Lord Paddick
Main Page: Lord Paddick (Non-affiliated - Life peer)Department Debates - View all Lord Paddick's debates with the Ministry of Defence
(8 years, 1 month ago)
Lords ChamberMy Lords, Amendment 196A is in my name and that of my noble friend Lady Hamwee. It seeks to remove internet connection records from the type of communications data that can be acquired in bulk. Noble Lords will be very well aware of my views, and the agreed view of the Liberal Democrats, on internet connection records. We believe that they are unnecessary and disproportionate, for the reasons that I have articulated in detail throughout the passage of the Bill.
I shall just remind your Lordships what internet connection records mean. Internet service providers are being forced to keep a record of every website that everyone in the UK has visited in the last 12 months, whether the subscriber is suspected of crime or not. Even though only the first page of each website visited is shown, visiting www.relate.org.uk could, for example, immediately indicate that your marriage was in trouble. However there are some safeguards, including some concessions extracted by the Labour Opposition, to ensure that only the internet connection records of those suspected of crimes that could result on conviction in a sentence of 12 months’ imprisonment or more can be examined by law enforcement agencies.
We are also grateful to the Labour Opposition for securing the review of bulk powers carried out by David Anderson QC, the Independent Reviewer of Terrorism Legislation. We are particularly grateful to David Anderson for highlighting in paragraph 2.41(b), on page 33 of his report on bulk powers, that,
“it is not currently envisaged that the bulk acquisition power in the Bill will be used to obtain internet connection records”.
However, in a footnote at the bottom of that page, Mr Anderson states that he has been told,
“that this is no more than a statement of present practice and intention: neither the Bill nor the draft Code of Practice rules out the future use of the bulk acquisition power in relation to ICRs”.
In Committee, the noble and learned Lord, Lord Keen, said:
“I can confirm to the Committee that the agencies do not currently acquire internet connection records in bulk and have no current intention to do so. It is however important to ensure that we do not legislate against the possibility of internet connection records being acquired in bulk, should agencies make a case which demonstrates that this might be necessary and proportionate in the interests of national security in future”.—[Official Report, 7/9/16; cols. 1087-88.]
Surely we should be legislating for a proven need, not not legislating against a possible but unlikely proven one.
Noble Lords will remember that the security services—GCHQ, MI5 and MI6—have all said that they do not need internet connection records in order to do their work. The power to acquire communications data in bulk, including the power to acquire ICRs in bulk, is available only to those agencies. The power to acquire internet connection records in bulk is therefore not needed. They are not collected in bulk at the moment, and there is no current intention to do so. If this were an opposition amendment to include ICRs in bulk data acquisition, the Government would quite rightly say it was unnecessary. The power to acquire ICRs in bulk also strips away all the safeguards that are in place when law enforcement agencies apply for individual internet connection records.
This is the online equivalent of Section 44 of the Terrorism Act, which allowed the police to stop and search people without any reasonable suspicion. The former Home Secretary, now the Prime Minister, Theresa May took that power away from the police because she considered it disproportionate.
Surely Section 44 was for target hardening and deterrence rather than for any other purpose.
I am very grateful to the noble Lord, Lord Harris, but that is not what I understood Parliament’s intention was when the legislation was enacted. We can argue the point. If the analogy with stop and search sounds familiar to noble Lords next to me, including the noble Lord, Lord Harris of Haringey, it is because it is an analogy that was used by the shadow Home Secretary Diane Abbott in describing the powers under the Bill, which she describes as draconian.
The pieces of this legislative jigsaw are beginning to fall into place. Telephone operators already keep a record of the details of every phone call made and every text message sent. Internet service providers are being forced by this Bill to keep a record of every website, you, I and everyone else in this country have visited over the previous 12 months, which is a provision this House agreed to on Monday in a Division when it rejected the Liberal Democrat amendment to prevent it. A request filter, operated by or on behalf of the Government will be constructed. It will have direct feeds into the databases of communications providers, including access to the sensitive personal information of every subscriber to telephone and internet services in the UK, every call they make and every website they visit. The House agreed to that provision in a Division on Monday when it rejected the Liberal Democrat amendment to prevent it. The power is then given by this part of the Bill to allow all that sensitive personal information—details of every phone call made and every website visited—to be downloaded at will by the security agencies with no further authorisation. I hope that at least some noble Lords are feeling uncomfortable at that prospect. Our amendment removes internet connection records from the data that can be acquired under a bulk acquisition warrant. I beg to move.
My Lords, it will not surprise my noble friend to learn that I oppose the amendment that he has just moved. We made reference during our previous day on Report to papers that were presented by the Government at the time of First Reading. Those papers included, as was mentioned on Monday of this week, a paper in which GCHQ explained why the bulk acquisition of communications data material might be crucial to interdicting a major terrorism event which it thought was likely to occur, or might possibly occur, in the near future.
The issue was then referred to David Anderson—and I am surprised that my noble friend does not accept what Mr Anderson, the independent reviewer, said on the matter. He reminded us that three of the powers under review—bulk interception, bulk acquisition of communications data and bulk personal datasets—were already in use across the range of MI5, MI6 and GCHQ activity, from cyberdefence, counterterrorism and counterespionage to combating child sexual abuse and organised crime. He said:
“They play an important part in identifying, understanding and averting threats in Great Britain, Northern Ireland and further afield”.
The GCHQ paper to which I referred dealt with “further afield”.
Mr Anderson continued:
“After close examination of numerous case studies, the review concluded that other techniques could sometimes, though not always, be used to achieve these objectives: but that they would often be less effective, more dangerous, more resource-intensive, more intrusive or slower”.
Mr Anderson concluded that there was a proven operational case for three of the powers already in use, and he agreed that there was a distinct though as yet unproven operational case for the fourth power: bulk equipment interference. He also recognised the “breath-taking”—that was his word—pace of change in this area, and that we needed to make sure that the authorities had the proportionate powers that were required to protect this country, and other countries, from terrorism.
Therefore, the Bill provides the powers with a very elaborate set of protections. We also have—it is available in the Public Bill Office—the Bulk Acquisition DRAFT Code of Practice, dated autumn 2016: it is very recent. In paragraphs 3.10 and 3.11 of the code—and, indeed, elsewhere in the code—the most elaborate protections are described. For example, paragraph 3.10 contains operational guidance and advice for those who are dealing with these matters and states in terms:
“No interference with privacy should be considered proportionate if the information which is sought could reasonably be obtained by other less intrusive means”.
Paragraph 3.11 of the code sets out in four very carefully drafted bullet points the elements of proportionality that should be considered before the powers are used. It includes assessing whether other methods have been considered and whether those other methods could have provided a reasonable outcome without the necessity of the invasion of privacy which undoubtedly the provisions describe.
I therefore ask my noble friend to state, when he comes to reply to this short debate, what his view is of the code of practice—and, in particular, of the part to which I referred.
The amendment relates specifically to internet connection records being acquired, and I have yet to hear my noble friend address any of his remarks to the issue of those records.
If my noble friend wants me to be specific, I will, but I was trying not to take up too much time. Let us take the example of a piece of information, given to a security service, that people in possession of a bulk delivery of a certain type of telecommunications equipment, say a phone brand, are involved in the planning of a terrorist event. In order to find out quickly who these people are, the authorities would need to attack the bulk, so as to exclude all people who are not involved in the planned event. This is an absolutely routine technique that is used. I see one or two of my noble friends turning round in surprise. If they are surprised, they have not even read modern spy novels, let alone about the reality of what is being done by intelligence agencies all around the world.
The answer to my noble friend is as simple as that. I will just repeat my question, because I would like him to reply to it in due course. I take it that he has read the code of practice. What is missing from the code of practice that is required in order to provide the protection he wishes for? It is all in the code of practice; it is all in the statute. I apologise for repeating something I said on Monday, but these provisions, as drafted, are a careful and responsible response by a Government who wish to do no more than the state absolutely has to, safely, to protect their citizens.
I am grateful to the Minister and to other noble Lords who have contributed to this debate. As regards the comments of my noble friend Lord Carlile of Berriew, despite my request that he specifically address the issue of internet connection records, I did not hear him do so. We are not against the bulk acquisition of communications data in general or per se. We oppose only the bulk acquisition of internet connection records as part of those data.
On the question my noble friend Lord Carlile raised about the codes of practice, of course they are comprehensive. However, through this amendment we are trying to prevent internet connection records being acquired in bulk, which is allowed for in the codes of practice.
The noble Lord, Lord Rooker, was of a different opinion from the one that I quoted—that the Bill was draconian. I am grateful to him for giving me the opportunity to emphasise to the House that it was the current Labour shadow Home Secretary, Diane Abbott, who described the Bill as draconian.
For the avoidance of doubt, I understood that—that was the point I made.
I did not suggest in any way that David Anderson agreed with this amendment, or that the lists of everybody’s websites would be read, as the noble Lord, Lord Rooker, suggested.
As regards the comments made by my noble friend Lord Campbell of Pittenweem, he referred to case studies in the David Anderson report on bulk data. I cannot emphasise this enough to noble Lords: internet connection records do not currently exist. The telecommunications companies will have to create them. Therefore any case studies in David Anderson’s report do not relate to the bulk collection of internet connection records. Internet connection records do not exist, so they cannot be collected in bulk at the moment.
I acknowledge the great experience of the noble Lord, Lord King of Bridgwater, and his passion about these issues. He emphasised that everything needs to be done to prevent a terrorist attack, and I agree with him 100%. The point that I made in my opening speech when I quoted David Anderson directly, saying that it was a direct quote from him, was that GCHQ, MI5 and MI6—the agencies responsible for keeping us safe from terrorism—say that they do not need internet connection records. Even the Minister said that at present there is no anticipated need to collect internet connection records to prevent a terrorist attack.
I am very grateful to the right reverend Prelate the Bishop of Chester for saying that we are making a fundamental point here. The difference between today’s debate and Monday’s debate is that requiring individuals’ internet connection records has to be based on reasonable suspicion. Thanks to the intervention of the Labour Front Bench, the level of the seriousness of the crime that needs to be suspected before those records can be handed over is higher than the Government first suggested. However, this power would allow everybody’s internet connection records to be acquired in bulk by the security agencies with no reasonable suspicion at all.
I am sorry but this is Report and I do not have to give way, unless the noble Lord wishes to clarify what I have just said.
I wish to make an intervention. The noble Lord said again that nobody wants this power. Can he explain why it is in the Bill?
It is not for me to explain why the Government want in the Bill a power that currently does not exist, because internet connection records do not exist, and which the security services say they do not want but which the noble and learned Lord says might be needed in the future. It is not for me to justify this power; I am saying to the House why I do not believe it is justified. The noble and learned Lord and the noble Lord, Lord Rosser, made the point that this is an existing power, but how can you have an existing power to acquire something that will not exist until the Bill is enacted?
I have tried to explain very clearly—although unfortunately some people have not heard what I have said—why we cannot accept this provision, and that is why I want to test the opinion of the House.
My Lords, the amendment is in my name and that of my noble friend Lady Hamwee. I shall speak also to all the other amendments in this group, Amendments 203B to 203D, 204A to 204F, 205A, 208A to 208C, 209A, 210A and 210B, 215A, 217A and 218A. The sole effect of all the amendments would be to remove from the Bill the power to engage in bulk equipment interference.
This is a new power for the security and intelligence agencies to carry out equipment interference in bulk overseas. It is not a power they currently have and, according to David Anderson QC, it is not something that they currently do. As a result, David Anderson said in his review of bulk powers that the operational case for bulk equipment interference was “not yet proven”. The noble Lord, Lord Murphy, has said:
“The case for bulk equipment interference was less strong, but nevertheless still there”.—[Official Report, 7/9/2016; col. 1049.]
As the noble Lord, Lord Rosser, said in Committee, there is a difference between an operational case, let alone an unproven one, and proportionality or desirability. Quoting Mr Anderson, he pointed out that Mr Anderson assessed only the operational cases in his review, saying that the issues of proportionality and necessity were a matter for Parliament—which is why we are debating these amendments today.
We heard in earlier debates about the potentially broad scope of targeted equipment interference warrants. They can specify all equipment used by anyone in a particular organisation or more than one organisation involved in a single investigation or operation; all equipment used by members of a group with a common purpose or engaged in a particular activity; equipment in a particular location or more than one location for the purpose of a single investigation or operation; and equipment being used or that may be used for a particular activity or activities. That is all contained in Clause 108.
Although I realise that the primary focus of this House should be to protect the citizens of this country, I ask noble Lords to consider how they would feel if overseas Governments took our lead and enacted similar legislation that could be deployed against the UK and its citizens. UK citizens’ communications could be acquired through the use of bulk equipment interference warrants if they communicated with others based overseas.
In paragraph 7.37 of his report into bulk powers, David Anderson QC warns that considerable caution is required for a series of reasons. He concludes in paragraph 7.38:
“All this means that bulk EI will require, to an even greater extent than the other powers subject to review, the most rigorous scrutiny not only by the Secretary of State but by the Judicial Commissioners who must approve its use and by the IPC which will have oversight of its consequences”.
It is the nearest David Anderson comes to expressing an opinion on necessity and proportionality and, reading between the lines, it is clear that he is not keen.
For those reasons—and as the Intelligence and Security Committee initially recommended, although it was subsequently persuaded—we believe that bulk equipment interference warrants should be removed from the Bill. I beg to move.
My Lords, these amendments would remove the bulk equipment interference provisions from the Bill. Before I address the amendments specifically, it is worth pausing to reflect briefly on the importance of bulk powers in the round and the very significant steps that the Government have taken to ensure both that a robust operational case has been made for their necessity and that the most rigorous safeguards will apply to their use.
Extremely detailed and extensive scrutiny has been applied to bulk powers during the passage of the Bill, both in Parliament and, of course, by David Anderson QC as part of his bulk powers review. The conclusion of that review was that bulk powers,
“have a clear operational purpose”;
that they,
“play an important part in identifying, understanding and averting threats in Great Britain, Northern Ireland and further afield”;
and that where alternatives exist to their use,
“they were likely to produce less comprehensive intelligence and were often more dangerous (for example to agents and their handlers), more resource-intensive, more intrusive or—crucially—slower”.
The Government have now tabled amendments giving full effect to the sole recommendation of that review, establishing in statute a Technology Advisory Panel to the Investigatory Powers Commissioner. We have also accepted an amendment tabled by the Intelligence and Security Committee which introduces a specific offence in the Bill to address deliberate misuse of the bulk powers. We have addressed wider concerns of that committee by adding very significant detail to the Bill on the safeguards that will regulate the use of these powers. I am grateful for the intensive scrutiny that has been applied to the bulk provisions in the Bill and believe that those provisions are all the stronger for it. There should now be no question that these powers are necessary and they are subject to world-leading safeguards.
I am grateful to the Minister for his comments. He kept saying that this power to conduct bulk equipment interference was absolutely essential to keeping us safe. What I do not understand is, first, why the very broad powers provided and the very broad range of targets that could be specified using targeted equipment interference could not be used in almost every case, rather than this power. Secondly, if bulk equipment interference is absolutely essential, if it could be authorised under existing legislation, why has it never been used by the security services? That is what David Anderson says.
As the Minister took the opportunity to talk about bulk powers in the round, perhaps I might get two things on the record. First, I cannot stress strongly enough that we are not opposed to the bulk acquisition of communications data generally. We are not opposed to bulk powers generally. We have specific issues with specific powers. Secondly, it has been suggested to me that I am standing here saying these things because it is my party policy. My party policy was decided by a working group that I chaired. I wrote the conclusions to that policy paper. I not only agree with the conclusions of that policy paper, I believe that they are absolutely the right conclusions. However, we have made the points that we wanted to make. They are on the record. I beg leave to withdraw the amendment.
My Lords, Amendments 250A and 251A, in my name and that of my noble friend Lady Hamwee, relate to technical capability notices through which the Secretary of State can require an operator to have a capacity to provide any assistance necessary that might be required to give effect to the powers under the Bill. We have received representations on behalf of operators asking that those notices should be specific about the distinct service or product to which the notice applies, rather than a blanket, “You must have the capability to do anything we may require you to do under the powers contained in legislation”. Amendment 250A is intended to have that effect, while Amendment 251A tries to limit the scope of technical capability notices. The power to issue a technical capability notice applies to any provider capable of being considered a telecommunications provider under the very broad definitions in the Bill. It would not be proportionate or necessary for this power to be so broad. The amendment aims to narrow the definition to exclude services that are not primarily communications services, even when there may be a communications element. Whether the wording of our amendment achieves that is a matter for debate, but that is what is intended. I beg to move.
I can certainly tell the noble Lord that Yahoo! was one of the operators, but I do not have a list to hand.
My Lords, Amendment 250A would define a technical capability notice as,
“specifying the distinct service or product to which the notice applies”.
I do not believe this amendment is necessary. The safeguards that apply to the giving of a notice under the Bill already ensure that a technical capability notice cannot be of a generic nature. I will not go into detail here about the lengthy process that must be undertaken before a notice can be given; we have discussed them at length previously and we will undoubtedly review them again shortly during our discussions on encryption. But it might be helpful for me to summarise.
Before giving a notice, the Secretary of State must consult the company concerned. This process will ensure that the company is fully aware of which services the notice applies to. The decision to issue a notice must be approved by the Secretary of State and a judicial commissioner. The obligations set out in the notice must be clear so that the Secretary of State and judicial commissioner can take a view as to the necessity and proportionality of the conduct required. As I have already mentioned, we propose a similar role for the judicial commissioner when a notice is varied. The operator may raise any concerns about the requirements to be set out in the notice, including any lack of clarity regarding their scope, during the consultation process. The operator may also seek a formal review of their obligations, as provided for in Clause 233. The safeguards which apply to the giving of a notice have been strengthened during the Bill’s passage through Parliament, and will ensure that the regime provided for under the Bill will be more targeted than that under existing legislation. It is for these reasons that I consider the amendment unnecessary.
Amendment 251A seeks to narrow the category of operators to whom a technical capability notice could be given. This change would exclude operators that provide services that have a communications element but are not primarily a communication service. This amendment, which has already been discussed in the Commons, is also unnecessary and, in my view, risks dangerously limiting the capabilities of law enforcement and the security and intelligence agencies. We are aware that the manner in which criminals and terrorists communicate is diversifying, as they attempt to find new ways to evade detection. We cannot be in a situation where terrorists, paedophiles and other criminals can use technology to escape justice. As David Anderson said,
“no-go areas for law enforcement should be minimised as far as possible, whether in the physical or the digital world”.
It is important that the Government can continue to impose obligations relating to technical capabilities on a range of operators to ensure that law enforcement and the security and intelligence agencies can access, in a timely manner, communications of criminals and terrorists using less conventional services, such as those offered by gaming service providers and online marketplaces. It may be appropriate to exclude certain categories of operators from obligations under this clause, such as small businesses, but it is our intention to use secondary legislation to do so. It would not be appropriate to impose blanket exemptions on services that have a communications element but are primarily not a communication service, since to do so would make it clear to terrorists and criminals that communications over such systems could not be monitored.
For all the reasons I have set out, I hope that the noble Lord, Lord Paddick, will feel able to withdraw his amendment.
With the leave of the House, I am grateful to the noble Lord for raising that point, which I think will come up in the next group of amendments when we discuss encryption because it is centre stage in that issue. He is absolutely right and I hope that I can assuage his concerns in the next debate.
I am very grateful to the Minister, particularly for his explanation around Amendment 251A. I completely accept that the whole range of ways in which people can communicate potentially needs to be covered. I am encouraged by the fact that there may be some exceptions in secondary legislation. It is unfortunate that we do not have sight of that before I withdraw this amendment but life is like that.
Bearing in mind the fact that the Minister did not articulate any downside to Amendment 250A, I wonder why the Government will not accept it, given that it appears not to limit the Government’s action in any way. However, at this stage, I beg leave to withdraw the amendment.
My Lords, I will speak to our Amendments 252 to 254 and the other amendments in this group. To save the noble Lord, Lord Rooker, having to get to his feet, this one is from Apple.
As the noble Lord, Lord Harris of Haringey, just outlined, it is essential that end-to-end encryption is not compromised by technical capability notices. I anticipate that the Minister might say that Clause 231(3)(c) covers this in that it would not be technically feasible for the operator to remove electronic protection of this nature, but we support this amendment and believe that it needs to be explicit in the Bill. However, we do not believe that this amendment covers other forms of encryption. Our Amendment 252 is intended to protect UK operators from the real or perceived disadvantage they would be placed under if technical capability notices required them to make modifications that would make their product or service less secure than overseas operators, who may not be subject to or may refuse to comply with a similar technical capability notice.
Similarly, Amendment 253 is intended to prevent a technical capability notice stopping UK operators from innovating to improve the levels of security or encryption provided by their products and services in a way that would disadvantage them against overseas operators, which may not be subject to or refuse to comply with a similar technical capability notice.
Amendment 254 is intended to deal with the criticism of our amendment in Committee by the Minister, who said that he believed that it,
“would remove the Government’s ability to give a technical capability notice to telecommunications operators requiring them to remove encryption from the communications of criminals, terrorists and foreign spies”.—[Official Report, 13/7/16; cols. 272-73.]
This new amendment makes it clear that technical assistance can be given to enable interpretation and deciphering provided that it does not open the door to unauthorised access to encrypted materials by criminals, terrorists and foreign spies—essentially, what the noble Lord, Lord Harris, just said.
Amendment 252A, in the name of my noble friend Lord Strasburger, is an attempt to combine all the other amendments in this group into a much better-worded amendment. I look forward to hearing from him why this might be the case.
My Lords, I shall rise to that opportunity. Amendment 251, in the name of the noble Lord, Lord Harris, and my noble friends Lord Paddick and Lady Hamwee, addresses one particular kind of encryption—namely end-to-end encryption—and it is very good as far as it goes, which is end-to-end encryption. My own Amendment 252A is also in this group and is complementary to Amendment 251. It is, in my humble opinion, a neater way of dealing with encryption that is not end-to-end encrypted than the combination of the other amendments in this group: Amendments 252, 253 and 254. It is an alternative to them.
We have been around the block many times on the subject of encryption in the context of Clauses 229 to 231. It has come up several times in our debates on the Bill, as well as in questions in this House and in the Joint Committee on the Bill. Yet we are no closer to a clear and unambiguous understanding of the Government’s position on this vital issue, as the noble Lord, Lord Harris, has so eloquently said.
It might help if we start from common ground. I doubt that any noble Lord, myself included, would deny the authorities the option of requiring an operator to decrypt a communication where: the operator already possesses the capability to do so; the sender or receiver of the communication is genuinely suspected of committing or planning a serious crime; and the appropriate process has been followed and the action has been judged necessary and proportionate by a judicial commissioner. I do not think that anybody would argue about that.
I believe there is more common ground. Ministers have repeatedly confirmed that the Government fully accept that many uses of the internet that are now an essential part of everyday life, both for individuals and for large organisations, cannot possibly continue to happen without the security provided by unbreakable encryption.
If we take those two points as read, we are left with two questions about what happens if the operator is not able to decrypt the communication. The first is: should the Secretary of State be able to force an operator to redesign its product so that in future its encryption has a weakness that permits the operator, or perhaps GCHQ, to read a suspect’s messages? The other question is: should the Secretary of State have the power to prevent an operator introducing new or modified encryption services which neither the authorities nor the operator can break? The answer to both those questions is an unequivocal, “No, the Secretary of State should not have those powers”, and noble Lords will be hard pressed to find a single cryptography specialist who has a different view. If the Government concur, as I hope they do, they should have no problem accepting Amendments 251 and 252A, which would remove the ambiguity in the current drafting.
My Lords, I shall also speak to Amendment 258B. The powers in the Bill are significant, as are the checks and auditing measures, but the Government accept, in providing for a review of the operation of the Act and in anticipating that a Select Committee of one or both Houses of Parliament will also want to look at the operation of the Act, that a full, independent review is both necessary and desirable. The Bill sets the initial period at five years and six months and requires the Secretary of State to prepare a report within six months of the initial period. These amendments would ensure that before any Government are held to account by the electorate at a general election, the electorate know what that Government have used the powers in the Bill for.
Amendment 258A adds to the requirement to produce a report within six months of the initial period that the report must be produced at least once during each Parliament. Amendment 258B reduces the initial period from five years and six months to two years and six months, to ensure that the actions of the present Government are clear to the electorate at the next general election, subject, obviously, to the current Government remaining in office for the full term. I beg to move.
There is obviously going to be a desire to know how the Act is operating and the Bill does provide for a report from the Secretary of State, but it is, let us just say, some time after the day on which the Bill becomes an Act. Assuming that the Government do not accept the amendment, I hope that in responding they will set out, or give some indication, of the bodies and committees which will look at how the Act is operating, including whether it is doing so in line with the terms of the Bill. In that, I include the codes of practice and, particularly in light of the last discussion we had, the statements on the record from the Government in the two Hansards during the passage of the Bill.
My Lords, we remain sympathetic to the desire for ongoing scrutiny of the Bill, and this is already provided for. In these circumstances we suggest that these amendments are not necessary. The Bill requires that the operation of the Act will be reviewed after five years, which is an entirely appropriate period. It is also consistent with the recommendation, as indicated, of the Joint Committee that scrutinised the draft Bill. We must ensure that, before a review takes place, all the Bill’s provisions have been in effect for a sufficient period that a review is justified and can be meaningful. A review after three years, as provided for by Amendments 258A and 258B, runs the risk that this would not be the case.
We also fully expect the review after five years to be informed by a report of a Joint Committee of Parliament, in line with the recommendation made by the Joint Committee. In addition, concurrent with such a review the Intelligence and Security Committee of Parliament would have the opportunity to assess the more sensitive aspects of the operation of the Act. Let us remember that, in addition, the exercise of the powers provided for under the Bill will of course be subject to the ongoing oversight of the Investigatory Powers Commissioner, who will be obliged to make an annual report to the Prime Minister.
The Government have listened to the previous debates in Parliament and amended the Bill to ensure that the Investigatory Powers Commissioner must, in particular, keep under review and report on the operation of safeguards to protect privacy. Furthermore, the Investigatory Powers Commissioner’s reports must be published and laid before Parliament, providing Parliament with ongoing scrutiny of the operation of the Act. Accordingly, I invite the noble Lord to withdraw the amendment.
My Lords, I am grateful to the noble and learned Lord for his explanation. We are still of the view that at least once every Parliament, before a general election is called, a Joint Committee of both Houses of Parliament, as suggested by the noble Lord, Lord Murphy, should look at what the Government have been up to during their time in office so that the electorate are fully aware of how the Government have used the Bill. However, at this stage I beg leave to withdraw the amendment.