appropriate, fair and scrupulous methodology. According to the Minister's reply the Government have splintered the principles for which the data registrar is responsible, and the code of practice which gives effect to those principles and for which the department will be responsible. Why? Why is he refusing to allow the Data Protection Registrar to translate the principles under the Data Protection Act into the code of practice, the day-to-day guidelines, which she will expect local authorities to observe?

If anyone has a complaint, not about outcomes, which are properly the job of the appeals procedures and the tribunals, but about the methodology, where will that person go? Will he or she go to the DSS so that that department is both judge and jury in its own cause, and so that Ministers will simultaneously be handling an appeals procedure, paralleled by a code of practice, or will that person go instead to the Data Protection Registrar? Will that person argue to the Data Protection Registrar that the Government's observance of the code of practice is not in accord with the registrar's shopping list of principles?

I am sure that the Minister was attempting to be helpful. I am sure that it was genuinely well intentioned and I am not suggesting otherwise, but I do believe that the Minister has opened up for himself far more problems than he has resolved. Surely the easiest and simplest way to translate the principles which we want to see observed into a working code of practice for local authorities and similar bodies is to have the person responsible for the code of practice the person who is also responsible for monitoring the principles. If that is not the case, I am sure that there will be huge confusion.

Lord Mackay of Ardbrecknish

I am a little puzzled by that argument. The noble Baroness seems to be complaining that the code of practice that I have suggested will be drawn up by the Secretary of State and the Department of Social Security, but the very first line of her amendment, Amendment No. 18, states: The Secretary of State shall prepare a Code of Practice", so I really do not see how the noble Baroness can make a major difference between us on that point. In both cases, it will be the Secretary of State who will prepare the code of practice. I have made it clear that in preparing that code of practice the Secretary of State will discuss these matters with the registrar, will take her views on board and will very much stand alongside her when translating the principles into the code of practice. That seems perfectly sensible. Therefore, there is no division between us and I cannot imagine why the noble Baroness has attempted to create an artificial division by saying that in my example it was somehow wrong that the Secretary of State should draw up the code of practice, yet in line 1 of Amendment No. 18, the noble Baroness has suggested that, The Secretary of State shall prepare a Code of Practice". The difference between us is that the noble Baroness wants a statutory code whereas I think that there are considerable advantages in it not being statutory because, as I have said, with the passage of time and learning, we shall then be able to make changes without having to come back through all the statutory hoops in relation to a system of data matching which is very new to us all.

Lord Carter

I now have with me a copy of the Data Protection Act, which perhaps I should have had when I started to deal with this amendment. The Government are in a real fix here. I am advised that the Government will have to be a registered user under the Act and that in that sense they are governed by the Data Protection Act. So the principles bind the Government. However, the Data Protection Registrar is not able properly to enforce them against the Government because of Section 38 which states: (1) Except as provided in subsection (2) below, a government department shall be subject to the same obligations and liabilities under this Act as a private person; and for the purposes of this Act each government department shall be treated as a person separate from any other government department and a person in the public service of the Crown shall be treated as a servant of the government department to which his responsibilities or duties relate (2) A government department shall not be liable to prosecution under this Act but". There is then a list of various provisions. The Minister must deal with the point because it is absolutely crucial. If the Act stops the Government being prosecuted, how can the registrar enforce the provisions of the voluntary code as the Minister has described?

Lord Mackay of Ardbrecknish

The noble Lord is making rather a mountain out of a molehill here. The Data Protection Registrar always seeks to persuade any organisation which she sees contravening the data protection principles to change its ways. That is clearly how she takes her role. Enforcement notices are in every sense a last resort where such persuasion has failed.

The interesting point is that the registrar has never had to take out an enforcement notice against any government department. Clearly, therefore, any point brought to the attention of a government department by the registrar has been satisfactorily resolved. As far as we are concerned, if any matter was brought to our attention we would certainly note the registrar's views and take them on hoard. If the registrar issued such a notice against my department, we would certainly act on it. We must also remember that there would be the necessary consideration of it by the data protection tribunal also, so it is not just a matter for the registrar.

The noble Lord asked why the Government are somehow protected from the law. Although some Members of the Committee will know a good deal more about the legal niceties than I do, I must advise the Committee that it is quite normal in our law that the Crown cannot be prosecuted. However, by convention, the Government act within the law and I can assure the Committee that we would always seek to do that—

Baroness Hollis of Heigham

Except when you do not!

Noble Lords


4.15 p.m.

Baroness Hollis of Heigham

This has been a useful discussion and we shall obviously want to take further advice on whether to pursue the matter further. We welcome the fact that the Government have moved somewhat in our direction. However, I am still not persuaded on the point about the statutory code. What sanctions exist if someone breaks the code? If the code is not statutory, it is merely a code of guidance. If a local authority fails to observe it, what sanctions may be deployed against the authority if the code is not statutory?

Lord Mackay of Ardbrecknish

As far as we are concerned, if an individual breaches the code, we would certainly take firm action against that person. I suspect that if the breach was deliberate, the individual would no longer have a job in that department.

Baroness Hollis of Heigham

Perhaps I was not clear. If an individual complains about a local authority's breach of the code of practice, what sanctions can be brought to bear if the code is not statutory?

Lord Mackay of Ardbrecknish

I imagine that the local authority would take the same serious view as we would take of any individual in its employ who breached the code of practice and used information in a way which was not allowed under it or was not in accordance with the instructions under which that individual was working. To take it a little further, if we had sent data to the local authority and the local authority did not treat that data properly, we would take a pretty dim view of the local authority.

Lord Swinfen

Before my noble friend sits down, could not such a local authority be prosecuted given that it is not a government department?

Lord Mackay of Ardbrecknish

I should need to consider that point, but we were thinking more of an individual doing something at his terminal which was contrary to the guidance and to the code of practice.

Baroness Hollis of Heigham

Perhaps the Minister can follow up the point by writing to us about such questions as whether the issue comes within the remit of the ombudsman. If the Minister does not want a statutory code, we need to know what sanctions are attached to what would appear to be a non-statutory code. Our concerns do not relate solely to individuals within departments, because it may be that an authority—possibly not a good authority—breaches the code when cutting corners in its efforts to eradicate fraud for fear of losing subsidy. In that case, I am concerned that an individual should have sufficient sanctions against the authority and be able to go to the ombudsman if there is no redress in law.

I do not want to delay the Committee any longer, but I hope that the Minister will write to me on this point. In the light of the discussion that we have had and with the statement that we shall probably want to return to this matter, I beg leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Earl Russell moved Amendment No. 2: Page 1, line 21, leave out (", or to a person providing services to,").

The noble Earl said: I do not intend to argue this amendment primarily on legal grounds; I intend to argue it primarily on political grounds. I do not think that the provision infringes any legal obligation. As drafted, the Bill states: Information to which this section applies may, with the authority of the Commissioners concerned, be supplied to, or to a person providing services to, the Secretary of State or the Northern Ireland Department". The purpose of the amendment is to delete the words, or to a person providing services to because the argument is that that provision makes the power of disclosure altogether too wide and too uncertain. Indeed, when I think of information being supplied, to a person providing services to … the Northern Ireland Department", the range of people who might be covered by such a form of words is very wide indeed. I do not believe that normally the Government would wish to disclose information to all of those people.

I should like to raise with the Minister three legal queries. Perhaps he would check to see whether the legal advice that he has received is the same as mine. First, under Article 8 of the European convention does the combination of wide disclosure and subsection (2)(b) (use for checking accuracy) make it too broad and imprecise to bring it within the European convention principle of legal certainty? He is probably all right as to that, but I should like to know whether his advice is the same as mine. Secondly, would this infringe principle 3 of the Data Protection Act that information should not be disclosed to a third party? Clearly, this hinges on the meaning of "third party". Again, I should like to know whether the Minister's advice is the same as mine. Thirdly, does he believe there is any force in the view that the data protection principles are too broad to apply effectively to the new legal techniques of data matching?

But I am concerned much more with the disclosure of information to we know not who. There is a considerable number of plans in the Act for privatisation, market testing and contracting out within the Department of Social Security. I do not know which of these will come to pass, but all of them are under discussion. It is no part of my present purpose to engage in a discussion on the merits of those proposals. I suggest that the provisions of this Bill and those proposals are perhaps mutually exclusive. One could have disclosure of information to people who were in no way bound by the restraints of training in the public service or by any Civil Service code but whose use of that data might be subject to a good deal of suspicion. Indeed, the use of that data may arise in a case where their own interests conflict with their duty—conflicts of interest are by no means impossible—above all, where there is no control as to where the data go. It is liable to look like a thread that runs in clothes: it goes on and on and on.

The Minister will recall that at Second Reading I referred to the possibility of disclosure affecting women who were trying to flee from domestic violence. The problem of disclosure in these cases and the ingenuity of men who pursue such women is a very serious one. Representatives of Women's Aid have expressed concern to me about the effect of this Bill on that problem. I believe that it is a very real problem. It is yet another reason for arguing that disclosure should be within controlled and defined limits. In this context, we have no idea how far disclosure may go, so we do not know who will gain access to the information.

I also believe that the principles of Amendment No. 45 in the name of the noble Lord, Lord Carter—which amendment I intend to support with some vigour in its due place—apply to this clause as they do to Clause 4. One has a problem of unauthorised use as well as unauthorised disclosure. These are two quite different problems that require to be legally distinguished. People may be lawfully in possession of information and yet use it for a purpose other than a public service purpose. Surely we should treat that as an abuse. The risk of this happening where the people concerned are not in any real sense public service people must be serious.

I hope that the Minister can be forthcoming on this amendment. I beg to move.

Lord Mackay of Ardbrecknish

The noble Earl has explained a little further than I thought he intended by the words of his amendment his concerns about the use of the private sector in the processing of personal data. He has widened it a bit to include the DSS itself. Perhaps I may say at this stage—I may be saved from having to say it a few times hereafter—we believe that this Bill is consistent with the EU Data Protection Directive. The Government are concerned that the personal information supplied by the tax authorities and by other government departments as proposed in this Bill should always be safely and securely held, whether by civil servants or contractors. Section 123 of the Social Security Administration Act makes it an offence for DSS employees and its contractors to disclose information unlawfully. That may perhaps assist in answering the question raised a few moments ago by the noble Baroness.

Unauthorised disclosure is an offence which on conviction on indictment can attract a penalty of imprisonment for a maximum term of two years or a fine, or both. Both the department and its contractors consider unauthorised disclosure of information from departmental records or other information obtained by staff in the course of their official duties serious misconduct, and incidents are met with a range of penalties, including dismissal.

However, the use of contractors or outsourcing for computer and information technology is common practice in the private sector as well as the public sector. The level of specialised knowledge and expertise contractors bring to this area makes it a cost-effective practice. The Government have been using outsourcing for the best part of a decade and have found no indication that the security of data is weakened. Indeed, one of the reasons why the use of outsourcing is cost-effective is that the companies that provide it are often experienced in handling confidential data securely for other clients in the private sector and elsewhere in the public sector and both in this country and abroad. Such companies have a strong commercial self-interest in maintaining the highest standards of confidentiality for each of their clients. It could take only one breach of security with one client to lose a world-wide reputation for trust with all clients.

In addition, private sector companies who provide IT services to the DSS are required as part of their contract to hold and process data in accordance with the departmental IT security standards and observe all their obligations under the Data Protection Act. Internal data matching of DSS systems is currently carried out under contract to BT Syntegra. I understand that all its staff involved are briefed by their team leaders to ensure that they appreciate the sensitive nature of the work undertaken by the project and advised that any breach of confidentiality will be treated as a disciplinary offence.

The provisions introduced by Clauses 1 and 2 would allow the tax authorities or other government departments to supply the information described to persons supplying services to the Secretary of State. The purposes for which information supplied can be used are set out on the face of the Bill. They are explicit and limited: the prevention and detection of offences relating to social security; the checking of the accuracy of social security information; and purposes relating to national insurance contributions. There is no question that the contractors involved could then lawfully use the information for their own purposes or for the purposes of services that they provided to other government departments or others not involved with social security.

As far as concerns the use of data by local authorities, local authorities can be prosecuted for their failure to comply with an enforcement notice issued by the Data Protection Registrar. The Bill provides that information can be supplied by the DSS to local authorities and by one authority to another only to tackle benefit fraud and for specific benefit administration purposes. Authorities will be responsible for ensuring that their staff comply with the new law and with the requirements of the Data Protection Act. In addition to internal local authority controls, authorities' external auditors may become aware of and comment upon any unauthorised use of personal data.

To add to what I hope have been words of comfort to the noble Earl, Clause 4 of the Bill makes unlawful disclosure of personal data by authority staff, auditors or local government ombudsmen an offence. In the modern world, we must recognise that it is right and cost-effective to involve the private sector in the delivery of public services, including social security administration. The Bill recognises that. The amendments would militate against it. I hope that I have assured the noble Earl that the protections about which he is concerned are indeed there for government, the DSS itself, the contractors working for the DSS or for local authorities.

4.30 p.m.

Earl Russell

The Minister has done his best. He has given me a great many assurances, which I welcome and accept absolutely without question. I am grateful for that. What the Minister has not done is to give me assurances which meet the point of my amendment. The amendment is not intended to raise the question: what services should be privatised or contracted out? I specifically passed on that debate. But unless the Minister can convince me, which he has not done, that that can be done with security of data, it remains my position that the Minister can do one of those things or the other. It is for him to decide which, but he cannot do both.

The Minister said that within the DSS unauthorised disclosure is an offence and is treated as very serious misconduct. I heard that with pleasure but without surprise. I know it to be the case. I accept it completely, but it does not give any guide as to what happens when the information goes to people outside the department. I am happy to give way to the Minister.

Lord Mackay of Ardbrecknish

I do not want us to be arguing on something about which I do not believe there should be an argument. I think that I made it clear towards the beginning of my remarks that we are concerned about the point the noble Earl is raising, but that Section 123 of the Social Security Administration Act makes it an offence for DSS employees and its contractors to disclose information unlawfully.

Earl Russell

If the Minister had waited for my next sentence he might not have got up. I fully accept that that is the case. My next sentence is to ask how the DSS can know that such a disclosure has taken place when the person is not one of its employees and the disclosure may not in fact give rise to anything that becomes public. I just do not see how he can know. I accept what he says—that he has not found any increased risk to security of data. My question is: how significant is that statement? I cannot help thinking that it is not particularly significant.

The other thing the Minister has totally failed to do is to take the point that relates to Amendment No. 45 in the name of the noble Lord, Lord Carter, and that relates to the distinction between unauthorised disclosure and unlawful use. That is a different point. Unlawful use may be made of the information by someone who is perfectly entitled to possess it, because, after all, these people are not just employees; they are people. They are individuals. When we talk, for example, about the risk to battered women, we should remember that the person employed by the outside contractor, or indeed by the DSS itself, may perfectly well be the ex-husband of the woman who is seeking refuge. If he uses that information for his own purposes—for purposes of revenge—he is not making any unauthorised disclosure, because he is making no disclosure whatsoever. He is making unlawful use of information which he is quite entitled to possess.

There is widespread concern that disclosure should be kept to a minimum. I cannot see that the Minister understands the point. In the hope that he will understand it rather better before we come to Amendment No. 45, I shall ask for the opinion of the Committee.

4.34 p.m.

On Question, Whether the said amendment (No. 2) shall be agreed to?

Their Lordships divided: Contents, 68; Not-Contents, 161.

Division No. 1
Addington, L. Dormand of Easington, L.
Alderdice, L. Elis-Thomas, L.
Beaumont of Whitley, L. Gallacher, L.
Berkeley, L. Glenamara, L.
Blease, L. Gould of Potternewton, B.
Brooks of Tremorfa, L. [Teller.]
Calverley, L. Graham of Edmonton, L.
Carlisle, E. Grey, E.
Carmichael of Kelvingrove, L. Harris of Greenwich, L.
Carter, L. Haskel,L.
Clancarty, E. Hilton of Eggardon, B.
Clinton-Davis, L. Hollis of Heigham, B.
David, B. Hooson, L.
Desai, L. Hughes, L.
Jenkins of Hillhead, L. Redesdale, L.
Jenkins of Putney, L. Richard, L.
Rennet, L. Ritchie of Dundee, L.
Kilbracken, L. Robson of Kiddington, B.
Kirkhill, L. Rochester, L.
Lockwood, B. Russell, E. [Teller.]
Longford, E Sefton of Garston, L
Mclntosh of Haringey, L. Sewel, L.
Mackie of Benshie, L. Shepherd, L.
McNally, L. Stallard, L
Mar and Kellie, E. Stoddart of Swindon, L.
Mason of Barnsley, L. Strabolgi, L.
Taverne, L.
Merlyn-Rees, L. Thomas of Walliswood, B.
Monkswell, L. Thurso, V.
Morns of Castle Morris, L. Tope, L.
Nicol, B. Tordoff, L.
Parry, L. Turner of Camden, B.
Plant of Highfield, L. Wigoder, L.
Ponsonby of Shulbrede, L. Williams of Elvel, L.
Prys-Davies, L. Williams of Mostyn, L.
Aberdare, L. Dixon-Smith, L.
Abinger, L. Dundee, E.
Acton, L. Ellenborough, L.
Addison, V. Elles, B.
Ailsa, M. Elliott of Morpeth, L.
Aldington, L. Eme, E.
Alexander of Tunis, E. Feldman, L.
Allenby of Megiddo, V. Ferrers, E.
Ampthill, L. Flather, B.
Anelay of St. Johns, B. Gage, V.
Archer of Weston-Super-Mare, L. Gainford, L.
Astor of Hever, L. Gibson-Watt, L.
Attlee, E. Gilmour of Craigmillar, L.
Balfour, E. Granard, E.
Barber of Tewkesbury, L. Gray of Contin, L.
Belhaven and Stenton, L. Hacking, L.
Beloff, L. Halsbury, E.
Berners, B. Harding of Petherton, L.
Biddulph, L. Hardinge of Penshurst, L.
Birdwood, L. Harmar-Nicholls, L.
Blaker, L. Harrowby, E.
Blatch, B. Hawke, L.
Boyd-Carpenter, L. Hayhoe, L.
Braine of Wheatiey, L. Henley, L.
Brigstocke, B. Hertford, M.
Brookeborough, V. Holdemess, L.
Brookes, L. HolmPatrick, L.
Brougham and Vaux, L. Hood, V.
Bruntisfield, L. Hooper, B.
Butterfield, L. Howe, E.
Byford, B. Inglewood, L.
Cadman, L. Jenkin of Roding, L.
Campbell of Alloway, L. Johnston of Rockport, L.
Camock, L. Kimball, L.
Chelmsford, V. Kingsland, L.
Chesham, L [Teller.] Kinloss, Ly.
Chorley, L. Kintore, E.
Clanwilliam, E. Lauderdale, E.
Clark of Kempston, L. Layton, L.
Courtown, E. Lindsay, E.
Cox, B. Liverpool, E.
Craig of Radley, L. Long, V.
Cranborne, V. [Lord Privy Seal.] Lucas, L.
Crickhowell, L. Lucas of Chilworth, L.
Cross, V. Luke, L.
Cuckney, L. Lyell, L.
Cumberlege, B. McColl of Dulwich, L.
Davidson, V. McConnell, L.
Dean of Harptree, L. Mackay of Ardbrecknish, L.
Denbigh, E. Mackay of Clashfern, L. (Lord
Denton of Wakefield, B. Chancellor)
Dilhome, V. Mackay of Drumadoon, L.
Marlesford, L. Pym, L.
Marsh, L. Quinton, L.
Merrivale, L. Renton, L.
Mersey, V. Romney, E.
Middleton, L. Saalchi, L.
Miller of Hendon, B. St. Davids, V.
Monckton of Brenchley, V. St John of Bletso, L.
Mottistone, L. Saltoun of Abemethy, Ly.
Mountevans, L. Sandford, L.
Mountgarret, V. Seccombe, B.
Mowbray and Stourton, L. Sharpies, B.
Munster, E. Shaw of Northstead, L.
Murton of Lindisfarne, L. Simon of Glaisdale, L.
Nelson, E. Skelmersdale, L.
Noel-Buxton, L. Strathcarron, L.
Norrie, L. Strathclyde, L. [Teller.]
Northesk, E. Strathcona and Mount Royal, L.
O'Cathain, B. Sudeley, L.
Oppenheim-Bames, B. Taylor of Warwick, L.
Orr-Ewing, L. Tenby, V.
Oxfuird, V. Teviot, L.
Park of Monmouth, B. Thomas of Gwydir, L.
Pearson of Rannoch, L. Trefgame, L.
Peel, E. Trumpington, B.
Pender, L. Westbury, L.
Perry of Southwark, B. Wharton, B.
Pilkington of Oxenford, L. Whitelaw, V.
Platt of Writtle, B. Wilcox, B.
Powis, E. Wynford, L.

Resolved in the negative, and amendment disagreed to accordingly.

4.43 p.m.

Baroness Hollis of Heigham moved Amendment No. 3: Page 1, line 22, at end insert ("or an authority administering housing benefit or council tax benefit").

The noble Baroness said: In moving this amendment, I shall speak also to Amendments Nos. 11 and 23. I can only assume that the numbers who have voted are an exhibition of guilt for the absences of last night. But far be it for me to go beyond that point.

These are probing amendments. I hope the Minister will tell the Committee the way in which local authorities can gain access to information supplied by the Secretary of State under Clauses 1 and 2. As I understand it, as the Bill stands any information going to local authorities may not come direct from the providing authority but must be channelled through the Secretary of State. That is unnecessarily cumbersome. If the clauses contain adequate safeguards for the use of information by the DSS from one government department to another, equally safeguards are in place for the supply of that information to local authorities. For example, any tax information will come only with the expressed approval of the commissioners of Inland Revenue or Customs and Excise and under the terms they specify. Therefore, to insert another stage of bureaucracy, another hurdle—that is, the Secretary of State—seems to us unnecessary.

If the tax authorities do not wish to supply local authorities with information, they need not do so. But if they do wish to, they must first provide it to the DSS which may have no interest in that information but alone is allowed to act as intermediary. That seems to us a cumbersome procedure. It seems to suggest that adding hurdles is to add safeguards whereas we believe that safeguards are more likely to be provided by statutory codes of practice, checks on accuracy, and so on.

In this Bill the Government are seeking to act in partnership with local authorities in the battle against fraud. The Bill provides that the DSS may handle confidential information directly from, for example, the Inland Revenue even though it may have contracted out to a private commercial body the handling of that information. But the local authority, which has kept such work in-house and is therefore more likely to possess a public ethic, is not allowed to do so.

Our second concern is that the more stages information has to go through, the more likely it is that error will creep in. Thirdly, while we accept that, for example, information from the Inland Revenue may be especially sensitive and therefore the Secretary of State may wish to keep some control over it, it is not true of a large swathe of information; for example, national insurance data which is a significant source of information on names, dates of birth and so on for local authorities. And yet that too must be channelled exclusively through the Secretary of State.

We do not understand the Government's thinking and we move the amendment in the hope that the Minister will justify his proposal. I beg to move.

Lord Mackay of Ardbrecknish

These amendments, which were debated and withdrawn in another place, seek to give discretion to the Inland Revenue, Customs and Excise and other government departments to supply certain information which they hold directly to local authorities.

Clauses 1 and 2 provide that the Inland Revenue, Customs and Excise and some other government departments and persons providing services to them may disclose information to the DSS and the Northern Ireland department for use in detecting and preventing social security fraud and for use in checking the accuracy of social security information and, where appropriate, amending or supplementing it.

The proposed Sections 122(3) and 122B(3) provide that information supplied to the DSS in that way shall not be supplied to any other person or body except in limited specified circumstances where it could lawfully have been provided direct under subsection (2) or where it is required in connection with civil or criminal proceedings under the Social Security Contributions and Benefits Act, the Social Security Administration Act and the Jobseekers Act, or their Northern Ireland equivalents, or where the provisions of this Bill would enable it to be supplied to local authorities.

Those provisions for onward supply to local authorities are in the proposed Section 122C of the 1992 Act inserted by Clause 3. We have not yet debated that clause but perhaps I can talk about its effect in the context of these amendments. That may be the most useful way of explaining to the noble Baroness what will be the position as we see it.

As a whole, Section 122C is intended to permit but not require the Secretary of State to supply information which he holds to local authorities for the purposes of their administration of housing and council tax benefit. The provision is similar to the existing provision in Sections 127(1) and 128(1) of the Social Security Administration Act, which this Bill would repeal.

However, where the Secretary of State holds information which has been supplied by the Inland Revenue, Customs and Excise or another government department, under Sections 122 or 122B the supply of that information to local authorities is limited further in that its use by local authorities is restricted to the prevention, detection, investigation and prosecution of offences relating to housing and council tax benefit and to checking the accuracy of information relating to those benefits and, where appropriate, amending or supplementing it.

The amendments propose that the relevant government departments should be able to supply information directly to local authorities for similar purposes to those for which they could supply information to the DSS. While working through the proposals for the Bill, we recognised that some local authorities have asked to be supplied with relevant Inland Revenue information. The report of the Social Security Select Committee on housing benefit recommended that Inland Revenue information be used to help in the prevention and detection of serious social security fraud, especially housing benefit fraud.

We looked carefully at that possibility. As my colleague in another place explained, the Inland Revenue has substantial powers to require individuals to provide certain information about their income, assets and personal circumstances. Action can be taken against those who fail to provide that information or who supply incorrect or incomplete information. In return, the general principle is that such information should be confidential and only used for other purposes where there is an overriding public interest in doing so. It is important that public confidence in that general principle is preserved.

We concluded that it would be in the public interest for Inland Revenue information to be used for the detection of social security fraud and to check the accuracy of social security records. It is possible to do this in conditions of high security as, in fact, we have for the data matching that we already undertake inside the department. We shall then have access to raw information and raw data and that information will be limited to a handful of selected officials. Only once a suspicious inconsistency has been identified would the specific information involved be passed to trained officials for further investigation. Therefore, by ensuring that information from other government departments is supplied just to the DSS, we are ensuring that there is central control and clear lines of accountability over the use of that information within the social security system. Those were matters which rightly concerned Members of the Committee opposite earlier this afternoon.

However, in its use of the data, the DSS will be able to conduct data matching not only to detect fraud in the benefits administered by the Benefits Agency but also housing benefit and council tax benefit administered by local authorities. We already run a housing benefit matching service which can compare housing benefit claim information supplied by local authorities with other information already held in the DSS. In due course, under the provisions already in the Bill, it will be possible for the DSS to match Inland Revenue information with information supplied by local authorities and thereby alert local authorities to specific inconsistencies which need further investigation.

In addition, it is possible that, in the light of experience of a specific operational requirement, there is a case for other instances of onward supply of information as provided for in Section 122C(3) of the 1992 Act. The DSS will have regard to any representations made by the Inland Revenue and local authority associations as to how information is to be supplied as a result of the Bill.

There has been a great deal of interest in allowing local authorities to have the information direct. We have carefully considered whether there might be overriding advantages in such an arrangement but have concluded that there are not. The amount of fraud left to be detected by local authorities using data matching techniques, after the DSS has already processed the same set of information, would duplicate the effort for very little, if any, additional rewards. At the same time, because of the large number of local authorities involved, a much wider range of people would have access to the raw information. We do not consider that the extra degree of disclosure and the extra risk of leakage is justified by the potential increase in the detection of fraud over and above what the housing benefit matching service could achieve.

I appreciate the point made by the noble Baroness about the need for local authorities to be able to take advantage of the information that we receive. However, when we have completed the data matching, then, within our fairly secure, one-site tight team, we shall, via the housing benefit matching service, be able to help local authorities in data matching. It will be done on one site. I cannot remember how many local authorities there are in the country. However, if we can provide a reasonable method to enable those authorities to receive the assistance and help data matching can bring to them, I believe that it is best that we do so through the central DSS system and that we do not encourage or allow the setting up of many small data-matching services all over the country.

Earlier this afternoon, Members of the Committee were concerned about the question of security in such matters. I believe that that is one of the balances. I also believe that the system gives us the right balance and that it gives local authorities the help and assistance that they rightly wish and require so as to help them root out fraud in housing benefit. With those assurances regarding the importance that we attach to helping local authorities in that regard, I hope that the noble Baroness will feel able to withdraw her amendment.

Lord Carter

Before my noble friend decides what to do with the amendment, I should like to mention an interesting point that has just occurred to me. I was struck by the words "a suspicious inconsistency" which the Minister used. So far as concerns personal taxation, the Inland Revenue is now going over to the new system of self-assessment which, to put it at its kindest, is not being introduced without its problems. Can the Minister say whether the department is entirely satisfied with the data matching where the information has been provided by the Inland Revenue through self-assessment? Is it not the case that many suspicious inconsistencies will come to light, simply because the people who are filling in such forms do not have the first idea as to what they are actually doing? I happen to know that that is so in many cases.

Lord Mackay of Ardbrecknish

I believe that takes us a little wide of the Bill's provisions. However, I understand that the Inland Revenue accepts that there will be teething troubles on self-assessment. Nevertheless, given its clientele it is believed that self-assessment will work. I do not know whether the noble Lord, Lord Carter, is aware of the penalties involved for supplying incorrect information but I should point out to him that they are fairly significant. They will be a considerable incentive in ensuring that people fill in the self-assessment forms both accurately and correctly. But that is a matter for the Inland Revenue.

In the light of possible inconsistencies in the data of the Inland Revenue, I believe I am being asked whether that would increase our problem. We must cross that bridge when we come to it. It is to be hoped that the Inland Revenue will be able to resolve the difficulties in self-assessment and that it will work perfectly well, as I understand it does in many other parts of the world. Therefore, the problem should not arise. Of course, there can be inconsistencies both ways, even in the current system. Provisions will be put in place to allow for such inconsistencies to be dealt with, whichever way they occur.

Baroness Hollis of Heigham

The Minister's answer to my noble friend's question on self-assessment has added to our worries. The vagueness, if I may put it that way, of the Minister's response on the matter suggests that he may actually share some of our concerns. I do not understand from what the Minister said how the system will work. We are talking about something like 400 local authorities some of which, especially the big metropolitan authorities—for example, Birmingham, or some of the London boroughs—are extremely anxious to chase six, eight or 10 landlords whom they believe are fraudulently claiming on behalf of tenants. It is suspected that the income they are receiving is not reflected in the tenancies that they claim to have.

Therefore, does that mean that, each time a local authority wants to find out information about a particular landlord and the declared income in order to check it against the consistency of the direct payments of housing benefit, it will first have to ask the DSS? Such local authorities are acting almost as a surrogate police force in cases where, as the Minister accepts, confidentiality and speed may be of the essence to ensure that landlords are not tipped off and do not clean up their act in various ways before that fraud can be identified, prosecuted and the moneys recovered for the public purse.

If, say, 400, 200 or 100 of the most diligent local authorities want information, for example from the Inland Revenue, about the finances of a number of landlords and perhaps a number of tenants in their authority, and each of those requests has to be channelled via the DSS before it can proceed to the Inland Revenue, what will happen to the timescale? What extra staff will the DSS have to employ? How long does the Minister think it will take for that information to be provided to local authorities to enable them to complete their files before they can initiate prosecutions? It seems to me that the Minister is introducing considerable delays which may well subvert the possibility of local authorities putting together an effective case against fraud.

5 p.m.

Lord Mackay of Ardbrecknish

I am not entirely sure that the noble Baroness understands the distinction between data matching and exploring an individual case. The point about data matching is that all the data the Inland Revenue holds is matched against the data the Benefits Agency holds. We compare and contrast that data and inconsistencies will emerge, some of which—although not all, as we shall discuss later—will reveal fraud or suspected fraud which skilled officers will follow up. That is what data matching comprises. Given the reservations the noble Baroness had as regards her first amendment about the security of data matching and how it will be carried out, I find it odd that she thinks it would be helpful if the data matching were to be carried out by some 400 authorities and 400 data matching centres.

The housing benefit matching service, which is run by us, is the agency local authorities will look to for any information it has. That housing benefit matching service will use information from the Inland Revenue, Customs and Excise and other government departments under the proposals we have set out. Therefore, the housing benefit matching service will have that information once we have completed the data matching and pulled the information in. That is where local authorities will be able to look for that information. They would not need to approach the Inland Revenue; they would follow the track already used for other purposes, not just pursuing fraud but for checking whether someone is on income support, for example. The housing benefit matching service allows them to do that. I cannot see how that process would lead to any delay, as the noble Baroness suggests, because the information we have gleaned from the Revenue will be on our file—I am making it sound as if it is a paper system which of course it is not—and that will then be accessed by local authorities via the housing benefit matching service. They will obtain their information that way.

Baroness Turner of Camden

Before the Minister sits down, will the system he has described—a new one, so far as I can see, to be set up under this legislation—require additional staff to be employed? Or does he envisage that it can all be done on a computerised system with fewer staff than are employed at the moment? Will the new system be more costly in terms of staff employment or less?

Lord Mackay of Ardbrecknish

I am not entirely sure that I can give the noble Baroness a detailed answer. The housing benefit matching service will have the staff it requires to run it. Of course it is a computer based system and therefore it will not require vast numbers of staff as it is not equivalent to a paper based system. However, there will be staff involved. We have budgeted for those staff. As, I believe, we shall be able to save staff in other parts of the department through our use of IT, some of those staff will be available to do this other work. We have already moved staff around to deal with fraud.

Baroness Hollis of Heigham

I suspect there is a gap of understanding between us. As I understand the Minister, it is clear that, where there are discrepancies emerging between the Inland Revenue and the DSS files, skilled and experienced officers will identify that and consider whether it suggests there is sufficient suspicion to investigate further. That is fine. What happens, however, if it is not the DSS that has that suspicion but local authorities? The local authorities then have to apply to the DSS to carry out the matching for someone whom I presume was not part of the original matching exercise. If that is what will happen when concerns are instigated by a local authority, does not that simply add considerable delay to the whole process?

Lord Mackay of Ardbrecknish

I think the noble Baroness is perhaps not completely following how the data matching will work. If that is my fault I apologise as I thought I had tried to explain it earlier. Human intervention will occur only once the data have been matched and the computer system has thrown up an inconsistency. If there is no inconsistency, nothing will happen. If there is an inconsistency, it will be thrown out, as it were, and people will have to examine it. If the inconsistency is clearly an error, that can be cleared up quite readily. However, if it seems to be a more serious problem, it will be taken up by the district in which the person lives and, if necessary, by the fraud officers there. That is how it will work.

When local authorities use the housing benefit matching service the same sort of operation will occur. They will see where inconsistencies arise. The machine will examine those inconsistencies. We are talking about data matching. The noble Baroness is talking about a situation where a local authority says, "We think this man, Joe Bloggs, is doing something wrong. What information do you have on him?" That is where the benefit matching service comes into play, and they can do that.

Baroness Hollis of Heigham

What can they do?

Lord Mackay of Ardbrecknish

They can ask the housing benefit matching service, "What do you have on this guy?" That will, of course, have to be done electronically. That way they can obtain the information which we hold centrally—some of that information has come from the Inland Revenue and Customs and Excise—and that will allow them to continue with their specific investigations. In those cases we believe that on balance it is right that we hold that information because otherwise every local authority in the country would have to set up data matching services which would be expensive. The noble Baroness, Lady Turner, was worried about that.

In the limited number of cases where local authorities need specific tax information with regard to a specific investigation they can see what information we have. We have to guard against what I think are called in legal terms "fishing expeditions". The noble Baroness would rightly castigate me if I was seen to be allowing fishing expeditions. Data matching is quite different from the kind of case which the noble Baroness is suggesting to me where a local authority has a suspicion. Data matching may throw up cases where a local authority has had no suspicion at all. That is its great strength.

Baroness Hollis of Heigham

I do not dissent from much of the intent of what the Government are saying. From what the Minister is saying there is not a problem if a discrepancy emerges between the files of, say, the Inland Revenue or Customs and Excise and the DSS files. There may be no discrepancy there and therefore there may be no problem perceived by the DSS and therefore no interrogation is taking place. I have tried to suggest—perhaps the Minister can help us with a worked example—that a problem arises where a local authority has a suspicion of fraud which may be based to some degree on data matching but can only be proven or abandoned once the exercise of data matching has been completed.

In other words, the transaction between, say, the Inland Revenue and the DSS throws up no discrepancies. Therefore that box, so to speak, is tidy as there are no discrepancies there. Starting at the other end, however, a local authority, which is at the cutting edge and is doing the door to door stuff checking with the electoral register and the like, has information which seems to suggest that a landlord is claiming for more housing benefit and more properties than he may hold. Therefore, it seems that there may be some fraudulent laundering of income associated with that. That may not have been thrown up through any relationship between the Inland Revenue and the DSS but the local authority has a well founded suspicion. It therefore wants to obtain information from the Inland Revenue. To do so it must first go to the DSS, knock on the door and ask the DSS to interrogate the Inland Revenue to see whether the well founded suspicion of the local authority is validated by the information the Revenue may hold.

That is the dilemma that I put to the Minister. I entirely understand his anxieties about confidentiality. I am concerned that in the process we are building in a period of delay as a result of which the local authority may lose its ability to hold someone accountable for fraud.

Lord Mackay of Ardbrecknish

We are either at cross-purposes or I am confused and not understanding clearly what the noble Baroness says. There is a huge difference between data matching, which is what we are discussing here—the ability of the department to data match with the Inland Revenue, and so on—and the ability of local authorities then to data match with the department through the system I mentioned. That is not information sought on a one-off basis; it is continuous. A huge amount of data comes into the data matching centre. It runs the data through, corrects and cleans the data, and picks up any inconsistencies. It will be the same for local authorities.

In seeking to be helpful, I think that I understand the noble Baroness's point. We intend to have discussions between ourselves, local authorities and tax authorities to see what we can do about individual cases which are outwith data matching. The noble Baroness raises questions that are not within what I understand, perhaps wrongly, to be the concept of data matching in which great batches of data are matched. She is looking for a little detective work on one individual case which has arisen for an entirely different reason. If it has arisen thanks to data matching, she does not have a problem.

I understand the points she makes. We intend to have discussions with local authority people and the tax authorities to see what we need to do in individual cases. I hope that with my assurance that that will occur, and that we are as aware of the problem she raises as she is and do not wish to inhibit local authorities from finding people who are conducting multiple fraud against the system, we can leave these amendments.

Baroness Hollis of Heigham

I thank the Minister. He understands my concern. The whole point of data matching is to detect fraud. It is not an abstract, intellectual exercise to see whether systems mesh and whether the detail is accurate. The concern with accuracy is to deter and detect fraud. If that fraud has arisen because there is clear and perceived incompatibilities between two files, two bodies of information, that will be a straightforward exercise. However, it will often not occur like that in practice. In practice, the detection of fraud will come from local authorities, from door to door work, by knocking on doors, checking electoral registers, and the like. It is not a fishing exercise but an exercise to check whether well-founded suspicions are validated by other sources of information held by other departments such as the Inland Revenue. Those can then be checked through the data matching exercise. Data matching is not an end in itself but a tool in the detection of fraud.

The Minister shares our concerns. If departments have to go via the DSS every time they wish to use data matching as a tool to see whether the suspicions of fraud are validated, it will produce delays. However, I take the Minister's assurance that there will be further consultations. I assure him that in practice that is how local authorities are likely to continue to work. That is why we put forward these probing amendments. I beg leave to withdraw the amendment.

Amendment, by leave, withdrawn.

5.15 p.m.

Earl Russell moved Amendment No. 4: Page 1, line 24, at end insert ("but in any case where that information relates to a particular individual only in circumstances where there is doubt about that individual's entitlement to benefit").

The noble Earl said: In moving Amendment No. 4, I speak also to Amendment No. 12 which makes the identical point in a different context.

The amendments seek to provide that where information is being supplied which relates to a particular individual, it should be done, only in circumstances where there is doubt about that individual's entitlement to benefit.

I heard with considerable optimism what the Minister said about not wanting fishing expeditions. That is precisely what the amendment is intended to prevent. It is intended to ensure that where information is collected about someone to check on the accuracy of his claim to benefit, it should be as the result of a pre-existing suspicion about his entitlement. There is a good legal reason for it. In my understanding—I admit it is that of an amateur—it would do something to ensure that the provisions of the Bill are within our legal international obligations. Under Article 8 of the European Convention on Human Rights a right is laid down for respect for private and family life, home and correspondence, and that, there shall be no interference by public authority with the exercise of this right except … as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others".

In a case in the European Court of Human Rights, which we are told will be brought as soon as this Bill reaches the statute book, the Government must rely on one of those exceptions under Article 8(2). There are several on which they might optimistically rely and on which they might possibly win. But the Government know that they are often optimistic in relation to their chances in the Court. The obvious ground on which they should rely is the prevention of crime. It is an objective which this Bill clearly has, an objective which we all share, and an objective whose legality under the European Convention is unquestionable. In my submission, that would be the sensible way for the Government to approach the case when it is brought.

The Minister made the point just now that the data matching exercise may throw up evidence against someone against whom there has been no previous suspicion. It may throw up information of all kinds. We are sadly familiar these days with the way information, not in itself criminal, consistently finds its way into the newspapers. A number of Conservative Members of Parliament have learnt of that to their sorrow and to my great regret. To have information floating around the place creates risks. There is no guarantee under the provisions of the Bill that any information collected under its provisions is collected for the purposes of fighting crime.

If the amendment were accepted, and it was necessary to show a ground of suspicion before the DSS could access a person's data, under the wording of the European Convention, and, I understand, the case law under it, the Government's safety would be materially increased. I should have thought that that was in their interests, in the interests of anyone else whoever they may be who might sit in their shoes in future, and in the interests of the reputation of this country as a whole. I beg to move.

Baroness Turner of Camden

I support the amendment. I have listened carefully to what the noble Earl said. It seems a civilised and humane amendment. I share the views already expressed by my noble friends on the Front Bench.

We have to take steps to ensure that taxpayers' money is not wasted and not subject to fraud. That is what the Bill is all about. On the other hand, when the Bill was first mooted, and before I considered it in detail, I was most anxious that we did not have a snooper's charter. That would be a rather unpleasant measure; people could be informed upon by neighbours and individuals investigated as a result of that kind of information. I also share the view expressed by the noble Earl: we have a press that is anxious to exploit fallacious details. We have had in recent times plenty of evidence of leaks of unauthorised information of which the press have made much.

The amendment would assist in "humanising" this piece of legislation. As I said, I am against fraud. I do not want to see public money frittered away and subject to fraudulent usage. On the other hand, we are talking about individuals who in the main are vulnerable; otherwise they would not be on benefits in the first place. We have an obligation to ensure that they are treated in a civilised fashion. I support the amendment.

Lord Mackay of Ardbrecknish

We have had an interesting short debate. I have noted, as the noble Earl tells me, that we are to be taken to court immediately the Bill is enacted. I just wonder how he possibly knows that, especially as the High Court of Parliament will have determined and enacted the Bill.

Earl Russell

A press release to that effect has been put out by Liberty and reported in the daily press. The Minister might be wise to take that seriously. I do not know whether it is true, but it perfectly well might be.

Lord Mackay of Ardbrecknish

I do take it seriously that people continuously try to take us to the European Court. I believe that we have a reasonable and proper defence against any attempt that they might make. As I said earlier, we believe that our Bill is fully in line with the data directives. However, perhaps I might explain the Bill. It seems to me that if I am to bow to a threat like that from Liberty, then Parliament might as well pack up for ever.

Lord Carter

If the Minister has not seen the press release, how does he know that he has a good defence?

Lord Mackay of Ardbrecknish

I have not seen the press release, but I know that Liberty has put out something about the Bill. In fact, I quoted it in my introductory remarks this afternoon. It takes the view that the balance is so much in favour of individual liberty that no effort should be made on data matching. However, I do not subscribe to that; and as I understand it neither does the party opposite. I choose the singular this time quite deliberately. I believe that it does not agree with that; it agrees with data matching and that we should use the modern tools that are at our command to prevent fraud.

The new section—

Earl Russell

If I might save the time of the Committee, data matching is not in issue. The question is whether it is undertaken for a legally acceptable purpose.

Lord Mackay of Ardbrecknish

That is exactly what the Bill does. It states clearly for what purpose data matching will be allowed; namely, the search for social security fraud. I should have thought that that would come well within any European legislation.

I turn to new Section 122, which will allow the Inland Revenue and HM Customs and Excise to supply information to the Department of Social Security for use in the prevention, detection, investigation and prosecution of social security offences and for use in checking the accuracy of social security records. The Government have made it clear that we intend to use this power, and similar ones elsewhere in the Bill, to conduct a data matching exercise to identify inconsistencies between the information already held by the DSS and that held by other government departments.

In data matching, it is the identification of an inconsistency which will constitute the first indication of potential fraud, and which will lead to further investigation. It is inherent in the concept of data matching that these inconsistencies are not known in advance of the exercise taking place: each set of data about an individual may be consistent within itself; but it is only by comparing individual sets of data that indications of fraud can be found.

But in order for the DSS to perform the data matching exercise the relevant information must first have been disclosed by the tax authorities to the DSS. That disclosure and the first comparison of data will take place under highly secure conditions, in a single site using specially trained staff and well-defined criteria for identifying inconsistencies. The computer system will be programmed to compare the two sets of information looking for cases where specific relevant information about the same person is in both sets of information and where there is a discrepancy between them—in other words, the information on one database appears to contradict the information on the other. However, it is only inconsistencies which are referred for further checking and investigation. Where an individual's data is consistent, or where data about the individual is held in only one of the sets, then quite clearly no further action would be needed.

The importance of data matching is that it will allow the detection of frauds in cases which have not otherwise aroused suspicion. The effect of the noble Earl's amendment would appear to be to restrict disclosure of information, and so the input to the data matching process, to information where there was already suspicion. But these are the very cases which we do not need data matching to find—they have already been found, and they are probably already under investigation.

The second amendment affects the new Section 122A of the Social Security Administration Act. It largely re-enacts, with some amendment and for uses relating to national insurance contributions, the provisions in the existing Section 122 for the Inland Revenue to supply information to the Department of Social Security, to the Northern Ireland department and to those providing services to them. The continuation of this power is necessary to allow the Inland Revenue and the Contributions Agency to share responsibility for the administration and collection of employees' national insurance contributions. The Contributions Agency also collects Class 2 contributions from self-employed people and the Inland Revenue collects their Class 4 contributions. The provision is also used in other areas (for example, certain child benefit cases which involve earned income which is not subject to UK income tax) to authorise the disclosure of Inland Revenue information.

Limiting this power to cases where there was a suspicion of benefit fraud would mean, in practice, that the Inland Revenue could not inform the DSS of national insurance contributions which had been collected with income tax. There would have to be separate assessment and collection systems for income tax and national insurance. We should have to separate the collection systems currently operated by the Inland Revenue for Class 4 contributions. For many employers and most employees that would double the number of forms they had to complete and need several thousand extra civil servants in order to set up an entirely different system. It would be a nonsensical "double whammy" for business—more forms and more public expenditure.

I hope we can all agree on the need for new approaches in our fight against social security fraud, and I hope that we can also all agree that data matching is of enormous potential value as a weapon in that war. The very fact that would-be fraudsters know that they can no longer tell different stories to different parts of government with impunity will deter many; and we hope to catch many of those who are not deterred.

I hope that explains what data matching would do. I hope that it explains what these amendments would do. They would not in fact allow us to data match. The very essence of data matching is that there are no suspicions. Even worse, we should have to dismantle the whole relationship between the Contributions Agency and the Inland Revenue. I am sure that that was not the noble Earl's intention; however, it would be the unintended consequence of his amendment. I hope that with those explanations the noble Earl will be able to withdraw his amendment.

Earl Russell

Before I respond to the Minister's arguments, I wonder whether I might ask him to clear up one matter which I hope is a misunderstanding. It is a point that I may have misunderstood or, I hope, may have misheard. If I heard the Minister aright, he said of the possibility of the European Court of Human Rights finding against us that if that were to happen Parliament might as well pack up and go home. The Minister may perhaps remember that our adherence to that convention was largely the work of the late Lord Kilmuir, whose respect for our sovereignty has been a matter of a good deal of recent exchange in the national press. He was a good Conservative and a loyal British subject. The House was recently reminded—

Lord Mackay of Ardbrecknish

I do not want the noble Earl to go on about this matter. I jest. I am sorry that the noble Earl does not even see the laughter on my face sometimes.

Earl Russell

I am extremely relieved to hear it. However, I do not think it is awfully good idea to jest about the law. As for the rest of the Minister's reply, it reminds me of an exchange I once had with a senior colleague, who proved a number of things using an extremely dicey series of data. I proved that the data did not prove his point. He sent in a reply and I asked the editor of the journal what it said. He answered: "How do these pernickety people ever expect me to prove anything?" That is roughly the gist of the Minister's reply to me.

The Minister argued the virtues of the technique he is using and said how inconvenient it would be if he were not able to do what he wanted. That is the reply of the driver caught driving at 50 miles an hour in a built-up area. I must confess to having once made such a reply myself—the only conviction on my record, I may say. I was late for work. If the Minister feels like that, I can understand it. But we have subscribed to the convention. The Minister says he has a good defence, and I am prepared to believe it, but perhaps he could tell me, before I decide what to do with the amendment, under which head of Article 8(2) that defence is to be offered. It would materially assist me in deciding how the Bill needs amending in order to bring it into line with our international legal obligations.

There are, of course, a great many other data which will come from social security, as well as benefit data. Data from the CSA may come up which may disclose all kinds of things about a public figure which that figure may not wish to have disclosed. (The Minister is obviously consulting the ceiling in the hope of finding an answer.) I want an answer to the question and I hope the Committee will forgive me for delaying proceedings a little while until we get it, because it will materially assist our debate.

I do not believe that it is the work of any serious legislature to accept that we have international obligations and then to make no attempt to keep them. If it is inconvenient to the Minister, I can understand and even sympathise with it to a material degree. But if it is the law, it is the law; and if it is the law, we must keep it. If the Minister has an answer, I should like to hear it.

5.30 p.m.

Lord Mackay of Ardbrecknish

I have said about three times that we believe that what the Bill does is totally consistent with the EU directive. I also indicated—and, indeed, it was one of my defences against having a statutory code—that a non-statutory code would allow us to make any changes to the code we may need to make when we come to consider the legislation necessary to enact the directive. That is the position.

However, we are talking about the amendments. The point I make is that, if the noble Earl means his amendments, then they prevent data matching. That is the essential point I was trying to make. If he also means his second amendment, we shall have to dismantle the whole current relationship between the Inland Revenue and the Contributions Agency. I have heard nothing from the noble Earl to suggest that that is not what he means, but it is what would happen if he were to put the amendment to a vote and if the Committee were to accept it. As Members of the Committee have clearly indicated that they approve of data matching, I do not believe that the amendments can be allowed to pass because they would make data matching, as it is understood and as I have explained it, quite impossible. I hope that helps the noble Earl.

Earl Russell

I do not see any inconsistency in saying: "I accept an objective if it is legal but not if it is not". I asked the Minister a specific question, to which he ought to have an answer: under which head of Article 8(2) of the European Convention on Human Rights does he believe he has a good defence? If he can answer that, we can progress.

Lord Mackay of Ardbrecknish

I have already explained that I believe that we have our defences. If Liberty takes us to court eventually, we shall pray the defences then.

Earl Russell

Is the Minister admitting that he does not know under which head the defence is to be offered? If so, I do not see how he can get the drafting of the Bill right.

Lord Mackay of Ardbrecknish

At the risk of going over it all again, the point about the two amendments has everything to do with data matching. The amendments say that you are not allowed to data match unless there is doubt, going back to the specific words, about the "individual's entitlement to benefit". We do not know about that until the data matching is complete. I do not know how many times I shall have to make the point about the two amendments.

I also made the point, which I repeat, that I am sure that the noble Earl is not trying to tell me that the European Court of Human Rights is going to challenge our right to collect contributions from Class 4 contributors and their taxes simultaneously and that the Inland Revenue will then give information to the Contributions Agency about the individual's Class 4 contributions. I hear nothing from the noble Earl to suggest that he does not agree with the proposition contained in his amendment.

We must address the amendments before the Committee and not go off on European Court of Human Rights issues. If the noble Earl wishes to put down amendments about that, he is free to do so and he ought to do so. However, I am trying to address the amendments and what they would do to the Bill. I have explained what they would do and I do not honestly think that the noble Earl would have much support if he wanted to limit data matching to a minor extent, to a small amount of data matching which would be allowed under the noble Earl's amendments.

On the more general point, Article 8(2) provides a number of justifications for any interference with privacy under paragraph (1) of the article. As I said earlier three times, we are satisfied that the activities under the Bill will meet the justifications. I do not think it is any secret that the prevention of crime seems to provide a pretty good justification. However, we may also in the DSS seek reliance on the economic well-being of the country and perhaps of others. I mentioned one other earlier. Those are the kind of grounds, and I shall not specify them further. The amendments before us would be extremely damaging to the principle of data matching.

Earl Russell

I am grateful to the Minister for giving me that reply. I am sorry that I had to prolong the time of the Committee in order to obtain it. Now that I have got it, I am happy to withdraw my amendment, and I beg leave to do so.

Amendment, by leave, withdrawn.

The Deputy Chairman of Committees (Viscount Davidson)

Before calling Amendment No. 5, I should point out that if it is agreed to, I cannot call Amendment No. 6.

Earl Russell moved Amendment No. 5: Page 1, line 25, leave out from beginning to end of line 2 on page 2.

The noble Earl said: This amendment deals with a related point on which I shall not need to expand again. We are dealing with the question of whether what we are doing is in accord with Article 8 of the European convention, whether it is restricted to the purpose of fighting crime or whether, as the Minister suggested, it may be for the economic well-being of the country. I should be interested to hear him develop the case.

I am not convinced that matching the accuracy of data is a convention purpose. I am not an expert in the matter; I am ready to be corrected. If the Minister believes that I am wrong in not being so convinced, I should be grateful if he would tell me why. I beg to move.

Lord Mackay of Ardbrecknish

The amendments seek to limit the uses which could be made of information supplied by the tax authorities or other government departments under provisions introduced by Clauses 1 and 2 of the Bill. They would also limit the uses which could be made of the information supplied by one local authority to another, which is an important aspect in countering landlord and landlord and tenant joint benefit fraud.

The Government agree that it is important that, where information is supplied under the powers in the Bill, the uses to which it can be put should be explicit, precise and necessary. In the case of information supplied by the tax authorities or other government departments or from one local authority to another, the Bill specifies on the face of it that the information may be used for only two purposes: the prevention, detection, investigation and prosecution of offences relating to social security; and the checking of the accuracy of social security information and, where appropriate, amending or supplementing it. Where the use is by a local authority, the use is further and quite properly limited in the application of those purposes to housing benefit and council tax benefit, which are the only social security benefits administered by local authorities. The value of the first purpose is obvious and I have already explained that we believe that it makes it entirely consistent with the European convention. It enables relevant information from another source to be used to prevent and detect benefit fraud. By comparing the information used to calculate benefit entitlement with relevant information from another source, it is expected that some people who are committing fraud will be caught—and that many others who might contemplate fraud will be deterred.

However, the second purpose for which information supplied can be used is also important. There are three reasons. First, data matching does not itself detect fraud. All that it does is show that there is an inconsistency between two sets of data about the same subject. An inconsistency might be indicative of fraud; but it also might simply be that one of the sets of data is inaccurate, out of date or incomplete. Further manual checking, and where necessary investigation, will show which it is. Where the inconsistency is due to inaccurate or incomplete data, it seems to me clearly right that the data should be amended or supplemented so that they are correct. One of the important things about data held on all of us is that they should at least be correct. Many people worry that in fact they may not be correct. So I feel that it is absolutely sensible that when we find that the data are incorrect, we should have the power to correct them. That will ensure that the individual's benefit affairs are handled more accurately in the future and will prevent the inconsistency appearing again in any subsequent data matching.

Secondly, even where there is no immediate suspicion of fraud, there is a legitimate public interest in ensuring that social security records are accurate. They are used as the basis for payments amounting, as I said earlier, to around 30 per cent. of public expenditure and embody present and future entitlements for many millions of people. Accurate and reliable data make it much more likely that attempted frauds will be detected; conversely there are ways in which fraudsters can exploit incorrect or out-of-date social security records to perpetrate new frauds.

Thirdly, the ability to check and, where appropriate, amend or supplement social security information will help ensure that social security authorities conform with the fifth data protection principle set out in Schedule 1 to the Data Protection Act: Personal data shall be accurate and, where necessary, kept up to date". It is hard to believe that there is any legitimate interest in an individual having incorrect data in his or her social security record. Incorrect data can lead to errors in payments or in the handling of current or future claims if they are in a contributions record; and may lead to an individual wrongly coming under suspicion of fraud. We have heard much about the individual's right to privacy. But it is hard to believe that the man or woman in the street would place much value on "the right to have wrong information held about them". Indeed, other amendments tabled from the Benches opposite seek to extend the provisions for the correction of inaccurate information.

The noble Earl's amendments would leave social security authorities without the power to correct data that they knew to be wrong. That would be an absurd position and the public would regard it as nonsense. The amendments would prevent the use of data from tax authorities and other government departments to improve the accuracy of social security records, allowing opportunities for fraudsters and errors in handling the cases of bona fide claimants.

I hope that the noble Earl will see that the powers in the Bill are necessary, proportionate and in the public interest and—harking back to his theme—that these are protections under Article 8(2).

Earl Russell

More and more the Minister reminds me of me defending myself to the constable when I was speeding on the way to work. Facing an argument of legality, he comes back with an argument of convenience. I can see that it is convenient to be able to do what he suggests, just as it was convenient for me to get to work on time, if I could. But it does not make it legal. If he wishes, the Minister is welcome to hold the opinion that the law is an ass. That opinion has been held before and will be held again.

Lord Mackay of Ardbrecknish

I am not saying that at all. The noble Earl must not put words into my mouth. I said this very clearly. I quoted the law. The fifth data protection principle set out in Schedule 1 to the Data Protection Act states: Personal data shall be accurate and, where necessary, kept up to date". That is what this power would allow us to do, arising out of data matching. I do not think that it has any comparison with the noble Earl going at 50 miles an hour.

Earl Russell

The Minister brings me exactly to the next point that I intended to make. I accept his point about the data protection principles. But that is no defence under the European Convention on Human Rights. It may be justifiable under one thing but illegal under another, just like a great many other acts that we perform from day to day.

In the end, the Minister's justification of checking the accuracy of data depended on convenience. It was not an argument of legality, except in the one and single point of prevention of crime, which is agreed ground between us. But in that case the Minister's ground has covered too much, for he could rely entirely on subsection (2)(a): for use in the prevention, detection, investigation or prosecution of offences relating to social security". In that case, there would be no use for paragraph (b): for use in checking the accuracy of information". Is that power for the prevention of crime? If it is for the prevention of crime, why is not paragraph (a) enough? Why do we need paragraph (b) as well? Maybe the Minister can explain.

Lord Mackay of Ardbrecknish

To be honest, I believe that I have explained. I am not sure whether the noble Earl is going back and saying that we should not have these powers to data match for the prevention and detection of benefit fraud. It seems perfectly clear to me at least, and I believe to all noble Lords and even to the noble Earl, who earlier indicated that he was not opposed to direct matching. The prevention and detection of benefit fraud is clearly in the public interest. Tackling such fraud and keeping our records up to date provide essential safeguards against wasteful public expenditure, safeguards which contribute to the economic well-being of us all. Where it is necessary to undertake activities under these powers, those activities will be carefully designed to achieve such public interest objectives.

I am well aware of the fact that an opinion of Mr. Richard Drabble, QC, has been published. We have seen that opinion. There is nothing in it which persuades us that we need to change our views. We are satisfied that the proposals in the Bill and our plans for using these powers comply with the obligations imposed under the convention. We have specified on the face of the Bill the sort of information that we shall be seeking and the clear specific purposes. I believe that it is perfectly consistent. In fact, I also believe that it is common sense. Is the noble Earl saying that we should match the data and if we find inconsistencies but they are not fraud, then we should not do anything and not make any attempt to correct the data? I thought I said earlier that I thought the public would think that that was nonsense. I certainly would think that it was nonsense.

I believe that I am interrupting the noble Earl rather than the other way around.

Earl Russell

The Minister is now trying to put words into my mouth. I am perfectly happy to accept that purpose if it is a legal one. If the Minister can show me a good reason why it is a legal purpose, I shall accept it. I do not assert for a fact that what we propose is contrary to the European convention. I merely ask the Minister to demonstrate that it is not. He has signally failed to do that.

It has genuinely shocked me that the Minister, though satisfied—as Ministers ex officio always are—has come before the Committee having completely failed to do his homework on an argument that he knew perfectly well he was about to meet. He has not stopped to think whether or not what he proposes is in accord with the European convention. There may be a perfectly good argument to be made on his side of the Committee. He has not stopped to try to work it out. He merely says how awfully inconvenient it would be if that were true. That has been the argument of breakers of the law from time immemorial. It is a group that I would not wish to see us join. In the hope that before we return to these issues on Thursday the Government will be better prepared with legal answers, I shall ask the opinion of the Committee.

5.50 p.m.

On Question, Whether the said amendment (No. 5) shall be agreed to?

Their Lordships divided: Contents, 50; Not-Contents, 139.

Division No. 2
Addington, L. [Teller.] Falkland, V.
Alderdice, L. Fitt, L.
Ashley of Stoke, L. Geraint, L.
Barnett, L. Glenamara, L.
Beaumont of Whitley, L. Gould of Pottemewton, B.
Berkeley, L. Grey, E.
Blease, L. Harris of Greenwich, L.
Borne, L. Hooson, L.
Broadbridge, L. Hughes, L.
Calverley, L. Jeger, B.
Carlisle, E. Jenkins of Hillhead. L.
Clancarty, E. Jenkins of Putney, L.
Desai, L. Kennet, L.
Elis-Thomas, L. Kilbracken, L.
KirkhilLL. Sefton of Garston, L.
Lockwood, B. Shepherd, L.
Mclntosh of Haringey, L. Simon, V.
Mackie of Benshie, L. Stoddart of Swindon, L.
McNair, L. Thomas of Walliswood, B.
Mar and Kellie, E. Thomson of Monifieth, L.
Merlyn-Rees, L. Thurso, V.
Parry, L. Tordoff, L.
Redesdale, L. Turner of Camden, B.
Ritchie of Dundee, L. Wallace of Saltaire, L.
Russell, E. [Teller.] Whitty, L.
Abinger, L. Hardinge of Penshurst, L.
Acton, L. Harmar-Nicholls, L.
Addison, V. Harrowby, E.
Aldington, L. Hayhoe, L.
Alexander of Tunis, E. Henley, L.
Allenby of Megiddo, V. Holderness, L.
AmpthiU, L. HolmPatrick, L.
Anelay of St. Johns, B. Hooper, B.
Archer of Weston-Super-Mare, L. Howe, E.
Astor of Hever, L. Inglewood, L.
Attlee, E. Jellicoe, E.
Balfour, E. Johnston of Rockport, L.
Barber of Tewkesbury, L. Kimball, L.
Belhaven and Stenton, L. Kintore, E.
Belstead, L. Lauderdale, E.
Bemers, B. Lawrence, L.
Biddulph, L. Lindsay, E.
Blaker, L. Liverpool, E.
Blatch, B. Long, V.
Boyd-Carpenter, L. Lucas, L.
Braine of Wheatley, L. Lucas of Chilworth, L.
Brigstocke, B. Luke, L.
Brookeborough, V. Lyell, L.
Brookes, L. McColl of Dulwich, L.
Brougham and Vaux, L. McConnell, L.
Byford, B. Mackay of Ardbrecknish, L.
Cadman, L. Mackay of Drumadoon, L.
Campbell of Alloway, L. Marlesford, L.
Campbell of Croy, L. Marsh, L.
Camock, L. Massereene and Ferrard, V.
Chesham, L. [Teller.] Merrivale, L.
Chorley, L. Mersey, V.
Clanwilliam, E. Miller of Hendon, B.
Clark of Kempston, L. Milverton, L.
Courtown, E. Monckton of Brenchley, V.
Craig of Radley, L. Motristone, L.
Craigavon, V. Mountevans, L.
Cranbome, V. [Lord Privy Seal.] Mowbray and Stourton, L.
Crickhowell, L. Munster, E.
Cross, V. Murton of Lindisfame, L.
Cuckney, L. Napier and Ettrick, L.
Cumberlege, B. Nelson, E.
Dean of Harptree, L. Nome, L.
Denbigh, E. Northboume, L.
Denton of Wakefield, B. Northesk, E.
Dixon-Smith, L. O'Cathain, B.
Dundee, E. Oppenheim-Barnes, B.
Eccles of Moulton, B. Pearson of Rannoch, L.
Eden of Winton, L. Pender, L.
Ellenborough, L. Perry of Southwark, B.
Elliott of Morpeth, L. Pym, L.
Elton, L. Quinton, L.
Feldman, L. Rankeillour, L.
Ferrers, E. Reay, L.
Gainsborough, E. Renton, L.
Gardner of Parkes, B. Romney, E.
Granard, E. St Davids, V.
Gray of Contin, L. Saltoun of Abernethy, Ly.
Greenway, L. Seccombe, B.
Griffiths of Fforestfach, L. Sharpies, B.
Hacking, L. Shaw of Northstead, L.
Harding of Petherton, L. Skelmersdale, L.
Stevens of Ludgate, L. Thomas of Gwydir, L.
Stewartby, L. Trumpington, B.
Strathcarron, L. Wharton, B.
Whitelaw, V.
Strathclyde, L. [Teller.] Wilcox, B.
Strathcona and Mount Royal, L. Wise, L.
Swinfen, L. Wynford, L.
Taylor of Warwick, L. Young, B.

Resolved in the negative, and amendment disagreed to accordingly.

5.58 p.m.

Baroness Hollis moved Amendment No. 6: Page 1, line 26, after ("checking") insert ("eligibility for benefit entitlement,").

The noble Baroness said: In moving Amendment No. 6, I shall speak also to Amendment No. 57 in the names of my noble friend Lord Carter and myself. The amendments concern eligibility for benefit and its entitlement.

We all believe that to claim benefit to which one is not entitled is at best an error and at worst fraud and should be stopped. But I hope we also believe the other side of that statement—that is, that not to claim benefit to which one is entitled is also unacceptable unless there is good reason for someone not to wish to do so.

Our belief is that, when people fail to claim benefit to which they are entitled, it is usually through a mixture of lack of information or lack of access to the system. Universally-targeted benefits which are not income related—for example, child benefit or the basic state pension—have almost a complete 100 per cent. take-up. As a result, they are cheap and easy to administer and there is relatively little fraud—though my faith in that statement was slightly shaken by the recent loss of 76,000 birth certificates, which one suspects may inflate fraudulent child benefit claims.

For the most part, we know that those entitled to claim universally-targeted benefits do so, and those who are not entitled to claim do not. We know also that inevitably with income-related benefits—that is, those that are means tested—there is a high level of error, both overpayment and underpayment as well as outright fraud.

Under this Government, since 1979, means-tested benefits as a proportion of DSS expenditure have gone up from around 10 per cent. to around 35 per cent. of our social security payments. We have seen JSA reduce contributory insurance from 12 months down to six months; we have seen the increasing dependence of the elderly—pensioners—on income support; we have seen private sector housing rents deregulated and council house rents forced up by withdrawal of subsidy, and in consequence the growth of housing benefit; and we have seen a deregulation of the labour market, the growth of part-time insecure low-paid work and, therefore, in consequence, a growth of in work benefits such as family credit.

The Government have moved to means-tested benefits. But, as we know, in terms of systems, means-tested benefits carry a heavy price. First, means-tested benefits invite fraud: the minicab driver or the casual building labourer who fails to declare his earnings and continues to claim benefit; or the lone parent whose boyfriend moves in and possibly moves out but who continues to claim as a single parent. This Bill, after all, is a recognition of the fraud that accompanies DSS benefits such as housing benefit and council tax benefit. We do not condone it, but we recognise that it is the shadow side of means testing.

The second problem with means testing is that it invites error. There are complicated rules which vary from benefit to benefit as to what capital a claimant may possess, what income the spouse may have, whether an adult child is living at home and what disregards are taken with that, and what level of disregard of earnings is brought into play before there is a pound for pound benefit penalty. All of these complicated rules lead, understandably, to error both by the department and by the claimant, which leads, on the one hand, to underpayment and, on the other hand, to overpayment. As a result, the problems surrounding the Child Support Agency are notorious. Until recently, barely half its calculations were accurate. Indeed the National Audit Office, the Government's auditors, more than a year ago formally qualified its accounts. If that had happened to a local authority, the Government would have dragged its name through the mire.

The latest 1996–97 mid-year reports from the CSA suggest that accuracy rates are now running at between 75 and 80 per cent. That improvement is to be welcomed, but it is still far short of satisfactory. On the other hand, the Government's own accuracy in delivering, for example, income support appears to have fallen quite sharply. Their quality support figures, confirmed by the sampling of the National Audit Office, show that just over three-quarters of income support payments are probably accurate but nearly a quarter are inaccurate and that the scale of that inaccuracy is quite large—perhaps £750 million on a budget of about £11 billion for income support alone.

We can guess the reason in part as a mixture of the complexity of benefit rules and changes in circumstances—for example, over direct payment on mortgages—but also the deliberate cutting back of home visits from around 6 million under the Labour Government to barely 500,000 until recently, which means it is impossible to check on the accuracy of information received. But we also know that means testing generates a third problem, which is the failure to claim. I am trying to suggest that all of these are structural problems associated with the Government's deliberate policy of extending income-related benefits at the expense of contributory benefits. The number who fail to claim the amount of benefit which they need but fail to obtain are equally worrying. We know that one of the weakest benefits in that respect is family credit. Only 69 per cent. of those eligible for family credit claim it. Around 80 per cent. of lone parents claim it, but barely only 60 per cent. of couples claim family credit. For both lone parents and for couples the average sum unclaimed was more than £23 a week; and that by a quarter of a million young families struggling on very low incomes, sometimes under £100 a week.

Equally worrying is the failure to claim income support. Again, single parents, where it is often for them the sole source of income, have a relatively high take-up, which we welcome, which is 95 per cent., but only some 60 per cent. of pensioners claim the income support they are entitled to claim to top up their state pension. That is barely over half. The average sum those pensioners on basic state pensions fail to claim is £14 a week, and at the same time they lose their entitlement to passported benefits such as cold weather payments, worth another £8 a week. One-and-a-half million pensioners claim what they are entitled to claim but almost a million do not.

Council tax benefit has a similar profile. Perhaps 90 per cent. or more of lone parents claim it but probably less than 70 per cent. of pensioners claim it, and there is a lower figure still when one breaks it down for owner occupiers. Those who get it are for the most part those who live in local authority housing where there is an automatic entitlement. Housing benefit has a similar pattern—a high take-up by lone parents but a relatively lower take-up by pensioners. Again, for those living in local authority housing where there is an automatic entitlement, because you pay your net rent, and not gross rent, and then have to claim, there is virtually a complete take-up.

These statistics, which are the other side of the fraud/error debate, are very striking. It is not true, as is too often peddled—even by government—that people do not claim benefit because the sums are too small to be bothered with. On the contrary, we are talking about very large sums indeed which very poor people are entitled to claim but are not doing so. The average amount of unclaimed family credit is £23 a week. In some case that represents an addition to income of nearly 50 per cent. The average sum unclaimed for income support pensioners is some £14 a week.

Nor, as the Secretary of State stated in another place, is the claiming of benefit a matter of personal choice and there will always be those who choose not to make a claim. That is the washing of hands with—I was going to say "a vengeance"—considerable complacency. To say that 40 per cent. of pensioners who live below the poverty line do not claim income support as a matter of personal choice—a choice to go without £14 a week and therefore to go without heating in their homes—is absurd. They need that money, they are not getting it, they are going without warmth—sometimes, alas, without food—and their health and wellbeing suffer because of the complexity of the benefit, the ignorance of the potential claimant and sometimes the stigma attached to it.

However, the other thing we learn from these statistics is that where benefit is automatically delivered, as with local authority housing benefit, by virtue of information technology, so that pensioners pay a rent net of housing benefit being applied to it, there is almost a complete delivery of benefit. That is the point that we want to establish. At the moment, between £2 billion and £3 billion on those four benefits alone is unclaimed—disproportionately by pensioners—yet we know that where the benefit can be delivered semi-automatically, as with the housing benefit case, claimants are glad to receive it and take it up.

Under the Bill the new information technology makes all of that possible. If it is right to use data and information from a variety of sources to identify those who are defrauding the system, it must be equally right to use that same information to identify those who are entitled to benefit and to assist them in claiming it. These amendments argue that data matching should be used not just to deter fraud, which we support, but to increase take up.

We know that housing benefit is sometimes claimed by people who do not receive income support, but should do, and could therefore be used to deliver it, especially to those who live in council property. Equally, one could use council tax benefit to passport income support to pensioners in privately owned houses; for example, the widow whose occupational pension virtually died with her husband. Home care benefit claims could be used to identify potential entitlement to attendance allowance, and so on. Add to that the information which the DSS and the IR will hold at life changing events, such as reaching pension age, bereavement or admission to residential care, and one can see that there is a whole amount of information available in a non-intrusive way which would allow the delivery of benefit. Access to Inland Revenue records in particular, which the Bill would permit, would allow thousands to obtain benefit which currently they do not. In addition, if we combine that with additional home visits and the restoration of the helpline or similar services, we might then ensure that people did not languish in poverty.

People are entitled by law to these basic income supports, yet consistently over the past few years the Government have knocked away the props, ladders, leaflets and information by which they would learn of them. We believe that the Government, therefore, have a duty to ensure that benefit is obtained by those who are entitled to it. The new information technology means that, even when we are dealing with income-related benefits, it is possible to target those people, such as couples on family credit and pensioners on income support, who are eligible and deliver the benefit to them. I repeat: if we use IT and data matching to withdraw benefit from those who are not entitled to it, we can be equally clear that we can use it for those who are entitled to it and in the course of that float hundreds of thousands of people off poverty. I beg to move.

Baroness Turner of Camden

I support the amendment moved by my noble friend Lady Hollis. I have in my hand a leaflet issued by Age Concern which fully supports everything that she has said about the position of pensioners. The leaflet states: Around 1 billion unclaimed benefits. Have you claimed yours?". It tells the pensioners whom Age Concern aims to support that they should find out if they can claim. The leaflet also states: Claim what's rightfully yours. Complicated forms [should not] put you off claiming". And, of course, such forms do. I have seen some of them and they are incredibly complicated for often elderly and infirm people to deal with. The leaflet also says: Remember there's no shame attached to claiming what is rightfully yours". I believe that it is fairly clear that many elderly people feel a certain amount of shame in claiming benefits which are not those which they get automatically but are in some way means tested or income related. For those reasons it is essential that we should look in this Bill not just at preventing fraud—which is the main purpose of it—but, since the new technology which it is intended to use will enable people who are entitled to benefit but who for one reason or another are not claiming it to be identified—it is a shame that they are not because many people are living in penury and they should not be doing so because they could make claims and they are entitled to the money—we should make use of IT also for that purpose.

An organisation like Age Concern is a charity which does admirable work for elderly people. It is urging people to claim what is rightfully theirs. The campaign that Age Concern is conducting is headed in the leaflet "Your Rights Week", and that is from 5th to 11th April 1997. I hope that the campaign that it has embarked on will encourage a number of people who have not hitherto claimed to think about doing so. This Bill gives us the opportunity, as my noble friend has said, to identify people who would not to be in penury if they were having the benefit to which they are entitled. I therefore commend this amendment to the Committee.

6.15 p.m.

Baroness Gould of Potternewton

I rise to make a few brief comments in support of this amendment, principally because I am concerned about the environment in which people who are entitled to assistance do not seek it. This is not in any way to condone those who deliberately attempt to defraud the system. The position of the I million pensioners is a clear example of how data matching can ensure that they receive the benefits that they are entitled to. Benefits are not a charity but an entitlement that should be delivered to all those who are genuinely in need, be they sick, disabled or pensioners. We should run the system in a way that makes it clear that benefits are not charity.

We have at the moment an atmosphere in which it is almost a stigma to claim benefits. That has emerged over recent years. But there are other reasons, as my noble friend Lady Hollis said, why people do not claim benefit. The complexity of the process and the cumbersome forms that have to be completed make it difficult for many people to know not only their entitlement—which benefit they might qualify for—but how to go about claiming it. Even the explanatory forms are complex.

Simplicity and assistance are crucial. As has been said, IT can provide data matching and the opportunity to make it possible for people to be assisted in claiming their entitlement. Surely that must be right.

Initial claims for benefits usually follow a major and often traumatic change in someone's circumstances. Examples include redundancy, unemployment, widowhood, illness disability, taking up caring responsibilities or admission to residential or nursing homes. The complexity of the system is illustrated by the fact that benefits have to be claimed on different forms from different agencies, including different branches of the Benefits Agency, the housing department and the council tax section of the local authority.

Different benefits are awarded for different lengths of time and the requirements for reporting change of circumstance also vary. For example, there is no requirement to report a change in income if a person is in receipt of disability living allowance, but there is such an obligation for those claiming housing benefit. It is all too easy for people to be genuinely confused, resulting all too often in their giving up and not making the claim to which they are entitled and of which they might be in need.

It is always difficult to talk about personal things in public. But I have had the unhappy task of completing these forms on behalf of a member of my family. It took many hours and was daunting not only because of the many pages that had to be completed but also because of the phrasing of the questions and their repetitive nature. The wording of the forms makes one almost scared that one might be writing something which is not correct. That must put off an enormous number of people who have difficulty in following such complexity.

Fortunately, we were able to keep copies, which is not a facility open to many people. Three months later we had to go through the same process all over again. The information had to be updated so it could not be copied absolutely. But it was useful to know whether the claimant's name was fully spelt out or whether we just put "Flat 1" or "Ground Floor Flat" on the address—factors which would have further delayed the benefit or perhaps even had it refused.

But having gone through that process, claims for benefits can take weeks or longer to process, and even then there is no way that the claimant is absolutely sure that the final decision is accurate; that they are receiving the correct level of benefit. One has to rely on the qualification and suitability of the staff employed. Having talked to many of them over the telephone, I have enormous sympathy for them because they have the unenviable task of weaving their way through this complex process.

Again, from experience, complications do arise. For instance in the case that I mentioned, two letters arrived on two consecutive days showing different amounts of entitlement, followed by a tax claim based on a further figure. By making these many phone calls we were able to ascertain that none of these amounts was correct, and finally the correct figure was determined—at least, we assume it is the correct figure because it is the one that seems to have stayed with us. But can the Committee imagine how difficult it must be for somebody who is elderly, sick or living alone to have to go through that process in order to be able to make a claim? The whole process is a nightmare and must be sorted out.

In May 1995 the Public Accounts Committee offered severe strictures to the department for its performance in relation to the severe disability premium, as some 24,000 people had had to wait for many years for claims. Even after these errors had been drawn to the attention of the department, it took another three years to put matters right. Data matching would have made that process simpler and the people concerned would have got their benefits much sooner.

Inefficient administration will facilitate fraud as well as preventing take-up being increased. I appreciate that we shall come to the question of administration later, but one cannot separate it from the whole question of entitlement. We need to tackle fraud. Defrauding the system takes money that could be used to help those in need of assistance. Had those two aims been brought together, we would have had a much fairer Bill. Acceptance of this amendment would achieve that.

Lord Mackay of Ardbrecknish

The amendments seek to widen the uses to which information received under the provisions of the Bill may be put to include identifying people who have not claimed a benefit to which it appears that they may be entitled. I am not entirely sure how the noble Baroness would answer the questions that have been put to me in the past two or three hours by the noble Earl about what defence might be offered to an ECHR challenge in this regard, but I shall not pursue that—

Baroness Hollis of Heigham

I am happy to answer it.

Lord Mackay of Ardbrecknish

I shall not pursue that, but shall turn instead to the main purpose of the amendment, which is targeted at pensioners who are not claiming income support or housing benefit and which tries to identify them through data matching. That would allow benefit entitlements to be identified and assessed without any involvement from the individual concerned, using information held or gathered under the provisions of the Bill. The noble Baroness, Lady Gould of Potternewton, took that a step further. If I heard her correctly, she seemed to envisage a situation where claimants would not even have to complete an application form. The problem with that is that it presupposes that all the necessary data is held on a data bank—and that would not necessarily be the case.

Baroness Gould of Potternewton

I hope that I never gave the impression that one should not have to fill in forms. Of course people have to do that, but it would all be very much simpler if there were some cross-referencing between all the organisations responsible for such claims and if those organisations actually talked to each other. At the moment they do not do that and that makes the whole process much more complicated than it need be.

Lord Mackay of Ardbrecknish

I do not want to get drawn into an argument about that aspect, but I suspect that although the data matching and cross-referencing may be used for checking purposes, I do not think that it could replace the need for somebody to complete a form and say that the facts were true and that they therefore applied for the relevant benefit.

The amendment is based on two suppositions: first, that it is technically possible in all cases to make the identifications envisaged by the amendment and, secondly, that identifying potential entitlement in this way would in fact lead to greatly increased take-up of benefits particularly among pensioners. Both the suppositions are, I believe, wrong.

There is a large degree of overlap between income support and housing benefit, which naturally we currently exploit to streamline administration: people who claim income support also receive information and claim forms for housing benefit and council tax benefit, and they are encouraged to claim, if appropriate. In the opposite direction, our guidance to local authorities encourages them to take action to make all claimants who appear to have a potential entitlement to income support aware of the help that may be available to them from the Benefits Agency. A large number of local authorities have software available to automate this. But the overlap is not 100 per cent.: for example, there are questions about liability for housing costs and suitability of accommodation which have to be addressed with the specialist knowledge of local authority housing benefit departments and possibly the independent rent officer service; they are not appropriate to the DSS.

The assessment of entitlement to income-related benefits is a complex and specialised business which requires accurate and detailed information about a person's circumstances on the one hand, and their income and capital on the other. If it were possible to get all that information from other sources, rather than collecting it ourselves, it would be greatly to the benefit of my department's administration budget. But unfortunately, it is not possible.

While the Inland Revenue holds a great deal of information on people's financial circumstances, there is also a great deal that it does not hold, and large numbers of people about whom it may not hold information—such as non-taxpayers, which the less well off pensioners are likely to be. It holds information about income from earnings and savings on which tax is paid or against which repayments of tax are claimed, but it does not hold information about non-taxable income or assets, such as low earnings from part-time jobs, financial support from a charity or from family, and savings such as premium bonds, TESSAs, national savings certificates, and "granny bonds". This is exactly the type of income which many pensioners are likely to have, and which is critical to the assessment of entitlement to income-related benefits.

Customs and Excise holds information about people and businesses that are registered for VAT, but not about traders who are unregistered—for example, if the business is so small or part-time that it is below the VAT threshold. Again, it is people at that end of the spectrum who would be more likely to qualify for benefits like housing benefit or family credit, but data from Customs and Excise would not identify them.

In addition, information about non-dependants, co-habiting partners and other household members, which is relevant to benefit entitlement, cannot be obtained from the Inland Revenue, Customs and Excise or from other government departments.

So, any attempt to identify potential entitlements would be a very hit-and-miss affair. It would certainly miss many people on very low incomes and it would certainly find many who were not entitled because it had failed to take account of a source of income or capital. That carries the very real danger of raising false expectations, which in the end does nothing more than leave people bewildered and somewhat aggrieved that the Government should invite a claim only to turn it down. That is neither helpful nor kind; nor is it a sensible way to use our resources.

The Government already make a great deal of effort to make the public aware of the benefits available. We believe it is a better use of resources to ensure that information about benefit entitlement is freely available in the public domain and this is what we do. Information about social security benefits and the conditions of entitlement to these benefits is widely available to the public from Benefits Agency offices, local authorities and welfare rights organisations. In addition, leaflets explaining benefit rules are available in post offices and libraries throughout the country, and the state retirement pension order book contains notes advising pensioners about other benefits, including income support and housing benefit. People whose benefits are paid directly into their bank or building society accounts by automated credit transfer receive annual copies of those notes.

The decision whether to claim is a matter for the individual, and we believe the emphasis should be on making information widely available to help people to make an informed choice. People have many, sometimes complicated, reasons for the decisions they take. To insist that every failure to take up benefit is a failure on the part of the Government is simply wrong. The process of claiming income support or housing benefit is not complicated. It can normally be done by post. As I have said, help is available from our offices, from local authority offices in the case of housing benefit, and from many other sources such as the citizens advice bureaux for those people who need such advice. The important point is that the help is there for those who need it.

I agree with both noble Baronesses that we want to ensure that benefit goes to those who need it, but I do not believe that the means envisaged by this amendment are the right way to go about it. The exercise is not nearly as straightforward as some Members of the Committee seem to believe. The Inland Revenue and Customs and Excise simply do not have the information that we need to form an even half-way decent guess about a person's entitlement. We believe that providing the information on which people can make their own choices is a far sounder approach.

There is an existing provision which allows for information on income support to be exchanged between the Benefits Agency and local authorities and that will continue under the Bill. Income support claim forms contain an invitation to the income support claimants to indicate whether they wish to claim housing benefit and/or council tax benefit. As I have said, there are leaflets and many sources of information which can help people to claim benefit if they need it. The DSS and, its agencies take extensive action to publicise the wide range of benefits available. I believe that as between 90 and 96 per cent. of people choose to take up their entitlement to housing benefit that is an indication of the successful way in which we spread information relating to these benefits.

6.30 p.m.

Baroness Hollis of Heigham

Perhaps the noble Lord will give way. I thought that I had addressed that point. The reason housing benefit is one of the benefits that, though income related, has a high take up is that the rented sector is still dominated by local authority housing and there is automatic entitlement to housing benefit from the records held by the local authority. Therefore, there is automatic delivery. People do not have to claim housing benefit after they have paid their rent. They pay their rent net. For most pensioners that means a nil rent. I spent some time in my introductory remarks trying to draw a distinction between the delivery of benefits which were semi-automatic by virtue of IT, which is the case with local authority housing benefit, and other forms of benefit where information technology was not in place.

Lord Mackay of Ardbrecknish

I believe that people still have to indicate that they wish to be considered for housing benefit. A person may be living in a local authority house and have a perfectly adequate income. I do not believe that such a person will get housing benefit automatically. There must be some trigger point at which people who know that housing benefit exists go along to pay their rent for the first time, or perhaps the first time after circumstances have changed, and say, "I would like to apply for housing benefit". But the great majority of people who require benefit get it. I believe that the right way to go about advancing the number of people who receive benefit is to ensure that we have in place the systems in the various places that I have mentioned: DSS offices and post offices. For example, very many pensioners will go to post offices for their pensions—they are likely to be the ones who are most in need of income support—and all the information and leaflets will be there.

I believe that it is oversimplistic to believe that a data matching exercise can throw up the kind of data that provides a reasonable system for pulling out those people who may be eligible for benefit but who have not claimed. I do not believe that that is a very sensible way of going about it. It would add a further complication to data matching and would not deliver the results that the noble Baroness would like. I believe that we should continue the campaigns that we already run to persuade people. I believe that the great majority of people take up the benefits to which they are entitled. As I have said before—I am aware that the noble Baroness does not approve—obviously there are some people who are aware of it but have decided for a number of reasons, whatever they may be, including private reasons, not to claim. I believe that it would be quite wrong for us to take a Big Brother (or perhaps Big Sister) approach and say, "From our data matching we have discovered that you should be claiming. Please fill in this form." I do not believe that that is a sensible way to proceed.

Lord Carter

Perhaps the Minister can assist on one aspect. Presumably, when the DSS agrees its budget with the Treasury every year in the public expenditure round it must include a figure which represents its expectation of the take-up of benefit. I remember reading that almost invariably the take-up has undershot the estimate. What is the figure that the DSS persuades the Treasury that it will pay and how much does it actually pay?

Lord Mackay of Ardbrecknish

I am not sure that I have to hand the precise figures to answer the noble Lord's question. Certainly, it is true that we tend to underestimate what the demand will be in the subsequent year. We always honour our obligations and pay up. We hope that one of the advantages of the BA/POCL system, the automated card system and new payments system will be that we will be in a better position with more accurate information to make more accurate forecasts in order to get the calculations right. I am trying to work out how that advances the noble Lord's argument. He suggests that more people will apply than we believe will apply. I do not believe that it is anything like that.

Lord Carter

If the noble Lord relies on everything that is said in this Chamber to advance the argument he will be very disappointed. I remember reading that the department estimates the expenditure on benefits. Obviously, to do that it must estimate the percentage take up. However, I believe that the actual take up is almost invariably less than that. Therefore, within the budget of the DSS a greater sum is allocated than is spent on those benefits.

Lord Mackay of Ardbrecknish

It is some time since I looked at it. However, I believe that the opposite is true. The accusation has been made against us that we invariably underestimate how much money we will need in the following year. I believe that that is the exact opposite of what the noble Lord has just said.

Baroness Hollis of Heigham

I believe that there is a difference between level of claims and the demographic effects on the DSS budget. The Minister's reply was rather more diffident than we have come to expect of him, possibly because he believes that we have a better case than his brief allows him to express.

I should like to pick up two particular points referred to by the Minister. First, he said that this was a complicated activity, that it would not do what we said it would do and therefore it was not worth doing. Secondly, he said that in any case the Government were already doing it so nothing further was necessary. There was a minor inconsistency between those two positions, but I do not suppose that that will embarrass the Minister. Dealing first with the question of benefit entitlement, no one on this side of the Chamber suggests that overnight with information technology complete take up can be achieved. What we are saying is that with consent and within the framework of the law—which is what this Bill gives us the opportunity to do—we can use information technology to make considerable inroads into the very real levels of under-claiming that I tried to identify from the Government's own DSS statistics.

For example, council tax benefit is claimed by approximately 5.5 million people annually. If when the particular form is filled in the person is asked for his consent to use that information for other benefits, research suggests that it will permit us to identify at least 70 per cent.—no more—of those pensioners who currently do not claim income support to which they are entitled, because the structures of those benefits are analogous and so there is an obvious difference in capital rules. That will allow us to passport them in a fairly straightforward way without sending them through the hoops, so graphically described by my noble friend Lady Gould, of further form filling with all of its attendant intimidation, complexities and problems.

Without claiming that IT can deliver 100 per cent., we suggest that this Bill provides us with an opportunity to tackle and identify not only the very real problems of fraud or error but the very real problems of under-claiming. We had hoped that the Minister might have accepted that IT was intelligent enough (if I may put it that way) to allow that to happen.

The Minister's second argument was that the Government were already doing everything reasonably possible to make benefits known and therefore for anyone who did not claim it was a matter of personal choice. That is rubbish, and the Minister should know it. This comes from a government that has dropped home visits which are one sure way of ensuring that people, particularly pensioners who may be housebound and fairly frail, know what they are entitled to. This was a government that dropped the help line and in the same month opened the fraud line. Why? The reason was that too many people—three million a year—were using it.

The Government have the effrontery to say that they are doing everything possible. This is a government that under Project Change has cut the number of offices so that one has to collect or find out the details of one's benefit by telephone. One knows that on average one claimant in three does not have a telephone. Therefore, potential claimants have to queue up at a public telephone, possibly in the rain, and put coins into it, with their toddlers in tow. We then expect them to obtain accurate information about their level of benefit. They may be kept on hold for 20 minutes because the benefit line is engaged. This is a government that tell us that they are doing everything possible when they have made this and many other changes that have created a series of hurdles for people who are among the most vulnerable, least self-confident and least educated to overcome.

On a personal note, if my noble friend Lady Gould, who is as competent and able a woman as the Committee will know, has difficulty in handling these forms on behalf of a member of her family, and is sufficiently aware that she must obtain advice as to the accuracy of the information she provides when filling them in, how can an old age pensioner or someone for whom English is not a first language, or someone with other kinds of difficulties, be expected to cope? We should be using information technology not just to deter fraud—which we should—but as a window of opportunity to reach those who should claim, would like to claim but do not claim for a mixture of reasons, not simply as a matter of personal choice. The reason may be fear, intimidation, ignorance or the fact that the person is housebound.

We should use information technology and rejoice in the opportunity it gives us to ensure that the welfare state helps those who need it as well as removing benefit from those who do not. I am disappointed in the Minister's response, but I am sure we shall return to this issue. I beg leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Lord Carter moved Amendment No. 7: Page 2, line 2, at end insert ("; or () for use in assessing the suitability of staff employed for the purposes of administering social security benefits.").

The noble Lord said: I beg to move Amendment No. 7 and I shall speak also to Amendments Nos. 25 and 34. All the amendments deal with the same point. They are to allow information supplied to be used in assessing the suitability of staff employed to administer housing and council tax benefit.

Amendment No. 7 relates to Clause 1, which deals with information held by tax authorities. Amendment No. 25 relates to Clause 2 which deals with other government information—passports, immigration, emigration, nationality or prisoners, or any other matter which is prescribed—with which we shall be dealing in a later amendment. Amendment No. 34 relates to Clause 3 which deals with housing or council tax benefit.

If accepted the amendments would ensure that government departments and local authorities would be able to use the information obtained under the Bill to assess the suitability of applicants for posts concerned with the administration of social security benefits. There is some evidence that organised fraudsters are deliberately targeting those types of employment to give them access to inside information which would assist them in the commission of a fraud.

The amendments are intended to explore the extent to which information that government departments make available under the Bill could be used to assess the suitability of applicants for posts in the administration of social security benefits. The scope of the amendments reflects the concerns about which we have been told by local government, that organised and criminal elements have targeted the benefit system by having people recruited into the administration of, for example, housing benefit. Local authorities which feel that they are the targets of such organised criminal activities want to take prudent measures to protect themselves against such infiltration. It is clearly a major problem for the system if there is insider fraud as well as fraud perpetrated by landlords and others outside.

We can all agree that if people in the system are not of the highest integrity, obviously problems can arise. They could obtain and use data for the wrong purpose. They are also best placed to benefit financially from making up phantom claims and claimants. The amendments make it clear that data could be used to assess the suitability of staff employed, as I have said, in the administration of those benefits.

I do not attempt to minimise the concerns which such an approach must raise. It is in the nature of clampdowns on housing benefit and other fraud that we create a category of people in the statistics who have allegedly committed fraud, but who have been charged with and convicted of no crime. It is understandable that, in cases other than those of organised crime, the emphasis in the system is on the stopping of fraudulent payments, not on dragging individuals before the court.

Of course a local authority may not want to employ someone who apparently has a record of housing benefit fraud against it or any other local authority. We should however be concerned about people being ruled out of employment for supposedly committing fraud when they have never been convicted of a crime, and the allegations have never been tested in court. That underlines the sensitivity of the amendment. We all recognise that checks and balances are required.

It would be helpful if the Minister would explain his understanding of the current position and how information could be used to enable local authorities and the department to protect themselves against organised fraud. The discussion provides a useful opportunity to find out from the Minister the extent of internal fraud in the system. Does the department have figures on what it thinks might be the extent of organised fraud? Obviously undetected fraud is, by definition, unknowable. Presumably the department has some idea of how much it thinks might be attempted through organised fraud by individuals or more than one person inside the system. We accept that the vast majority (99.9 per cent.) of people who work in the social security system and the Benefits Agency are doing a good job.

For the record, it would be helpful to know the extent to which there have been problems of fraud in the system, and whether the department has an estimate of that. We believe it to be reasonable to raise this issue in the context of the Bill to ensure that we recognise that the possibility of fraud exists not just on the part of claimants. It would be helpful were the Committee to be told the position on internal fraud. I beg to move.

6.45 p.m.

The Earl of Balfour

I am worried about the amendment. I feel that it will have the effect of restricting the employment of persons who have a low grade leaving school certificate. We have to think of the young apprentice going into a firm to learn whatever it may be. Many of us when we start working in an office, or anywhere else, may be stupid, but we should at least be given a chance to get started. I have a horrible feeling that the amendment would restrict the young, not very well educated, person from getting started in life. That is undesirable.

Lord Carter

Perhaps I may intervene. I am not sure that the noble Earl has quite understood the matter. I am sure that it is my fault and due to the way I explained it. The amendment is designed only to use the information which is collected under the Bill (the data matching, and all the rest) to see whether it would lead to determining whether people who are being employed are engaged in fraud. It is not intended to deal with the level of learning of the people joining the department or local authorities to do the job. It is only intended to allow information which is supplied under the Bill, through the data matching, to be used not just to check up on claimants, but to assess the suitability of staff who are employed to administer housing and council tax benefit. That is all.

The Earl of Balfour

Perhaps I may come back for a moment. Surely that is the supervisor's job. He has to be properly qualified. I was thinking of the other end of the scale, but fair enough.

Lord Mackay of Ardbrecknish

The amendments seek to extend the provisions in the Bill on the uses to which information supplied by the tax authorities and other government departments to the DSS and the Northern Ireland department may be put. It is worth reminding ourselves that some of the other government information relates to passports, immigration, emigration and nationality or prisoners. The amendments would allow the departments to use the information provided by those other government departments to check the suitability of staff employed for the purposes of administering social security benefits. They would also allow us to pass the information to local authorities administering housing or council tax benefit in order that they could use it to check the suitability of staff they employed on benefit work. The amendment does not specify what the criteria for assessing "suitability" might be, although I think I understand the point that the noble Lord is trying to make.

Although I do not have the figures to hand, there are some high profile cases of serious fraud which are conducted thanks to someone inside the system being either the leader of the fraud or one of the parties involved—someone who has, so to speak, been planted, inside the Benefits Agency local office usually, to help create the multiple identities or whatever it is that these fraudsters use in order to get money.

The problem can be a difficult one, of which we are well aware. We are well aware of the profile of the kind of person who often turns out to be an offender. We have a system of checks in place as part of our recruitment procedures, because it may be a major problem—I do not want to overstate it, because there are many parts of the country that it will never happen—especially in big cities, where anonymity is one of the cloaks behind which the crook can hide, which are obviously places which are open to this kind of "entryism" if I may call it that.

We check on recruitment. We check on a candidate's nationality, character, educational qualifications—to which my noble friend referred—and employment history before he is appointed. Of course, that is done with the authority of the candidate. Detailed guidance is issued to staff dealing with appointments as to how to carry out those checks, which will include checks with other government departments in cases where there is reason to doubt the veracity of information provided by the candidate or where potentially adverse information comes to light; for example, from a personal referee.

There are well-established procedures for making those checks. To carry out further checks against information held by some other government departments would be unlikely to provide additional advantages. The person trying to get in in order to perpetrate the fraud will have done his very best to make sure that his tracks are covered so that our investigations will not turn up anything which would cause us suspicion.

Of course, as the Committee will be aware, the Police Bill, which we debated recently, includes proposals for improving access to criminal record information for employment and related purposes. We do not have any control over local authority staff and appointments are a matter for the local authorities. But I am confident that all responsible local authorities will also apply checks to satisfy themselves about the suitability of their staff. We have no evidence to suggest that additional powers are needed in that area.

Where work is contracted out to a third party, the department and the local authorities will wish to satisfy themselves as to the probity of the contracting party and its security procedures before signing the contract. It is also normal practice to ensure that the contract reflects adequate arrangements for security, including the quality and probity of the staff appointed.

Perhaps I may give an example to the Committee. The contract which we signed recently with ICL Pathway for the administration of the benefit payment card system made specific provision not only for contractual responsibility for the confidentiality of benefit information but also the procedure used by Pathway to vet its staff needed to be approved by the DSS.

The provisions in the Bill are already adequate to allow the use of information supplied under the Bill from other government departments to detect internal as well as external fraud. Moreover, we already have a full range of procedures for checking the suitability of staff. We do not believe that this extra provision would add anything of real significance to our armoury. The amendment would give an extremely limited amount of extra help, and that would perhaps be disproportionate to the effort and additional bureaucracy involved.

While I suggest to the noble Lord that we should not expand the use that we make of this data—that would not be wise or helpful—I do not wish him to have any doubts as to our awareness of the problems that we have with "entryism"—people coming in and seeking jobs in order to place themselves in an insider position to commit fraud. We are well aware of that. People who do the recruiting inside the department watch very carefully for that. Also, our internal auditors are always mindful of the problems which can arise if somebody inside the system decides to conspire with someone outside to defraud the department. Therefore, I should not wish the noble Lord to think that we are complacent about the matter. However, I do not think that the additional powers which he suggests we should take would balance out the problem that we have as regards data held on people, the use we make of that data and the privacy aspect.

Lord Carter

I am grateful to the Minister for that reply. Until he came to his last few sentences, I was going to say that it was a panglossian reply—that it was the best in the best of all possible worlds. He was half there. I am not sure whether it was "Pan" or "Glossian".

The Minister did not say whether the department has any idea of the extent of internal fraud. Does it have figures for internal fraud?

Lord Mackay of Ardbrecknish

As the noble Lord said, it is difficult to estimate undetected fraud. I am sure that we have figures to show the amount of internal fraud which we detect. I do not have those figures to hand. I know that our various spotlights have been extremely successful in detecting fraud. Not a great deal of that fraud, but the odd bit of it, will be internal. There was a high profile case recently in London when somebody inside the system was involved in a major fraud which we detected thanks to a diligent member of staff who thought, "Something funny is going on here", and alerted the proper authorities. The matter was pursued in that way. I shall check to see whether we have figures and write to the noble Lord about that.

Lord Carter

I am extremely grateful to the Minister. While he was speaking, I thought about the inspector of taxes who has been sent to prison recently for extensive misbehaviour. I am not sure whether the data checking provided in the Bill would have helped out there.

We thought that the amendments would make the checking more efficient. If data matching exists, why should the department turn its back on it? The Minister said that fraudsters cover their tracks; of course they do. The only slightly worrying point was the point which the Minister made about local authorities. I am sure that the department has all its internal checks and balances working, and one would hope that local authorities would be equally as vigilant.

We have explored the issue. The Minister gave a useful answer, for which I am grateful. I beg leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Baroness Gould of Potternewton moved Amendment No. 8: Page 2, line 19, leave out from ("for") to end of line 23 and insert ("the supplier of information to be informed of any correction to the information supplied.").

The noble Baroness said: I am speaking only to Amendment No. 8. The other amendments have been ungrouped as they were grouped incorrectly. The amendment deals with the uses of information and the accuracy of the data. It would ensure that the UK takes note of its international obligations to Council of Europe recommendations and would limit the interchange of excessive personal data between departments.

The Bill as it stands makes it lawful for information to be supplied to any person or any body to whom that other information could be supplied or used for any purpose for which that other information could be used, which as I understand it means that, where data held by the DSS are amended to improve the accuracy of the information, the amended information can be used in the same way as the original information and that it allows, but does not require, the department to inform the supplier of any information if amendments are made. Therefore, does it not follow that much of the information, particularly once it has been data matched and revised, could be spread around and the revised information therefore supplied to all third parties to use as they wish? Does the Minister think that that is appropriate?

The amendment would require that the supplier of the original information be told of any corrections or amendments that are appropriate. For example, a supplier giving information that includes an incorrect address should be told about that error. However, the amendment provides that he should not necessarily be given all the other information that has come to light from other suppliers.

Without being amended, the Bill as it stands means that it would be legal for a supplier to receive irrelevant personal data, and to that extent it removes some of the protection afforded by the fourth data protection principle, which states that personal data: held for any purpose or purposes should be adequate, relevant and not excessive in relation to that purpose or those purposes".

Allied to that is the concern about who is responsible for the integrity of the data. I presume that it is the department which holds the centralised database. However, a difficulty arises when the same information is being duplicated in different departments. If the information changes in one place, what is the mechanism by which it is changed on different databases in different departments? Who, therefore, has the responsibility for the integrity of the data held by the Department of Social Security and the Inland Revenue?

In addition, I should like clarification of the UK obligations under the Council of Europe Convention Recommendation R(86)1 and I should like to know whether this Bill is in breach of a section of that recommendation. Although the United Kingdom has derogated from parts of paragraphs 1.2, 3.3 and 5 of that recommendation, it has not derogated from paragraph 4.3 which states that, personal data should not be communicated outside the framework of social security for other than social security purposes except with the informed consent of the person concerned or in accordance with other guarantees laid down by domestic law".

That latter point is the crucial one; namely that, if other uses occur, there needs to be guarantees laid down in domestic law. However, there are no statutory guarantees in this clause offering such protection. Does that mean that it is the Government's intention to derogate from paragraph 4.3, or that they may already have done so, or rather that they choose to ignore the recommendations of the Council of Europe perhaps on the basis that such recommendations are just recommendations?

The Bill is about invading individual privacy in order to combat fraud, but both sides of the equation are important. The fraud should be combated, but privacy should not be invaded by powers which are too wide or which allow for other uses of the data without the statutory guarantees for the protection of the individual. I await with interest the Minister's response. I beg to move.

7 p.m.

Earl Russell

This is a good, sensible and helpful amendment which I am happy to support. However, I shall not do so at great length because the noble Baroness has pretty well made all the case and done so extremely well. I should like to add a few words in support of the point about paragraph 4.3 of Recommendation R(86)1 from the Committee of Ministers in the Council of Europe. It is important to point out that, although we have made derogations from some of those recommendations, we have not done so as regards that particular paragraph. I do not know whether the Minister has an answer on the point, but I hope that he will have one in due course before we leave the Bill.

If checking the accuracy of data is a lawful purpose—and I confess that I rather hope it is and that the Minister will find arguments to show that it is—then one ought not to leave a supplier of data with a lot of data which he could have known were inaccurate. Let us say, for example, that we are dealing with a lot of data about the proverbial Mr. Smith, as is very often the case. If the data are about some completely different Mr. Smith, it would be worth putting the matter right. It is rather like certain organisations which send me papers and which believe me to be a certain "Mr. E. Russell". There again, to save confusion, it would be well worth putting such organisations right. If the matching is to be undertaken, is it not worth spreading the light of accuracy and truth a little wider? As I said, I am happy to support the amendment.

Lord Mackay of Ardbrecknish

The amendment requires the deletion of two provisions contained in subsection (4) of new Section 122 of the Social Security Administration Act, introduced by Clause 1, and replaces them with a different provision. The deletions and the insertion have different consequences. The new Section 122 of that Act provides for the disclosure of information by the Commissioners of Inland Revenue and Customs and Excise to the DSS, or the DHSS of Northern Ireland, for the prevention, detection, investigation and prosecution of offences relating to social security or for use in checking the accuracy of information relating to benefits, to contributions, to national insurance numbers or to any matter relating to social security—and, where appropriate, amending or supplementing such information. Subsection (4) of that section provides that, where information supplied to the department is used to amend or supplement existing social security records, the amended records can be used in the same way as the original social security records could have been used—no more and no less. That covers both the use of those records by the DSS itself and the supply of the information in them to another authority.

The purpose of the provision is to make transparent and explicit the status of the information in our records once they have been amended. Let us take, for example, the case where the address of a claimant held by the DSS was incorrect. Information from another department can, under subsection (2), be supplied for use in the detection of fraud and in checking the accuracy of existing social security information. The check reveals the incorrectness of the data the DSS already holds and in those circumstances it would be appropriate, under the provision in subsection (2), to amend the social security records. The provision in subsection (4) makes it clear that the new address information can be used in just the same way as the old, incorrect address. For instance, there are existing powers for the DSS to supply social security information to local authorities for the purposes of the administration of housing benefit. If the address is normally part of the information supplied, then the DSS can supply the new address, not the old one. I am sure that all Members of the Committee will agree that that is only right and proper. Similarly, the Benefits Agency could use the new address and not the old address for benefit payments and other correspondence.

I now turn to what the amendment inserts. It appears to be intended to allow, but not require, the Department of Social Security or the Northern Ireland department to inform the Inland Revenue or HM Customs and Excise if, as a result of comparing the data they have supplied with the data the DSS already hold, it appears that it is their information that is incorrect. The Finance Bill, currently under consideration in another place, contains a provision which would, in these circumstances and a limited number of others, make it lawful to allow the DSS to supply information to the Inland Revenue and HM Customs and Excise. So, if information that they have given us is wrong, the Finance Bill will allow us to tell them so—and tell them what the correct information is. Therefore, an amendment to this Bill, which would in effect be permitting a disclosure of information for purposes unrelated to social security, is unnecessary. The amendment in the Finance Bill deals with the point raised. I should add that the information of most use to the DSS in checking its records is information which is likely to be more accurate than that which we already hold. I suppose that that is probably a self-evident truth.

I turn now to the difficult questions as regards the recommendations of the Council of Europe. Recommendation R(86)1 deals with the passing on of social security information for other than social security purposes. That is not actually relevant to the Bill because Clauses 1 and 2 are concerned with the gathering of non-social security information from other government departments for social security purposes rather than the passing on of social security information. In answer to the noble Baroness, Lady Gould, it is correct to say that this is only a recommendation and it does not have the force of law within the United Kingdom. However, that is another matter.

If we take, for example, local authorities, any information passed under Clause 3 to a local authority administering housing benefit is, of course, clearly for social security purposes because it is for administering housing benefit or council tax benefit. I hope that I have explained the position clearly and that I have also explained the interrelationship between this Bill and the Finance Bill which is going through its paces in another place. I suspect that shortly it will make a brief appearance in this Chamber, as is the way with such Bills.

Earl Russell

Perhaps the Minister could give me a few words of clarification. He said that information under Clause 1 was to be supplied only for social security purposes. I take the Minister's point about housing benefit, but what about information relating to contributions or national insurance numbers? There must be case law in that respect. Is that a social security purpose?

Lord Mackay of Ardbrecknish

I imagine that it is because the collection of social security contributions, the NICs, by the Contributions Agency is indeed a social security purpose. I cannot imagine that anyone would think that it is anything other than a social security purpose. Indeed, it is to help fund the system for a start and it is also to help build up each of our records so that our entitlement to benefit at some day in the future is established and on the record.

Baroness Gould of Potternewton

I thank the Minister for his response. I shall read his comments in Hansard with interest to ensure that he responded fully to all the points that I raised. Once I have read his reply, I shall be able to make a decision as to whether to bring the amendment back at a later stage. However, in the meantime, I beg leave to withdraw the amendment.

Amendment, by leave, withdrawn.

Baroness Hollis of Heigham moved Amendment No. 9: Page 2, line 25, at end insert— ("(6) Where inaccurate information has been supplied to any person or body under this section, and where such information is also personal data (as defined in section 1 of the Data Protection Act 1984), the data subject (as defined in section 1 of that Act) shall have the right to know the identity of that person or body to whom the inaccurate data have been supplied, and to require any correction to the data to be supplied to that person or body.").

The noble Baroness said: In moving Amendment No. 9 I wish to speak also to Amendments Nos. 26, 38 and 42 which are the same amendment inserted into different parts of the Bill. I wish to unlink Amendment No. 16 from this group which deals with a different aspect of the issue of correct information. I am sure it will be pleasurable for the Committee to hear that I shall speak briefly.

The purpose of the amendment is to ensure that the data subject is protected from the supply by the DSS to other bodies of inaccurate information. It requires that the DSS keeps records of those to whom that personal data is disclosed so that should there be any subsequent correction needed that can then be disclosed to other bodies. I believe that this matter will be covered in due course by the EU data protection directive, but as that has a three-year lead time we felt it was wrong to wait for so long.

We believe that people should not be vulnerable to a situation where bodies to which the DSS has passed inaccurate or—this is more likely—out of date information do not have that information subsequently corrected or updated because the DSS has not kept records of where that information went. We do not envisage that this amendment would present any practical problems as one of the design features of new systems is that they can keep a log on who has been supplied with what. We must put mechanisms in place to ensure that individuals are protected from the adverse effects of the exchange of inaccurate data. This is obviously a probing amendment but can the Minister tell us what he has in mind to avoid such a situation occurring? I beg to move.

Earl Russell

I once unwisely took a mortgage from an American bank—

Noble Lords

In dollars?

Earl Russell

No, it was not in dollars. It is a bank we are informed never sleeps. To my certain knowledge that information is incorrect. I subsequently paid off that mortgage. Fortunately I did so through my lawyer. I then received a threat of proceedings for not having paid the next instalment on the mortgage which I had paid off. My lawyer within the limits of his skill attempted to put this right. I then received a further threat of proceedings and despite all the skills of which my lawyer was possessed—and they were considerable—we received another three demands threatening proceedings before he could get it into the head of that bank that the mortgage was no longer in existence. I do not suggest that the Department of Social Security is in the habit of making mistakes along that line but no one is infallible. Inaccurate information can be spread around and by electronic means it can be spread very fast.

If information that I was risking proceedings for not paying my due debts had been spread around to various quarters—suppose, for example, it had come into the hands of the national press—it would not have caused me great pleasure, to put it no higher. If information that someone is cheating the benefits system comes into the hands of, say, potential employers among others, it might cause a great deal of damage. People should know to whom such inaccurate information has been supplied.

There have been plenty of cases of people who have put in applications for credit—people who are perfectly credit worthy with a perfectly clean record—and who have been refused without a moment's explanation. They have subsequently discovered they have been confused with someone else of the same name who had a bad credit record. As an historian I know quite how great the danger of confusing two people with the same name is. I never thought, for example, that there were at least six John Pyms around in the 17th century, although it may well be eight—I should not care to answer for that. In that kind of case knowing who has the inaccurate information may be absolutely vital to clear up matters which are vital to one's chance of future employment, of getting future benefit, or even to one's standing in the eyes of friends. I think the case for this amendment is strong. I hope that the Minister will look on it with favour.

7.15 p.m.

Lord Mackay of Ardbrecknish

If my store of historical stories was anything like as good as that of the noble Earl, Lord Russell, I have no doubt I could dig up an historical story about the foolish Earl. Suffice to say that putting one's money in an American bank when one could have found a perfectly good Scottish one does not seem a sensible thing to do.

However, I turn to the amendments. The effect of these amendments appears to be to require that where departments—either my own or the Northern Ireland department, or an authority administering housing benefit, or a contractor to any of these—have been supplied with personal data and that information is later found to be incorrect, the subject of that information should have a right to know to whom that incorrect data has been supplied, and to require corrections to be made to that data.

As the noble Baroness has explained, the intention behind this amendment is that if an error is found in personal information held by one body, then the individual concerned should be able to know which other body or bodies might have received the incorrect personal details. The aggrieved individual would also have the right to require any corrections to be supplied to anybody who had received the incorrect data (or indeed had provided it in the first place).

I am sure that it is common ground that as far as possible inconvenience or distress to an individual arising from the use of incorrect information should be avoided. But most of what is sought can be achieved by existing means. Of course, no government department or local authority would deliberately hold or use or disclose information knowing it to be incorrect. To do so would not be sensible and would in any event be a breach of the fifth data protection principle which we discussed earlier and which states: Personal data shall be accurate and, where necessary, kept up to date. Despite the discussions we had earlier about the two principal reasons or justifications for the Bill—if I can express it that way—I think we are probably all agreed that personal data should be accurate and kept up to date. Indeed, the provisions in the Bill which will allow information to be used to check the accuracy of social security records already held should lead to more complete and up to date information being used throughout the social security system. Genuine claimants will benefit; the taxpayer will benefit; only the fraudster will lose.

If an error is discovered, in many cases the correction will be automatic. Within the department many of our computer systems send a copy of any change of information to those of our other computer systems which have previously indicated that they are relying on the original information to pay a claim. A correction of previously incorrect information is simply a change, which can be promulgated through our systems in the normal way. Depending on the outcome of the studies now under way into an IT strategy for housing benefit, it is possible that local authority housing benefit administration would be treated in a similar way, and the powers in new Section 122C are designed to enable that to happen.

However, backtracing—if I may describe it in that way—the path of a single piece of information through the social security system—both the computerised parts and the clerical parts—would be a mammoth undertaking. To do so for every individual piece of information which is found to be incorrect would simply be impractical and certainly immensely costly. In practice there is a range of safeguards available already which mean that the vast majority of such cases will be found and corrected any way.

First, the claimant can simply ask the DSS or the local authority to check that the information is right. Secondly, a claimant can appeal if he believes that his benefit assessment is wrong or has been based on incorrect information—and if there is any change in benefit entitlement the adjudication officer must inform the claimant of the decisions and the reasons for it.

Thirdly, the Data Protection Act gives an individual the right to ask to see the information which is held about him. He can then ask for it to be corrected and if the data holder refuses to do so the individual can complain to the Data Protection Registrar on the grounds of a breach of the fifth principle or ask a court to order the data to be corrected under the provisions in Section 24 of the Data Protection Act. Fourthly, changes to information—whether they are correcting a past mistake or simply a change of circumstances—are in many cases already promulgated to other parts of the social security system with a need to know. In addition, Section 22 of the Data Protection Act gives data subjects a right to claim compensation for damage or distress as a result of inaccurate data.

I understand the noble Baroness's concern and the concern expressed by the noble Earl that individuals should not be disadvantaged because incorrect information has been passed. We share that concern. I hope that what I have said will show that when we have these corrections of data we do as much as we possibly can to pass them on, and that the additional provision which the noble Baroness seeks would add little; and that backtracking, perhaps on data which had been held for some time, would be difficult. It would be difficult to find out where that data had gone during the course of their life on our files.

I remind the Committee that one of the uses of information technology set out in the Bill is to check records and amend them as necessary. As a result of the measures in the Bill, I believe that our records will become much more accurate. I am confident that any problems arising from incorrect social security records will decrease over time. Where exceptionally a customer is disadvantaged, existing arrangements will continue to allow matters to be put right quickly in one, or perhaps more, of the four ways that I illustrated in my response.

With that explanation of how we deal with incorrect information currently and how we shall continue to deal with it, I hope that the noble Baroness can withdraw the amendment.

Earl Russell

I am grateful to the Minister for that reply. I accept a great deal of what he says. If the DSS were a pianist, I would not shoot it. It tries to do its best. I accept that what is wanted can be done under existing law. I accept that it will do that to the best of its ability.

However, the Minister is aware of the Change Programme. He is aware of the pressure that it is putting on the DSS staff. He was sitting on the Bench last Thursday night when I told his noble friend Lord Henley about a recent case where the Benefits Agency was faced with the task which was its duty but passed it on to the local CAB because it said it was simply too busy to do it. In that situation there may be a case for a clear statutory duty and, moreover, for that clear statutory duty to be embodied in social security law which I am sure most DSS officers know rather better than they know the Data Protection Act.

As the Minister has answered hundreds of such amendments, he will be familiar with amendments that seek to lay a clear statutory duty to do this or that on a local authority. Since the funding of local authorities has become so tight, it has become normal form in this Chamber for any amendment giving a function to a local authority to seek to make it a statutory duty because it is believed that otherwise the task will not be done. I fear that the effect of the Change Programme may be that we have to do the same with the DSS. It is a point about which the Minister might like to think.

Baroness Hollis of Heigham

I am grateful for the Minister's reply. It is obvious that he recognises the provision as a self-evidently virtuous amendment. Indeed, the more he explained it the more I became convinced of its self-evident virtue. He did a much better job than I did.

Before I address some of the possible remedies outlined by the Minister, at the core lies the sense that once information is handled by a computer, or is in the computer's data system, there is often little scope for the individual at the other end to intervene to correct and remedy. In a sense, however often one may try to contact it, the system is inexorable; it is overwhelming. The noble Earl referred to his experience of the American bank. In the usual way of these things, I paid my TV licence in December. Three weeks later someone called round on the ground that I had not done so and demanded to see my licence which I happily produced. Three weeks later I received a letter demanding that I pay my TV licence. Two weeks after that I had a letter threatening me with prosecution, whereupon I wrote a letter to the computer saying, "Dear Computer, will you stop persecuting me", which it apparently then did. It was only when one treated the computer as faintly human that one received a faintly human response—which was to take no action.

That trivial story suggests what happens when there is no way of penetrating the system. I understand from information technology that it should not be difficult to log the paths of information so that the subject of the incorrect data knows that the appropriate remedy has been applied. Otherwise there are consequences not only in terms of credit rating but in other areas of life.

An individual may find that he is receiving unfair or adverse treatment but may not know the cause unless he knows who has had the information corrected. That is the dilemma. The Minister perfectly properly listed ways in which that information could be corrected. Some, for example going to court, sounded extremely heavy-handed and cumbersome. We shall not press the amendment, but perhaps we may consider the issue over the next week or two to see whether by technological means we can find a more reliable and less heavy-handed way to stop the multiplication of data to bodies of which the subject is not aware which may adversely affect that individual. None of us wants that to happen. It will simply bring the system into disrepute. I beg leave to withdraw the amendment.

Amendment, by leave, withdrawn.

[Amendments Nos. 10 to 15 not moved.]

Lord Lucas

I beg to move that the House be resumed. In moving the Motion, perhaps I may suggest that the Committee stage begins again not before 8.30 p.m.

Moved accordingly, and, on Question, Motion agreed to.

House resumed.