Investigatory Powers Bill Debate

Full Debate: Read Full Debate
Department: Ministry of Defence

Investigatory Powers Bill

Lord Strasburger Excerpts
Tuesday 19th July 2016

(8 years, 5 months ago)

Lords Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
Lord Lucas Portrait Lord Lucas
- Hansard - - - Excerpts

My Lords, I have Amendments 141 and 143 in this group. I very much share the concern of the noble Lord, Lord Paddick, about the request filter. It is an exceptionally powerful system because it will make life so easy. A casual request for data on someone who might possibly be of interest can be done in a moment—you do not have to think about it—rather than tying up resources to such an extent that you probably do not do it.

We are all familiar with the fact that those in the police service are human; doubtless, the people who run this resource will be human. The potential for casual misuse or misuse suborned by journalists will be considerable. On top of that is potential misuse by government. Given that at the moment we do not have an effective Opposition and I suspect that the Bill will effectively pass on the nod, I very much hope that my noble friend will reassure us that not only will there be exact and complete record-keeping for the filter but that those records will be independently inspected, that the results of those inspections will be publicly available and that people who find themselves tied up in nastiness as a result of information which may well have come from the filter will be able to find out whether that has happened.

Lord Strasburger Portrait Lord Strasburger (LD)
- Hansard - -

My Lords, I shall speak briefly on the amendments on the request filter. Along with internet connection records, the request filter is another power that first appeared in the draft Communications Data Bill and which died along with that ill-fated Bill. The view of the pre-legislative Joint Committee on that Bill, on which I sat, was that,

“the Request Filter introduces new risks, most obviously the temptation to go on ‘fishing expeditions’. New safeguards should be introduced to minimise these risks”.

The request filter was described as,

“essentially a federated database of all UK citizens’ communications data”.

I dare say that the committee would be even more worried when it said that in 2012 if it had seen how this Bill expanded the range of data to which the request filter can be applied. That expansion comes from the proposed introduction of internet connection records, which would reveal every detail of a person’s digital life and a very large part of their life in the real world. The effect of the request filter will be to multiply up the effect of intrusion into those data by allowing public authorities to make complex automated searches across the retained data from all telecoms operators. This has the potential for population profiling and composite fishing trips. It is bulk surveillance without the bulk label.

Use of the request filter would be self-authorised by the public authority without any judicial authorisation at all. The concept that the Government promote for bulk data is that they are passive retained records, which they say sit there unexamined until someone comes to the attention of the authorities. That concept is negated by the request filter. The data become an actively checked resource and are no longer passive. Will the Minister confirm that the request filter is not yet in existence and is not yet being used?

The request filter is a bulk power masquerading as an innocuous safeguard to reduce collateral intrusion. Unless and until the Government come forward with proposals to strictly limit use of the request filter through tighter rules and judicial approval for warrants, as is the case with other bulk powers, Clauses 63, 64 and 65 should not stand part of the Bill.

Baroness Hayter of Kentish Town Portrait Baroness Hayter of Kentish Town
- Hansard - - - Excerpts

My Lords, I shall use the opportunity that arises from Amendments 140 and 146A to ask the Minister to clarify whether it really is the case that Clause 2 does not automatically affect every power in the Bill. If this was the case, we would be sympathetic to these amendments, as the privacy objective should be considered before any of the powers are used. My understanding was that Clause 2 was a general provision, which affected everything. Indeed, the letter of the noble Earl, Lord Howe, of 14 July to my noble friend Lord Rosser says, “The new overarching privacy clause sets out the privacy obligations which constrain the use of the powers in the Bill”. Our understanding had been that it covered the whole Bill, so I was slightly bemused by Amendments 140 and 146A—not helped by a briefing received, again very late last night, from the Equality and Human Rights Commission, which only ever sends out its briefings on the very eve of debate. That briefing says that Clause 2 does not cover it all, whereas my understanding was that it did. Perhaps this is the opportunity for one of the Ministers to make clear the situation.

--- Later in debate ---
Moved by
147A: After Clause 72, insert the following new Clause—
“Authorisation to obtain data from an internet connection record
An authorisation to obtain data from an internet connection record is not to have effect until such time (if any) as a Judicial Commissioner has approved it.”
Lord Strasburger Portrait Lord Strasburger
- Hansard - -

My Lords, I rise to speak to Amendment 147A in my name and that of my noble friend Lord Paddick. My noble friend also has Amendment 156A in this group and he will speak to that amendment; I may have something to add on it after he has spoken.

Amendment 147A requires a judicial commissioner to authorise requests to obtain data from internet connection records. As it happens, this is a very hot topic because only this morning an Advocate-General of the European Court of Justice issued his opinion in the case brought by Tom Watson and, before his appointment to the Cabinet, David Davis. Of course this is not the final judgment of the court, but it is usual for it to confirm an Advocate-General’s opinion. This case concerns the Data Retention and Investigatory Powers Act 2014, one of the Acts that this Investigatory Powers Bill seeks to replace.

In particular, the ruling addresses the legality and the safeguards around the speculative retention of communications data. As such, it is of direct relevance to the provisions in this Bill regarding the retention of communications data and the retention of internet connection records. So I have discarded most of my speech and instead I will let the Advocate-General’s words speak for Amendment 147A on my behalf. At paragraph 236 of his ruling he states:

“Lastly, I would add that, from a practical point of view, none of the three parties concerned by a request for access is in a position to carry out an effective review in connection with access to the retained data. Competent law enforcement authorities have every interest in requesting the broadest possible access. Service providers, who will be ignorant of the content of any investigation file, are incapable of checking that requests for access are limited to what is strictly necessary and persons whose data are consulted have no way of knowing that they are under investigation, even if their data is used abusively or unlawfully … Given the nature of the various interests involved, the intervention of an independent body prior to the consultation of retained data, with a view to protecting persons whose data are retained from abusive access by the competent authorities, is to my mind imperative”.

So the Advocate-General is saying that, because the police have a strong interest in the request for the data, and because the service providers cannot judge the merits of the request, and because the subject of the request does not know that it exists, it is imperative, in his words, that an independent body should decide. Incidentally, he goes on to suggest that there could be exceptions in cases of “extreme urgency”.

To my mind, that independent body he speaks of can only be the judicial commissioner, which is precisely what Amendment 147A stipulates. If the Government believe that the independent body could be something other than the judicial commissioner, perhaps the Minister can inform the Committee when he responds, and say how the Government intend to incorporate the Advocate-General’s opinion, should it be confirmed by the court, into this Bill. I beg to move.

Lord Paddick Portrait Lord Paddick
- Hansard - - - Excerpts

My Lords, I wish to speak to Amendment 156A in my name and that of my noble friend Lady Hamwee. Before doing so, I endorse wholeheartedly what my noble friend Lord Strasburger has just said. The decision of the Advocate-General released today appears very much to add considerable weight to the arguments in favour of Amendment 147A.

Amendment 156A is an amendment to Clause 83, headed, “Powers to require retention of certain data”. It would exclude internet connection records from the types of data that telecommunications operators can be required to store, and, as such, would effectively remove the only new provision—the use of internet connection records—from the Bill.

We believe that such an amendment is necessary for several reasons. Internet connection records do not do what the Government claim they do. They do not provide the police and security services with the internet equivalent of the communications data they already have—for example, access to mobile phone provider data. It is far more complex than that. At best, internet connection records provide only details of which communications platforms have been used, most of which are based in the United States.

Whether useful communications data can be accessed depends on voluntary co-operation by the American companies, which is unlikely in all but serious cases—for which there is an alternative. Internet connection records may provide leads, but they are difficult, complex and time-consuming to follow up. They fail the necessity test. The security services—MI5, MI6 and GCHQ—say that they do not need internet connection to be stored by telecommunications operators because they have other ways of securing the data that they need. In serious crime cases, GCHQ can, does and will help law enforcement to secure the communications data that the police need without recourse to internet connection records.

Indeed, there is a co-located joint operations cell in which the National Crime Agency and GCHQ have joined forces to tackle online crime—initially child sexual exploitation, but in the future other online crime as well. This information is in the public domain. At Second Reading, when I suggested that law enforcement could use security service powers instead of ICRs, the Minister said:

“But of course that is neither practical nor effective because many of the powers of the security services produce investigative material that is not admissible as evidence in a court of law”.—[Official Report, 27/6/16; cols. 1459-60.]

It would appear that the National Crime Agency and GCHQ agree with me rather than with the noble and learned Lord. Indeed, case studies that I was shown when I visited GCHQ tend to undermine the Minister’s assertion.

We began Committee stage by looking at RUSI’s 10 principles for the intrusion on privacy. I will quote just one, on “necessity”, which states that,

“there should be no other practicable means of achieving the objective”.

Internet connection records fail the necessity test. The National Crime Agency and GCHQ co-operation shows that there is a practical alternative.

--- Later in debate ---
Lord Murphy of Torfaen Portrait Lord Murphy of Torfaen (Lab)
- Hansard - - - Excerpts

My Lords, the noble Lord, Lord King, touched on the issue of the Joint Committee. It may be useful for your Lordships to hear what it said about ICRs. The noble Lord, Lord King, was quite right in that regard. The Joint Committee said:

“While we recognise that ICRs could prove a desirable tool for law enforcement agencies, the Government must address the significant concerns outlined by our witnesses if their inclusion within the Bill is to command the necessary support”.

The Joint Committee also said:

“We recommend that the definition of Internet Connection Records should be made consistent throughout the Bill and that the Government should give consideration to defining terms such as ‘internet service’ and ‘internet communications service’. We recommend that more effort should be made to reflect not only the policy aims but also the practical realities of how the internet works on a technical level”.

The Joint Committee also recommended that,

“the Government should publish in a Code of Practice alongside the Bill advice on how data controllers should seek to minimise the privacy risks of subject access requests for ICRs under the Data Protection Act 1998”.

The Government accepted the recommendation on a code of practice—and, indeed, on the definitions. However, in general, the majority of members of the committee believed that ICRs are absolutely necessary to protect our citizens and give the security agencies and the law enforcement agencies the tools they need.

Lord Strasburger Portrait Lord Strasburger
- Hansard - -

My Lords, I rise to speak to Amendment 156A and cite the simple facts about internet connection records. They do not currently exist, would be very difficult and costly to manufacture, have very limited usefulness and collecting and storing them, far from making us safer, would expose everyone in Britain who uses the internet to new and serious risks. In addition, they are highly intrusive into everyone’s private lives and cannot be stored securely by service providers. So it is little wonder, then, that no other western democracy is collecting internet connection records, including the four other members of the “Five Eyes” partnership, the long-standing security alliance between the UK, the USA, Canada, Australia and New Zealand. In fact, the new Australian data retention law specifically excludes the retention of web browsing histories. As for the USA and Canada, David Anderson pointed out in his report that in both countries,

“there would be constitutional difficulties in such a proposal”.

As my noble friend Lord Paddick has already pointed out, Denmark is the only country known to have tried to collect internet connection records—session logs, as they called them. That project was abandoned after a review by the Danish ministry of justice found that it had been of almost no use to the police. The Home Office claims, with some justification, that the proposal in the Bill has some differences from the Danish system but this year the Danish Government came up with a revised scheme that is almost identical to the internet connection records provisions in the Bill. That was promptly abandoned when the prohibitively expensive cost estimates of the Danish service providers were confirmed as accurate by independent accountants. We must ask ourselves: what is it about our country that makes the Government believe that we should be in a stubborn minority of one on this important matter? I hope the Minister will be able to explain it to the Committee.

It is important to understand that internet connection records—ICRs—do not currently exist. Unlike itemised phone bills, which phone companies keep for billing purposes and are the basis of the current communications data regime, communications service providers—CSPs—have no need whatever for ICRs so they do not create or keep them. The Joint Committee heard from many technical and industry experts, including the committee’s two excellent technical advisers, that it would be very far from simple for CSPs to start intercepting these data as they pass through their networks. Each company would have to devise a method suitable for their own systems. They would need to install expensive and complex equipment to carry out “deep packet inspection”, which copies data packets as they fly past on fibre-optic cables. They would then need to process the collected data to find and discard the very large amount of internal housekeeping signals that keep the network healthy but have absolutely no intelligence value. The warnings the committee heard from the service providers about the difficulties of making ICRs happen and their negligible intelligence value echoed what Danish service providers told their Government before they embarked on their ill-fated and wasteful scheme.

However, if some British service providers could do better than their Danish counterparts and succeed in creating internet connection records, it would not make Britons safer; it would make us less safe. I will explain why. The very existence of internet connection records would create more hazards and dangers for the British public than they currently face, and these risks are as good as impossible to mitigate. The first rule of digital security is to not keep any data you do not need because they are all vulnerable. Yet here, we are talking about storing everything that we all do on the internet for 12 months. We should bear in mind that this information would be gold dust to those who would do us harm and would attract the efforts of hackers, blackmailers, criminals and rogue states from around the world. The prize for them would be the details of the private lives of millions of UK citizens: all our personal secrets, including our banking and credit card details; our problems with addiction; our mental and physical health; our sexual proclivities; our financial struggles; our political leanings; our hopes, our worries, our plans—just about everything about our lives.

If the Government attempt to convince themselves and this House that service providers will be able to keep these data safe, they will be deluding themselves and the British public. It is a matter of when, not if, these sensitive data get into the wrong hands. I will explain why. Our service providers make their money from transmitting our data on their way to and from our devices. They are not in the business of storing it securely. The noble Baroness, Lady Harding, who is the chief executive of TalkTalk could, if she were in her place, recount how 156,000 of her company’s customers had their data accessed by hackers last year. In February this year, SWIFT, the interbank financial transaction network, which presumably needs and has much stronger security than service providers, had $81 million stolen in one set of transactions. It would have been much more, but for a simple spelling mistake by the culprits. Canadian police reported in August last year that two clients of the infidelity website Ashley Madison had taken their own lives, following the theft of the personal data of 33 million Ashley Madison customers. Also last year, Chinese hackers stole the details of 4 million US Government employees, including their security clearances.

--- Later in debate ---
Lord Oates Portrait Lord Oates
- Hansard - - - Excerpts

If the noble Lord had been in his place at Second Reading, he would have heard me give exactly that recognition. I recognise entirely the scrutiny and excellent work. I note that it is only because of the actions of people such as the then Deputy Prime Minister, Nick Clegg, that we had that scrutiny. I am grateful that we had it and the Bill is much better as a consequence. I welcome it. That does not mean, however, that as a result of that scrutiny we should abandon our Committee proceedings; it does not mean that those of us who have not served on Joint Committees should not be able to ask questions or seek answers. That is certainly what I will continue to do in this matter.

What is being required is an extraordinary power. We must be absolutely clear about that: it is unique. The noble Lord, Lord King, the Minister or any other noble Lord needs to explain—and nobody has, certainly not in all the proceedings so far in this House—why we, uniquely, need this power. The power is one that even such eminent people as my noble friend Lord Carlile—no slouch on counterterrorism measures—have questioned in the past. Indeed on 25 May 2013, he penned an article, I believe in the Daily Mail, in which he said:

“I, Lord Reid, Lord West and others of like mind have never favoured the recording of every website visited by every internet user, though we have been accused of that ambition”.

I hope the Minister will correct me if I am wrong, but as I understand it that is exactly what is proposed: the retention of data on the internet connection records of every internet user in the country. I hope that the Minister will address and answer all the detailed points put by my noble friends Lord Paddick and Lord Strasburger, and tell the House why we, uniquely, need a power required by no other constitutional democracy of a similar type in the world.

Lord Strasburger Portrait Lord Strasburger
- Hansard - -

I assure my noble friend and the noble Lord, Lord King, that the report by the Joint Committee was not unanimous. We had something like 10 divisions, and for some peculiar reason I found myself on the wrong end of most of them.

Lord King of Bridgwater Portrait Lord King of Bridgwater
- Hansard - - - Excerpts

If the noble Lord looks at the report, he will see that the paragraphs that I referred to were unanimously agreed.

--- Later in debate ---
Lord Strasburger Portrait Lord Strasburger
- Hansard - -

My Lords, I thank the House for an interesting and lively debate, which this subject absolutely deserves. I am somewhat disconcerted by an assertion made by the Minister and one or two other noble Lords. Just because the Bill has been heavily scrutinised—I fully recognise that, and if it is the most scrutinised Bill in the history of this House, so be it—it does not mean that we should abandon our role in this House. We have six days in Committee; are we wasting our time attempting to honestly and genuinely scrutinise the Bill before the House? I do not think so. I will save most of my responses to the debate for Report. I will just say quickly to my noble friend Lord Carlile that there is a world of difference between communications data on mobile networks and internet connection records. I will leave it at that for now, and I am happy to withdraw the amendment.

Amendment 147A withdrawn.
--- Later in debate ---
Lord Paddick Portrait Lord Paddick
- Hansard - - - Excerpts

I cannot find my notes.

Lord Strasburger Portrait Lord Strasburger
- Hansard - -

My Lords, while my noble friend searches for his notes, would it be appropriate for me to make my short speech on this matter? No? I was just trying to help.

Lord Paddick Portrait Lord Paddick
- Hansard - - - Excerpts

That gave me sufficient time. I apologise to the Committee; it has been a long day already. My noble friend Lady Hamwee and I also have Amendments 160 and 169A in this group.

Equipment interference can involve hacking into telecommunication systems or a network by deploying software that could compromise the security or integrity of that system or network, making them vulnerable to attack by not only the forces of good but the forces of evil. It can also expose the communications of everyone using that system or network.

Equipment interference can also involve hacking into someone’s phone or computer so that any communication can be seen by the police or the security services, including messages that are end-to-end encrypted. As the noble Lord, Lord Harris of Haringey, mentioned, that is crucial, particularly as more and more communication is encrypted. Basically, anything that the person sees on the screen of their phone or computer and any information contained on the device, the police or the security services can see as well. This may, however, make the device vulnerable to hacking by others.

Amendments 159 and 160 would include in the Bill safeguards to protect systems and networks, reduce collateral intrusion and ensure that critical national infrastructure is safeguarded by requiring those applying for equipment interference warrants to make a detailed assessment of the risks involved. Amendment 169A is intended to require the judicial commissioner who is asked to approve the warrant to also consider an assessment of the risks, although I am not sure that the wording is entirely right for that amendment. I beg to move.

Lord Strasburger Portrait Lord Strasburger
- Hansard - -

My Lords, the Committee will get a feeling of déjà vu.

I rise to speak to Amendment 159 and others, and start by acknowledging that equipment interference—hacking, in common parlance—with a person’s computer or phone can be justified by known or suspected threats or by an actual incidence of serious crime. However, I still have two concerns. Some types of hacking pose a risk of serious unintended consequences for the target device and collateral damage to devices connected to it or even whole networks, right up to the national level. My other concern is that in the case of hacking by the police rather than by the security agencies there is a danger that a defence lawyer could, rightly or wrongly, claim that vital evidence located on the target device had been tampered with, so putting a successful prosecution at risk.

There are several known examples of large-scale unintended consequences of hacking by the authorities, and no doubt many more that we do not know about. One example is GCHQ’s attack on Belgacom, Belgium’s largest telecoms company, during 2010 and 2011. It involved infiltrating the home computers of several Belgacom staff to acquire their company passwords. Then highly sophisticated malware was installed on Belgacom’s systems to allow GCHQ to acquire large amounts of data. It cost Belgacom many millions of pounds and a lot of time to clean up its systems. Another example is a test by GCHQ that accidentally closed down an entire mobile network in a major city in this country for half a day. So there is a good case for the extra safeguards in Amendments 159 and 160, which are intended to reduce the risk of equipment interference going out of control, and I support them.

On the subject of the danger of allegations, accurate or otherwise, that the police had contaminated evidence in the device that they subjected to equipment interference, I would be interested to hear the Minister’s views. In the Joint Committee, my concerns were brushed aside by the police witnesses, but surely there is a serious danger that the police will be accused of planting, deleting or amending evidence just as they used to be about slipping incriminating evidence into the defendant’s pocket.