(7 years, 12 months ago)
Lords ChamberI completely take the noble Lord’s point. It is early days to be thinking in those terms, although he is right to do so. It is encouraging that the November IAEA report to the board of governors confirmed that Iran remains compliant with the nuclear-related measures set out in the joint comprehensive plan of action. We welcome the findings of the DG’s report. We praised the IAEA for its progress and continued work on that very challenging task, but no doubt lessons and messages will emerge from that strand of work.
My Lords, the noble Earl has talked about the need to move towards multilateral disarmament, but there are stocks of fissile material in various parts of the globe. How confident is he that those stocks, which could be turned into nuclear weapons, are sufficiently secure to avoid them falling into the hands of aspirant nuclear powers or, worse still, non-state actors that might wish to possess such materials?
My Lords, that is clearly a constant concern and the noble Lord is right to raise it. Against that background, the UK continues to push for the early start of negotiations, without preconditions, on a fissile material cut-off treaty in the Conference on Disarmament. We supported a Canadian-backed resolution at the United Nations first committee on that topic, in October. In this country we have a voluntary moratorium on the production of fissile material for nuclear weapons or other explosive devices. We have not produced fissile material for nuclear weapons since 1995.
(8 years, 1 month ago)
Lords ChamberMy Lords, Amendment 196A is in my name and that of my noble friend Lady Hamwee. It seeks to remove internet connection records from the type of communications data that can be acquired in bulk. Noble Lords will be very well aware of my views, and the agreed view of the Liberal Democrats, on internet connection records. We believe that they are unnecessary and disproportionate, for the reasons that I have articulated in detail throughout the passage of the Bill.
I shall just remind your Lordships what internet connection records mean. Internet service providers are being forced to keep a record of every website that everyone in the UK has visited in the last 12 months, whether the subscriber is suspected of crime or not. Even though only the first page of each website visited is shown, visiting www.relate.org.uk could, for example, immediately indicate that your marriage was in trouble. However there are some safeguards, including some concessions extracted by the Labour Opposition, to ensure that only the internet connection records of those suspected of crimes that could result on conviction in a sentence of 12 months’ imprisonment or more can be examined by law enforcement agencies.
We are also grateful to the Labour Opposition for securing the review of bulk powers carried out by David Anderson QC, the Independent Reviewer of Terrorism Legislation. We are particularly grateful to David Anderson for highlighting in paragraph 2.41(b), on page 33 of his report on bulk powers, that,
“it is not currently envisaged that the bulk acquisition power in the Bill will be used to obtain internet connection records”.
However, in a footnote at the bottom of that page, Mr Anderson states that he has been told,
“that this is no more than a statement of present practice and intention: neither the Bill nor the draft Code of Practice rules out the future use of the bulk acquisition power in relation to ICRs”.
In Committee, the noble and learned Lord, Lord Keen, said:
“I can confirm to the Committee that the agencies do not currently acquire internet connection records in bulk and have no current intention to do so. It is however important to ensure that we do not legislate against the possibility of internet connection records being acquired in bulk, should agencies make a case which demonstrates that this might be necessary and proportionate in the interests of national security in future”.—[Official Report, 7/9/16; cols. 1087-88.]
Surely we should be legislating for a proven need, not not legislating against a possible but unlikely proven one.
Noble Lords will remember that the security services—GCHQ, MI5 and MI6—have all said that they do not need internet connection records in order to do their work. The power to acquire communications data in bulk, including the power to acquire ICRs in bulk, is available only to those agencies. The power to acquire internet connection records in bulk is therefore not needed. They are not collected in bulk at the moment, and there is no current intention to do so. If this were an opposition amendment to include ICRs in bulk data acquisition, the Government would quite rightly say it was unnecessary. The power to acquire ICRs in bulk also strips away all the safeguards that are in place when law enforcement agencies apply for individual internet connection records.
This is the online equivalent of Section 44 of the Terrorism Act, which allowed the police to stop and search people without any reasonable suspicion. The former Home Secretary, now the Prime Minister, Theresa May took that power away from the police because she considered it disproportionate.
Surely Section 44 was for target hardening and deterrence rather than for any other purpose.
I am very grateful to the noble Lord, Lord Harris, but that is not what I understood Parliament’s intention was when the legislation was enacted. We can argue the point. If the analogy with stop and search sounds familiar to noble Lords next to me, including the noble Lord, Lord Harris of Haringey, it is because it is an analogy that was used by the shadow Home Secretary Diane Abbott in describing the powers under the Bill, which she describes as draconian.
The pieces of this legislative jigsaw are beginning to fall into place. Telephone operators already keep a record of the details of every phone call made and every text message sent. Internet service providers are being forced by this Bill to keep a record of every website, you, I and everyone else in this country have visited over the previous 12 months, which is a provision this House agreed to on Monday in a Division when it rejected the Liberal Democrat amendment to prevent it. A request filter, operated by or on behalf of the Government will be constructed. It will have direct feeds into the databases of communications providers, including access to the sensitive personal information of every subscriber to telephone and internet services in the UK, every call they make and every website they visit. The House agreed to that provision in a Division on Monday when it rejected the Liberal Democrat amendment to prevent it. The power is then given by this part of the Bill to allow all that sensitive personal information—details of every phone call made and every website visited—to be downloaded at will by the security agencies with no further authorisation. I hope that at least some noble Lords are feeling uncomfortable at that prospect. Our amendment removes internet connection records from the data that can be acquired under a bulk acquisition warrant. I beg to move.
My Lords, noble Lords who have followed my limited contributions to the Bill will know that I take a fairly robust approach in support of what the Government seek to do in it. Indeed, they may even be slightly perplexed that I have tabled this amendment, which is supported by the Liberal Democrat Front Bench, given the slightly testy exchanges that have occurred once or twice during the passage of the Bill. However, my philosophy throughout has always been clear—namely, that by and large this Bill is needed to update current legislation and to protect the public. However, all the measures have to be tested in terms of the balance that they strike between protecting the public and their potential invasion of privacy. We have debated that issue but in this case the disbenefits I am concerned about are the extent to which what the Government may be trying to do—the Minister will no doubt explain what that is in more detail in a few minutes—under the Bill as drafted will weaken the security that people would otherwise have.
The Bill provides the Home Secretary with the power to require a communications provider to install some sort of technical capability to provide data on request, including where those data would otherwise be encrypted and are therefore not so easily available. The Bill includes an impressive array of safeguards. The Home Secretary is required to apply a series of tests before they make a decision to serve an order on a communications provider, and a process of consultation and discussion has to go forward. Those measures are all designed to ensure that not only is the Home Secretary properly informed in making that judgment but using the power is practical and reasonable. Indeed, the Bill emphasises the importance of the test of something being reasonably practical and technically feasible. I have asked for an explanation of the precise distinction between reasonably practical and technically feasible. I accept that there may be a distinction.
A whole series of tests applies under those circumstances but we do not know how those tests might be applied in future or what the Home Secretary might decide. Therefore, we cannot know how a future Home Secretary, or the present Home Secretary, would interpret what is and is not practicable and reasonable. In particular, we face an ambiguity—at least I think there is an ambiguity here—over what it will mean for end-to-end encrypted services. End-to-end encrypted services allow an end-user to send a message via a particular service which can be opened and read only by the person to whom it is sent. That is an important reassurance which we would all like to have in terms of our private communications. The company that conveys that message to the other person—the company in the middle—has no ability to see that message. The communications provider has provided that as a service because it is believed that that is what customers want.
Not all communications providers do that. Some provide a service where it is clear—it says so on the tin—that they will have the option to be aware of what is in the message because they use that to sell advertising. However, not all communications providers operate on that basis. The purpose of that encryption arrangement is to ensure that the data are protected by means of encryption against outsiders looking at them. The encryption key is held only by the person who sends the message and the person who receives it. Nobody else in between has that capacity. The potential implication of that is that the communications provider cannot find a way to discover the content of such a message, even if it wanted to and even if required to do so by the Government.
My Lords, if I could be convinced that the same rules applied everywhere on the globe—because we are talking about a global function—in respect of the rule of law, freedom, transparency and privacy protection, then I might have a bit of sympathy with the business operators, as we will call them.
I had the privilege of being among those serving on the RUSI panel. We had a discussion with the providers, but they did not all want to come and sit round the table at the same time—I recall two or three sessions—because they are competitors. We put it to them—it was not original; it had come up elsewhere—that not one of these companies, whether Apple, Google, Facebook, Twitter, Yahoo or Microsoft, would ever have been able to start what is now their global business in countries such as Russia, Iran and China. Yet they have become global and make enormous profits, although I will not go into the issue of them paying their taxes.
These providers hide behind the fact that the countries where they are able to start and function have the rule of law and are democracies where you can challenge Governments in the courts and get redress, yet they then go and operate in countries where they cannot do that. If they all said, “When we operate in China, we’re going to produce all our phones fully encrypted, exactly as we do for everybody else. The Chinese Government are allowing us to close end to end. They don’t want to know what their citizens are saying”, then fine, but I do not believe that that is the case, and that is part of the problem.
My noble friend Lord Harris touched on the issue of other Governments, but we can legislate only for the UK. I fully understand that, yet half of an email sent from my office upstairs to a colleague here might be split and end up travelling through the rest of Europe or America or half-way round the world. That is how the system works. Just because you are emailing someone in this country from within this country, you cannot guarantee that the entire message will stay in this country while it is being whizzed round the world. The system does not work as I originally thought it did. So we can legislate only for this country and messages get split up around the world.
The fact is that the business plans and business operations of these companies depend on open, transparent and democratic countries with the rule of law, yet they are willing to work in countries where there is no rule of law and where there are corrupt regimes, such as in Russia, or undemocratic regimes, as in China. These are countries with huge populations and the companies can do business there according to a different business plan from the one that applies here. From the point of view of those who are there to protect us, that has to lead to a suspicion that at some point we might need a bit more information than we have and that we might need to ask for that to be provided.
I take second place to no one on the protection of privacy, but the fact is that you cannot discuss this issue just in the context of the UK or Europe; it is global, and the rules do not apply equally across the globe. If we take that on board, I think we ought to have a fair degree of sympathy with how the Government will operate these measures.
I have listened to other people and have read more about this matter since finishing our work on the RUSI panel, and the fact is that there is a great reluctance to have these powers. In a democracy there is an incredible reluctance for private information to be treated in this way, but at the end of the day there will be proportionality and our people will be tested on the need for these powers. One of the raisons d’être of the Bill is to put in second and third checks, so those with the powers will be watched and the watchers will be watched, and that is how we can give the public confidence. I do not think that we ought to write the Bill to suit the business operators’ original business plans, because they are not implementing them on an equal basis across the globe. Therefore, I hope that the Government will reject these amendments.
Before my noble friend sits down, to be honest I think that he has slightly misunderstood the point that has been made. I am not putting this forward because of the business models of particular companies; I am proposing it because of the inherent weakness that could conceivably be created. His argument, if I understood what he just said, is that because Russia or China may require, or may force because the business there is so valuable, a communications service provider to put in one of these back doors, therefore we need to have the same facility. The point is that, because it is a global provision, if a back door is built in—because Russia or China or wherever else has demanded it—then a technical capability notice would operate because the operator would have that existing facility. That is precisely the circumstance in which a technical capability notice could be served. This amendment seeks to exclude a requirement from our Government that it should be created at our behest, which other people would then use.
I take on board what my noble friend is saying. I fully accept the distinction he makes but, basically, although I am a customer of some of these companies, I do not trust them—they will tell us that this has been built in and is secure, but do deals with those other regimes.
We come back to the test of reasonable practicability here. I am about to come on to what the Bill does not provide for on encryption and I hope that this will help the noble Lord.
The Bill does not ban encryption or do anything to limit its use. The Bill will not be used to force providers to undermine their business models, to create so-called back doors or to compromise encryption keys. It will not be used to prevent new encrypted products or services from being launched and it will not undermine internet security.
I am very grateful for the detailed exposition that has been given. The Minister says that the Bill will not be used to do those things. Can he confirm that it cannot be used to do those things?
My Lords, some noble Lords have suggested the Bill’s provisions cause a weakening in encryption, which I think is the central point that the noble Lord is getting at. Many of the biggest companies in the world rely on strong encryption to provide safe and secure communications and e-commerce, but retain the ability to access the content of their users’ communications for their own business purposes, such as advertising, as we have heard. These companies’ reputations rest on their ability to protect their users’ data. This model of encryption can, and does, maintain users’ security. I do not think that anyone would dispute that.
Before I come on to the individual amendments, it would be helpful to address a number of specific points that were raised in relation to encryption. There was a suggestion that a company should never be asked to do something that it does not already do. Such an approach would of course, at a stroke, remove our ability to use any of the powers in the Bill, including carrying out any interception of terrorists’ and serious criminals’ communications, because companies do not do this in the normal course of their business.
There was a suggestion that equipment interference would do away with the need for these provisions. It will not. Equipment interference is no substitute for having a company’s assistance. Even if it were, there are only a very small number of very clever people who are able to carry out equipment interference. There will never be the capacity to deploy them on each and every operation.
Finally, there was a suggestion that encryption is not a problem for the security and intelligence agencies. The heads of those agencies have repeatedly made clear that ubiquitous encryption is one of the most difficult challenges they face.
I now turn to the individual amendments, because I hope that this will clarify the picture further. Amendment 251 seeks to preclude an obligation to remove encryption from being imposed under a technical capability notice in relation to end-to-end encrypted services. I hope that the points I have already made make clear why the proposed amendment is not necessary and indeed why it is not desirable. As I have set out, the Government recognise the vital importance of encryption. Nothing in the Bill does anything to limit its use, and that of course includes the use of end-to-end encryption. But I have also set out the dangers of creating a guaranteed safe space online for those who would seek to do the public harm such as terrorists and other serious criminals, and I am afraid that that is exactly what this amendment would do. The amendment seeks to make explicit provision in law for there to be certain online services that criminals can use to go about their business unimpeded with no fear of being caught. That is not a position that any responsible Government or, I hope, Parliament could support.
What we must ensure is that the Bill enables us to work collaboratively with individual telecommunications operators to establish what steps are reasonably practicable for them to take, considering a range of factors including technical feasibility and likely cost. Any decision will have regard to the particular circumstances of the case, recognising that there are many different models of encryption, including many different models of end-to-end encryption, and that what is reasonably practicable for one telecommunications operator may not be for another.
As I have already said, this is not about asking companies to undermine their existing business models; it is about working with them to find a solution to ensure both that their customers’ data remain secure and that their services cannot be exploited by individuals who pose a threat to the UK. So in answer to the question put by the noble Lord, Lord Harris, I can confirm that these provisions cannot be used to introduce back doors or undermine internet security.
We already have a wide range of safeguards which I have listed. I do not see that it is necessary to go down the road the noble Lord is advocating because of the dangers that I have pointed out. These amendments would create safe spaces which I am sure that neither he nor any noble Lord would desire to occur.
My Lords, I am enormously grateful to the noble Earl for his detailed response and for reiterating the welcome and voluminous safeguards that are set out in the Bill. They are important and valuable, and they give me confidence about the context of the whole Bill. However, the argument with which he concluded does not quite hold together and there is an elision between different issues. The noble Earl has given an absolute assurance, I think on the basis of a piece of paper that was handed to him, that it cannot be used to require a communications service provider to build a back door or to create one in a future area. But then he said that we must not put in the Bill something that creates a safe space. Either the Government’s position is that this cannot be used to require a company to produce a back door, in which case the safe space exists and presumably the Government are not happy with their own legislation, or it is the case that the Bill could require a communications service provider to build such a back door.
We have already heard from the noble Lord, Lord Evans of Weardale, that what we are trying to do here is balance two national security concerns: the national security concern to prevent terrorism and so on and the national security concern about making it slightly easier for cybercriminals. These are very important issues. If the Government are clear that, as a result of the Bill, a technical capability notice could not require an operator to build a back door that would otherwise not exist, it is important to set that out in the Bill. If we are in a position where techUK says—as it has in the briefing it circulated to me and, I am sure, to other noble Lords—that this is ambiguous, perhaps it is the responsibility of the Government to remove that ambiguity and make the position clear. I do not really want to have to divide the House on this matter, so between now and Third Reading, is the noble Earl prepared to turn the unequivocal assurance he has given that it cannot be used in this way into an amendment to the Bill that will remove that ambiguity?
With the leave of the House, I hope I can help the noble Lord on this because I do not believe that the Bill is contradictory. First, the term “back door” has been used, but I do not think that is a helpful or accurate way of describing the Bill’s provisions. “Back door” is in everyone’s judgment a loosely defined term. It is used incorrectly to imply that the Bill would enable our law enforcement, security and intelligence agencies to gain unrestricted access to a telecommunications operator’s services or systems, thereby undermining the security of those services—to force that to happen. That is absolutely not the case. The Bill enables our agencies to require telecommunications operators to remove encryption themselves, only in tightly defined circumstances: where they have applied the encryption themselves; where it has been applied on their behalf; where it is reasonably practicable for them to remove it; and where doing so is required to comply with a relevant warrant, notice or authorisation.
I come back to the point I made earlier. This is about the Government being able to sit down with companies and reach agreement with them on the basis of what is reasonably practicable, affordable and so on. It would not be responsible for any Government to deny themselves the possibility of doing that and discussing what in all the circumstances is reasonably practicable for the company, and for the company to agree to do it.
Again I am grateful to the noble Earl. I do not think anyone here has misunderstood the point that this is not about giving the Government uninterrupted access. It is about requiring companies to create a facility so that if they are asked, after all the suitable warrants have been gone through and all the safeguards have been fulfilled, to gain information and pass it back to the Government. I accept that that is the position and that is what is intended here. However, the Minister has still not been unequivocal on whether technical capability measures could require such a facility to be created, so that, in those circumstances and with all those safeguards in place, something could be done. It is a critical issue that we need to clarify. Otherwise, we do not know where we stand as far as the amendment is concerned. The Minister needs to provide the House and the IT industry with as much clarity as he can on this point, because the danger is that it will become the subject of continual argument.
Were the Bill to be amended by any of the amendments in this group, the Government would still have the option to say that they were minded to serve a technical capability notice on a particular company. That would then trigger a series of discussions, because it is what the Bill provides for, and a communications service provider might come back at that point and say, “Look, we literally cannot do it. We do not have the facility”. However, it is not clear whether the Government could none the less say, “Well, we understand that, but we are requiring you to do it”. The question then is: what is or what is not feasible? I happen to believe that some of the biggest communications service providers in the world have more computing expertise than any nation state. If they are told, “You are legally required to do this”, they could do it; they could find a way of making it happen. We have to be explicit as to what the Government’s expectation is. Are they saying, “No, that is not what we are requiring”, or are they saying, “Well, we might”? If they are saying, “We might”, that clarifies the position, if not helpfully. If they are saying, “No, we are not”, which is what the Minister said earlier, perhaps we could put that in the Bill—if not in the form of words proposed, then in some form of words that the Government could craft between now and next week. That would be a helpful way forward and provide absolute clarity as to the extent to which technical capability notices could be served. If I am not able to get that assurance from him—I appreciate that bits of paper have been flying backwards and forwards between him and the Box—we are in a very difficult position.
I can state categorically to the noble Lord that it is absolutely not the case that the Bill would force a company to insert a back door, thereby undermining internet security. We might ask a company in certain circumstances to decrypt particular data if it was reasonably practicable and feasible for them to do so.
My Lords, I understand that that is the case; that is, if they have the encryption key—we will not use “back door”; we will find another form of words—and the capability to do it, and it is not too complicated and all the relevant warrants are in place, yes, they will do that. As I understand it, most tech companies are perfectly understanding of that and willing to do it. The question is whether, if the Government were presented with a situation they were concerned about, they could say to one of the biggest communications service providers in the world, “We are asking you to build something which is not there at the moment, but we’ll provide that facility for those circumstances that might arise in the future when we’ve gone through all the relevant warrants and so on”. I am looking for an assurance from the Minister that that is not sought here, because of the dangers that we have already discussed. If he wishes, I can reiterate the question to give the Minister the opportunity to read the piece of paper that has just arrived.
Of course, a technical capability notice can require a new capability to be built; that is what they are there for. If it was neither practicable nor feasible, they would not have to do it. The problem here is that it is very difficult to generalise, because any decision about these things would have to have regard to the particular circumstances of the case. As I said, there are many different models of encryption, including many different models of end-to-end encryption. Any decision has to recognise that what is reasonably practicable for one telecommunications operator may not be for another. That is why I have referred repeatedly to the need for the Government and industry to have that easy interchange which they do at the moment. It is important to emphasise that these powers already exist in law today. We should not do anything that undermines the basis for the constructive discussions that we are having.
The Minister reminds us that the ideal arrangement is one of easy interchange and discussion—I understand that that carries on and works very well. He is right to say—this is why the wording of the current legislation is ambiguous and therefore a problem—that building a technical capability could mean simply putting in a piece of equipment, which means that, at the point at which the Government ask, having gone through all the voluntary processes, it is quite a straightforward matter to provide the information that the Government have legitimately and lawfully requested. That is one definition of technical capability.
What I want to know is whether “technical capability” could apply to a very secure end-to-end encryption process which no communications service provider could break but where, if they devoted thousands of person hours in California or wherever they operate from, they could develop something which might do that. If that is what the Bill is saying, we need to know.
I accept that it would not be reasonably practicable; it would also be very expensive—as I understand the Bill, the Government would have to pay for it and I am sure that technical experts in California or wherever might be very expensive. If that is the case, and if it is not possible to write it into the Bill—I would have thought it could be—it would be helpful for the Minister to write and make very clear what the Government’s intentions are in that regard and confirm that such circumstances are precluded by the Bill. If the Minister is prepared to do that, I am prepared not to press the amendment to a vote.
I think I have made the Government’s position as clear as I possibly can and I am not sure what I can do to amplify the remarks I have already made. While I want to be as helpful as possible to the noble Lord, I am struggling to see how a letter from me would make the position clearer.
I understand the Minister’s dilemma and I am sure that a letter from him to me would have far less force than the words appearing in Hansard. I appreciate that the courts can look at the debates in Hansard to try to interpret them. However, I ask that the Minister spends the next few days just thinking about some further modification to the Bill to make sure that this ambiguity, which I think genuinely exists—because techUK tells me so—is cleared up. On the basis that I am sure he will spend his waking hours between now and next Monday thinking about precisely these matters, I beg leave to withdraw the amendment.
(8 years, 1 month ago)
Lords ChamberMy Lords, I am sure that the entire House is grateful to the noble Lord, Lord Paddick, for giving us a comprehensive list of ways in which we can try to keep our communications secret and away from prying eyes. I am sure that every Member of the House is grateful for that tutorial, but the noble Lord does rather elide the question of those people who perhaps have not had the benefit of his tutorial. I realise that the whole world of terrorism and organised crime is listening with intent to every word that he says on these matters, but there will be such. He gave a specific example, saying that communications data in the past would have demonstrated that X had contact at a travel agent. When I book train tickets, I usually do not use WhatsApp or a VPN—I simply go online and connect to the relevant train company. So if somebody wanted to find out whether I had been booking a train ticket, my internet connection record would provide that information. I therefore do not quite understand the argument that, because there are ways that you can avoid the state knowing what you have done if you are really determined, you should therefore prevent it knowing what you have done if you are not really determined.
My understanding is that not all terrorists and not all organised criminals are terribly good with this stuff—that they make mistakes—so the horrifying consequences that the noble Lord describes therefore might not actually occur, and instead, a lot of very nasty people will be caught, because they do not have the noble Lord’s encyclopaedic grasp of ways of keeping communications secret.
Amendment 118A seeks to prevent the creation and collection of internet connection records. My noble friend Lord Paddick has explained why ICRs are of little security value, and that they would be very difficult and expensive to collect and make use of. The only democracy to try was Denmark, which gave up after years of fruitless effort. It tried again at the beginning of this year with a project almost identical to the one planned by the Home Office, but quickly abandoned it when independent auditors confirmed that it would be prohibitively expensive.
I wish to draw the House’s attention to two other serious drawbacks that would arise from creating and storing internet connection records. The first is the serious impact on the privacy of every user of the internet in this country. We must remember that internet connection records do not currently exist, and until quite recently—say, 25 years ago—all the electronic data that would have to be collected together to create ICRs did not exist, either. In those days, our private interactions with those close to us left no trace. A conversation over lunch, a cash purchase at a shop, a visit to a library to do some research, attendance at a political meeting, a romantic assignation—all left no record of having happened. They were ephemeral. What happened between your four walls was between you and your God.
Fast forward to today, and we find that all the interactions I have just mentioned now leave an electronic trail behind them. A combination of credit card records, location services on our phones, our emails and text messages and records of every website we visit will give the whole game away—including the identity of whom we met at our assignation. If internet connection records are created and kept by our service provider, all these electronic trails will be available to hundreds of public authorities, not just the police and security services, on demand and simply by self-authorisation.
The Government have given this data the name “internet connection records”, which is technically accurate, but what they really are is private activity records: a log of everything we do and when and where we do it. The problem is not that the surveillance can occur at all, but that it happens indiscriminately to all of us, all the time. My second topic is the ironic fact that ICRs will actually reduce our security, rather than improve it, because of the virtual certainty of thefts of some of that private and personal data about every internet user in the country. If you do not believe me, consider just a few of the thousands—and I mean thousands—of recent data thefts from high-security establishments. I mentioned in Committee that SWIFT, the fulcrum of the global financial payments system, has had $81 million stolen from it by hackers. Last week, it emerged that it has been penetrated a second time. A gang of five eastern Europeans is believed to be behind the theft of 3 billion sets of customer data worldwide from many of the world’s leading tech companies, including the data of 500 million Yahoo! customers. As I mentioned earlier, powerful hacking tools belonging to the NSA, the American equivalent of GCHQ, suddenly appeared on the internet in August having been stolen from it, and two Israelis and an American stole 100 million people’s records from 12 US financial institutions. Those are just a few examples—as I say, there are many more—of thefts from sites which, dare I say it, were seemingly far more secure than those of UK service providers.
Internet connection records, or private activity records, will be stolen and the consequences will range from embarrassment to blackmail and fraud for the unfortunate victims. In the case of people in positions of responsibility, including government officials, the consequences could be catastrophic. Far from making us safer, ICRs would compromise our security and, as I have explained, seriously intrude on our citizens’ privacy. We should have nothing to do with them.
(8 years, 1 month ago)
Lords ChamberMy Lords, Amendment 13 is also in the name of my noble friend Lord Strasburger. In Committee, we moved an amendment that would have triggered implementation of the Privacy and Civil Liberties Board that the Liberal Democrats in the coalition Government insisted was part of the package of measures included in the Counter-Terrorism and Security Act 2015. We withdrew that amendment but the Government have failed to give us any hope that it will be accepted. At this stage we are introducing a new amendment to establish an alternative Privacy and Civil Liberties Board based more closely on the well-regarded American model.
In the United States the Privacy and Civil Liberties Oversight Board is an independent, bipartisan agency within the executive branch. It comprises four part-time members and a full-time chairman, and the board is vested with two fundamental authorities: first, to review and analyse actions the executive branch takes to protect the nation from terrorism, ensuring that the need for such actions is balanced with the need to protect privacy and civil liberties; and secondly, to ensure that liberty concerns are appropriately considered in the development and implementation of laws, regulations and policies related to efforts to protect the nation against terrorism. We want a similar body in the UK, and we are not the only ones who do. The Prime Minister, when Home Secretary, committed the Government to,
“ensure we have more transparency from Government”,
which we are doing through this Bill. She continued:
“We will also reduce the number of bodies that are able to have access to the communications data”,
which, again, we are doing through this Bill, and,
“establish a privacy and civil liberties board based on the US model”.—[Official Report, Commons, 10/07/14; col. 472.]
It is only the latter commitment that this Government have failed to fulfil and which this amendment seeks to address. Noble Lords will see that the wording of the amendment seeks to reflect as accurately as possible the American model, which is widely seen as a world-class example of its kind.
Is the noble Lord therefore saying that the American approach to this matter is totally protective of civil liberties?
My Lords, I am saying that the American model provides significant safeguards, in that somebody represents the side of privacy and civil liberties in the argument; it is not simply a case of the security agencies’ side being put, as perhaps some might see in this country.
Unlike the previous amendment, this amendment does not seek to replace the Independent Reviewer of Terrorism Legislation. On the contrary, noble Lords will see that the independent reviewer must be consulted on the appointment of members of the board. This is complementary to, not a replacement for, the Independent Reviewer of Terrorism Legislation. The current reviewer, Mr David Anderson, has previously argued that the post of independent reviewer is under-resourced and that it does not cover a wide enough range of laws. He said:
“If appropriately staffed and directed by the Independent Reviewer, the proposed new body could sharpen that investigative function and increase its scope”.
I accept that Mr Anderson also has concerns, and no doubt my noble friend Lord Carlile of Berriew, his predecessor, will tell us that he too has concerns. However, it continues to be the view of the Liberal Democrats—
My Lords, I am very grateful to those who contributed to this debate. As far as my noble friend Lord Carlile of Berriew is concerned, I am not familiar with the Patriot Act but I know that the Privacy and Civil Liberties Oversight Board has made a significant difference in redressing the balance of some laws in the United States. Even though the noble Baroness, Lady Buscombe, spoke to members of that board and asked whether the Government must listen to it, the fact is that the Government in America did listen and acted on some of the board’s recommendations.
Clearly, these people would need to be security vetted. They will be appointed by the Secretary of State, who could impose whatever conditions she thought fit on those people.
On sloppy drafting, I am afraid it is that no more than three members of the board should be of the same political party rather than that three members should not be of any political party, which is what I think my noble friend suggested.
I am sorry to interrupt the noble Lord again, but could he clarify what that phrase is intended to mean? The way I, and I think my noble friend, read it is that, of a board of five, three can be of the same political party. Is the noble Lord saying that it is in the interests of civil liberties and all these other things to have a board of which three members are from the same political party—presumably the government party? Will that really then be an independent board?
The fact is that it is up to the Secretary of State to appoint those members to the board. One would hope that the Secretary of State would use the freedom provided by this amendment to ensure that the board is balanced. As with the noble and learned Lord, Lord Keen, I also have my brief. However, on this occasion it would be disrespectful to the House to press this amendment to a vote. Despite my brief, I beg leave to withdraw the amendment.
(8 years, 4 months ago)
Lords ChamberMy Lords, this amendment is one of several in this group in my name and that of my noble friend Lady Hamwee. Amendment 158A probes what is meant by the term “any other information” in terms of the purpose of an equipment interference warrant. Clause 93(2) states that an “equipment interference warrant”,
“requires the person to whom it is addressed to secure interference … for the purpose of obtaining—(a) communications”,
which is defined in Section 126(1); “(b) equipment data”, defined in Section 94; and “(c) any other information”, which is not defined. Can the Minister at least give some examples of what “any other information” means? Amendments 185B and 185C cover the same point in other subsections of Clause 93.
Amendments 158D to 158M and Amendments 169B to 169T make a different point—to try to ensure greater targeting of equipment interference warrants. Clause 95 sets out the subject matter of targeted equipment interference warrants. Clause 95(1)(b) states that the warrant may relate to,
“equipment belonging to, used by or in the possession of a group … who share a common purpose or who carry on, or may carry on, a particular activity”.
Such a broad and potentially large group of people can only in the loosest sense be described as targeted.
Amendment 158J applies the same arguments to targeted examination warrants in Clause 95(2)(b). Similar arguments of not being too broad and not being sufficiently focused apply to Clause 95(1)(f):
“equipment which is being, or may be, used for the purposes of a particular activity or activities of a particular description”.
Instead, Amendment 158H would insert:
“A targeted equipment interference warrant may be issued only if the persons or equipment to which the warrant relates are named or specifically identified using a unique identifier”,
which could, for example, be the IP address for a particular device. Similar wording in Amendment 158M would apply to targeted examination warrants.
It is worth remembering what targeted examination warrants are for. If, as a result of the bulk collection of the content of overseas communications, the security services discover UK-based communications that they want to examine the content of, they must first have a targeted examination warrant. This is to prevent the bulk collection of the content of communications of UK citizens. How then can it be right that such a targeted examination warrant applies to such a broad range of communications as,
“a group of persons who share a common purpose or who carry on, or may carry on, a particular activity”?
If the security services know that the communication is UK-based, they must also know whose communication it is and can therefore specify that in the warrant.
Subsections (1)(g) and (h) and (2)(d) and (e) of Clause 95 make provision for the issuing of targeted equipment interference warrants and targeted examination warrants for the purposes of testing, maintenance of equipment and the training of people. Amendments 158F, 158G, 158K and 158L would leave out those provisions.
In the first Committee sitting we discussed the issuing of interception warrants for the purposes of testing equipment and training agents, and the noble and learned Lord responded to the debate at cols. 105 and 106. In response to the Minister’s explanation, I said that I was still puzzled about training and testing warrants. I accepted that new equipment required testing and individuals needed to be trained in real-life situations but said that I was concerned about who the individuals or organisations were that might be targeted in these training exercises, bearing in mind that the normal provisions regarding proportionality and necessity in terms of suspicions that these individuals were up to no good would presumably not apply in training and testing situations. If they were real bad guys, a non-testing and training warrant could be issued. The noble and learned Lord failed to convince me then, but perhaps he can try again now.
Amendments 169B and 169T make the necessary consequential changes to the requirements that must be met by warrants in terms of the details that must be included in equipment interference warrants. I beg to move.
My Lords, I listened very carefully to the noble Lord, Lord Paddick, and his explanation of his amendments, but I was not at all convinced. If we believe that there is a need for the Bill, which I do, but have reservations about some of the issues around encryption, we have to ensure that the relevant agencies have some tools in their kit box. One of those tools has to be the ability to interfere with or look at the specific equipment. What the noble Lord is trying to do is to restrict the availability of that power to such an extent that it would effectively become almost useless. It would simply be available if you have one named individual. Therefore surely it is right that a significantly broader power should be available to engage here.
The question that the Minister who is going to respond needs to answer is this: how will the test of proportionality be applied in such cases? Presumably it is not proportionate to have such a broad sweep contained within the authorisation that it is inappropriate and overly onerous. The mechanism is therefore this: how is it determined that this is a proportionate and proper use of the power, and can we and the public be reassured that the mechanisms exist to ensure that that proportionality is adhered to?
I am obliged to noble Lords. I know that these are probing amendments and I shall address them in that light. Of course some of these amendments were discussed in the other place and, as noted, were considered again by this Committee in the context of interception.
Amendments 158D to 158M and 169B to 169T would remove the ability of the warrant-requesting agencies to apply for a warrant against an organisation, a group of persons with a common purpose, or a group of persons carrying out the same activity. They would require a warrant to name or identify each person or piece of equipment to which the warrant relates and they would remove the ability to obtain warrants for testing and training activity. As I have already set out when we considered similar amendments in the context of interception, it is important that those responsible for keeping us safe have the powers they need. These amendments would undermine their ability to employ those powers.
Let me start with the amendments regarding unique identifiers. As I explained in the context of interception warrants, it is not always possible at the outset of an investigation to know or have identified all of the individuals who may be subject to a warrant over the course of that investigation. The example of a kidnap gang applies to equipment interference just as it applies to interception. When a warrant is granted against a gang, the person applying for the warrant may not know that there are four members of the gang rather than three. The ability to grant a warrant against the gang in order to establish its size and to identify co-conspirators is precisely why the Bill provides for thematic warrants. Thematic warrants are already available to the equipment interference agencies under the Intelligence Services Act 1994 and the Police Act 1997 and they are invaluable when investigating complex or fast-moving threats. It is right that the Bill should not undermine their ability to do this.
I would seek to reassure your Lordships that the Bill already provides in Clause 107 that the warrant has to describe the relevant persons, locations, activity or groups and the type of equipment to which the warrant relates in so far as it is reasonably practicable to do so. This is an important safeguard which will assist the oversight of thematic targeted warrants. The Investigatory Powers Tribunal recently considered the use of equipment interference in this way. It determined that,
“a warrant is lawful if it is as specific as possible in relation to the property to be covered by the warrant”,
and that,
“it need not be defined by reference to named or identified individuals”.
Let me turn to the amendments that seek to remove the ability to grant a warrant relating to particular subject matters. This was also discussed at some length in the other place and very recently in this Committee, again in the context of interception. Such a change would be operationally damaging and is moreover unnecessary. The Bill and the statutory code of practice impose strict limits on the issue of warrants, including in relation to organisations or groups of persons. I should emphasise that such warrants are not open-ended. Their scope must be sufficiently limited that the issuing authority can properly assess the necessity and proportionality of the interference. Further, under the Bill a judicial commissioner will need to approve the issuing authority’s decision. So the clause does not allow for overly broad warrants to be issued. Moreover, removing the ability to seek warrants against persons carrying out the same activity could prohibit the agencies from, for example, seeking a warrant against individuals accessing a particular website in order to access child abuse images. In such cases it is vital that law enforcement should be able to identify suspects and bring them to justice.
My Lords, as I said earlier in Committee, it is important that, in assessing any proposal made in the Bill, we strike the balance between the need for it and any possible negative consequences, and whether that may weaken the security of a device, enabling the malign elements, as opposed to benign, to penetrate systems. As I understand it, the purpose of the amendment is to try to ensure that that balance is clear in the Bill. It would place an obligation on those seeking warrants and those considering them to look at whether that balance has been struck and ensure that it has.
It is reasonable for those seeking warrants to demonstrate that they have considered whether there are any negative consequences of the action they are prepared to take, particularly if it leads to a weakening of the general security of a wider system that may mean it is prone to attack from cybercriminals or others accordingly, or that there is likely to be a large amount of collateral damage in other people’s information being made available to the authorities.
I make it clear that I do not think the fact that the information of other people who are not the purpose of a warrant may be compromised is necessarily a reason why we should not proceed with this. It should be balanced with the consequences. For example, I can conceive of circumstances where a warrant might be sought for a machine in an internet café. Clearly, that is because certain individuals are thought to be using it. In any application I would want consideration to be given to what would be done about those other, presumably entirely innocent individuals who might use the same machine.
I am concerned that, as part of the process, there should be consideration of the downsides of a particular application: whether it is weakening the system or interfering with the privacy of other people who are not specifically targeted. If either is the case, there should be clear consideration of what can be done to minimise those risks. The fact that another person is not the subject does not necessarily mean that it should not be proceeded with. It is a matter of proportionality—the benefits that will be gained from the action being taken and whether those are properly considered by those making the application and those considering whether to approve it. For those reasons, the amendment is broadly helpful. I hope that Ministers may be prepared to accept this or something like it to provide that assurance.
My Lords, I added my name to Amendments 159 and 160. Amendment 164 is in my name and that of my noble friend Lord Rosser. Our points are much the same as those made by my noble friend Lord Harris. I do not think there will be planting of evidence, for example. Our concern is much more about the risk to any public cybersecurity system, and we would want that to be taken into account. These amendments follow the recommendations of the Joint Committee. The idea is to minimise any potential risks. If, for example, the Secretary of State has to take into account any risk to the security and integrity of the networks, that by itself will ensure that any applicant sets that out in the form they submit. We hope the Government will respond, as my noble friend Lord Harris said, not necessarily by using these exact words but in the spirit of these amendments in order to retain overall security.
(8 years, 4 months ago)
Lords ChamberMy Lords, Amendment 93 stands in my name and that of my noble friend Lord Rosser and is on the same issue of encryption. Encryption is fundamental to keeping the whole of the digital economy safe and secure. It is widely used by business, government and consumers to protect sensitive and confidential information and as a building block in the advanced security technology which has been described.
The undermining of encryption would not simply mean that the communications of criminals could be read more easily; it would risk creating a major vulnerability in the security infrastructure, which could be exploited by various malicious actors, be they criminal gangs or rogue states. So it is important for this economy and for all the financial and other businesses that depend on it that the foundations of encryption technology remain absolutely firm.
There will be times when state security undoubtedly needs access to encrypted information for a specific investigation. This is not the problem. The problem is whether the Government would ever require a company to engineer such access, enforcing the company to create a model which, if then followed by other nations with perhaps less security than ours, would lead to a lowering of standards. We welcome the statement by the Government that they do not require industry to build back doors into their encrypted products. The Bill as it stands is perhaps not as clear as the commitments the Government have made.
Clause 226 risks making encryption intrinsically weaker if a company could be asked to build the ability to break the encryption. Amendment 93 seeks to address that. We hope the Government will understand that, when the request is made, they should not ask a company to develop a new way of breaking encryption that is not already within its ability. At the moment, the clause implies that, where companies that did not have the ability to remove the protection were issued with a notice, they would be required to build that capability so as to adhere to the notice. That is worrying the companies because of the general undermining of encryption. End-to-end encryption is essential to protect sensitive personal, commercial and security information. I think the Government share our concern that we should maintain that.
The thrust of Amendment 93 makes it explicit that a company would be required to remove the electronic protection only where it had the current capacity to do so and that it should not have to engineer it. We hope it will be accepted by the Government.
My Lords, first, I should draw attention to my interests in the register on policing and counterterrorism matters. Secondly, I should make clear that my starting point on the Bill is that it is important that the developing gaps in access to communications data are addressed to protect the nation against all sorts of threats.
In any set of counterterrorism or counterespionage measures, or whatever else it might be, you have to look at the balance and weigh the benefit to the nation in protecting its citizens by having those powers against the potential downside or consequences of exercising them.
When we come to the question contained in this group of amendments—essentially about enabling or requiring companies to break the apparent encryption—we have to look carefully at the potential downsides presented by this. The first downside, or danger, is that by enabling this to happen—by creating the mechanism and requiring companies, as my noble friend Lady Hayter said, to make new arrangements so that encryption can be broken—you create a back-door mechanism. This would be available not just to the forces of good—those who are trying to protect all our security—but to cybercriminals and those who would do us ill. Therefore you need to weigh clearly what you are trying to do against whether you are creating something that will make it easier for criminals and those who would do us harm.
The second element is the extent to which what we do in this country sets a precedent that will be seized in other countries, whose interests may not be the same as ours or as positive as ours towards their citizenry. If we create that precedent, what is to prevent Governments in other countries saying that they want the same powers and therefore doing the same? That test has to be applied to quite a number of the measures in the Bill. As I say, my starting point is that I want the state to be able to fill the gap in its access to communications data that is emerging and opening up. However, I want to hear from the Government a clear explanation of why in this set of cases the benefits outweigh the potential disbenefits.
My Lords, a number of amendments here separately seek to remove the encryption provisions from Part 9 or propose modifications to them.
I will begin with Amendments 92, 102 and 103, which propose removing the encryption provisions from Clauses 226 and 228. If these are anything other than probing amendments, I have to say that they are irresponsible proposals, which would remove the Government’s ability to give a technical capability notice to telecommunications operators requiring them to remove encryption from the communications of criminals, terrorists and foreign spies. This is a vital power, without which the ability of the police and intelligence agencies to intercept communications in an intelligible form would be considerably diluted.
Let me be clear: the Government recognise the importance of encryption. Encryption keeps people’s personal data and intellectual property secure and ensures safe online commerce. The Government work closely with industry and businesses to improve their cybersecurity. However, law enforcement and the intelligence agencies must retain the ability to require telecommunications operators to remove encryption in limited circumstances—subject to strong controls and safeguards—to address the increasing technical sophistication of those who would seek to do us harm.
Encryption is now almost ubiquitous and is the default setting for most IT products and online services. If we do not provide for access to encrypted communications when it is necessary and proportionate to do so, we must simply accept that there can be areas online beyond the reach of the law, where criminals can go about their business unimpeded and without the risk of detection. That cannot be right.
These provisions simply maintain the current legal position in relation to encryption and go no further. They retain the ability of law enforcement and the security and intelligence agencies to require companies to remove encryption that they have applied, or that has been applied on their behalf, in tightly prescribed circumstances. It would not—and under the Bill could not—be used to ask companies to do anything that it is not reasonably practicable for them to do.
The safeguards that apply to the use of these provisions have been strengthened during the Bill’s passage through Parliament. First, the “double-lock” authorisation process now applies to the giving of notices, which means that a judicial commissioner must approve the Secretary of State’s decision to give a notice. The Secretary of State must also consult the relevant operator before a notice is given. The draft codes of practice, which were published alongside the introduction of the Bill, make clear that should the telecommunications operator have concerns about the reasonableness, cost or technical feasibility of any requirements to be set out in the notice—which includes any obligations relating to the removal of encryption—it should raise them during the consultation process. Furthermore, the new privacy clause in the Bill requires that regard be given by the Secretary of State to the public interest in the integrity and security of telecommunications systems when deciding whether to give a technical capability notice.
My Lords, can the Minister clarify for me—I am sure that other noble Lords have got to the point precisely—that the requirements that the Bill seeks to create will apply only where a service provider has offered a service which most people might assume is secure and encrypted but has built in an existing arrangement which allows it to access it? Would it apply only in those circumstances? If that is not the case, perhaps the Minister could explain in what other circumstances it might apply. Can he further tell us whether there is an expectation in the Bill that, where a service provider is developing a new service, it must ensure that it has the facility to access what the user would assume are encrypted data?
The answer to both questions is that it depends on what is reasonably practicable for the communications service provider. The power will apply usually to encryption that the provider has applied or has been applied on its behalf. If there are other circumstances where it would apply, I will take advice and write to the noble Lord, but we come back to what is reasonably practicable for the company. It is why the Government maintain a dialogue with communications service providers to ascertain what is practicable and what is not, and what would be cost effective and what would not be. However, broadly speaking, the noble Lord was right.
I am sorry to press the point, but I need to understand it. I understand the Minister’s answer in respect of the requirement applying where it is reasonably practicable because the encryption arrangement has been applied by the service provider, but is he saying that there is an expectation that in building new services a service provider should create something where it is technically possible for it to undermine that encryption? If so, that would raise a very different point which is important to clarify. Is the service provider required to make it technically practicable in future services as it develops them for this to be allowed?
It might be, but it might not be. Again, it depends on what is reasonably practicable in the particular circumstances. Those circumstances might vary from provider to provider and from situation to situation, so it is not possible for me to generalise about this, but I will take further advice and write to the noble Lord about it.
I was certainly not implying that the Government wished to ban end-to-end encryption; in fact, we do not seek to ban any kind of encryption. However, there will be circumstances where it is reasonably practicable for a company to build in a facility to de-encrypt the contents of communication. It is not possible to generalise in this situation. I am advised that the Apple case to which the noble Lord referred could not occur in this country in the same way.
Is the Minister therefore saying the Government’s expectation is that service providers will in future ensure that it is reasonably practicable for them to access those communications? If that is the case, I think that he is raising a whole new group of issues.
The Bill is clear that any attempt to obtain communications data must be necessary and proportionate, or it will not be permitted. It is crucial that the Bill provides a robust, legal framework which means that the law is consistently applied correctly. That is why we are introducing the double lock involving judges signing off warrants for the most intrusive powers, which means that the Secretary of State’s decisions, other than in the most urgent cases, will be independently scrutinised before warrants can be issued. I come back to the central point here, which relates to encryption: we do not think that companies should provide safe spaces to terrorists and other criminals in which to communicate. They should maintain the ability when presented with an authorisation under UK law to access those communications.
(8 years, 7 months ago)
Lords ChamberIf I was in a position to make the statement today, I am sure the noble Lord appreciates that I would do so. He may be familiar with the wheels of government and with the requirement for these matters to be approved at various levels before a final statement is made. If I was in a position to make that statement, I reassure the noble Lord that I would not hesitate to make it.
But this is Third Reading. Is there not a sense of urgency in these matters?
There is certainly a sense of urgency in this matter and that is why I expressed my apology to the House and the noble Baroness, Lady Lister. I had indicated that by Third Reading I would be in a position to confirm the Government’s position on this. However, it is a matter that requires detailed consideration. It is a matter that has ramifications. It is a matter that has to be considered in conjunction with Home Office guidelines. It is a matter that must be consulted on and finally approved before issue, and it is for that reason that, regrettably, there has been a period of delay in respect of this point.
I underline that it will not involve an absolute prohibition. It will, however, involve a very limited power of detention to be exercised only in exceptional circumstances and for a very limited period. That is what is anticipated at present. As I sought to point out on Report, it is simply not practicable to have an absolute bar in respect of pregnant women. There are circumstances in which, for example, a pregnant woman arriving at an airport or a port, clearly with no right at all to enter the United Kingdom, may present either a security risk or a risk of absconding, and without any power of detention it would be quite impossible to arrange her return at that time of arrival. Therefore, in these circumstances, I urge the noble Baroness to withdraw her amendment.