Show Search Form

Search Results

registered interest	true false
date	exactly: or between: and
answering body
answering dept id
answering dept short name
answering dept sort name
hansard heading
house id
legislature	pref label
question text
tabling member constituency
tabling member printed
uin
answer	is ministerial correction true false date of answer exactly: or between: and answer text answering member constituency answering member printed grouped question UIN question first answered answering member label
tabling member	label

Search

997433

registered interest
date	29/10/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, what steps his Department plans to take to encourage the collection of funds for the benefit of the consolidated fund by the Information Commissioner's Office (ICO) from all data controllers (a) who should have paid and (b) should pay (i) data notifications and (ii) registration fees to the ICO.
tabling member constituency	Knowsley
tabling member printed	Mr George Howarth
uin	184887
answer	answer is ministerial correction date of answer 06/11/2018 answer text <p>The Information Commissioner’s Office (ICO) is an independent regulator. Funding for data protection activities is provided by the data protection charges, which are levied on data controllers in accordance with the Data Protection (Charges and Information) Regulations 2018 (previously the Data Protection (Notification and Notification Fees) Regulations 2000). The collection of the data protection charge (and previously the notification fee) is the responsibility of the ICO. The Data Protection Act 2018 sets out powers for the ICO to enforce collection of these charges, including penalties up to a maximum of 150% of the highest charge payable by a controller in that year (Part 5 section 158). The ICO is at liberty to use all funding generated by these charges for data protection activity.</p><p> </p><p>As a body funded by public money, the ICO is subject to standard Cabinet Office Spend Controls and HMT’s Managing Public Money principles. Full details on the controls pertaining to the ICO’s expenditure are available in the Management Agreement between the ICO and DCMS.</p><p> </p><p>Under the terms of this Management Agreement, the ICO is able to retain such funds as are necessary to meet any liabilities at the end of the financial year (such as creditors), or unspent funds up to a maximum of 3% of total annual data protection charge income (whichever is the greater). Any additional surplus would be remitted to the Consolidated Fund at the end of the financial year. This is the only scenario in which income from data protection charges would be remitted to the Consolidated Fund. As such, the data protection charge (previously notification fee) is not collected for the benefit of the Consolidated Fund, but rather to ensure the ICO is able to fulfil its important regulatory functions.</p><p> </p><p>Information on the amount of surplus remitted to the Consolidated Fund is not available for 2008/09 or 2009/10. For 2010/11 and 2011/12, this information is published on page 50 of the 2011/12 Annual Accounts. From 2012/13 onwards, this information is available in note 5b of the ICO’s Annual Accounts for each year. Copies of the Annual Accounts for each year are available on the ICO’s website www.ico.org.uk.</p><p><strong> </strong></p> answering member constituency Stourbridge answering member printed Margot James grouped question UIN 184888 184889 184892 question first answered 06/11/2018 16:50:54 answering member 4115 label Biography information for Margot James
tabling member	481 label Biography information for Sir George Howarth

997434

registered interest
date	29/10/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, what limits his Department has been placed on the Information Commissioner's Office in respect of funds that it can use for its data protection activities; and what such excess funds have been remitted to the consolidated fund in each of the last 10 years.
tabling member constituency	Knowsley
tabling member printed	Mr George Howarth
uin	184888
answer	answer is ministerial correction date of answer 06/11/2018 answer text <p>The Information Commissioner’s Office (ICO) is an independent regulator. Funding for data protection activities is provided by the data protection charges, which are levied on data controllers in accordance with the Data Protection (Charges and Information) Regulations 2018 (previously the Data Protection (Notification and Notification Fees) Regulations 2000). The collection of the data protection charge (and previously the notification fee) is the responsibility of the ICO. The Data Protection Act 2018 sets out powers for the ICO to enforce collection of these charges, including penalties up to a maximum of 150% of the highest charge payable by a controller in that year (Part 5 section 158). The ICO is at liberty to use all funding generated by these charges for data protection activity.</p><p> </p><p>As a body funded by public money, the ICO is subject to standard Cabinet Office Spend Controls and HMT’s Managing Public Money principles. Full details on the controls pertaining to the ICO’s expenditure are available in the Management Agreement between the ICO and DCMS.</p><p> </p><p>Under the terms of this Management Agreement, the ICO is able to retain such funds as are necessary to meet any liabilities at the end of the financial year (such as creditors), or unspent funds up to a maximum of 3% of total annual data protection charge income (whichever is the greater). Any additional surplus would be remitted to the Consolidated Fund at the end of the financial year. This is the only scenario in which income from data protection charges would be remitted to the Consolidated Fund. As such, the data protection charge (previously notification fee) is not collected for the benefit of the Consolidated Fund, but rather to ensure the ICO is able to fulfil its important regulatory functions.</p><p> </p><p>Information on the amount of surplus remitted to the Consolidated Fund is not available for 2008/09 or 2009/10. For 2010/11 and 2011/12, this information is published on page 50 of the 2011/12 Annual Accounts. From 2012/13 onwards, this information is available in note 5b of the ICO’s Annual Accounts for each year. Copies of the Annual Accounts for each year are available on the ICO’s website www.ico.org.uk.</p><p><strong> </strong></p> answering member constituency Stourbridge answering member printed Margot James grouped question UIN 184887 184889 184892 question first answered 06/11/2018 16:50:54 answering member 4115 label Biography information for Margot James
tabling member	481 label Biography information for Sir George Howarth

997435

registered interest
date	29/10/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, (a) what process has been involved in setting funding limits on the Information Commissioner's Office (ICO) in respect of funds that it can use for its Data Protection activities in each of the last 10 years; and if he will place in the Library copies of all records relating to such processes including any notes of meetings and communications between the Government and the ICO.
tabling member constituency	Knowsley
tabling member printed	Mr George Howarth
uin	184889
answer	answer is ministerial correction date of answer 06/11/2018 answer text <p>The Information Commissioner’s Office (ICO) is an independent regulator. Funding for data protection activities is provided by the data protection charges, which are levied on data controllers in accordance with the Data Protection (Charges and Information) Regulations 2018 (previously the Data Protection (Notification and Notification Fees) Regulations 2000). The collection of the data protection charge (and previously the notification fee) is the responsibility of the ICO. The Data Protection Act 2018 sets out powers for the ICO to enforce collection of these charges, including penalties up to a maximum of 150% of the highest charge payable by a controller in that year (Part 5 section 158). The ICO is at liberty to use all funding generated by these charges for data protection activity.</p><p> </p><p>As a body funded by public money, the ICO is subject to standard Cabinet Office Spend Controls and HMT’s Managing Public Money principles. Full details on the controls pertaining to the ICO’s expenditure are available in the Management Agreement between the ICO and DCMS.</p><p> </p><p>Under the terms of this Management Agreement, the ICO is able to retain such funds as are necessary to meet any liabilities at the end of the financial year (such as creditors), or unspent funds up to a maximum of 3% of total annual data protection charge income (whichever is the greater). Any additional surplus would be remitted to the Consolidated Fund at the end of the financial year. This is the only scenario in which income from data protection charges would be remitted to the Consolidated Fund. As such, the data protection charge (previously notification fee) is not collected for the benefit of the Consolidated Fund, but rather to ensure the ICO is able to fulfil its important regulatory functions.</p><p> </p><p>Information on the amount of surplus remitted to the Consolidated Fund is not available for 2008/09 or 2009/10. For 2010/11 and 2011/12, this information is published on page 50 of the 2011/12 Annual Accounts. From 2012/13 onwards, this information is available in note 5b of the ICO’s Annual Accounts for each year. Copies of the Annual Accounts for each year are available on the ICO’s website www.ico.org.uk.</p><p><strong> </strong></p> answering member constituency Stourbridge answering member printed Margot James grouped question UIN 184887 184888 184892 question first answered 06/11/2018 16:50:54 answering member 4115 label Biography information for Margot James
tabling member	481 label Biography information for Sir George Howarth

997436

registered interest
date	29/10/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, what processes exist within the Information Commissioner's Office (ICO) as regulator for dealing with concerns on the handling of data by the ICO as a data controller.
tabling member constituency	Knowsley
tabling member printed	Mr George Howarth
uin	184890
answer	answer is ministerial correction date of answer 06/11/2018 answer text <p>Section 15 of the ICO’s service guide explains how they handle data protection concerns about the ICO. It explains that they will deal with such concerns in line with our usual procedures. There are also various options for redress should a complainant be dissatisfied with the ICO’s handling of a complaint against them. Part 5 section 166 of the DPA 2018 sets out a complainant’s powers to initiate a judicial review if they are not satisfied with the process followed by the ICO in handling an investigation into their complaint.</p><p> </p><p> </p><p> </p><p>If, having exhausted the ICO's complaints procedure, an individual remains dissatisfied about any aspect of any service they have received from the ICO, or considers that the ICO has not acted properly or fairly, they can take the matter to the Parliamentary and Health Service Ombudsman. Complaints to the Ombudsman must be made through the individual's MP. Further information about the Ombudsman’s service can be found on their website http:// www.ombudsman.org.uk.</p><p> </p><p> </p><p>Complainants can also go to the courts to claim compensation should the complainant feel that is appropriate.</p><p> </p><p>The number and outcome of any DP complaints about the ICO as a data controller will be published in their datasets online.</p><p> </p><p>The ICO haven’t taken any formal regulatory action against themselves as data controller.</p> answering member constituency Stourbridge answering member printed Margot James grouped question UIN 184891 question first answered 06/11/2018 16:41:26 answering member 4115 label Biography information for Margot James
tabling member	481 label Biography information for Sir George Howarth

997437

registered interest
date	29/10/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, what enforcement action has been taken by the Information Commissioner's Office (ICO) as regulator against the ICO as a data controller for non-compliance by the ICO with its obligations under data protection legislation in each of the last five years.
tabling member constituency	Knowsley
tabling member printed	Mr George Howarth
uin	184891
answer	answer is ministerial correction date of answer 06/11/2018 answer text <p>Section 15 of the ICO’s service guide explains how they handle data protection concerns about the ICO. It explains that they will deal with such concerns in line with our usual procedures. There are also various options for redress should a complainant be dissatisfied with the ICO’s handling of a complaint against them. Part 5 section 166 of the DPA 2018 sets out a complainant’s powers to initiate a judicial review if they are not satisfied with the process followed by the ICO in handling an investigation into their complaint.</p><p> </p><p> </p><p> </p><p>If, having exhausted the ICO's complaints procedure, an individual remains dissatisfied about any aspect of any service they have received from the ICO, or considers that the ICO has not acted properly or fairly, they can take the matter to the Parliamentary and Health Service Ombudsman. Complaints to the Ombudsman must be made through the individual's MP. Further information about the Ombudsman’s service can be found on their website http:// www.ombudsman.org.uk.</p><p> </p><p> </p><p>Complainants can also go to the courts to claim compensation should the complainant feel that is appropriate.</p><p> </p><p>The number and outcome of any DP complaints about the ICO as a data controller will be published in their datasets online.</p><p> </p><p>The ICO haven’t taken any formal regulatory action against themselves as data controller.</p> answering member constituency Stourbridge answering member printed Margot James grouped question UIN 184890 question first answered 06/11/2018 16:41:26 answering member 4115 label Biography information for Margot James
tabling member	481 label Biography information for Sir George Howarth

997438

registered interest
date	29/10/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, what steps his Department has taken to ensure that the Information Commissioner's Office (ICO) has collected (a) all data notification fee income under the 1998 Data Protection Act and (b) registration fee income under the Data Protection Act 2018 from data controllers; and whether he has taken steps to ensure that such funds are allocated to the ICO rather than collected for the consolidated fund.
tabling member constituency	Knowsley
tabling member printed	Mr George Howarth
uin	184892
answer	answer is ministerial correction date of answer 06/11/2018 answer text <p>The Information Commissioner’s Office (ICO) is an independent regulator. Funding for data protection activities is provided by the data protection charges, which are levied on data controllers in accordance with the Data Protection (Charges and Information) Regulations 2018 (previously the Data Protection (Notification and Notification Fees) Regulations 2000). The collection of the data protection charge (and previously the notification fee) is the responsibility of the ICO. The Data Protection Act 2018 sets out powers for the ICO to enforce collection of these charges, including penalties up to a maximum of 150% of the highest charge payable by a controller in that year (Part 5 section 158). The ICO is at liberty to use all funding generated by these charges for data protection activity.</p><p> </p><p>As a body funded by public money, the ICO is subject to standard Cabinet Office Spend Controls and HMT’s Managing Public Money principles. Full details on the controls pertaining to the ICO’s expenditure are available in the Management Agreement between the ICO and DCMS.</p><p> </p><p>Under the terms of this Management Agreement, the ICO is able to retain such funds as are necessary to meet any liabilities at the end of the financial year (such as creditors), or unspent funds up to a maximum of 3% of total annual data protection charge income (whichever is the greater). Any additional surplus would be remitted to the Consolidated Fund at the end of the financial year. This is the only scenario in which income from data protection charges would be remitted to the Consolidated Fund. As such, the data protection charge (previously notification fee) is not collected for the benefit of the Consolidated Fund, but rather to ensure the ICO is able to fulfil its important regulatory functions.</p><p> </p><p>Information on the amount of surplus remitted to the Consolidated Fund is not available for 2008/09 or 2009/10. For 2010/11 and 2011/12, this information is published on page 50 of the 2011/12 Annual Accounts. From 2012/13 onwards, this information is available in note 5b of the ICO’s Annual Accounts for each year. Copies of the Annual Accounts for each year are available on the ICO’s website www.ico.org.uk.</p><p><strong> </strong></p> answering member constituency Stourbridge answering member printed Margot James grouped question UIN 184887 184888 184889 question first answered 06/11/2018 16:50:54 answering member 4115 label Biography information for Margot James
tabling member	481 label Biography information for Sir George Howarth

971438

registered interest
date	10/09/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, pursuant to the oral response of the Minister for Digital and the Creative Industries, 6 September 2018, Official Report, column 304, who has his Department consulted with on the data review.
tabling member constituency	Newcastle upon Tyne Central
tabling member printed	Chi Onwurah
uin	172568
answer	answer is ministerial correction date of answer 13/09/2018 answer text <p>In June 2018, it was announced that we would create a National Data Strategy. Officials are developing more detailed proposals for the strategy and we will make an annoucement on progress in due course. We are consulting with all Government Departments and a variety of Arms Length Bodies to develop our detailed proposals.</p> answering member constituency Stourbridge answering member printed Margot James grouped question UIN 172567 question first answered 13/09/2018 15:19:11 answering member 4115 label Biography information for Margot James
tabling member	4124 label Biography information for Chi Onwurah

938820

registered interest
date	11/07/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	2
legislature	25277 pref label House of Lords
question text	To ask Her Majesty's Government whether they plan to take further action to protect people's data.
tabling member printed	Lord Kennedy of Southwark
uin	HL9436
answer	answer is ministerial correction date of answer 25/07/2018 answer text <p>The General Data Protection Regulation (GDPR) and the new Data Protection Act 2018 (DPA) strengthen standards on data protection, ensuring they are up to date for the modern age. The GDPR allows the Information Commissioner to impose fines up to £18 million or 4% of global turnover. These are significantly higher fines than were available under the Data Protection Act 1998 where the maximum fine that could be imposed was £500,000. We will continue to work with the Commissioner to monitor and evaluate the impact of the fines over the months and years ahead.</p> answering member printed Lord Ashton of Hyde grouped question UIN HL9433 question first answered 25/07/2018 11:51:02 answering member 4247 label Biography information for Lord Ashton of Hyde
tabling member	4153 label Biography information for Lord Kennedy of Southwark

909212

registered interest
date	21/05/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, what (a) rights and (b) protections are available to people to prevent data on them that is held by organisations being destroyed under the provisions of the the General Data Protection Regulation implementation process.
tabling member constituency	Newcastle upon Tyne Central
tabling member printed	Chi Onwurah
uin	146239
answer	answer is ministerial correction date of answer 24/05/2018 answer text <p>The General Data Protection Regulation (GDPR) will come into force on 25 May 2018. It places obligations on organisations to process people's data lawfully, fairly and transparently. This includes making it clear to people how their data will be used, for how long it will be held and when it will be erased. The GDPR also provides individuals with increased control over their own data by conferring certain rights, such as the right to seek restriction of processing. This would allow an individual to oppose the erasure of personal data where he or she believed the processing activities of the organisation were unlawful.</p> answering member constituency Stourbridge answering member printed Margot James question first answered 24/05/2018 10:34:56 answering member 4115 label Biography information for Margot James
tabling member	4124 label Biography information for Chi Onwurah

890569

registered interest
date	24/04/2018
answering body	Department for Digital, Culture, Media and Sport
answering dept id	10
answering dept short name	Digital, Culture, Media and Sport
answering dept sort name	Digital, Culture, Media and Sport
hansard heading	Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Digital, Culture, Media and Sport, what impact assessment Department has conducted on the estimated cost to (a) Government Departments, (b) companies, (c) charities, (d) political parties and (e) voluntary organisations of the introduction of the General Data Protection Regulation.
tabling member constituency	Warley
tabling member printed	John Spellar
uin	137427
answer	answer is ministerial correction date of answer 27/04/2018 answer text <p>In 2012 the Ministry of Justice (which then had policy responsibility for data protection) completed a full impact assessment on GDPR, the results of which are published here: https://consult.justice.gov.uk/digital-communications/data-protection-proposals-cfe/results/eu-data-protection-reg-impact-assessment.pdf.</p><p> </p><p> </p><p>Further to this initial assessment, Government has undertaken a number of impact assessments on specific areas of data protection policy, but there have not been any completed which would provide an assessment of the overall impact of GDPR on the particular stakeholder groups highlighted in the question.</p> answering member constituency Stourbridge answering member printed Margot James question first answered 27/04/2018 10:14:27 answering member 4115 label Biography information for Margot James
tabling member	318 label Biography information for John Spellar