Baroness Hayter of Kentish Town
Main Page: Baroness Hayter of Kentish Town (Labour - Life peer)Department Debates - View all Baroness Hayter of Kentish Town's debates with the Ministry of Defence
(8 years, 2 months ago)
Lords ChamberMy Lords, Amendments 180, 181, 197, 198, 205, 206, 231 and 232 relate to judicial commissioner approval of major modifications to warrants issued under Parts 6 and 7 of the Bill. They seek to provide additional clarity regarding the matters the commissioner must review when deciding whether to approve such a modification.
The Bill already provides for major modifications to such warrants. In the context of bulk interception, bulk acquisition and bulk personal dataset warrants, a major modification may be used to add or vary one of the operational purposes for which data may be examined under the warrant. As regards bulk equipment interference warrants, a major modification can additionally add to or vary any description of conduct in the warrant.
The Bill requires full double-lock authorisation from a Secretary of State and a judicial commissioner for any major modification to a bulk warrant. These amendments will not change that. Instead, they provide greater clarity about the matters that a commissioner must consider when determining whether to approve a modification to a bulk warrant.
The amendments specify that, for major modifications to add or vary an “operational purpose”, a judicial commissioner must review the Secretary of State’s conclusions as to whether the modification is necessary, applying the same principles as would be applied by a court on an application for judicial review and ensuring that the commissioner complies with the duties in relation to privacy set out in Clause 2, the so-called privacy clause.
In the context of bulk equipment interference, if a major modification proposes to add or vary a description of conduct, the judicial commissioner must also review the Secretary of State’s conclusions as to whether the conduct authorised by the modification is proportionate to what is sought to be achieved by it. The amendments are intended to ensure clarity and consistency across the Bill, and as such are to be welcomed.
The sharing of data and intelligence with our overseas partners is critical to the work of our security and intelligence agencies. Without working together with our allies, those agencies could not do their vital work of keeping us safe. Amendments 184, 185, 201, 202, 209 and 210 simply clarify the consideration that must be given by the Secretary of State before authorising the disclosure to overseas authorities of data acquired under the bulk powers in the Bill.
The Bill already places a duty on the Secretary of State to consider whether corresponding safeguards will be applied to the data that are to be shared with the overseas authority in relation to their retention and disclosure. These amendments make explicit that the Secretary of State must be satisfied that the overseas authority has in place safeguards, to the extent appropriate, that correspond to those in the Bill not only in respect of the retention and disclosure of the data shared in bulk but in relation to their selection for examination. This group of amendments therefore makes absolutely clear that proper consideration will be given to the examination safeguards that are applied whenever bulk data are shared with another country. I beg to move.
My Lords, I thank the Minister for moving these amendments, all of which we are happy to support and some of which respond to concerns we raised in Committee.
It may assist the House if I outline at this stage the purpose of Amendment 185A, in the names of my noble friend Lord Rosser and myself, which is about safeguards for disclosing overseas-related material for our foreign allies and agencies. That is material, possibly including information sent overseas by UK residents, obtained by our security and intelligence services under bulk interception warrants. It is an amendment which we hope the Government will feel able to accept.
In Clause 142, before any information obtained under a bulk interception warrant is disclosed overseas, the Secretary of State must ensure that arrangements and safeguards are in place regarding the retention and disclosure of such material, as the Minister has outlined. These requirements correspond to Clause 141 safeguards for domestic arrangements: that is, requiring that the number of people to whom the bulk-intercepted material is disclosed, the extent of disclosure and the number of copies made is limited to the minimum necessary. These safeguards also require the destruction of such material where there are no longer grounds for retaining it.
However, unlike Clause 141 for domestic arrangements, Clause 142 for overseas disclosure provides a wide discretion for the Secretary of State, whereby she or he must ensure equivalent safeguards only,
“to such extent (if any) as the Secretary of State considers appropriate”.
It could, therefore, be possible for the Secretary of State to decide that no safeguards are required in a particular case.
We recognise absolutely that the UK will need to share intelligence with overseas agencies and our amendment does not undermine the ability of UK agencies to do that. We also accept that overseas disclosure may be of a different nature, with particular political, diplomatic or security implications, all of which the Secretary of State must consider. However, the present wording is surely too wide and, if I have understood it correctly, would not be subject to subsequent review. Amendment 185A removes this very broad discretion and requires that it must appear to the Secretary of State that safeguards corresponding to the requirements under Clause 141(2) and (5) will apply in relation to disclosure overseas.
The Minister will not be surprised if I make reference to the Szabó v Hungary finding that minimum standards should be set out in law to avoid abuses of power and that,
“it would be contrary to the rule of law … for a discretion granted to the executive in the sphere of national security to be expressed in terms of unfettered power”.
The judgment notes that,
“the law must indicate the scope of any such discretion … with sufficient clarity … to give … adequate protection against arbitrary interference”.
I hope that the Government will feel able to accept the amendment as, if anything, extra safeguards may, indeed, be required where sensitive information is being disclosed abroad. We look forward to the Minister’s response on this.
My Lords, we, too, are happy with the government amendments in this group and we support Amendment 185A. The issue is about the discretion in the application of Clauses 141(2) and 141(5)—and, shortly, Clause 143—not their relevance. The term “appropriate” suggests to me a degree of discretion which may not be related to relevance. The term “mutatis mutandis” is not one commonly used in legislation, I think, but it is that provision that one wants to see—only changing what is necessary to be changed. I do not know the proper way of dealing with that, but “appropriate” seems to be inappropriate in the context.
My Lords, there have not been very many points in the course of this legislation on which I have agreed with the noble Lord, Lord Strasburger, but on this point I do. Amendment 252A raises a very interesting and important point.
Although I am absolutely in favour, as you would imagine, of the Government having the opportunity to access the communications of anybody who is a threat to us—due to terrorism, criminal activities or anything of that sort—there is a competing national security issue here of this country having effective cybersecurity. We have seen the way in which hostile Governments have been seeking to intervene in the American elections, and we have seen all sorts of attempts by hostile states, criminal groups and others to use cyber weaknesses to take forward hostile agendas. Therefore, there is a genuine national security interest in ensuring that, as far as we can, our citizens can communicate securely and privately when they are not going about mischievous business.
The idea that we should take into consideration the requirement not to place non-targeted customers or others at additional security risk is an entirely legitimate one, and I am very interested to hear how the Minister would want to interpret this. We have competing national security issues here and it is a point well made.
My Lords, we have had some rather good discussions with the tech companies. In Committee, we put in some of the amendments that they suggested to us, and some of the government amendments we have been dealing with over the past few days reflect that. I thank the tech companies for their very responsible attitude in continuing discussions with the Government over this period. Certainly with us they have been open, flexible and fairly straight as to what is possible and what the dangers are for them—for example, and as we have discussed, whether a weakness in end-to-end encryption could actually undermine the security that banks and others rely on in their systems—and for their clients, public confidence and national security. The companies recognise that they have a duty of care and loyalty to their customers, while fully respecting the law of the land in which they operate and the legal demands on their staff, wherever they are located.
In their discussions with us, companies have sought clarity that they will not be asked, effectively, to create a new system that would breach end-to-end encryption. They need this clarity for their shareholders and customers’ peace of mind because the reality is that they could never be forced to create a new computer program to hack their own security. I for one cannot imagine the noble Earl, Lord Howe, or anyone else standing over a hapless computer programmer shouting, “Break into it!”, if that company did not want to do it or the computer genius was on a go-slow that day. The idea that you could force somebody to create a program that the company and the employee did not want to is probably not possible.
Given that, the reality is that the things the Government want to ask will happen only when there is a good working understanding between the security services and the company. Therefore, if the tech companies want this clarity as set out in Amendment 251—as we know they do—our interest is to hear from the Minister just what the obstacles are to giving them the clarity that they seek.