NEWS11 March 2019

Lords: big tech has failed to tackle online harms

GDPR News Privacy Public Sector UK

UK – The House of Lords has called for a new regulatory framework to hold tech companies to account, saying self-regulation is failing.

House of Commons and Lords_crop

A new digital authority should be launched to oversee regulation in this area, assess regulation on an ongoing basis and make recommendations on new regulatory powers needed to fill any gaps, according to a report published by the Lords communications committee.

Among the report’s recommendations is that data controllers and data processors should be required to publish an annual data transparency statement.

Organisations controlling or processing personal data should use this statement to outline which forms of behavioural data they generate or purchase from third parties, and how that data is used, stored and transferred, according to the report.

Additionally, people using internet services should have the right to obtain a processing transparency report on request. The report should show what data is held on the user, which is currently the case under GDPR subject access reports, but expand on this to include data generated on the user and behavioural data obtained from any third parties.

The report also argues that online services hosting and curating content should have a duty of care, and Ofcom’s remit should be expanded to enforce that.

Other recommendations include the need for online platforms to adopt a framework similar to the British Board of Film Classification to address moderation issues.

The report’s 10 proposed principles for developing regulation of the internet are:

  • Parity: online must have the same level of protection as offline
  • Accountability: individuals and organisations must be held to account for their actions and policies
  • Transparency: digital businesses and organisations must be open to scrutiny
  • Openness: the internet should remain open to innovation and competition
  • Privacy: the privacy of individuals must be protected
  • Ethical design: services must act in the interests of users and society
  • Recognition of childhood: the most vulnerable users of the internet must be protected
  • Respect for human rights and equality: to safeguard the freedoms of expression and information online
  • Education and awareness-raising: to help people navigate the digital world safely
  • Democratic accountability, proportionality and an evidence-based approach.

The chairman of the committee, Lord Gilbert of Panteg, said: “Self-regulation by online platforms is clearly failing and the current regulatory framework is out of date. The evidence we heard made a compelling and urgent case for a new approach to regulation. Without intervention, the largest tech companies are likely to gain ever more control of technologies which extract personal data and make decisions affecting people’s lives. 

“Our proposals will ensure that rights are protected online as they are offline while keeping the internet open to innovation and creativity, with a new culture of ethical behaviour embedded in the design of service.”