Lord Ponsonby of Shulbrede (Lab)

- View Speech - Hansard -

Copy Link

-

My Lords, I think the whole House will be grateful for the noble Baroness’s intervention speaking in the gap. I thank the Minister for facilitating the briefings which we have had and will have in the coming days on the Bill.

The Bill makes changes to the 2016 Act, as we have heard. The 2016 Act provides a framework for the use of investigatory powers by the security and intelligence agencies, law enforcement and other public authorities. They include the power to obtain and retain communications. It also created the post of Investigatory Powers Commissioner and includes a number of safeguards for the use of such investigatory powers, including a two-stage procedure for obtaining authorisations. Many of the powers in the 2016 Act were pre-existing, as we have heard, and already being used by intelligence and law enforcement agencies. The Government stated that one of the intentions behind introducing the 2016 Act was to bring together and build on the statutory powers already available. The Government explained that the Act was also required to replace emergency legislation passed in 2014, the Data Retention and Investigatory Powers Act, which was subject to a sunset clause.

I agreed with the point made by the noble Lord, Lord Carlile, about the desirability of developing some sort of living instrument and a consolidation Bill to try to bring these pieces of legislation together.

The Bill before us proposes changes which include the creation of a new condition for the use of internet connection records to aid target detection, introducing a less stringent regulatory regime for the retention and examination of bulk personal datasets where individuals have little or no expectation of privacy, and a new notification requirement that can be issued to selected telecommunications operators, requiring them to inform the Government of proposed changes to their products and services that could negatively impact the current ability of agencies to lawfully access data.

I was going to say something about the contributions of the noble Lord, Lord Anderson, to the review of this legislation. My understanding is that all the noble Lord’s recommendations have been accepted by the Government, and I too express the Opposition Front Bench’s gratitude for the work he has done on this.

The Bill is a relatively short Bill of six parts, 31 clauses, and two schedules. I was going to step through its various elements, but I will not do that because it has been adequately covered by speakers earlier in this debate.

Like other noble Lords, I have received emails from industry and advocacy groups raising concerns about the Bill. On 7 November, a Financial Times piece reported that firms, including Apple and Meta, have signalled that they may withdraw from the UK market if they can no longer offer end-to-end encryption to their customers. I will quote from the concluding paragraph of a letter I received from Apple:

“The Home Office’s proposals to expand the IPA’s extraterritorial reach and to grant itself the power to pre-clear and block emerging security technologies constitute a serious and direct threat to data security and information privacy. To ensure that individuals have the tools to respond to the ever-increasing threats to information security, the Home Office’s proposal should be rejected”.


The piece, which I am sure we all received, then went on to explain their concerns about providing what they refer to as a back door into end-to-end encryption, and how that undermines the firms’ business model and the security of many other groups operating elsewhere in the world. It is right that we take the points raised by these commercial providers seriously, and maybe we will address them as the Bill progresses.

Similarly, online privacy advocacy groups such as Open Rights Group and Big Brother Watch have expressed their concerns, and we have heard from the noble Lord, Lord Strasburger, and the noble Baroness, Lady Bennett, today. It is worth saying that I agreed with every word of the noble Lord, Lord Carlile, when he said that he and I live in a different country from that spoken about by the noble Lord and the noble Baroness. We need to consider the concerns being addressed in the Bill, but also the wider context that other countries and other very large companies have access to bulk datasets—maybe not our bulk datasets—and are using that data in ways that we need to understand and pre-empt, if they are working against our national interest.

I conclude by talking about my own experience as an engineer, which is relevant to the debate we have just had. It used to be my working life to deal with very large datasets, make predictions based on them, and inform management about those predictions. One of my experiences was that it is very easy to mislead oneself because one is analysing large amounts of data. One needs to be realistic and at the same time see the possibilities of these extremely large datasets. It is a huge challenge. Huge amounts of data are used just to process them, and the maths and the imagination behind it is developing as we speak. The Bill in front of us now is a relatively modest step in the road, and we need to keep reviewing the processes available to us and reviewing the legislation to try to underpin them.