Lord Paddick
Main Page: Lord Paddick (Non-affiliated - Life peer)Department Debates - View all Lord Paddick's debates with the Ministry of Defence
(8 years, 1 month ago)
Lords ChamberMy Lords, I shall also speak to Amendments 100D and 100E in my name and that of my noble friend Lady Hamwee. The effect of these amendments would be to remove the request filter from the Bill. No doubt, the name “request filter” has been chosen for its potential to be beneficial in terms of limiting intrusion into privacy, while at the same time I believe it conceals its true nature and the considerable downsides that such a thing would have. I am struggling to find a word that describes something that does not exist and which the Home Office is unable to describe except in terms of its proposed positive outcomes. When I visited both the law enforcement and security agencies in preparation for the Bill they could throw no more light on the detail of this proposal or give any reassurance as to its security. What we know is that it is something akin to a Google search engine, a system built and possibly operated by the private sector on behalf of the Home Secretary. The request filter will act as the go-between between law enforcement and security agencies and the communications providers.
We have had lots of debates in the course of the Bill on the trustworthiness of the police and the security services. Perhaps it would not be too unkind to say that the security services have come out on top, with law enforcement agencies trailing slightly. When we consider the Government’s failure to implement such measures already in legislation, such as the Privacy and Civil Liberties Board and the Leveson recommendations, one might not be too severely criticised for putting the Government a poor third in this line-up of trustworthiness. The request filter would give the Government, in the guise of the Home Office, unfettered access to communications data, including internet connection records. Of course, having unfettered access would also mean that, if security were to be breached, it would provide criminals and hostile foreign Governments with similar unfettered access to private and confidential information of every subscriber to UK communications and internet services.
At present, as noble Lords will be aware, almost every request for communications data—of course, that does not include internet connection records, because these are not part, yet, of communications data—is made by investigators to a single point of contact in their own organisation. The SPOC, as they are known, assesses the validity of the request and, if satisfied, passes it to the communications provider, which again assesses whether it is a valid claim. There is, in effect, a double lock: an independent and specially trained SPOC and an independent and specially trained person in the communications company, both of whom can block unnecessary and disproportionate requests.
As far as anyone can understand such a vague concept as the request filter, it appears that it would be linked into the communication providers’ databases and be able to search and retrieve data with no independent check. The Government may say that the people operating the request filter will be the independent check, but they will be Home Office officials or staff of a private company working on behalf of the Secretary of State. Not many of us, and certainly very few members of the public, would rest assured that their sensitive personal information was in the hands of politicians or those acting on their behalf.
My Lords, I feel that I have to begin by saying to the noble Lord, Lord Paddick, that he has got this one wrong—indeed, very wrong. I am grateful to the noble Lord, Lord Carlile, the noble Viscount, Lord Brookeborough, my noble friend Lady Harding and the noble Lord, Lord Rosser, for the contributions that they have made.
The amendments seek to remove Clauses 64, 65 and 66 from the Bill, which provide that the Secretary of State may establish, maintain and operate filtering arrangements for communications data—colloquially referred to as the “request filter”—and detail the appropriate safeguards and restrictions around its use. Throughout the passage of the Bill we have repeatedly highlighted the many misconceptions and misrepresentations around the filtering arrangements, and we have demonstrated how the provisions in fact provide an important safeguard in the acquisition of communications data. It is therefore perplexing that the noble Lord, Lord Paddick, has given notice that he remains opposed to the clauses providing for the filtering arrangements to stand part of the Bill. It may therefore be helpful if I set out again what the filtering arrangements will actually do and not do.
Public authorities currently need to receive all the communications data disclosed by communications service providers in response to specific requests. In certain circumstances this amounts to more data—sometimes much more data—than are relevant to their investigation, and they will then need to determine which specific pieces of communications data are relevant. Perhaps I could illustrate with an example. The police may need to make a complex query, such as asking multiple communications service providers for data to identify an unknown person who is suspected of having committed a crime, such as armed robbery, at three different places at different times. Currently, public authorities might approach communications service providers for location data to identify all the mobile phones used in those three locations at the relevant times to determine whether a particular phone and a particular individual is linked to the three offences. This means that the public authority may acquire a significant amount of data relating to people who are not of interest but who just happened to be in the location at the time of the robbery.
The significance of the request filter is that, when a police force makes such a request, they will see only the data that they need to. Any irrelevant data about people who are not suspects will be deleted and not made available to the public authority. That is why I maintain that the filter acts as a vital safeguard, protecting privacy by ensuring that the police see only the data they need to. These amendments would remove that important safeguard—so it is perplexing, as I say, that the noble Lord wishes to do this.
To further reassure the House, I remind noble Lords of what the Joint Scrutiny Committee on the draft Bill stated about the filtering arrangements. It stated:
“We welcome the Government’s proposal to build and operate a Request Filter to reduce the amount of potentially intrusive data that is made available to applicants”.
The Joint Committee believed that the requirement upon law enforcement to state the operational purpose of accessing data through the filter and the oversight of the Investigatory Powers Commissioner will ensure the appropriate use of the filter.
The noble Lord, Lord Paddick, said that the Bill provided for unfettered access to private and confidential information. But access is not unfettered—and nor does the Bill permit fishing expeditions, as the noble Lord, Lord Carlile, rightly emphasised. The filtering arrangements can operate only in response to a specific, necessary and proportionate authorisation for the acquisition of communications data. That request must already have gone through all the existing communications data safeguards, such as authorisation by a designated senior officer of a rank specified by Parliament, who must be independent of the investigation.
I noted with some dismay the aspersions cast by the noble Lord on the likely integrity of those individuals actually retrieving the data—including, to my surprise, the integrity of the police. I am pretty shocked by the language that he used. The noble Lord also described the filter as a “database”. A database has to contain data. The filter will not hold any communications data. Once a request has been processed by the filter, any data—that is to say, all data—will be discarded. I hope that that does clear some of the fog.
The request filter will act as an important safeguard. It will ensure that police officers and others will see only the information they really need to in those cases where it is used. Accordingly, I respectfully request that the noble Lord, Lord Paddick, withdraws his amendment.
I thank the Minister for his remarks, and other noble Lords who have contributed. I acknowledge the great experience of my noble friend Lord Carlile of Berriew both as a lawyer and as a former Independent Reviewer of Terrorism Legislation. However, it is clearly untrue for him to say that, in his judgment, excluding the request filter from the Bill would reduce the capacity of the authorities to investigate cases. The request filter does not exist at the moment, so it cannot possibly reduce the capacity. It may restrict the capacity of the agencies in the future, but it will certainly not reduce it, because the authorities do not have a request filter at the moment. The “monster” that I alluded to is nothing other than the mechanism—the request filter—that these clauses and this amendment are all about.
My noble friend described two murder cases where convictions could not have happened were it not for the sort of data that we are talking about here. Those two convictions were obtained in the absence of a request filter, because the filter does not exist. So it is clearly nonsense for my noble friend to say that excluding the request filter from the Bill was likely to have impacted on convictions that relied on something that does not even exist at the moment.
I acknowledge the experience of the noble Viscount, Lord Brookeborough, in Northern Ireland. As the Minister said, this is not a database. It is not intelligence information that is gathered and stored. It is a mechanism—a piece of kit, if you will—that reaches out into databases held by private companies, such as the internet service provider led by the noble Baroness, Lady Harding of Winscombe, retrieves data and brings it back. As the noble Earl said, it is not about a real database but a virtual or federated one. In other words, the tool will effectively act as a database rather than being an actual one. I am sorry that, in the number of times that I have used this expression—at Second Reading, in Committee and now on Report—I have not been able to get my message across about the difference between a virtual database and a real one. But I think that it is time I stopped flogging that horse.
The noble Lord, Lord Rosser, is reassured that Clause 2, the overarching privacy clause, applies to every power in the Bill. This is not a power: it is a piece of kit, a search engine. The Government have said nothing in their response to this amendment to reassure us that Clause 2 applies to this, because it is not actually a power. The Minister used the example which I spoke to, almost exactly, when I moved the amendment. To use his word, it is “perplexing” that the noble Earl did not hear my objections to that as a good example.
The unfettered access that I am talking about is not unfettered access to data by the police and the security services, and I never suggested that it was—but there will be unfettered access by those who operate the request filter because the request filter will have direct access to the databases operated by the communications providers. So I am not saying that there would be unfettered access to data by the police and security services; what I am saying is that government officials, or those acting on behalf of the Secretary of State, would have unfettered access to these databases were the request filter to come into existence. So I, too, am perplexed that the Government have not responded positively to this amendment and I wish to test the opinion of the House.
My Lords, the effect of Amendment 118A, tabled in my name and that of my noble friend Lady Hamwee, would be to remove internet connection records from any notice requiring the retention of communications data by telecommunications operators.
It is important to look back over the history of internet connection records. The initial argument put forward by the Government and law enforcement agencies was that, with so many communications now being via the internet rather than via fixed line or cellular communication, it was essential to keep a record of every attempt to access the internet by everyone in the UK in the past 12 months, so that the same data that are currently available from an itemised phone bill—the who called who from where and when—would also be available if someone used the internet to communicate instead. If that is what ICRs were, and if ICRs provided that information, we might be more relaxed about them, but the parallel with itemised phone bills is clearly false. After the Joint Committee’s scrutiny of the Bill, the Government acknowledged that they wanted more than just the itemised phone bill data. They wanted to be able to see, for example, whether a suspected terrorist had accessed a travel agent’s website or a paedophile a particular file-sharing website.
Noble Lords will be relieved to hear that I do not intend to go over every objection to internet connection records—we would be here until the early hours if I did. Let us look just at itemised phone bill data. My internet connection records will show that about 10 different apps on my mobile phone that I can use to communicate with other people, including my Facebook app, my WhatsApp and iMessenger apps—which are end-to-end encrypted messaging apps—my Facebook Messenger app and my Twitter app, are all connected to the internet all the time. There will be no ICR data that tell law enforcement agencies where I was at a particular time, whom I was communicating with or whether I was communicating with anyone at all while these apps were connected to the internet.
If I was communicating with someone, the ICR data would contain no information about when I was communicating. Even if I was a simple soul and communicated using only WhatsApp, law enforcement would not be able to go to WhatsApp and say, “On this day and at this time, he was using WhatsApp. Who was he communicating with?” That is because the app is connected to the internet all the time and they would not be able to narrow it down to a particular date and time from the ICR data. They would have to ask for all my communications data over an extended period—an enormous volume of data that WhatsApp might consider a disproportionate request, save in the most serious cases.
Knowing someone’s internet connection records is just the start of the problems facing law enforcement agencies. I have another app on my phone. It is a virtual private network app. This app allows me to traffic all my connections to the internet through one secure server. If I engage it, my internet connection records will not show anything other than connection to the VPN server. Choose a VPN service provider whose server is in a non-co-operative foreign country and law enforcement will not be able to find out what connections have been made through the VPN server.
My point is that ICRs do not give law enforcement agencies the equivalent of itemised phone bill data. The agencies would have to go to each communications platform operator, most of whom are in the United States of America, and ask them for more information. They might not be inclined to give up those data except in very serious cases. If one simply used a VPN, law enforcement would not know to which operator to go to ask for more data. Even if it did, it would have to ask for vast quantities of data that would be difficult to process—and, in any event, the overseas operator would be likely to say that the request was disproportionate and refuse to hand over the data.
Noble Lords will notice that I keep emphasising law enforcement and serious cases. In cases of serious crime, including child sexual exploitation, GCHQ can assist law enforcement agencies. In a case affecting national security, agents representing MI5 have told me, face to face, that they do not need or want internet connection records; agents representing MI6 have told me face to face that they do not need or want internet connection record; and agents representing GCHQ have told me face to face that they do not need or want internet connection records.
If we strip away criminals who will soon get wise and use VPNs, if we strip away crimes that are not considered by US operators to be serious enough to hand over the data and if we strip away crimes that are so serious that GCHQ’s help can be sought—GCHQ can secure the necessary data without the need to store ICRs—we are left with very little. For that very little gain, everyone in the UK’s web histories will be stored for 12 months at enormous cost, and with enormous potential for intrusion into privacy and enormous risk of vast quantities of sensitive personal information being hacked into by criminals and hostile foreign Governments. The only valid conclusion anyone can come to in such circumstances is that the storage for 12 months of everyone’s ICRs is both unnecessary and disproportionate.
My Lords, I am grateful to noble Lords who have contributed to this debate. Leaving his heavy sarcasm to one side, I must tell the noble Lord, Lord Harris of Haringey, that it is very easy to find out how to evade these measures. A simple Google search will tell a seven year-old all about VPNs; I am not giving away any trade secrets. He talked about terrorists and nasty people. If those nasty people are involved in serious crime or terrorism, the police and the National Crime Agency can enlist the help of GCHQ. Therefore, internet connection records will not be required.
I say to the noble Baroness, Lady Harding of Winscombe, that, yes, it is not a perfect system, but she is wrong to say that the security agencies say that it is people moving to communication via the internet that is making us less secure. Encryption is the real problem making us less secure. Why, otherwise, would GCHQ and the other security agencies say that they do not need internet connection records?
The noble Viscount, Lord Brookeborough, mentioned the vital question: is it reasonable, is it proportionate and where should the balance lie? However, as the right reverend Prelate the Bishop of Chester pointed out, there are other real questions which the noble and learned Lord failed to address about whether ICRs would in practice deliver what the law enforcement agencies want. My noble friend Lord Oates re-emphasised that this is a massive intrusion into privacy; that is why we oppose it. As he pointed out, in a child exploitation case, there is a joint operations unit between GCHQ and the National Crime Agency to deal with the issue.
Where I part company with the right reverend Prelate is on the suggestion that ICRs could be more targeted. There is nothing in the Bill to suggest that they will. On the content of websites, if someone accesses a domestic violence, gender reassignment or marriage guidance website, it is immediately apparent what they are looking into and it is a massive intrusion into privacy even if the record is only of the website they are looking at.
The noble and learned Lord has spoken to the National Crime Agency at length. I have been twice to the National Crime Agency, so I have spoken to it at length twice, and I still, as a former senior police officer, failed to be convinced.
I spent 30 years in the Metropolitan Police Service and ended up as a senior officer at Scotland Yard. If I thought that the balance here was right between invasion of privacy and the benefits that accrue to law enforcement, I would not be expressing these views.
I am a lousy politician. I cannot stand here and say things that I do not believe just because they are my party’s policy. I am opposing this because I genuinely oppose the disproportionate invasion of privacy that ICRs represent. That is why I wish to test the opinion of the House.