Counter-Terrorism and Security Bill Debate

Full Debate: Read Full Debate
Department: Home Office

Counter-Terrorism and Security Bill

Baroness Ludford Excerpts
Tuesday 13th January 2015

(9 years, 10 months ago)

Lords Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
Baroness Ludford Portrait Baroness Ludford (LD)
- Hansard - -

My Lords, this debate takes place in the sombre wake of the Paris atrocities but also in the wake of Sunday’s inspiring marches. We must keep our heads—I think that is the broad intention of everybody—and not repeat the ominous claim in August 2005 by the then Prime Minister that “The rules of the game have changed”. I was impressed by the statement in the excellent speech of the noble Lord, Lord Evans of Weardale, about how our security response is more resilient if it draws on a strong framework of civil liberties and human rights.

Throughout the past two decades, as a Liberal I have been guided in my work, which was mainly in the European Parliament and to a much lesser extent in this House, by a strong preference for judicial over executive powers and for targeted investigation and data collection rather than blanket surveillance. I bring those attitudes and preferences to this Bill together with a concern that the relative speed with which we are proceeding should not be at the expense of our critical faculties.

Like other noble Lords, I have to be selective in my remarks today. The first issue I shall address is that of executive or administrative powers for restrictions on liberty of travel, movement and residence in the operation of document seizures, TEOs and TPIMs under Parts 1 and 2. A lot of good reform has taken place recently in narrowing the scope of stop and search, especially stop and search without suspicion, and I have great regard for the Home Secretary in her leadership on this issue, worried that it would create resentment and alienation among those who felt they were open to discrimination, racial or religious profiling or stereotyping. Obviously, we do not want to recreate that problem, so the first question to ask about Part 1 of the Bill is whether there are alternatives and if genuinely not, are there sufficient safeguards?

On the alternatives, in regard to Clause 1 on removal of passports, I read the briefing from Liberty and then yesterday the report from the Joint Committee on Human Rights. I find persuasive the JCHR acceptance that arrest under Section 41 of the Terrorism Act and police bail with conditions, such as passport surrender, is not a complete answer to the capability gap. However, I ask the Minister why the powers in Schedule 7 to the Terrorism Act to seize travel documents and hold them for seven days cannot be used in this scenario of outward travel. He may not be able to answer today.

In regard to terrorism exclusion orders, I strongly welcome the change of heart in the Bill compared to the Prime Minister’s originally declared intention permanently to exclude people or make them stateless. I am glad that, thanks to the working of the coalition Government, wiser counsel prevailed so that Clause 2 envisages temporary not permanent exclusion and managed return. I, too, would look favourably on the possibility of a change of name. I asked myself whether a measure that the JCHR calls “notification of return” could be an alternative. However, I concluded that this is probably unrealistic as someone could cause a threat en route back to the UK; for instance, of hijack or indeed bombing.

On safeguards, we will have to give great attention to whether judicial supervision and procedural and other safeguards are sufficient. There has to be considerable doubt. As regards the seizure of documents, the Bill includes only the possibility for judicial review not the possibility to challenge the merits of a decision or the existence of reasonable grounds for suspicion. We will need to look at that. There is also the question which other noble Lords have raised of how judicial review can be exercised from abroad. Schedule 8 to the Terrorism Act on the detention of suspects has stronger safeguards and even that has been criticised as being too weak. We would do well to examine carefully the list of about six reforms that the report from the Joint Committee on Human Rights has suggested.

On terrorism exclusion orders, as the Independent Reviewer of Terrorism Legislation famously asked, “Where are the courts in all this?”. I am glad that the Government are committed to looking very carefully at this and I hope they will reflect David Anderson’s suggestions for prior permission and subsequent review, not only on the making of the TEO but also the conditions. There are quite a few other detailed issues that will need scrutiny at subsequent stages of the Bill. In Schedule 1 there is a paragraph entitled:

“Restriction on repeated use of powers”.

However, there does not seem to be any limitation on the frequency or number of occasions as opposed to the duration of each period of detention. How do you stop repeated seizures on a rolling renewal basis in the way that happened in declaring the whole of London a terrorism exclusion zone? It was just permanently renewed, so we never got out of that.

Then there are issues such as temporary support. What happens if the Home Secretary decides not to offer support for someone, which could make them destitute in breach of Article 3 of the ECHR? Under TEOs, I do not have time to go into detail here, but I would want to flag up issues such as “reasonable” in time limits, “notice is deemed to have been given”, and whether an excuse for lack of knowledge is reasonable. We will need to probe some of this. The memorandum on human rights compliance from the Home Secretary says that the Home Secretary intends to follow the practice of not applying a TEO if it would expose a person to treatment contrary to Article 2 or 3. Perhaps we need to put that in the Bill.

As Schedule 7 is mentioned in a schedule to this Bill, I would like to flag up the possibility, perhaps not now but in the future, to look further at Schedule 7 which is, of course, subject to action in the courts. I think we need to pursue the recommendations from the independent reviewer on Schedule 7 to the Terrorism Act.

The standard of proof has been mentioned in regard to TPIMs. It was interesting to listen to the noble and learned Lord, Lord Brown of Eaton-under-Heywood, who suggested that perhaps the balance of probabilities test is not really much different from reasonable belief but in any case it applies only to the Home Secretary and there is no power for the courts to apply this test.

With the definition of “terrorism”, this Bill is to be welcomed in reducing the breadth of the definition of,

“involvement in terrorism-related activity”,

to perhaps two removes rather than three removes—in the terminology of David Anderson—from the actual commission of terrorist acts but I think this is something we are going to have to come back to.

On the question of data collection, the issue for Liberal Democrats—it is why we refused to accept the Draft Communications Data Bill, which apparently I am not allowed to call the “snoopers’ charter”—is the need to distinguish between limited and blanket surveillance. I am afraid that the Mayor of London, on the radio this morning, seemed not to grasp this key distinction. There is a need to ensure that our privacy is not thrown overboard by disproportionate intrusion. I am glad that various reviews are taking place. We need to be sure that our legal framework is compliant with civil liberties and human rights standards before we decide whether to extend the scope of the powers. There is also the needle in the haystack problem, which I do not have time to follow up on. Let us recall that the cross-party Joint Committee of both Houses on the Draft Communications Data Bill said two years ago:

“Part of the gap is down to a lack of ability on behalf of law enforcement agencies to make effective use of the data”,

that they already possess.

Liberal Democrats accept in principle the Bill’s provisions on IP addresses and welcome the sunset provision of December 2016. However, we will want to probe exactly what data this covers and the practicality and cost of collection, as well as perhaps discovering in the course of our work which professionals outside government have been consulted in drawing this up. I am afraid that materials from government—the factsheet and even the Minister’s letter today—still seem to imply that you can identify a person, as opposed to a device, by knowing the IP address. However, if the address is allocated on a dynamic basis, I do not think that the telcos or the internet service providers, unless they have a video camera in the room, will be able to tell us which individual was using the device and at what time. There are various issues here which I do not have time to cover now.

I know that my colleagues will follow up on the Privacy and Civil Liberties Board, so I will not do so because of the limited time available, but I absolutely agree with those who said that it must support and not replace the independent reviewer and that it must have independence and so on. In addition, the scope of the scrutiny powers needs to be wider and allow flexibility in the work schedule of the independent reviewer.

Perhaps the Minister could clarify something for me in relation to passenger information. The Bill allows the Home Secretary to make regulations to require the supply of passenger information. Does that mean what is normally known as advanced passenger information, limited to date of birth, name and passport number, and that we are not going into the territory of passenger name record, which is what the airlines hold? Those are much more extensive and intrusive data, and it is not clear to me what passenger information means.

My conclusion is that, as well as the review of data collection powers that we will be having early in the next Parliament once the product of various reviews is in, we need a broad review of counterterrorism powers—especially a rigorous audit of executive powers—and to see whether there are more opportunities to prosecute, perhaps using intercept evidence, instead of relying on those executive powers.

There is reason to be gloomy and anxious about the threat that we face but also to be a tad optimistic following Sunday’s expressions of determination to uphold universal values and not to allow the fascist terrorist fundamentalists to win by making us undermine our own civil liberties. I am hopeful of a better context for transatlantic co-operation and I am very glad that this House backed the opting back in on various European justice and home affairs co-operation matters.

Nothing excuses violence and murder by a fanatical cult such as ISIS, but that does not exclude the need to do more to integrate minorities, especially Muslims, as well as to protect them from discrimination, persecution and threats.

Finally but crucially, and speaking as vice-president of the All-Party Parliamentary Group on British Jews, although not on its behalf, we have to be much more proactive in challenging and eradicating anti-Semitism wherever we find it.

--- Later in debate ---
Baroness Shields Portrait Baroness Shields (Con)
- Hansard - - - Excerpts

My Lords, I add my congratulations to the noble Lords, Lord Evans of Weardale and Lord Green of Deddington, on their maiden speeches and their thoughtful and insightful interventions on these vital issues of national security. Their experience is timely and we should all express our gratitude to them for serving in this House and bringing their great wealth of knowledge to this debate.

I welcome the opportunity to speak on this most important legislation and start by declaring my interest as the Prime Minister’s adviser on the digital economy. The focus of my remarks today will be on the issue of communications data and, specifically, Part 3 of the Bill, on data retention, which concerns a technical point but one with particular significance to counterterrorism efforts. I come to this discussion after decades of experience in executive roles with the world’s leading global internet and technology companies. In those roles I have witnessed first hand the vital importance of access to communications data to support law enforcement in serious and organised crime investigations as well as matters of national security.

It is important to be clear what we are talking about in Part 3. It is specifically about resolving IP address in order to identify the who, when, where and how of connections or communications. It does not provide for access to what people are saying or what they are sharing. Part 3 provides a simple technical fix to a technical problem of resolving an IP address. However, the value of that data can be pivotal in moving forward investigations. The police can use an IP address to prove or disprove an alibi, identify associations between suspects and tie an individual to a particular location or crime scene. Communications data have played a significant role in every security service counterterrorism operation over the last decade. These include the Oxford and Rochdale child grooming cases, the 2007 Glasgow Airport terror attack, and the Soham murders of Holly Wells and Jessica Chapman, to name but a few. If these data are not retained on reasonable terms, the implications are obvious.

Just last week, at the height of the horrific killings in and around Paris, Andrew Parker, director-general of MI5, spoke of the potential for mass casualty attacks in the UK by ISIL and al-Qaeda terrorists. He said:

“We increasingly face a world in which those who pose a serious threat may be able to operate beyond our reach”,

adding that MI5 will need,

“the right tools, legal powers and the assistance of companies which hold relevant data”.

He also warned that,

“a lack of cooperation from internet companies means that there is a risk of terrorists slipping through the net because MI5 cannot track them”,

and he renewed calls for enhanced access to digital communications.

As your Lordships will be aware, there are currently gaps in communications data capability that have a serious impact on the ability of law enforcement agencies to carry out their functions. One such gap is identified in the internet protocol address resolution in Part 3 of the Bill. The IP address identifies who in the real world was using the IP address at any point in time, or at least which device they were using, such as a mobile phone or a tablet. The IP address will not always tell us—

Baroness Ludford Portrait Baroness Ludford
- Hansard - -

I apologise for intervening, but the noble Baroness is clearly an expert in these matters. Will she remove my ignorance? There are not enough IP addresses to go round, so you do not have one for every device, certainly not for every PC. So you can identify what device was using the IP address at any particular time, but how do you know who was using the device?

Baroness Shields Portrait Baroness Shields
- Hansard - - - Excerpts

I hope noble Lords will understand if I carry on and then come back to the question, as I think that I may be able to answer it. However, it is a very good question and an important intervention.

The IP address will not always tell us who is operating the device, because the addresses are changed and shared when mobile phones move to connect between different masts, or laptops or tablets come online in the home, used by individuals across various networks. However, the IP address helps us significantly to narrow down the field: it is just one aspect of the information that we need. The communication service providers who issue the IP addresses to identify computers and mobile phones currently do not log which device is used at each address and when. This means that law enforcement agencies cannot work out who is using an IP address at a particular time. This impedes the investigations.

This legislation will amend the Data Retention and Investigatory Powers Act, which this House considered last summer, to enable Government to require that communication service providers, under a data retention notice, retain that data that can be used to link a specific device or individual to an IP address. We are not talking about requiring every single internet start-up to do so. The Government’s approach has always been proportionate and risk based, but without these data it is far harder, if not impossible, to attribute a particular action on the internet to an individual person.

These data will be available only to those public bodies that are entitled to them for lawful purposes where, on a case-by-case basis, this is necessary and proportionate. The value of these data can be clarified in this example: if a server hosting child sexual abuse images were to be seized, IP resolution would allow the police to trace the individuals who accessed the images where the server holds a log of the IP addresses and of the times that they were used.

This legislation asks for only a small addition to the automated systems that already run our nation’s communications infrastructure. The recording of which person uses which address and when is generated in the normal course of operation, and is thus not overly burdensome for these companies. This Bill will require CSPs, subject to reasonable notice, to retain vital data that can help dramatically in our country’s ongoing battle to bring criminals to justice, protect the most vulnerable and keep the United Kingdom safe.

Part 3 of this Bill is not politically controversial. As my noble friend the Minister has already mentioned, the Joint Committee on the Draft Communications Data Bill looked at this issue specifically and concluded that it did not think that IP address resolution raises any particular privacy concerns. These provisions will be limited. They will not enable the retention of weblogs, which, as some noble Lords have said today, become a list of the websites that you visit, for instance. Instead, they will help the appropriate agencies identify which device is the particular network identifier.

IP resolution will help us locate terrorists and criminals, but it is important to understand that it will not help us in every situation. The obligation to store the data in the UK is limited, but the technical action of resolving it must not be so. For instance, IP address resolution applies only to data generated or processed within the UK and not overseas, so it is thus further limited in scope and potential to combat what has become a global challenge. Furthermore, the rise in anonymous and encrypted internet traffic, the use of proxies and the sharing of one public IP address across hundreds if not thousands of devices make it ever harder to locate a specific device on the internet in the UK and abroad. Resolving IP addresses is an important first step, but it is only one part of a much larger problem that continues to morph and requires constant scrutiny, re-evaluation and response. We must remain diligent to stay ahead.

How do we address the wider problem and keep on top of the fast-moving threats that we face online? I believe that a new mode of collaboration between government and industry is needed to ensure a safe, creative and resilient internet from which we can learn, earn our livelihoods and keep in touch with our loved ones. We have done a lot of work in this Government to improve co-operation with internet and communications companies on the removal of terrorist and extremist content from their platforms, and to prohibit their use by those who will do so to distribute propaganda and radicalise our citizens. In its recent report on the brutal murder of Fusilier Lee Rigby, the Intelligence and Security Committee concluded that these companies must do more to fulfil their social responsibilities and help combat the serious threat that we face from terrorism. We must work with these companies to find better ways to alert government to the terrorist and illegal activities that threaten our livelihood.

Part 3 of this Bill is a significant step and one that we must all support, but it alone is not enough. There is no silver bullet. In specific terms, there remains a pressing need to update legislation to ensure that data for new types of internet communications on the ever evolving platforms and products are available in the future, just as data for telephony have been in the past. The Joint Committee on the Draft Communications Data Bill accepted this requirement, subject to the appropriate safeguards. David Anderson QC, the Independent Reviewer of Terrorism Legislation, is conducting a statutory review of these issues at present.

My right honourable friend the Prime Minister has been clear that we will need to return to this matter in the next Parliament. In fact, in light of recent events we must urgently do so. As a matter of general principle, this Bill is an important occasion on which to acknowledge and reflect on the importance of continued co-operation between government and the technology industry to assure the safety of our nation.