PARLIAMENTARY DEBATE
Investigatory Powers Bill (First sitting) - 24 March 2016 (Commons/Public Bill Committees)
Debate Detail
Chair(s) †Nadine Dorries, Albert Owen
Members† Atkins, Victoria (Louth and Horncastle) (Con)
† Buckland, Robert (Solicitor General)
† Cherry, Joanna (Edinburgh South West) (SNP)
† Davies, Byron (Gower) (Con)
† Fernandes, Suella (Fareham) (Con)
† Frazer, Lucy (South East Cambridgeshire) (Con)
† Hayes, Mr John (Minister for Security)
† Hayman, Sue (Workington) (Lab)
† Hoare, Simon (North Dorset) (Con)
Kinnock, Stephen (Aberavon) (Lab)
† Kirby, Simon (Brighton, Kemptown) (Con)
† Kyle, Peter (Hove) (Lab)
† Matheson, Christian (City of Chester) (Lab)
† Newlands, Gavin (Paisley and Renfrewshire North) (SNP)
† Starmer, Keir (Holborn and St Pancras) (Lab)
† Stephenson, Andrew (Pendle) (Con)
Stevens, Jo (Cardiff Central) (Lab)
† Warman, Matt (Boston and Skegness) (Con)
ClerksFergus Reid, Committee Clerk
† attended the Committee
Public Bill CommitteeThursday 24 March 2016
(Morning)
[Nadine Dorries in the Chair]
Investigatory Powers Bill
Today, we will first consider the programme motion on the amendment paper. We will then consider a motion to allow us to deliberate in private about our questions before the oral evidence sessions, before considering a motion to enable the reporting of written evidence for publication. I hope that we may take some of those formally, without debate. I call the Whip to move the first motion.
Ordered,
That—
(1) the Committee shall (in addition to its first meeting at 11.30 am on Thursday 24 March) meet—
(a) at 2.00 pm on Thursday 24 March;
(b) at 9.25 am and 2.00 pm on Tuesday 12 April;
(c) at 11.30 am and 2.00 pm on Thursday 14 April;
(d) at 9.25 am and 2.00 pm on Tuesday 19 April;
(e) at 11.30 am and 2.00 pm on Thursday 21 April;
(f) at 9.25 am and 2.00 pm on Tuesday 26 April;
(g) at 11.30 am and 2.00 pm on Thursday 28 April;
(h) at 9.25 am and 2.00 pm on Tuesday 3 May;
(i) at 11.30 am and 2.00 pm on Thursday 5 May;
(2) the Committee shall hear oral evidence on Thursday 24 March in accordance with the following Table:
Time | Witness |
---|---|
Until no later than 12.00 pm | David Anderson Q.C., independent reviewer of terrorism legislation |
Until no later than 12.30 pm | Don’t Spy on Us; Liberty |
Until no later than 1.00 pm | International Institute for Strategic Studies; Lord Evans of Weardale |
Until no later than 2.30 pm | NSPCC; Mr Ray McClure |
Until no later than 3.00 pm | BT |
Until no later than 3.30 pm | National Crime Agency; HM Revenue and Customs |
Until no later than 4.00 pm | National Anti-Fraud Network |
Until no later than 4.30 pm | Lord Judge, Chief Surveillance Commissioner; Interception of Communications Commissioner’s Office |
Until no later than 5.00 pm | The Rt. Hon. the Lord Reid of Cardowan; The Rt. Hon. Charles Clarke |
(3) proceedings on consideration of the Bill in Committee shall be taken in the following order: Clauses 1 to 6; Schedule 1; Clauses 7 to 10; Schedule 2; Clauses 11 to 48; Schedule 3; Clauses 49 to 61; Schedule 4; Clauses 62 to 74; Schedule 5; Clauses 75 to 96; Schedule 6; Clauses 97 to 207; Schedule 7; Clauses 208 to 212; Schedule 8; Clauses 213 to 231; Schedule 9; Clause 232; Schedule 10; Clause 233; new Clauses; new Schedules; remaining proceedings on the Bill;
(4) the proceedings shall (so far as not previously concluded) be brought to a conclusion at 5.00 pm on Thursday 5 May. —(Simon Kirby.)
Resolved,
That, at this and any subsequent meeting at which oral evidence is to be heard, the Committee shall sit in private until the witnesses are admitted.—(John Hayes.)
Resolved,
That, subject to the discretion of the Chair, any written evidence received by the Committee shall be reported to the House for publication.—(John Hayes.)
We will now move to the examination of the witnesses. We have agreed that Mr Starmer will open, but this is very informal, so anyone who wants to speak may do so at any time. Minister, you will wish to join in.
Examination of Witnesses
David Anderson gave evidence.
David Anderson: I am the independent reviewer of terrorism legislation and the author of the report “A Question of Trust”.
David Anderson: I was pleased that the Joint Committee recommended that a detailed operational case should be served in relation to each of the bulk powers. I was a little sorry that it did not also recommend a detailed operational case in relation to the police use of targeted equipment interference. I do not think I have seen the case for why that should be necessary in addition to the powers they already have under the Police Act 1997 on property interference.
In terms of the case itself, I salute GCHQ and others for being able to produce a 47-page case in circumstances that are very much about not being fully transparent about exactly how the powers are going to be used. One needs to know what the powers are, and it seems to me that, for public consumption, they have done a pretty good job that should enable Parliament to debate whether those powers are necessary or not.
I also believe, because I have seen it, although not read it, that they produced a detailed secret annex to that operational case, which was provided to the Intelligence and Security Committee. I noticed that when Dominic Grieve, the Chair of that Committee, made his speech on Second Reading of the Bill, he said that he—and I think, by implication, the Committee—was satisfied that each of the powers sought was necessary and proportionate. If the Committee has satisfied itself of that by reference to the detailed operational case, including the secret annex, that is very reassuring for all of us. If it has not, no doubt it will wish to do as the Bill completes its passage.
David Anderson: On your first question, I pointed out in my written evidence of January to the Joint Committee that, so far as I could see, there had been no detailed operational case on police use of equipment interference powers. From my point of view, I would like to see it. So far as the ISC is concerned, it is not for me to say what it should and should not do, but I am mindful not only of its duty to serve Parliament, but of the fact that when the courts, and particularly the European Courts, come to look at the bulk powers, as inevitably they will, it will be of great interest to them, one imagines, to see just how much evidence was put forward in relation to the necessity for the case and who considered that evidence.
As to whether there should be, as you put it, independent review in addition, I am not persuaded of the case for that. The ISC demonstrated its independence in the most dramatic way possible in its report of early February when it declared that it thought that there was no need for one of the bulk powers—bulk equipment interference. Now, it may be that there has been some rowing back from that position, judging again from the speech of Dominic Grieve on Second Reading, but I think that it would be very difficult to say that the ISC had not had an independent look at these issues.
David Anderson: The bulk powers, of course, are extraordinarily broad in scope, although the practical effect of that breadth is greatly limited by what happens after the line has been tapped or the device has been accessed. That is really the stage that makes it proportionate. My concern, particularly in relation to equipment interference, is that, if one looks at the so-called targeted power and, in particular, at its potential thematic use, it is quite extraordinarily broad. We are looking, I think, at clause 90 of the Bill. A so-called targeted equipment interference can be performed—devices may be subject to equipment interference if they are concerned in an operation or an investigation, or if they are in a location not defined.
The code of practice indicates that that power is very broad indeed—so broad that the ISC said:
“The so-called targeted power appears to be very broad. We are not quite sure what, in addition, you would get from the bulk power.”
I think that matters because the safeguards on the targeted power are less than the safeguards on bulk. For a start, you do not need to be aiming only at somebody outside the UK or people outside the UK. You can quite properly target it inside the UK. Secondly, you do not have the safeguard that you have with a bulk power that, if you are going to look in detail at one individual within the UK, you need a full individual warrant as well.
The commissioners have been very cautious in the past in allowing thematic powers to be too broad. One could say, “Let’s put it all on the commissioners. Let’s rely on them to make sure that the thematic power is not too broadly used.” I would feel a little more comfortable if there were more constriction in the statute.
David Anderson: I have seen the detailed warrant applications that currently go usually to the Foreign Secretary in relation to a bulk power. They currently have an extremely broad range of purposes that the bulk power is said to serve. I am sure that it is all very carefully considered by the warrant granting department at the Foreign Office and then by the Foreign Secretary. There will certainly be much stronger safeguards under the new Bill, and I welcome that.
David Anderson: I last looked in detail at internet connection records almost a year ago now, and even an operational case had not been made. There certainly had not been the dialogue with communication service providers that would have been necessary to make it work. I am afraid that I have not followed in the same technical detail as the Joint Committee on the Draft Investigatory Powers Bill and the Select Committee on Science and Technology the arguments on the extent to which they have been properly defined, the extent to which it will be feasible to produce these records or, indeed, how much it would cost. Therefore, I cannot, I am afraid, raise any alarms on that or give you any reassurance, save to say that these would appear to remain live issues.
David Anderson: Do I answer that question, Chair?
David Anderson: Internet connection records are a form of communications data. I said rather conservatively in my report that there were some forms of communications data that should be independently authorised, including novel and contentious ones. One of the respects in which the Bill did not really follow my report—I should add that in most respects it did—was in not providing for that outside the protected categories of journalists, lawyers and so on. I could well understand it if members of the Committee or others were to take the view that ICRs were of such a nature that to allow self-authorisation by the police might not be a sufficient safeguard.
Good morning, Mr Anderson. The first question that I want to ask you follows up on questions about the operational case for bulk powers. We heard on Second Reading of this Bill in the Chamber that in the United States of America, the bulk collection of citizens’ data has been heavily curbed, as it was considered to be
“not essential to preventing terrorist attacks”.
Most damningly, the American President’s privacy and civil liberties oversight board said that it was
“aware of no instance in which the”
National Security Agency’s bulk records programme had
“directly contributed to the discovery of a previously unknown terrorist plot or the disruption of a terrorist attack.”
Bearing that in mind, do you agree that a proper independent assessment of the utility and effectiveness of bulk powers would need to look at the experience of their use in other jurisdictions?
David Anderson: What you are referring to is one type of bulk power that I myself looked at the necessity for in a great deal of detail. It is difficult, of course, to read across from section 215 in the US to what we have here, which is rather different. What we have here is service providers being required to keep phone logs, details of when emails were sent and so on.
If you look at my report, “A Question of Trust”, you will see that there are several annexes there and quite a bit of text in which I set out just how useful the police find that power to be. I also found when I was in Germany, where at the time they did not have the power because Germany’s constitutional court had removed it, that the police and the internal security service were crying out for something along those lines. So, that is one aspect.
I cannot speak for the US position—different power, different circumstances—but particularly in dealing with paedophile crime, I was satisfied that this, if you like, plain vanilla element of bulk collection communications data was something for which there was an operational need.
David Anderson: I did, yes.
David Anderson: Well, we have had three detailed reports. We have had the pre-scrutiny reports, as well. Evidence was heard by some of those Committees from people from other jurisdictions. It is always nice to think one is fully informed about what goes on in the rest of the world. Incidentally, that is very difficult in this field, because very few countries have been as up front as this Bill is about exactly what powers are used and how they are used.
For example, you mentioned the US and section 215, but of course there are other bulk powers that have not been curbed in the way you suggest. There is section 702, which was given a clean bill of health by the privacy and civil liberties oversight board. There is also executive order 12333, about which very little is known, but which seems to give very intrusive and extensive powers outside the US. So I am hesitant about drawing these country comparisons, although I accept that evidence from other countries is always useful.
“certain bulk powers are predominantly those for foreign usage, rather than in relation to the United Kingdom.”—[Official Report, 15 March 2016; Vol. 607, c. 823.]
Would I be correct in understanding that most of the bulk powers proposed in the Bill could, in fact, apply to the data of UK citizens?
David Anderson: The way it works, as I understand it, is that the use of the bulk powers must be motivated by a desire to retrieve data relating to people outside the UK. Of course, there will be what fishermen call a “bycatch” of people in the UK whose data are unavoidably retrieved during that process. The safeguard for people inside the UK is that if anyone wants to look at the content of that stuff, they need an individual warrant relating to that person.
David Anderson: That is certainly true.
David Anderson: Indeed, that is true and has been the position for, we now know, some 10 or 15 years.
David Anderson: That would be incorrect, but of course neither of the two examples you gave me was about the content of people’s communications. The first was about lists and registers, and the second was about communications data.
David Anderson: I have.
David Anderson: I think he is advancing one view of what European law or international law might require. I do not think that it is the only possible view, and I would apply the same comment to the letter signed by 250 very distinguished lawyers and sent to The Guardian.
May I give you an example of the latest case in Europe to deal with these issues? In Szabó and Vissy v. Hungary, which was decided in January, the European Court of Human Rights described
“the massive monitoring of communications susceptible to containing indications of impending incidents”
as “progress” and suggested only that these powers needed proper legal safeguards, with which I think any sensible person would agree.
I think that there are two views at the moment, even within the European Courts. Where I disagree with the rapporteur and the 250 lawyers is on the suggestion that the position is now clear. It may of course become clearer, perhaps as soon as this summer when the Davis and Watson case is determined in Luxembourg, but I do not think that the case law has yet solidified.
David Anderson: There are also the Strasbourg cases of Big Brother Watch and Liberty. I do not know when those judgments will come, but there are two views, basically. One is that bulk access to content, even only by machines, is just wrong and that, however strong the operational case for it and however minimal the actual intrusion into people’s private lives, it cannot be justified. The other, more pragmatic view is that it is a question of proportionality and that one ought to look at the strength of the operational case, just as one ought to look at the degree of intrusion into privacy.
David Anderson: I do not believe that there is any statutory exclusion. Whether there is a justification for doing such a thing would depend, first, on whether the Secretary of State signed off on it and, secondly, on whether the judge was prepared to approve it.
David Anderson: Again, I do not believe that there is any statutory exclusion.
David Anderson: I am going to duck that one because bulk personal datasets were outside my remit. The use of bulk personal datasets, we now know, has been subject to annual review by the Intelligence Services Commissioner for several years. Perhaps he is the appropriate person to ask about that.
David Anderson: I think what I said was that bulk personal datasets had been looked at by the Intelligence and Security Committee and by the Intelligence Services Commissioner. I have read what they have said about that, including in closed hearings, and I said that what I was shown by the agencies was consistent with that, but I was not trying to do the same exercise that they had done of deciding whether these things were necessary or proportionate.
David Anderson: Yes, the agencies’ ability to protect us relies quite heavily on people not knowing exactly what it is they can and cannot do.
“There is clear evidence that these capabilities have…played a significant part in every major counter terrorism investigation of the last decade, including in each of the seven terrorist attack plots disrupted since November 2014...enabled over 90% of the UK’s targeted military operations during the campaign in the south of Afghanistan…been essential to identifying 95% of the cyber-attacks on people and businesses in the UK discovered by the security and intelligence agencies over the last six months”.
They have also been of great use in serious organised crime and paedophilia investigations, as we know. Are those factors that you and others have taken into account when assessing whether we need bulk powers, and how critical they are to national security and serious organised crime investigations?
David Anderson: I saw and heard enough to persuade myself of the necessity of bulk interception powers and bulk data retention of the type we were describing—phone logs and emails and so on. I did not look at equipment interference, for example, because that was outside my remit, and the query that I raised on that earlier was really the same query that the Intelligence and Security Committee has raised. If you define the targeted powers so broadly as to encompass almost anything, what is the additional utility of a bulk power? I am not persuaded on that simply because I did not do the exercise.
David Anderson: If I may say so, I thought that it was an excellent report and I was very pleased to see that the Government had given effect to the great majority of those recommendations.
David Anderson: I would certainly assume that the judges would have access to all the evidence that the Home Secretary or the Secretary of State had access to. I believe I have actually had a private assurance that that would be the case. I am afraid I have not checked to see whether that is in the code of practice, but plainly it ought to be, because this is not a rubber-stamp and nor is it simply a test of rationality or process. If it needs to, it should involve a proper look into these issues of necessity and proportionality. I was delighted to note that the Foreign Secretary said as much when he wound up the debate on Second Reading last week.
Examination of witnesses
Eric King and Sara Ogilvie gave evidence.
Welcome, and thank you for coming. Will the witnesses please introduce themselves for the record?
Eric King: I am the director of Don’t Spy On Us, a coalition of non-governmental organisations in London who are concerned about surveillance.
Sara Ogilvie: I am a policy officer at Liberty, which is a UK-based human rights organisation.
Eric King, do you have any concerns about the definitions and scope of the bulk powers in the Bill?
Eric King: It is important to understand the level of interception that takes place by our agencies and that will continue to take place under the warrants. My view is that bulk interception as it is currently practised by GCHQ is not a proportionate act and is not strictly necessary. The reason why is that, at the moment, we know from the ISC that there are just 10 warrants, which are authorised every six months, that permit the interception of 50 billion pieces of communication every single day. As a lawyer looking at that, I struggle to be imaginative enough to understand how you could craft a warrant that would appropriately assess the proportionality equation at that moment, given the scope of what is taking place.
The reality of how our signals intelligence agencies work is that, once those 50 billion communications are intercepted, the vast majority of GCHQ’s expertise is in automatically processing that and analysing it into what it calls query-focused datasets. We do not necessarily need to understand all that, but it suffices to know that GCHQ touches it in such a way that it results in significant intrusion on those communications.
Eric King: There is considerably more to it than that. The intermediary stage—the point at which you have collected the material—is really just the first assessment. From that point, GCHQ’s computers begin processing the material and providing analytics on it—for example, voice transcription or keyword analysis, or they might be doing facial recognition on certain imagery.
There is one programme that we know about called Optic Nerve that resulted in GCHQ intercepting 50 million pieces of webcam traffic, which included 3% to 11% of material that was undesirable nudity. Once that was collected, GCHQ deployed facial recognition on it. There is no warrantry stage at that point. It has already been collected under those 10 warrants. All the processing is done without any authorisation. It is only at that final bit that you highlighted, when an analyst may wish to look at it, that we have an additional safeguard.
Eric King: My starting point is that there needs to be formidable intrusive powers for our agencies to operate, but they must be targeted. When you are targeting it can be difficult and you can have some additional collateral around the targets you are seeking to obtain communications about, but it has to be proportionate collateral. At the moment, I just do not see how we can put our hands on our hearts and say that we are doing that properly.
I think there are a number of different models we could be looking at. In the US they have judicial authorisation of selectors that are put in place, all of which focuses on warrants being targeted at individuals, rather than on infrastructure or cables, which I think is not proportionate.
Eric King: That is exactly right. We know that GCHQ has 50 billion targeting identifiers—these are the selectors. A simple one would be an email address or a phone number; a more complicated one might be an email signature or something like that. That is the reality of how the systems are genuinely processed, and those are the sort of places our law should be constructed around. It should be constructed around the technical and operational reality of how our agencies work, to ensure that our law is constraining how our agencies operate, rather than the technical ingenuity of the engineers at that point.
Eric King: Absolutely. GCHQ analysts do not wish to look at most material themselves. The main reason for that is that it is time consuming. If you can programme a computer to do the heavy lifting, to do the intrusion, the processing and the analysis, that is to their advantage, and that is where they have put that. The problem with that is that our legal framework does not recognise that shift in massive computing power intruding on those communications in a very sophisticated way.
Sara Ogilvie: The problem with internet connection records, from what we have seen, is that they do both more than they are supposed to and less than they are supposed to.
In terms of doing more, it is clear that they will create a database of the internet connections that take place day in, day out of every person across the country. That is a terrifying amount of information to store either in one place or across a number of different databases. It creates a clear impression of what you are doing, with whom you are communicating, what issues you have in your life. That can involve some very confidential and private information. I have real concerns about that.
In terms of doing less, I am not as technologically minded as Eric but it has been made clear to me that what these powers are supposed to do is deliver certain information that can be used by law enforcement or the security services, perhaps to deal with paedophiles and undercover unlawful internet site usages. It seems clear that, given the bulk nature of these powers, they will not deliver that kind of information in a helpful manner. If anything, it seems more likely to drive criminals to use bits of the internet that will not be captured by the service. On the one hand, we have clear evidence of the things that law-abiding citizens are doing, but on the other hand, we do not have evidence on what criminals are likely to be doing.
Eric King: No. There will be warrants at the collection stage but at the moment it is simply 10. Those 10 warrants that are authorised every six months permit the agencies to intercept at an extraordinarily large scale: 50 billion connections every single day, and growing. We know that, in the past five years, that has increased by 7,000%. I say that those 10 warrants do not appropriately assess the proportionality requirements, and I do not think they are necessary in the current climate.
Eric King: That is right. It is internal authorisation by the agencies. We have no visibility on that. There has been no published material about that. In various court cases, disclosure has been sought better to understand those points, but we have not got it. The best I can gather, the internal authorisations inside GCHQ are at a very low level, mostly analyst by analyst even rather than going up to senior directors inside the agency.
Eric King: No, not at all. Our model is the same as it was 15 years ago. It is a very simplistic model that applies interception at one stage and then, when a human looks at it, an additional safeguard. However, that does not match the reality and, as a result, our warrantry, in my view, does not allow you to assess proportionality and necessity to an adequate level.
Eric King: In the Bill and previous practice, there was a lot of focus on the fact that this would be foreign-focused—that the goal is to collect material outside the United Kingdom. The practical reality is that you cannot do that any more. All our communications slush around through the exact same undersea fibre optic cables as foreigners’. In terms of GCHQ’s collection programme, we do not know the exact percentage. I would encourage the Committee to try and seek out how many British communications are collected into this, but there is no way for them to distinguish between them at this point. When there is a foreign-focused power, at least for interception, the reality is that it is a massive amount of British communications. Your communications are not exempt from that and neither are mine, no matter quite what we might try.
Sara Ogilvie: The Intelligence and Security Committee report found that there were a number of failings that may or may not have led to the murder, but basically, the two suspects had both been known to the security services at various points. It had been decided not to treat them as priorities. When that decision was later changed and a warrant was sought to place one of the individuals under surveillance, delays meant that that warrant was not granted in enough time for that individual to be under surveillance at the appropriate moment. Those are absolutely not the powers in this Bill, or the use of powers in this Bill, that we have any exception with at all. That seems to us to be absolutely the right way to use powers. It was not a lack of information or a lack of target in this case; it was the fact that there was perhaps too much information to be used.
Eric King: Pardon?
Eric King: No.
Eric King: The police definitely have capability gaps at the moment, particularly around the resolution of IP addresses. I think that is really what the statement goes to: when they obtain these IP addresses, they are seeking to resolve them. There are lots of different ways you can do that, however, and I am not convinced that ICRs are the answer to that problem. This was not a proposal by the police for ICRs; it was a Home Office answer to the problem. Last year, we had the Counter-Terrorism and Security Act 2015 that put in place new powers for IP resolution—they have not yet been put into use. My starting point would be that we should use them. They should be deployed. We should see how well they work and from there look at what the other options are. It seems to me that that important issue does need to be addressed and has been addressed, but we have not given it time to see whether or not it works.
Eric King: Respectfully, as you acknowledge, there are different ways to solve a problem. Casting a very wide net is not always the right thing to do. IP resolution is certainly a very narrow technical issue that you need to resolve. Collecting all sorts of additional information in additional areas would not help resolve that narrow issue. I think you have to look at it on a case-by-case basis.
That is part of the reason why we need to scrutinise properly the operational cases for the variety of these powers, to understand which bits of them they help solve and which bits they do not. Certainly, intrusive powers need to be available to our law enforcement and agencies, but we need to understand which bits work and which bits do not.
Sara Ogilvie: No. This is one of the areas where there has been a lot of discussion and to-ing and fro-ing. If the Home Secretary wishes to satisfy our concerns, those are the kinds of provision that should be dealt with on the face of the legislation. It seems to us that judicial review remains an inherently limited jurisdiction. That is quite a legal term to say that there are only so many things that it can do. We think that a much broader power needs to be granted to the judicial commissioners in order to satisfy public concerns that the powers be used appropriately and to match human rights standards. This is an area on which the Home Secretary has sought to give lots of reassurance, in which case I think it would be best if she put that reassurance in legislation.
Sara Ogilvie: I respect and agree with the fact that an extent of necessity and proportionality analysis will be done, but there is still very limited capacity for judges and judicial commissioners to undertake this exercise. We have seen, and judicial review case law tells us, what level of scrutiny can be applied to different kinds of decision, and we know that where a decision does not involve a restriction on the physical liberty of an individual, a lesser scale of judicial review scrutiny will be applied.
We also know that where cases involve national security, judges must apply a lesser level of review. Although I recognise that there is a difference of views, I think it needs to be much clearer in the legislation. Judicial review should be avoided as a standard in this circumstance.
Eric King: It is an interesting idea, isn’t it, that the more widespread the intrusion, the less potentially bad it is. That is not a view that I can understand myself, particularly now. Computer analytics of such material is going to increase. It is going to get better and faster. The more data being collected, the more intrusion will be applied year on year as GCHQ engineers find cheaper, better and faster ways to process it. Perhaps five years ago, swamping agencies with material might have resulted in people passing through, but every day, that becomes less likely and less real.
We have seen in the last five years a 7,000% increase inside GCHQ of the analytical capability on material. That means that 7,000% more material is being touched, analysed and scrutinised by those agencies. Perhaps it was an idea that could be comprehended 20 years ago, when it involved physical piles of paper that no one ever looked at, but now it is all being automated, and I am not sure that the notion stands up today.
Sara Ogilvie: I clearly agree with what Eric has said. The only thing I would add is that I ask you to consider the fact that we are not just concerned about the state having this information. All this information that is stored somewhere can be accessed by other individuals for nefarious purposes. We have seen the TalkTalk hacks this year. We have seen the VTech hacks. There are real and legitimate concerns about the way this vast amount of personal information can be used, not just by the state but by other people who really do wish to do us harm.
Eric King: No. At the moment we have almost no visibility on how our security and intelligence agencies work on a day-to-day basis with our National Crime Agency. We know that they co-operate very regularly and we know there is a lot of material that is shared around, particularly for organised crime circumstances. I imagine that lots of the relevant material is passed to the NCA and others, and that will lead to arrests and occasionally presumably also unlawful arrests. But no, that is not material that is in the public domain.
Eric King: I don’t work for the security services.
Eric King: None.
Eric King: None.
Eric King: Yes. In my evidence that I wrote to the Joint Committee I set out my frustration at my inability to be able to probe at the heart of the issues on this. We are in a much stronger position now democratically, I believe, with so much more material that is available. That has led to court cases and the Investigatory Powers Tribunal that has found unlawful actions by GCHQ. Without that material being published, we would not have been successful in those cases. I wish there were more but I do not have it all, I am afraid.
Eric King: None. I do not think that any lives should be sacrificed for a pure view of privacy. We need both; we need security and privacy. Both are values that we hold in this society and are values that we should be ensuring that we get right in the Bill. That is why it is so important that we have long scrutiny on this because we should not simply provide an unlimited set of powers to our security and intelligence agencies. They must have some, and they must be formidable powers, but they need to be checked.
They need to be provided for by Parliament. We need to have proper authorisation and oversight for that. That has been my work for the past five years. So, no, while I do not hold a security clearance, it does allow me to come before you and talk about all the things that I do know. Regrettably, if I did hold a security clearance, I would not be able to be in that position.
Eric King: No. It is certainly true that the more you see about some aspects of agency practice, you do get more reassured. Certainly, in the process of Investigatory Powers Tribunal cases that have taken place, I was pleased that there were areas that had safeguards when I did not originally think there were.
I have also been fantastically disappointed in other areas, where I thought there should have been very obvious safeguards, such as areas of legal professional privilege that were found wanting and unlawful by the IPT. I am afraid I have become a terrible judge on which bits I think the agencies have got right and which bits they have got wrong. I seem to be very poorly predicting it. On the operational case, I think the issue here is that we need a whole range of experts outside the ISC to be looking at this. I am not sure that it is the perfectly placed organisation or body to be looking at this. It has known about these powers and approved of them right the way through. I think that at this time, now that they are being put before Parliament plainly for the very first time, we should be looking to do what they have done in the US, which is to have an independent scrutiny of many of those cases, so that you can test them.
It is not enough simply to provide a list of cases where this worked. They need to be really looked at, because, as we found in the US, some powers that many thought would work, like the bulk acquisition of communications data, turned out not to be terribly effective. The 64 cases that the agencies in the US put forward, to say that these were powers that were needed, turned out to be false. Only one was of relevance, and it was not a terrorism case. So it is vitally important that we scrutinise them and have the time to do so.
Sara Ogilvie: Absolutely.
Sara Ogilvie: I have.
Sara Ogilvie: You will have to tell me what it says.
Sara Ogilvie: I am not sure that—
Sara Ogilvie: Those were not evidence for ICRs, as far as I am aware. I think that is to do with different communications data.
Sara Ogilvie: Communications data are quite different from internet connection records. A significant amount of the powers that we have in the current Bill are ones that are replicating powers in RIPA, and I think the comms data ones you talk about are those. Internet connection records are actually something quite new, and something that David Anderson—
Sara Ogilvie: I agree that there are powers that are absolutely necessary and helpful. I do not think that there is a direct comparator between old and new powers in this case. I completely agree that the security services and law enforcement need targeted powers to gather communications data, so maybe they can use those to target particular websites where we know that paedophile information is provided. They can be used to target suspected criminals. That is all completely adequate use of powers; but what we have is this broad power in the Bill that targets absolutely everyone and is not focused on those individuals, and that is what I have the problem with.
Eric King: Yes. The Bill’s structure—some of the core powers there—you do not disagree with. The question is often about the scale of the powers—how they are used and the safeguards that are put in place around them. To my mind, the mass collection of material in a generalised form for analysis is not a proportionate activity, and I think this is something that particularly the European Court are confirming. I heard David Anderson say that there was a split view on that. It will be important to hear the judgments later this year, but they have to have very strong powers; but it is how they are used, and the scale of them, and the targets of them, which are so vital to get right. I am afraid that for me this is the bit in the Bill that is not in the right place at the moment, I suppose.
Eric King: They would not—
Eric King: I do not know what criminals and terrorists would think about this Bill.
Examination of witnesses
Nigel Inkster and Lord Evans gave evidence.
Nigel Inkster: Good afternoon. I am the director for future conflict and cyber-security at the International Institute for Strategic Studies. I retired from the Secret Intelligence Service at the end of 2006 as the assistant chief and director of operations.
Lord Evans: I am a former director general of the Security Service, MI5, between 2007 and 2013. I was also a member of the Royal United Services Institute independent panel on surveillance. By way of context, I have not had as much time to prepare as I might have done as a result of the fact that I was formally invited to attend only yesterday. I apologise if there are any gaps in my knowledge.
Lord Evans: This is not a real example, but it might exemplify how one might use the power, certainly from a counter-terrorism point of view and from MI5’s point of view. If you look at the current situation, we are obviously very concerned about what has happened in Belgium and we are very concerned that there might be other IS active units in the UK. We do not want any of them to attack here, but we may not know who they are. In a sense, we are therefore trying to find individuals who might be members of IS and who might threaten us, but we do not necessarily have much information about who they are in specific terms.
For instance, although this is not a real example, using bulk access you might say, “Let’s have a look at all individuals from the UK who are known to have travelled into or out of the middle east and the area around Syria over the past six months. Let’s look at everybody who has a mobile telephone and has been in Syria or northern Iraq, and it’s pinged so we know that there is a telephone in that area.” We might say, “Let’s look for data on individuals who have been in Molenbeek,” because it looks as though quite a lot of the problems have emerged from that particular part of Brussels.
Put all those elements of data together and you will end up with perhaps a few dozen, some scores or one or two hundred individuals or, at least, telephones or something that might be relevant. You might then say, “Let’s take all those phones and see which of those telephones has been in first or second-order contact with known extremists.” Either they have been in touch directly with someone known to be a violent extremist, or they have been in touch with somebody who in turn is in touch with violent extremists. That might refine it down from 150 to half a dozen. Then you might start to think, “Actually, there’s quite a high likelihood, although one cannot be certain, that these half a dozen might be people of security interest in their own right.”
At that point, having gone through those various layers of putting different sorts of data together, comparing, contrasting and seeing what comes out, you might say, “Perhaps for those half a dozen, some more targeted form of surveillance is justified, so we can see who they are.” Once you have done that, if you get the appropriate authorisations, you might then find that some of them are self-evidently not, because they are BBC journalists who have been following the story or similar, so you can put them aside. But you might find that you have one or two who look as though they might be IS activists who have been in touch with the relevant people, so you put some resource into establishing what they are doing and who they are associating with.
That sort of process is very much the way in which MI5 has used these sorts of capability over the last 10 years or so, and it has been an absolutely central part of how we have identified individuals who have been involved in terrorist planning. That is then fed through into more intensive investigations, enabling us with the police to prevent attacks from taking place.
Lord Evans: Correct.
Lord Evans: I cannot think that there is that sort of general analysis. You could imagine starting from lots and lots of data and trying to work your way through a general process to identifying unknown terrorists. That is something that books and so on have talked about, and we have looked at it, but in general, in a non-specific sense, trying to identify patterns that in themselves indicate that somebody is a national security threat is very difficult, because you will have so many false positives. It tends to be used to answer specific operational questions rather than a wholesale review of data ab initio, because if you do that, the chances of finding somebody that you are really concerned about are very low.
In terms of operational reality, the problem for MI5—it certainly was during my time as director general, and I suspect it is still the case—is not finding people with no known connections who have ill intentions; it is finding out more about people who are already associated in some way with violent extremism. It tends to be in support of particular operational requirements and particular investigations, rather than a much more generalised process.
Nigel Inkster: I will do my best to assist the Committee, but I should emphasise that I do not have a signals intelligence background and we are talking about capabilities that were in their infancy when I was still part of the intelligence community, so I am looking at this more from an academic perspective and with no privileged access—I no longer have any security clearances.
The issue is that the technologies are evolving so fast and in so many different directions that it can be very difficult to start from a clear perspective of what represents a proportional approach in certain cases. It seems to me that, in this particular set of circumstances, we have to make some allowance for a degree of trial and error—to see whether certain things actually deliver the kind of outcomes that were hoped for, but to be ready to cease using them and move elsewhere if they do not deliver the sort of results that would justify the kind of level of intrusion that we are talking about.
It is very context-specific. For example, if you are looking to try to thwart the attempts by a particular regime to illicitly acquire nuclear weapons capability, your target set defines itself relatively more easily than in certain other cases—transnational terrorism would be one of those where it is much more difficult.
Lord Evans: It is not impossible that they could be of value in an intelligence sense, but I think the principal driver for using them or for obtaining them is for evidential purposes, and that is made clear publicly. It is principally a law enforcement and evidential issue to inform cases coming before the courts more often than it is an intelligence issue. You could construct a scenario in which it might be of value, but the purpose of putting them in the Bill, as I understand it, is law enforcement and providing criminal evidence.
Lord Evans: The Lee Rigby murder took place after my time as director general—not that there is any connection between those two—so I am not very close to the actual facts. In general, one of the critical decisions—certainly for MI5, but it applies by logic to other people on counter-terrorism—is what you do not do. We have more leads which might connect to possible terrorist attack or to violent extremism than we can thoroughly investigate at any one time, so the service has created a quite rigorous triage process that ranks the seriousness of the available information, which is updated on a regular basis, and that drives therefore the allocation of resources.
The difficulty here is self-evident: obviously, sometimes you are working on the basis of fragmentary intelligence or unclear intelligence, so you have to make the judgment as to whether you put resources in to pursuing that or whether you put the resources in to something else. The fact is that sometimes you make a judgment on the available best evidence and then find out later that, actually, the situation was more serious than was apparent. That appears to have been the case with Lee Rigby.
Exactly the same issue came out after the 7 July bombings in London. Mohammad Sidique Khan had appeared in the context of Security Service investigations and police investigations a couple of years before. At that stage, he was assessed to be not a very serious threat and therefore he was put aside so that we could come back to him later while we did other things that were more immediately pressing, but in the interim his activities developed.
It is a problem. The question of course is: how do you get around that problem? The first thing is to use the best quality information available. The second is that the more resources you have, the more yesses you can give as to whether we investigate any one individual, but then you get into a judgment about how many people we think it is proportionate and necessary to investigate. If you doubled the resources of the Security Service again, there would still be cases where you might say, “We don’t have the resources to pursue that.” You ultimately get into a political judgment as to how much resource you want put into this and how much intrusion you have into the activities of people who might not be quite as threatening as others. That is a judgment that has to be made.
Lord Evans: There is no doubt that to some extent intelligence activity in counter-terrorism is scalable. What has happened since 9/11 is that the resources available to the Security Service and the other agencies have increased very considerably under both Governments—or all three Governments, if you want to put it in those terms. We have therefore probably got within the Security Service three or four times as much resource as we had previously.
There has been a very considerable uplift, but it is not just a question of people. Importantly, it is also a question of powers. Your capability to cover and monitor threats is not very often, although it sometimes is, a matter of boots on the ground; it is a matter of the overall toolbox available. One of the attractions of digital intelligence and the sort of powers that are outlined in the Bill is that it enables considerable coverage of threats without having to deploy lots and lots of people following people around and so on, which in some ways would be more intrusive.
Nigel Inkster: In the United Kingdom, we like to maintain the position that intelligence and security work is a high-status profession. We look for quality people who might otherwise go into areas such as the law, merchant banking and that sort of thing. That is the level that we are pitching for, and that is not always the case around the world. In that regard, the United Kingdom distinguishes itself in the right way, in my view. We have very well educated and well motivated people. In my service, for example, we had people joining us in the wake of 9/11 who had taken very significant salary cuts and left high-paid jobs in the City to come and do this work precisely because they were motivated by and committed for what we regarded as the right reasons.
During my time in SIS, I was responsible inter alia for compliance with all the different oversight mechanisms to which we were subject. I had extremely long conversations with the various commissioners responsible for overseeing those activities. In all cases, their judgment was that the people we employed were highly motivated, took their responsibilities seriously and understood the powers that they had, the need to act lawfully and the need to use those powers in a wise, measured and proportionate manner. I think we are very fortunate as a country.
Lord Evans: I would agree with that. I think we have employed people who are intellectually able, are motivated by public service and are ethically sensitive. It might be useful to the Committee to invite the Clerk to find comments made by Lord Brown of Eaton-under-Heywood, a former Supreme Court judge and former intelligence commissioner, when the 2015 Counter-Terrorism and Security Bill was being discussed in the House of Lords. He gave a very, very strong endorsement of his experience of the quality and integrity of the members of the intelligence services that he had seen. If you want an independent voice, rather than a voice from inside the agencies, that might be worth finding.
Lord Evans: It is inevitably the case that you cannot ensure that everybody in the service is brilliant and saintly, because it’s human nature. As a result, we maintain a strong, continuing vetting procedure. Your vetting is reviewed on a regular basis and it is built into the way we do our appraisal to raise security-related issues. Also, particularly in the management of access to sensitive information, there are arrangements to ensure independent oversight of what is being done on the systems that the service has in place. In the same way that, if you were running a trading system in a bank or something, you would monitor the activities of the traders to try to identify improper activity, something similar is applied to the systems operating within the intelligence services. We rely on good recruitment and on continuing security vetting, but we also have some wired-in ways of trying to identify misuse of official resources for personal use or whatever.
Lord Evans: I served under four Home Secretaries from both the Labour party and the Conservative party. I saw the Home Secretary without fail once a week, and quite often twice a week. All of them took a great interest in the work that the service was doing and its operations, and were regularly briefed. From that point of view, I think we were given very good airtime. In addition to that, there is the question of the time to look at warrants. They were not presented by the director general but were processed and nominally presented by the Home Secretary’s officials, so on top of that there was a lot of time spent by Home Secretaries on warrants. I can say, without going into great detail, that they did not all go through with a tick. Occasionally, warrants would come back and they would say, “Actually, the Home Secretary doesn’t want to sign this.”
Nigel Inkster: Yes. Obviously, our service’s interaction was more with the Foreign Secretary, but our experience is comparable. I cannot think of a single case of a Foreign Secretary who did not take a serious and sustained interest in this area of work. I cannot think of a Foreign Secretary who did not take a serious and sustained interest in the kind of warrants and submissions that they were asked to approve. My experience, like Jonathan’s, is that these did not go through on the nod. There was lot of self-policing in the system, because we knew that a weak case would not stand. There was no point in putting it forward, because its fate would be clear, so one did not do that. The only other thing I would add is that my experience has been that, without fail, the senior politicians involved in this business owned the decisions that they took, stood by them and did not, as they well could have done in many cases, try to fend them off on to somebody else.
Lord Evans: Broadly speaking, all the Home Secretaries took a similar view on this. I have never come across a Home Secretary who was pro-terrorism, obviously. I suppose, in practice, what happened early on in the time of a Home Secretary being in post was that you tended to get more questions, which is entirely as you would expect. If a new Home Secretary came in, quite often they would say, “I don’t understand that. Bring me somebody to explain it.” So they are doing their job. Of course, that is an iterative process because if you understand that a Home Secretary has particular concerns about area x, you will put a little bit more effort into explaining it and making the case. You would tailor it to some extent to the particular concerns of any particular Home Secretary, but the overall threshold employed was roughly the same.
I would say one other thing. I do not want to name names for this purpose but I can remember at least on one occasion briefing a new Home Secretary on something we were doing that was really quite intrusive, although it was lawful. I said, “I need to tell you about this.” Their initial reaction was, “That’s fine,” and I said, “No it isn’t. You need to think about this. You cannot just say ‘This is fine.’ You need to be aware that this is potentially quite audacious. May I suggest that you look at this in a little more detail rather than go with something off the top of your head?” We did try to ensure that Ministers really were internalising this. We were not just trying to get it past them without them thinking about it, not least because if something then comes up, you do not want to be in a position where the Home Secretary says, “You never told me this could get me into trouble.”
Lord Evans: It is essentially about that. The purpose of the whole machinery is to put the surveillance on people who are actually a direct threat to our national security. You do not want anybody else in the system. You need to get everybody else out of the way as early as possible; otherwise you will get distracted by things that are a waste of resources. That puts you in a very vulnerable position, of course, because something will go wrong. Yes, you are quite right that we are trying to clear away all the things that are not relevant so that you can focus down on to what is relevant.
Lord Evans: I am not a siginter so I would find that slightly difficult to know. The fact that we have a multiplicity of devices that any individual will be operating on at any one time means that selecting out those that are really significant becomes a more and more important process. That is certainly the case and I suspect that is part of that bulk process. Because these are overseas powers, this is fundamentally a sigint issue. Therefore I do not feel fully able to answer your question.
Lord Evans: Our internal processes when we were going down this path did take these issues into consideration. As you say, health records are extremely sensitive, so you would need an extraordinarily high level of justification. If you wanted to externalise that into the process—I have not talked to anybody about this so this is my feeling on it—then as long as you are really talking about very, very intrusive datasets, I would not have thought that having an additional safeguard would be a showstopper.
Lord Evans: I would not have thought it was a showstopper. You are going to hit definitional issues. It is a bit like journalists and politicians kind of stuff.
Adjourned till this day at Two o’clock.
Contains Parliamentary information licensed under the Open Parliament Licence v3.0.