Lord Lucas
Main Page: Lord Lucas (Conservative - Excepted Hereditary)Department Debates - View all Lord Lucas's debates with the Ministry of Defence
(8 years, 4 months ago)
Lords ChamberMy Lords, in moving Amendment 119, I will also address Amendment 202 in this group. At Second Reading, the noble Lord, Lord Birt, made an impassioned speech which echoed my thoughts exactly. What most of us experience as crime related to the internet are the daily attempts to pick our pockets and to mug us in other ways which crowd our inboxes, even with all the filters that are in place in Parliament and much more so on one’s private email. This is the experience of the average citizen of the internet: a caricature of a Dickensian London street, a place where you always have to be on your guard, where it is not safe to be.
In the Bill the Government are giving themselves the power, potentially, to help us do something about that. These amendments are intended to probe whether the Government have gone far enough to enable them to put those things into effect. When they talk about “serious crime”, they are talking of the equivalent of murder. But “serious” to us is small crimes, repeated in large numbers, every day, which are much more likely to have an effect on us—indeed, on every citizen.
Once the Government have the access to data that they are seeking in the Bill, they have the power to help us. They can warn us, “Hang on, you’ve been on a website that’s probably infected, you ought to do something about that”, because they know everything we have done on the internet, potentially; or they can start to do that, or they can explore the possibility of helping us.
Noble Lords who were here for the debates on identity cards will remember the great issues of principle we discussed then. But the sort of information we were afraid to give a Government we give every day to Google. You give it to Nintendo if you play Pokémon GO. We are astonishingly willing to part with our information if we get something back.
My Lords, Clause 58 is the first clause of Part 3 of the Bill and deals with the targeted obtaining of communications data. It provides the power for only those public authorities listed in Schedule 4 to the Bill to authorise conduct to obtain communications data. Obtaining communications data may be authorised only when necessary for one of the statutory purposes listed in Clause 58(7) and where the conduct authorised is proportionate to what is sought to be achieved. Similarly, Clause 146(2) provides the statutory purposes for which a bulk communications data acquisition warrant will be considered necessary. Those purposes mirror the statutory functions of the security and intelligence agencies, since bulk warrants are of course available only to those agencies. They are where it is,
“in the interests of national security”,
for the prevention or detection of serious crime, or,
“in the interests of the economic well-being of”,
the UK where relevant to national security.
Throughout the passage of the Bill, we have heard repeatedly of the vital importance of communications data for the full range of law enforcement activity and national security investigations. This Government are committed to ensuring that law enforcement and the intelligence agencies have the tools they need to carry out the critical responsibilities that Parliament has placed upon them. Indeed, one of the key aims of this legislation is to ensure that investigatory powers are fit for a digital age and that crime can be investigated wherever it takes place, regardless of the method of communication. However, the Government consider these amendments unnecessary for targeted communications data and an inappropriate extension of responsibilities for our intelligence agencies for bulk communications data.
The Bill already provides that communications data may be acquired for the purpose of preventing or detecting crime, wherever that crime takes place and whatever scale it is on, where an application for communications data meets the requirements for necessity and proportionality. So it would already be available for the purpose of suppressing less serious crimes perpetrated on a large scale. I commend the aim of my noble friend Lord Lucas’s amendment but I believe that the Bill already provides the powers that he seeks.
As I said earlier, the bulk acquisition of communications data is available only to the intelligence agencies, whose statutory functions relate to serious crime and national security. The inclusion of a statutory purpose to obtain communications data in bulk so that our intelligence agencies could suppress less serious crime would therefore, in my submission, be inappropriate.
I hope that my noble friend finds those comments helpful and will feel able to withdraw his amendment.
My Lords, I thank my noble friend for his reply. I am not surprised but disappointed, but I shall certainly seek leave to withdraw my amendment.
My Lords, in moving Amendment 134, which is in my name and that of my noble friend Lady Hamwee, I will also speak to Amendments 135, 142, 144 and 240 and on whether Clauses 63 to 65, relating to filtering arrangements, should stand part of the Bill.
Amendment 134 would amend Clause 63(1) to say that the Secretary of State “may by regulations establish” rather than simply “may establish”. Amendment 240 is consequent on that. Amendment 135 would amend Clause 63(1), so that while the Secretary of State may establish filtering arrangements, she would not “maintain and operate” them herself. In fact, my understanding is that the Government have no idea at this stage who might maintain or operate such arrangements.
I do not intend to speak to Amendment 138, which we will not be moving and do not consider worth debating. Amendment 140 would have added to the duties in connection with the operation of the filtering arrangements—that the Secretary of State shall, in exercising her powers under Clauses 63 to 68, have regard to the general duties in relation to privacy in Clause 2.
To the duty on the Secretary of State to provide a report to the Investigatory Powers Commissioner about the operation of the filter, Amendment 142 adds a duty to lay a report before each House of Parliament about the functioning of the filtering arrangements during the previous year. Amendment 144 requires the Secretary of State immediately to report to the Investigatory Powers Commissioner any processing errors—not just “significant” processing errors—giving rise to a contravention of the requirements of this part.
This feature of the Bill is almost identical to that proposed in the Communications Data Bill. The Joint Committee described it as a government-owned data mining device. I described it on Second Reading as a virtual national database. The noble and learned Lord, Lord Keen of Elie, said that it was not a database. I did not maintain that it was; I said it was a virtual database. My understanding is that this is a search engine that would have real-time direct access to communication databases held by every communication service provider, including, if the Bill is not amended, everyone’s internet connection records.
At the moment, the police and security services, through a single point of contact, make application to communication service providers, which assess the lawfulness of the request and, if satisfied, provide the information. The filter would bypass that important safety check and allow security services to self-authorise access to communication service providers’ data. It would allow complex queries that could provide detailed information about people’s private lives. As the noble Lord, Lord Lucas, said on Second Reading:
“We are producing a resource there that Francis Urquhart would have loved to have his fingers on: absolute knowledge of everyone’s private life”—[Official Report, 27/6/16; col1427.]
The request filter would make life for the police and the security services easier—I say the security services, but I think they have their own systems. Life without the filter would not be impossible for the police, just not easier than it is now. It is therefore not necessary, only desirable and, as such, fails the necessity and proportionality tests for the invasion of privacy.
The Government cannot say what it would look like, where it would be built, who would run it on their behalf or how it would be kept secure. It is a hypothetical virtual database. It would be a dangerous precedent for Parliament to authorise such a device without knowing who would run it and what the security implications would be. I beg to move.
My Lords, I have Amendments 141 and 143 in this group. I very much share the concern of the noble Lord, Lord Paddick, about the request filter. It is an exceptionally powerful system because it will make life so easy. A casual request for data on someone who might possibly be of interest can be done in a moment—you do not have to think about it—rather than tying up resources to such an extent that you probably do not do it.
We are all familiar with the fact that those in the police service are human; doubtless, the people who run this resource will be human. The potential for casual misuse or misuse suborned by journalists will be considerable. On top of that is potential misuse by government. Given that at the moment we do not have an effective Opposition and I suspect that the Bill will effectively pass on the nod, I very much hope that my noble friend will reassure us that not only will there be exact and complete record-keeping for the filter but that those records will be independently inspected, that the results of those inspections will be publicly available and that people who find themselves tied up in nastiness as a result of information which may well have come from the filter will be able to find out whether that has happened.
My Lords, I shall speak briefly on the amendments on the request filter. Along with internet connection records, the request filter is another power that first appeared in the draft Communications Data Bill and which died along with that ill-fated Bill. The view of the pre-legislative Joint Committee on that Bill, on which I sat, was that,
“the Request Filter introduces new risks, most obviously the temptation to go on ‘fishing expeditions’. New safeguards should be introduced to minimise these risks”.
The request filter was described as,
“essentially a federated database of all UK citizens’ communications data”.
I dare say that the committee would be even more worried when it said that in 2012 if it had seen how this Bill expanded the range of data to which the request filter can be applied. That expansion comes from the proposed introduction of internet connection records, which would reveal every detail of a person’s digital life and a very large part of their life in the real world. The effect of the request filter will be to multiply up the effect of intrusion into those data by allowing public authorities to make complex automated searches across the retained data from all telecoms operators. This has the potential for population profiling and composite fishing trips. It is bulk surveillance without the bulk label.
Use of the request filter would be self-authorised by the public authority without any judicial authorisation at all. The concept that the Government promote for bulk data is that they are passive retained records, which they say sit there unexamined until someone comes to the attention of the authorities. That concept is negated by the request filter. The data become an actively checked resource and are no longer passive. Will the Minister confirm that the request filter is not yet in existence and is not yet being used?
The request filter is a bulk power masquerading as an innocuous safeguard to reduce collateral intrusion. Unless and until the Government come forward with proposals to strictly limit use of the request filter through tighter rules and judicial approval for warrants, as is the case with other bulk powers, Clauses 63, 64 and 65 should not stand part of the Bill.