Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

UK.gov told: Scrap immigration exemption from Data Protection Bill or we'll see you in court

Campaigners say proposed law would create a 'discriminatory' system for data access rights

Campaign groups have increased pressure on the UK government to remove a section of the Data Protection Bill that could effectively prevent people gaining access to immigration data held on them.

The bill passed through the House of Lords at the start of the year, and has its second reading in the House of Commons today, which is the first opportunity for MPs to scrutinise and debate the text.

Among the various concerns about the bill, much has been made of the insertion of a new exemption for immigration (schedule 2, part 1, paragraph 4).

The clause, which was unsuccessfully challenged by peers, would bring in a broad exemption removing a person's rights as a data subject – their ability to access information or ask how it is being used – if satisfying them would prejudice "effective immigration control".

Opponents have voiced concern about the lack of specificity in the text, especially as there are already exemptions for cases of crime, national security, public safety and protection of sources in both the European Union's General Data Protection Regulation and elsewhere in national law.

But more significantly, if passed, the law could prevent asylum seekers gaining the information they need to appeal a Home Office decision on whether they have the right to remain, or challenge potential mistakes.

"Victims of administrative errors will have no way to stop a typo from turning their lives upside down," said the Open Rights Group in a statement.

"Rights are universal, that's what makes them rights. This exemption creates a two-tier system where immigrants will have less access to their personal data than UK citizens, which inherently undermines the whole system."

The ORG is lobbying against the clause with EU citizens' rights group the3million, which said that "everyone should be entitled to know how the Home Office and other government agencies are using their records".

The groups have today launched a legal challenge against the exemption and are being represented by law firm Leigh Day, which has written to the home secretary Amber Rudd to outline their concerns.

"The immigration exemption creates a discriminatory two-tier system for data protection rights," said Leigh Day solicitor Rosa Curling.

"The clause is incompatible with GDPR, as well as EU law generally and the European Convention on Human Rights. If the exemption is made law, our clients will apply for judicial review."

The pressure comes after prime minister Theresa May made much of the UK's data protection standards in her second Mansion House speech last Friday.

"The UK has exceptionally high standards of data protection," she said, once again setting out the need for an arrangement post-Brexit that will provide "stability and confidence" for businesses and individuals.

"That is why we will be seeking more than just an adequacy arrangement and want to see an appropriate ongoing role for the UK's Information Commissioner's Office," she said.

The government has repeatedly called for the ICO to be given a place at the table of the European Data Protection Board (EDPB) – the new group for member states' data protection agencies that is set to wield more power than the existing Article 29 Working Party.

However, the likelihood of this happening is far from certain, especially as the EDPB – unlike WP29 – is an EU body.

This is emphasised by the draft text of the European Commission's withdrawal agreement, which states that references to member states do not apply to the UK when it comes to "nomination, appointment or election" of members of bodies or in "decision-making and governance" of EU bodies.

There is also concern that the UK won't be granted the adequacy-plus agreement it desires because of national legislation, particularly the controversial Snoopers' Charter, which it has already had to admit breaches data protection law.

Or as lawyer and writer David Allen Green put it:

The UK's tech industry has previously said it wants full compliance with the GDPR and warned Brexiteers against the perception that the GDPR is incompatible with securing new trade agreements. ®

Similar topics

TIP US OFF

Send us news


Other stories you might like