Neues aus dem Fernsehrat (111): „Es braucht öffentlich-rechtliche Regenmacher“
netzpolitik.org/2025/neues-aus…
Netzsperren: 1&1 Versatel teilte geheime Sperrliste öffentlich zugänglich im Netz
netzpolitik.org/2025/netzsperr…
Anerkennung der Sektion Ostschweiz als Sektion der Piratenpartei Schweiz
Der Vorstand der Piratenpartei Schweiz hat an der Vorstandssitzung vom 09.04.2025 einstimmig die Anerkennung der Sektion Ostschweiz beschlossen.
projects.piratenpartei.ch/issu… Antrag auf Anerkennung der Sektion Ostschweiz
Gegen diesen Beschluss ist das fakultative innerparteiliche Referendum durch ein Quorum vom 3 Piraten innert 48 Stunden nach der Publikation gegeben. Das Referendum ist zuhanden des Präsidenten der PPS anzuzeigen.
Elektronische Patientenakte: Fachleute zweifeln weiterhin an Sicherheitsversprechen
netzpolitik.org/2025/elektroni…
Predictive Policing: Großbritannien will berechnen, wer zum Mörder wird
netzpolitik.org/2025/predictiv…
Protestbewegung in Serbien: 3.032 Zeugenaussagen zur Schallwaffe von Belgrad ausgewertet
netzpolitik.org/2025/protestbe…
Biometrie: Deutsche Polizeien nutzen immer häufiger Gesichtserkennung
netzpolitik.org/2025/biometrie…
Deutschland: „Pressefreiheit rund um Nahost-Berichterstattung unter Druck“
netzpolitik.org/2025/deutschla…
Angstforscherin: „In der Politik gibt es oft die Strategie, Ängste zu schüren“
netzpolitik.org/2025/angstfors…
Neuer Vorstand in der Piratenpartei Schweiz
Nachdem Philippe Burger im März aus dem Vorstand zurückgetreten ist, haben die Mitglieder an der Hauptversammlung am Samstag, 05. April. 25, Nicole Rüegger und Jonas Sulzer aus dem Vorstand abgewählt.
Es fanden Ergänzungswahlen statt und neu im Vorstand sind nun Melanie Hartmann, Michel Baetscher, Pat Mächler und Renato Sigg.
Der aktuelle Vorstand ist hier zu finden.
KW 14: Die Woche, in der wir uns nach evidenzbasierter Politik gesehnt haben
netzpolitik.org/2025/kw-14-die…
Zollkrieg im Digitalen: Was die EU gegen Donald Trump in der Hand hat
netzpolitik.org/2025/zollkrieg…
Digitale Brieftasche: EU-Kommission öffnet Schlupflöcher für Überidentifikation
netzpolitik.org/2025/digitale-…
Pirates at the UN Office at Geneva, 2025
Our colleague from the Pirate Party of Switzerland, Carlos Polo, attended the United Nations Economic Commission for Europe (UNECE) Resource Management Week 2025 in Geneva from March 24 to 28. The goal of the event was to discuss sustainable management of energy and mineral resources. Participants explored the adoption of the United Nations Framework Classification for Resources (UNFC) and the United Nations Resource Management System (UNRMS). Numerous experts spoke on ‘just energy transition’, whereby we are converting from fossil fuels to more environmentally friendly energy use. Our representatives very much appreciate going to the events, as well as the side events that can be less formal and provide more opportunities to interact. The main side event was the Geneva Dialogues on Mineral and Metal Resources and the FutuRaM project on forecasting raw material availability. Carlos has been representing us as a volunteer representative for many years in Geneva, and we greatly appreciate his attendance. If you would also like to join our team of UN volunteers, please let us know.
pp-international.net/2025/04/u…
Democracy groups warn of threat ‘Henry VIII’ powers pose to future election integrity
Democracy organisations, privacy groups and academics have written to government ministers to warn that powers in the Data Use and Access (DUA) Bill could threaten the integrity of future elections.
0
The draft Bill includes ‘Henry VIII’ powers that could allow a government to make changes to how political parties use the public’s data without having to pass a new law. Clauses 70(4) and 71(5) give the Secretary of State discretion to determine and vary the conditions under which personal data can be processed.
JOint Letter
HENRY VIII powers in Data Use and Access Bill could undermine election integrity
Read now
Executive powers and electoral integrity
These changes could be timed to the advantage of the governing party over its opponents – for example to allow practices that the ruling political party was ready to deploy. The signatories have pointed out that if such changes were made prior to an election, there may be insufficient time for the ICO or Electoral Commission to issue guidance to Political Parties on any new ‘recognized legitimate interest’ basis for a political party to process voter data for election purposes. This could undermine the integrity of a General Election.
A House of Lords Select Committee has shared similar concerns. The 3rd Report of the House of Lords Constitution Committee stated that they “are not satisfied that the case has been sufficiently made to entrust the powers in these clauses to secondary legislation.”
James Baker, Programme Manager at Open Right Group said:
“Political parties are stuck in an arms race as to how they can use data to reach and influence potential voters in order to win elections.
“It’s therefore vital that there are clear and fair rules for how political parties are allowed to use our data. Any changes to these rules must be properly scrutinized by parliament.
“This not just about how our data is being used, it’s about the future of our democracy. At a time when public trust in politicians is low, the Government must act to prevent the Data Bill enabling future abuses of power.”
Tom Brake, Director of Unlock Democracy said:
“A few months before the General Election, Lucy Powell MP, now the Leader of the House, talked of Labour’s commitment to “doing legislation better”, with “better planning, better drafting and better scrutiny”. The Henry VIII powers contained in the Bill mean the DUA Bill fails to deliver on those commitments. It must be amended so that it does.”
The letter’s signatories are calling on ministers to amend the Bill to ensure powers to create a statutory instrument to create a recognized legitimate interest basis for sharing personal data can’t be applied to political parties.
Notes to Editor
Henry VIII power are delegated legislative powers that allow the government to override or amend legislation through statutory instruments (SIs). These are passed without meaningful parliamentary scrutiny and no SI has been rejected by the House of Commons since 1979”.
The DUA Bill contains 87 examples of such powers. Read ORG’s briefing on this here.
Last year, an Open Right Group report highlighted the challenges in enforcing how political parties use our data. Moral Hazard: Voter Data Privacy and Politics in Election Canvassing Apps raised concerns about the privacy and security of canvassing apps used by political parties, and raised the question of whether voters’ data is being used unlawfully.
Briefing: Henry VIII powers threaten democracy and UK adequacy
Read ORG’s briefing on executive powers in the Data Use and Access Bill.
Find out more
Data and Democracy
Data and Democracy
Digital Privacy
Hands Off Our Data
Become a member
Join the movement
Briefing: Data Use and Access Bill Henry VIII powers threaten democracy and UK adequacy
Henry VIII clauses are delegated legislative powers that allow the government to override or amend primary legislation as it was enacted by Parliament.
The Data Use and Access Bill makes extensive use of delegated legislative powers and Henry VIII powers: if the Data Bill were to be approved as it is, it would provide 87 quasi-arbitrary powers that the government and its Ministers could use to modify key aspects of UK data protection law via Statutory Instrument.
Briefing
Read ORG’s briefing on executive powers in the Data Use and Access Bill.
Download Now
The Data Bill’s delegated legislative powers are ripe for abuse:
- They lack meaningful parliamentary scrutiny: “no SI has been rejected by the House of Commons since 1979”.1
- The 3rd Report of the House of Lords Constitution Committee stated that they “are not satisfied that the case has been sufficiently made to entrust the powers in these clauses to secondary legislation.”2
- In general, Henry VIII powers do, in the words of the House of Lords, “make it harder for Parliament to scrutinise the policy aims of the bill and can raise concerns about legal certainty”.3 The same report also states that these powers should, “be recognised as constitutionally anomalous”, and their use acceptable “only where there is an exceptional justification and no other realistic way of ensuring effective governance”.
This would allow governments to change primary legislation according to the politics of the day, undermining trust in digital verification services and endangering democratic safeguards. It would also introduce significant risks for the retaining of the UK adequacy status: either these powers would never be used, and thus they don’t need be provided, or they would be used in ways that would guarantee the invalidation of the UK adequacy decision.
Digital Verification Services: mission creep and enforced state monopoly
Clauses 28 and 29 give the government the power to prepare and publish “the DVS trust framework” and “supplementary codes”, which sets out rules concerning the provision of digital verification services, Further, Clause 34 provides the power to refuse registration in the DVS register, and Clause 45 allows to mandate data sharing from public bodies to registered DVS providers.
In a previous iteration of the Bill, Clause 45 would have required Ministers to use their powers to force public bodies to disclose to a DVS provider whether a person had changed their sex. This provision has been removed from the Bill, but the arbitrary nature of this power means that Ministers couldrequire at their sole discretion disclosure of sensitive characteristics such as gender, ethnicity or health conditions. This includes data sharing mandates with the Department of Work and Pension, the Home Office or HM Revenue Service to run background checks on any kind of information or attribute held by public bodies or DVS providers.
Likewise, there is nothing in the Data Bill that would prevent Ministers from imposing burdensome, unreasonable or otherwise arbitrary requirements on DVS providers. This, for instance, could happen if the government was interested in favouring the adoption of its public digital identity system, such as One Login or GOV.UK Wallet, over private providers of DVS services.
Erosion of democratic safeguards and integrity of elections
Clause 70 introduce new legal bases for processing, known as “recognised legitimate interests”, while Clause 71 would introduce exemptions to the purpose limitation principle, known as “list of compatible purposes”.
These powers could be used to undermine the integrity of our elections. Any party in power could change the rules around how electoral data is used just months before an election takes place. Opposition parties might worry Labour (whose election database runs on Experian, the credit agency servers) might use these powers to self-preference themselves and obtain even more access to commercial data.
These powers could also be used to enable and legalise a US-style mass seizure of government data by an unconstitutional agency like DOGE. Whereas DOGE’s misappropriation of government datasets is being successfully challenged on privacy law grounds in the US, a future, “rogue” UK government would only need to lay Statutory Instruments that authorise the illegal appropriation of government data to make their misuse legal. This weakens UK data protection law’s ability to protect the public during the event of a constitutional crisis, and make it easier to by-pass Whitehall departmental decision-making processes that operate under a cabinet style of Government.
Endangering UK adequacy and relationships with the EU
Clause 74 would empower the government to designate categories of data which are not to be considered as “special categories data”, also known as sensitive data. Further, schedule 7 would empower the government to authorise transfers of personal data to third countries on a purely discretionary basis.
If these powers were to be used, at any time, to authorise personal data transfers to a country that does not enjoy adequacy status from the EU, or to restrict the definition of special category data, this would guarantee the revocation or annulment of the UK adequacy status.
These powers were also identified by the EU stakeholders as a main source of concern regarding the continuation of the UK adequacy decision, whose review is due in December 2025. The House of Lords inquiry into UK adequacy concluded that “lawful bases for data processing and the ability to designate legitimate interests by secondary legislation made by Ministers” constituted a significant concern for EU stakeholders and the continuation of the UK adequacy decision.4 Henry VIII powers were also identified by the European Parliament review of the EU-UK Trade and Cooperation Agreement as a potential barrier to the functioning of such agreement.5
Conclusion and recommendations
Henry VIII clauses introduce unacceptable risks, and are being introduced in the absence of a meaningful justification.
The government has generally argued that these powers would allow ministers to update the law and to adapt it to technological progress. This statement does not hold to scrutiny: the UK GDPR is already principle based and allows both the ICO and the Court System to adapt the interpretation of UK data protection law to a changing reality. Independent regulators and Courts are better suited than the government at doing that, since they are independent and non-partisan. Further, Henry VIII clauses allow Ministers to override Primary legislation: the stated intent of using such a wide-ranging power to merely update legal provisions is suspicious and should be rejected as an unacceptable attempt to interfere with the role of Parliament.
We recommend MPs to reject Clauses 70, 71, 74, 80, 85 and Schedule 7. Further, we recommend MPs to bring Clauses 28, 29, 34 and 45 back to the drawing board in order to introduce meaningful limits to the government discretion when regulating DVS providers.
1 The Hansard Society, Delegated legislation: the problems with the process, p.16, at: hansardsociety.org.uk/publicat…
2 House of Lords Select Committee on the Constitution, 3rd Report of Session 2024–25, Data (Use and Access) Bill [HL], p.4 paragraph 13, at: publications.parliament.uk/pa/…
3 Delegated Powers and Regulatory Reform Committee, Democracy Denied? The urgent need to rebalance power between Parliament and the Executive, at: publications.parliament.uk/pa/…
4 Lord Ricketts, Letter to Rt Hon Peter Kyle MP re: UK-EU data adequacy, at: committees.parliament.uk/publi…
5 Opinion of the Committee on Civil Liberties, Justice and Home Affairs (10.10.2023) within REPORT on the implementation of the EU-UK Trade and Cooperation Agreement, at: europarl.europa.eu/doceo/docum…
Joint letter
Henry VIII powers in Data Use and Access Bill could undermine election integrity
Find out more
Data and Democracy
Data and Democracy
Become a member
Join the movement
Joint Letter: Henry VIII powers in Data Use and Access Bill could undermine election integrity
openrightsgroup.org/app/upload…
Download
To Sir Chris Bryant MP, Minister of State at the Department for Science, Innovation and Technology
To Rt Hon Angela Rayner MP Secretary of State for Housing, Communities and Local Government and Deputy Prime Minister
As organisations and individuals concerned with health functioning of democracy, we welcomed the commitment in the Kings Speech to “strengthen the integrity of elections”. We are therefore writing to alert you to the potential for abuse of new powers in the Data Use and Access Bill to remove constraints on the way that political parties use data, and urge you to ensure amendments to prevent such abuse.
Clauses 70(4) and 71(5)1 give the Secretary of State discretion to determine and vary the conditions under which personal data can be processed. We note the 3rd Report of the House of Lords Constitution Committee stated that they “are not satisfied that the case has been sufficiently made to entrust the powers in these clauses to secondary legislation.”2
The new Henry VIII powers would allow any future government to change the rules with minimal parliamentary oversight. Such changes could be timed to advantage the governing party of the day, for example by allowing practices it was ready to deploy, while other parties were not.
They could also be passed in such a manner that there was little or no time for the ICO or Electoral Commission to issue guidance to Political Parties on any new ‘legitimate interest’ basis for a political party to process voter data for election purposes. This would undermine the integrity of elections.
The use of data by parties is very difficult to enforce. The ICO has struggled to be critical or enforce against practices except in extreme circumstances, precisely because it needs a close relationship with political parties3. Moreover, political parties have limited resources, but live in a high stakes environment; they are under pressure do whatever they can do win elections. This can lead, as Open Rights Group recently found, to poor security and to unethical profiling and data mining of voters, unethical attempts to obtain commercial data sets, as well as questionable use of online advertising techniques.4
Any future government will be under internal party pressure to loosen the rules on use of personal data, in order to further any advantage they may have. The powers in the bill give those future governments the means to do so, and to time these changes in such a way that other parties cannot respond. The Bill increases the likelihood of looser rules, undermining democratic trust, by making trivially easy for a government to rewrite them to their short term advantage.
We hope we can work with you to amend the law to ensure how parties process political data can’t be changed with a statutory instrument.
Signed by
Unlock Democracy
Fair Vote UK
Big Brother Watch
Keep Our NHS Public
Open Rights Group
Privacy International
Good Law Project
Prof Vian Bakir,
Professor of Journalism & Political Communication, Bangor University
Prof Angela Daly, Professor of Law and Technology, University of Dundee
Prof Charlotte Heath-Kelly, Professor of Politics and International Studies, University of Warwick
1 https://publications.parliament.uk/pa/bills/cbill/59-01/0179/240179.pdf
2publications.parliament.uk/pa/…publications.parliament.uk/pa/… paragraph 13
3 https://ico.org.uk/media/action-weve-taken/2259371/investigation-into-data-analytics-for-political-purposes-update.pdf
4 Moral Hazard: Voter Data Privacy and Politics in Election Canvassing Apps, (January 2025) Open Rights Group openrightsgroup.org/publicatio…
Briefing: Henry VIII powers threaten democracy and UK adequacy
Read ORG’s briefing on executive powers in the Data Use and Access Bill.
Find out more
Data and Democracy
Data and Democracy
Become a member
Join the movement
Verschlüsselte Kommunikation: Breite Ablehnung für „skandalösen“ Hintertüren-Vorschlag der Union
netzpolitik.org/2025/verschlue…
Deutsche Verwaltungscloud: Bund will Exit-Strategie für Anbieter-Abhängigkeit
netzpolitik.org/2025/deutsche-…
ORG response to Cyber Security Bill
Digital rights campaigners, Open Rights Group (ORG) have responded to the publication of the Cyber Security and Resilience Bill.
ORG’s Platform Power Programme Manager James Baker said:
“ORG welcomes legislation to protect and improve the UK’s cyber security. But a key component of any cyber security strategy has to be the promotion of strong encryption for both the state and the public.
“The UK cannot claim to be strengthening the country’s cyber defences while at the same time issuing notices to companies like Apple and demanding that they reduce the security of the services they offer.
“This Bill is also an opportunity to assess and reduce the UK’s dependence on large US corporations for vital government infrastructure. Other countries – such as France and the Netherlands – are already debating how to do this, through open source software for example. The UK is subject to the same risks so needs to assess our dependence in the same way.”
Petition: keep our apple data encrypted
Stop the Home Office from putting our security at risk by demanding a backdoor into Apple’s encrypted services
Sign the petition
Mass Surveillance
Save Encryption
Become a member
Join the movement
Open Technology Fund: US-Regierung will nun doch Projekte für Internetfreiheit finanzieren
netzpolitik.org/2025/open-tech…
