Upland Farming
Debate between Earl Howe and Lord Beith(5 years ago)
Lords ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister of State, Ministry of Defence (Earl Howe) (Con)
My Lords, I am sure we can hear from the noble Lord, Lord Cunningham, but it is the turn of the Liberal Democrats.
Lord Beith
My Lords, as several Peers have acknowledged, upland farmers make a massive contribution to the care of our hill areas. However, the character and community of those areas will depend on upland farmers being more than merely park-keepers. Does the Minister recognise that if Brexit leads to very high tariffs for lamb exports to Europe, and massive imports from new trade deals with New Zealand, it could spell the end of hill livestock farming? That is really dangerous for the hill areas.
Defence Estate
Debate between Earl Howe and Lord Beith(7 years, 5 months ago)
Lords ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Lord Beith (LD)
My Lords, will the vital monitoring of our skies against hostile incursions continue to be carried out from RAF Boulmer in Northumberland, bearing in mind that, the last time there was a proposal to move it, the proposal got short shrift from the National Audit Office?
Investigatory Powers Bill
Debate between Earl Howe and Lord BeithWednesday 2nd November 2016
(7 years, 6 months ago)
Lords ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: HL Bill 68-I Marshalled list for consideration of Commons reasons (PDF, 78KB) - (1 Nov 2016)
Earl Howe
My Lords, I repudiate it completely. The Government have been clear about the timescale of the consultation and have committed to respond in a timely manner. We are taking this matter with proper seriousness. It is important that everyone has an opportunity to take on board and reflect on the changes that have occurred in the years since Lord Justice Leveson made his recommendations. I say again to the noble Lord, Lord Paddick—
Lord Beith (LD)
Just to clarify this matter, can the Minister tell us when he was told that the Government were launching a consultation on Section 40?
Earl Howe
I was made aware of it at the beginning of the week, but I am also aware that it was in gestation long before that.
I say to the noble Lord, Lord Paddick, that there is no mandatory period for a public consultation. The Cabinet Office guidelines say that there must be a proportionate amount of time, and I think 10 weeks gives everybody time to look properly at the issues and to submit their views to government. In that light, and for all the reasons I rehearsed earlier, I respectfully ask your Lordships to allow the Bill to pass without these amendments.
Investigatory Powers Bill
Debate between Earl Howe and Lord BeithWednesday 19th October 2016
(7 years, 6 months ago)
Lords ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: HL Bill 62-III Third marshalled list for Report (PDF, 153KB) - (17 Oct 2016)
Earl Howe
My Lords, Amendment 250A would define a technical capability notice as,
“specifying the distinct service or product to which the notice applies”.
I do not believe this amendment is necessary. The safeguards that apply to the giving of a notice under the Bill already ensure that a technical capability notice cannot be of a generic nature. I will not go into detail here about the lengthy process that must be undertaken before a notice can be given; we have discussed them at length previously and we will undoubtedly review them again shortly during our discussions on encryption. But it might be helpful for me to summarise.
Before giving a notice, the Secretary of State must consult the company concerned. This process will ensure that the company is fully aware of which services the notice applies to. The decision to issue a notice must be approved by the Secretary of State and a judicial commissioner. The obligations set out in the notice must be clear so that the Secretary of State and judicial commissioner can take a view as to the necessity and proportionality of the conduct required. As I have already mentioned, we propose a similar role for the judicial commissioner when a notice is varied. The operator may raise any concerns about the requirements to be set out in the notice, including any lack of clarity regarding their scope, during the consultation process. The operator may also seek a formal review of their obligations, as provided for in Clause 233. The safeguards which apply to the giving of a notice have been strengthened during the Bill’s passage through Parliament, and will ensure that the regime provided for under the Bill will be more targeted than that under existing legislation. It is for these reasons that I consider the amendment unnecessary.
Amendment 251A seeks to narrow the category of operators to whom a technical capability notice could be given. This change would exclude operators that provide services that have a communications element but are not primarily a communication service. This amendment, which has already been discussed in the Commons, is also unnecessary and, in my view, risks dangerously limiting the capabilities of law enforcement and the security and intelligence agencies. We are aware that the manner in which criminals and terrorists communicate is diversifying, as they attempt to find new ways to evade detection. We cannot be in a situation where terrorists, paedophiles and other criminals can use technology to escape justice. As David Anderson said,
“no-go areas for law enforcement should be minimised as far as possible, whether in the physical or the digital world”.
It is important that the Government can continue to impose obligations relating to technical capabilities on a range of operators to ensure that law enforcement and the security and intelligence agencies can access, in a timely manner, communications of criminals and terrorists using less conventional services, such as those offered by gaming service providers and online marketplaces. It may be appropriate to exclude certain categories of operators from obligations under this clause, such as small businesses, but it is our intention to use secondary legislation to do so. It would not be appropriate to impose blanket exemptions on services that have a communications element but are primarily not a communication service, since to do so would make it clear to terrorists and criminals that communications over such systems could not be monitored.
For all the reasons I have set out, I hope that the noble Lord, Lord Paddick, will feel able to withdraw his amendment.
Lord Beith (LD)
Before the noble Earl sits down, I refer to a point which at least needs to be borne in mind in drafting regulations. In most circumstances, if the Government impose upon a business an obligation of some kind, and behave totally unreasonably in doing so—or the business thinks that the Government are behaving unreasonably—the matter will end up in public discussion and the company has the weapon of saying to the public at large, “The Government are asking us to do something unreasonable”. That must not happen in these circumstances because clearly secrecy must be maintained. Therefore, the company is in a weaker position than it would be in the normal exchange between government and business. I hope that Ministers will recognise that fact.
Earl Howe
With the leave of the House, I am grateful to the noble Lord for raising that point, which I think will come up in the next group of amendments when we discuss encryption because it is centre stage in that issue. He is absolutely right and I hope that I can assuage his concerns in the next debate.
Earl Howe
My Lords, I hope that the House will allow me to speak at somewhat greater length than usual in responding to these amendments. I recognise the concern that lies behind them and I also recognise that, although we debated the Bill’s provisions on encryption in Committee, there is a need to correct a number of misconceptions that have been expressed and to set out the reality of the Government’s position on encryption. I would also like to make clear what the provisions in the Bill do and, crucially, what they do not do, and to explain why these provisions are so important to our law enforcement and intelligence agencies. I hope that by, setting this out, I can reassure noble Lords that the amendments are not necessary.
As we have made clear before, the Government recognise the importance of encryption. It keeps people’s personal data and intellectual property secure and ensures safe online commerce. The Government work closely with industry and businesses to improve their cybersecurity. For example, GCHQ plays a vital information assurance role, providing advice and guidance to enable government, industry and the public to protect their IT systems and use the internet safely. Indeed, the director of GCHQ said in March that he is accountable to the Prime Minister just as much, if not more, for the state of cybersecurity in the UK as he is for intelligence collection.
In the past two years, the security and intelligence agencies have disclosed vulnerabilities in every major mobile and desktop platform, including the big names that underpin British business. You do not have to take the Government’s word for that. In September 2015, Apple publicly credited the information assurance arm of GCHQ with the detection of a vulnerability in its operating system for iPhones and iPads, which could otherwise have been exploited by criminals to disrupt devices and extract information from them. As a result, this vulnerability could be fixed.
The assertion that the Government are opposed to encryption or would legislate to undermine it is fanciful. However, the Government and Parliament also have a responsibility to ensure that our security and intelligence services and law enforcement agencies have the capabilities necessary to keep our citizens safe. Encryption is now almost ubiquitous and is the default setting for most IT products and online services. While this technology is primarily used by law-abiding citizens, it can also be used—easily and cheaply—by terrorists and other criminals. Therefore, it can only be right that we retain the ability, as currently exists in legislation, to require a telecommunications operator to remove encryption in limited circumstances, subject to strong controls and safeguards. If we do not provide for this ability, then we must simply accept that there can be areas online beyond the reach of the law where criminals can go about their business unimpeded and without the risk of detection. That would be both irresponsible and wrong.
That is our starting principle, and it is one that we share with David Anderson QC. I have quoted this before, but he stated in his investigatory powers review, A Question of Trust:
“My first principle is that no-go areas for law enforcement should be minimised as far as possible, whether in the physical or digital world”.
This principle was also shared by the Joint Committee on the draft Bill and the Science and Technology Committee, both of which recognised that, in tightly prescribed circumstances, it should remain possible for our law enforcement agencies and security and intelligence services to be able to access unencrypted communications or data. That is exactly what Clauses 229 to 234 of the Bill provide for: strong safeguards to ensure that obligations to remove encryption can be imposed only in limited circumstances and subject to rigorous controls.
Clause 229 enables the Secretary of State to give a technical capability notice to a telecommunications operator in relation to interception, communications data or equipment interference. As part of maintaining a technical capability, the Bill makes clear at Clause 229(5)(c) that the obligations that may be imposed on an operator by the Secretary of State can include the removal of encryption. Before a technical capability notice is given, the Secretary of State must specifically consider the technical feasibility and likely cost of complying with it. Clause 231(4) provides that this consideration must explicitly take account of any obligations to remove encryption.
The Secretary of State must also consult the relevant operator before a notice is given. The draft codes of practice, which were published on 4 October, make clear that should the telecommunications operator have concerns about the reasonableness, cost or technical feasibility of any requirements to be set out in the notice, which of course includes any obligations relating to the removal of encryption, it should raise these concerns during the consultation process.
We have also amended the Bill to make clear that the Secretary of State may give a technical capability notice only where he or she considers that it is necessary and proportionate to do so, and, under Clause 230, that decision must also now be approved by a judicial commissioner, placing the stringent safeguard of the double lock on to any giving of a notice to require the removal of encryption. Clause 2 of the Bill, the privacy clause, also makes explicit that, before the Secretary of State may decide to give a notice, he or she must have regard to the public interest in the integrity and security of telecommunications systems.
In addition, a telecommunications operator that is given a technical capability notice may refer any aspect of the notice, including obligations relating to the removal of encryption, back to the Secretary of State for a review. In undertaking such a review, the Secretary of State must consult the Technical Advisory Board in relation to the technical and financial requirements of the notice, as well as a judicial commissioner in relation to its proportionality. We have amended the review clauses in the Bill to strengthen these provisions further. Where the Secretary of State decides that the outcome of the review should be to vary or confirm the effect of the notice, rather than to revoke it, that decision must be approved by the Investigatory Powers Commissioner.
The Bill also makes absolutely clear that, in line with current practice, obligations imposed on telecommunications operators to remove encryption may relate only to encryption applied by or on behalf of the company on whom the obligation is being placed. That ensures that such an obligation cannot require a telecommunications operator to remove encryption applied by other companies to data transiting their network. As we have already outlined, we have also now tabled a government amendment that would further strengthen the Bill’s provisions on technical capability notices. This amendment makes clear that the Secretary of State may vary a notice only where they consider that it is necessary and proportionate to do so. The amendment also makes clear that, in circumstances where a notice is being varied in such a way that would impose new obligations on the operator, the variation must be approved by a judicial commissioner.
Furthermore, obligations imposed under a technical capability notice to remove encryption require the relevant operator to maintain the capability to remove encryption when it is subsequently served with a warrant, notice or authorisation, rather than requiring it to remove encryption per se. That means that companies will not be forced to hand over encryption keys to the Government. Such a warrant, notice or authorisation will be subject to the double lock of Secretary of State and judicial commissioner approval, and the company on whom the warrant is served will not be required to take any steps, such as the removal of encryption, if they are not reasonably practicable steps for that company to take. So a technical capability notice could not, in itself, authorise an interference with privacy. It would simply require a capability to be maintained that would allow a telecommunications operator to give effect to a warrant quickly and securely including, where applicable, the ability to remove encryption.
That is an enormously long list of safeguards. Indeed, it is difficult to think what more the Government could do. These safeguards ensure that an obligation to remove encryption under Clause 229 of the Bill will be subject to very strict controls and may be imposed only where it is necessary and proportionate, technically feasible and reasonably practicable for the relevant operator to comply. Let me be clear: the Bill’s provisions on encryption simply maintain and clarify the current legal position, and apply strengthened safeguards to those provisions. They will mean that our law enforcement and security and intelligence agencies maintain the ability to require telecommunications operators to remove encryption in very tightly defined circumstances.
I would also like to make absolutely clear what the Bill does not provide for on encryption.
Lord Beith
Could the Minister help those of us who are not deeply technical in these matters? We fear that circumstances by their nature cannot be technical and defined. In at least some cases, the consequences of serving a notice would be that the operator would have to create a significant weakness, which would apply far beyond the objective for which the notice was being served, and the operator would have to say in future to its customers, “This system is not as strong as we would like it to be”.
Earl Howe
We come back to the test of reasonable practicability here. I am about to come on to what the Bill does not provide for on encryption and I hope that this will help the noble Lord.
The Bill does not ban encryption or do anything to limit its use. The Bill will not be used to force providers to undermine their business models, to create so-called back doors or to compromise encryption keys. It will not be used to prevent new encrypted products or services from being launched and it will not undermine internet security.
Investigatory Powers Bill
Debate between Earl Howe and Lord Beith(7 years, 9 months ago)
Lords ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Earl Howe
My Lords, Amendments 159 and 160 would introduce new clauses requiring the person making an application for a warrant to make a detailed assessment of the risks of the proposed equipment interference activity to any critical national infrastructure, to the security and integrity of systems and networks, and to the privacy of those not targeted. Amendment 164 is linked to the requirement to produce risk assessments and would require the Secretary of State, when issuing warrants to the Chief of Defence Intelligence, to consider the content of these assessments when deciding whether the activity under the warrant would be proportionate. Amendment 169A would require a judicial commissioner to take into account a technical cyber risk assessment, conducted by the Investigatory Powers Commissioner, of the specific equipment interference proposed when deciding whether to approve a decision to issue a warrant.
I start by making an important general point. It seems these amendments are based on a fundamental misinterpretation of what GCHQ and others are here to do. Their role is to protect the public. That includes protecting cybersecurity. Indeed, the Government have invested very considerable resources into improving our cybersecurity efforts. Last November, the Chancellor announced the creation of a new national cyber centre led by GCHQ, with an additional £190 million of funding.
GCHQ has an excellent track record in identifying cyber vulnerabilities and making leading computer companies aware so they can improve their security. For example, in September 2015, Apple publicly credited CESG, the information assurance arm of GCHQ, with the detection of a vulnerability in its iOS operating system for iPhones and iPads, which could have been exploited to allow the unauthorised modification of software and to extract information from the devices. That vulnerability has now been patched.
I appreciate that the noble Lords’ amendments are intended to introduce safeguards, but I contend that sufficient safeguards are already contained in the Bill. Part 5 already requires the Secretary of State or law enforcement chief to consider whether the proposed conduct is necessary and proportionate before issuing a warrant. The Government have provided even more reassurance since the discussion of these same amendments in the other place. As we have frequently reflected, Clause 2 is a new provision that sets out overarching privacy duties. It includes a requirement to have regard to the public interest in the integrity and security of telecommunication systems. This requirement applies to any decision on whether to issue an equipment interference warrant.
The draft statutory code of practice also sets out, in detail, the factors that must be considered in respect of proportionality. The code states at paragraph 3.27 that one element of proportionality that should be considered is,
“explaining how and why the methods to be adopted will minimise the risk of intrusion on the subject and others”.
It goes on to state at paragraph 3.30:
“Equipment interference activity must therefore be carried out in such a way as to appropriately minimise the risk that the activities of the equipment interference agency would result in any increase of the likelihood or severity of any unauthorised intrusion into the privacy, or risk to the security, of users of equipment or systems, whether or not that equipment is subject to the activities of the equipment interference agency”.
If noble Lords will allow me one last quote, paragraph 3.31 states:
“Any application for an equipment interference warrant should contain an assessment of any risk to the security or integrity of systems or networks that the proposed activity may involve including the steps taken to appropriately minimise such risk … The issuing authority should consider any such assessment when considering whether the proposed activity is proportionate”.
Lord Beith (LD)
An innocent citizen could be the subject of training or testing equipment interference under paragraphs (d) or (e). Are these not legitimate questions to ask on behalf of such a citizen? If it is established that there was a risk, albeit a relatively small one, who will make the judgment that it is reasonable to expose the person, his equipment and his privacy to that risk?
Earl Howe
My Lords, I hope the noble Lord will accept that, in the context of training and testing, those activities are essential if we are to have fully functioning services. It should not only be current investigations that are used for training as that could jeopardise operations. Current investigations may not give the full range of testing and training opportunities to prepare staff and equipment for all necessary eventualities. I will write to the noble Lord on the precise procedures involved in authorising testing and training as I do not have the information in front of me. However, appropriate safeguards will be built into those procedures.
I come back to the point I was making about these amendments in general. I contend that they are not necessary because the Bill and the draft statutory code of practice already require that the impact on people’s privacy, including in respect of collateral intrusion and cybersecurity, is properly considered in every single case. The draft codes will, of course, also be subject to parliamentary scrutiny and agreement before they come into force. I hope that those remarks are helpful in reassuring the noble Lord and that he will withdraw his amendment.
Earl Howe
My Lords, Amendment 169AA would remove the role of the Secretary of State and law enforcement chiefs from the warrant authorisation process, in circumstances where an equipment interference warrant is sought for the purposes of acquiring the communications or private information of a Member of a relevant legislature. This proposal reflects an earlier amendment discussed by this Committee in the context of interception. As I understood her, the noble Baroness, Lady Jones, is concerned that the safeguards contained in the Bill politicise the process of authorising a warrant. I do not share that perspective at all.
As my noble and learned friend Lord Keen said when we first discussed this matter, this amendment would in fact reduce the safeguards for parliamentarians. In line with the commitment given by the previous Prime Minister last November, the Bill provides a triple lock where warrants concern a parliamentarian’s communications or private information: they must be issued by the Secretary of State; approved by the Prime Minister; and authorised by a judicial commissioner. The Bill goes even further in the context of equipment interference warrants issued to law enforcement agencies, which are issued by a law enforcement chief and must be approved by the Secretary of State, the Prime Minister and an independent judicial commissioner.
I will not rehearse the arguments for the double lock at this point, but it is important to remember, as the noble Lord, Lord Murphy, reminded us, that it was endorsed by the Joint Committee of Parliament that scrutinised the draft Bill and, following amendments made in the other place, enjoyed cross-party support. The additional safeguards provided for parliamentarians add an extra layer of checks to the process. I do not share the perception of the noble Baroness, Lady Jones, that the process introduces the risk of political bias. In fact, I find it difficult to see what possible benefit would accrue from removing one of the checks that we now propose—that regarding the Secretary of State or law enforcement chief. In view of that, I respectfully invite the noble Baroness to withdraw her amendment.
I will move on briefly to the amendment tabled by the Government. Amendment 173 is—this answers the question from the noble Baroness, Lady Hamwee—a small, technical amendment that simply corrects the omission of a definition from Clause 114. The amendment adds the appropriate definition of a “designated senior official” to the clause, informing the reader of the persons to whom the provision applies. We do not think that there is any need to revisit the relative definitions in other parts of the Bill, and the amendment does not change how the equipment interference regime operates in any way.
The noble Lord, Lord Rosser, asked about the Government’s view of the Wilson doctrine. As he will be aware, in its judgment of 14 October the IPT comprehensively rejected the claim brought by a number of parliamentarians that their communications were improperly intercepted and found that all activity was within the law. The IPT also found that MPs’ communications with their constituents and others are protected by RIPA, the statutory legal regime, and that the regime governing the interception of MPs’ communications is compliant with the European Convention on Human Rights.
In February 2015, the Government published an updated draft code of practice on the interception of communications, which explicitly recognised the importance of communications between constituents and their elected representatives. In consequence, the Bill now provides for this in statute by setting out a role for the Prime Minister in authorising warrants which target a parliamentarian. I hope that that is helpful.
Lord Beith
I have to ask the Minister to address the Wilson doctrine just to this extent. Given the statutory provision which he and I both now support, what kind of statement does he envisage would be made by a Prime Minister to the House of Commons on the lines first envisaged by Harold Wilson so long ago? How can that possibly be a relevant proceeding now that these statutory provisions will be in place?
Earl Howe
My Lords, as I understand it, the Wilson doctrine committed the then Government to returning to Parliament if there was a change of policy. Clearly, now that we are enshrining what I think by common consent is a good formula for protecting parliamentarians, the need for a Government to come back to Parliament to announce a change in policy would have to be followed up, if it were done, by further primary legislation. I cannot envisage that and simply do not foresee that contingency. Through the Bill, we are now in a stronger and clearer position on the protection of parliamentarians and their communications with constituents than we were before.
Investigatory Powers Bill
Debate between Earl Howe and Lord Beith(7 years, 9 months ago)
Lords ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Lord Beith (LD)
My Lords, the Secretary of State’s involvement in law enforcement warrants is a historical hangover from when this was the only kind of control or restraint on police applications that existed prior to this legislation. Perhaps it shows a lack of rethinking the nature of judicial authorisation, such as this Bill provides for, that her involvement—it may well be “him” in the future—should have survived when it does not seem either to have practical purpose or to add significantly to the protections that the legislation will afford against misuse or excessive use of the power.
The Minister of State, Ministry of Defence (Earl Howe) (Con)
My Lords, as the noble Lord, Lord Paddick, explained, these amendments seek to place the sole decision on whether to authorise a warrant application with a judicial commissioner. In the Government’s firm view, this would be a mistake. The noble Lord asked why there is a need for the Secretary of State’s involvement at all. Having a judicial commissioner be solely responsible for authorising warrants would remove all democratic accountability for that decision and would effectively remove parliamentary scrutiny from the process. In the scenario that a warrant was incorrectly either refused or approved, then the ability of Parliament to hold an individual to account for that particular decision would be greatly diminished.
Report of the Iraq Inquiry
Debate between Earl Howe and Lord Beith(7 years, 10 months ago)
Lords ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Earl Howe
The right reverend Prelate makes some extremely important points. It is important for us to say to our Armed Forces that the work that they did was beneficial. Saddam was a brutal dictator; he was a threat to Iraq’s neighbours and Iraq is undoubtedly a better place without him. We can see that, in its development as a country since the war, Iraq is a healthier and better place. Of course, we cannot deny that it is going through a difficult time and that the people of Iraq continue to suffer, but there are glimmers of hope: there have been free and fair parliamentary elections three times since 2003; unemployment has fallen by half; oil production has doubled; there is more freedom of speech; homosexuality is now legal; it is the only Middle Eastern country with a national action plan on women, peace and security; and a quarter of MPs in Iraq’s parliament are women. We as a nation have continued to support Iraq in every kind of way. Between 2003 and 2012, we provided more than £500 million in support, including £180 million in life-saving, humanitarian assistance. Our troops and our civilian personnel need to know that they have made a difference.
Lord Beith (LD)
My Lords, some of those involved in overseeing our intelligence community at the time know now, as has been confirmed in this report, the extent to which some of their work had weight placed upon it that it could not possibly have borne. Others found their expert contributions ignored or set aside. Is it not vital, as the Statement indicates, that we use the machinery that has been set up since the Butler committee to ensure that the intelligence community’s work is properly used and that those who work in it can have the confidence of knowing that it will not be abused?
Earl Howe
The noble Lord is, of course, correct. Much depends on the culture that exists and is encouraged, in particular within the National Security Council, but also across government departments. We should constantly question and challenge our sometimes ingrained and deeply held views about a particular situation and the way to address it. We should never dismiss, as I am afraid was done at times during the Iraq conflict, the clear advice and guidance from commanders in the field when things are not going as we would wish or expect.