MPs are frantically deleting casework emails after being mistakenly advised that new regulations mean they have to clear the data that they hold on constituents.
The General Data Protection Regulation comes into effect on 25 May, and is the reason your own inbox will be flooded by companies who’ve been sending you unsolicited emails for years who are now asking if you want them to stay in touch. It also has an impact on parliamentarians, who retain years’ worth of correspondence about constituency matters. Recent briefings from the Commons authorities and political parties have left office staff and MPs confused about what they are allowed to keep, with one briefing suggesting that all data from before the snap election had to be deleted. I understand that a number of MPs’ offices have already done this, even though competing legal advice suggests that they are absolutely fine to hold onto many of these emails.
There are a number of reasons why MPs might want to keep hold of emails for many years. Some suspect that a casework issue will raise its head again at some point. Others have had vexatious complaints made against them, often by constituents with a grudge, which they can only quash if they can provide an email trail showing what they did – and didn’t – do for the person complaining. And in some cases, MPs can end up with stalkers, whose intimidating pattern of behaviour needs to be proven using emails.
Other MPs are concerned that in cases of domestic violence, an ex-partner may demand access to all the correspondence about them between the victim and the MP, which could compromise the victim’s personal safety, as well as serving as an intimidatory tactic. Some, though, were apparently crestfallen when the advice didn’t go so far as to say that they shouldn’t be doing constituency work.
Conservative MPs have been appealing to Culture Secretary Matt Hancock for help on the matter, and last month a ‘dear colleague’ letter was sent round backbenchers by Digital Minister Margot James and Elizabeth Denham, the Information Commissioner. The letter, which I’ve been passed, argued that ‘the requirement of the new laws are neither complex nor burdensome’. It also suggested, in a roundabout way that some of the training offered has been misleading:
‘Some of your staff may have already attended third party training procured by the House Authorities. Following your staff’s feedback, House Authorities have undertaken to update the training, ensuring it is tailored to your needs. We would advice your staff to attend training once it has been updated.’
Labour MP Chris Bryant raised a point of order in the Chamber on this a few minutes ago. Speaking just before he entered the Chamber, Bryant told me that he has had stalkers go to prison in the past, and has needed to use electronic communications to prove that. In the Commons, he complained about the potential for ‘silly laws’ to stop MPs performing the basic functions of their jobs. Deputy Speaker Eleanor Laing scolded him for this, pointing out that ‘there are no silly laws, there laws that are passed by Parliament’, before telling the Chamber that the House of Commons Commission is meeting this afternoon to discuss this matter.
This all sounds very technical, which is presumably why MPs didn’t notice the ‘silly law’ until a few weeks ago. But if MPs have deleted data that they may well need – either for their own protection or that of constituents in the future – then this is a terrible mess over what should have been a basic update to data protection laws.