Asked by: Tom Gordon (Liberal Democrat - Harrogate and Knaresborough)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what steps she is taking to ensure there is independent scrutiny of Technical Capability Notices; and if she will introduce new (a) judicial and (b) parliamentary oversight.
Answered by Dan Jarvis - Minister of State (Home Office)
The Investigatory Powers Act 2016 allows the Secretary of State to place obligations on telecommunications operators or postal operators through a Technical Capability Notice. A Technical Capability Notice itself does not require an operator to disclose any information. Instead, it requires the operator to have the capability to respond to an individual warrant or authorisation.
The Act governs these notices and provides extensive privacy safeguards and a robust oversight regime. Technical Capability Notices must be approved by an independent Judicial Commissioner. The procedures for the judicial oversight of Technical Capability Notices are detailed in the codes of practice for Communications Data, Interception of Communications, and Equipment Interference, which are available here:
https://www.gov.uk/government/collections/investigatory-powers-act-codes-of-practice
The Investigatory Powers Commissioner must report annually on the carrying out of the functions of the Judicial Commissioner, with the report laid before Parliament.
The Act also provides for the Intelligence and Security Committee of Parliament to refer a matter to the Commissioner with a view to carrying out an investigation, inspection or audit.
The Investigatory Powers (Amendment) Act 2024 strengthened judicial oversight by introducing a requirement that existing technical capability notices are renewed if two years have passed since they were given, varied or last renewed. These renewals also require the approval of a Judicial Commissioner. The Government is currently implementing this Act.
Asked by: Tom Gordon (Liberal Democrat - Harrogate and Knaresborough)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what steps the Government is taking to ensure access requests under Technical Capability Notices are targeted.
Answered by Dan Jarvis - Minister of State (Home Office)
Technical Capability Notices do not directly require the disclosure of data. It is the separate authorisations or warrants that allow access to data. Each authorisation or warrant addresses matters of necessity and proportionality and collateral intrusion specific to the case in question.
As part of the decision to give a Technical Capability Notice, the Secretary of State must consider, among other factors, the likely benefits of the notice, the likely number of users of a service to which the notice relates, and the technical feasibility and likely cost of compliance for the operator. In addition, the decision must include consideration of whether what is sought to be achieved by the notice could reasonably be achieved by other less intrusive means.
Asked by: Tom Gordon (Liberal Democrat - Harrogate and Knaresborough)
Question to the Home Office:
To ask the Secretary of State for the Home Department, what assessment she has made of the contribution of encryption in protecting cyber security; and what assessment she has made of the potential impact of introducing access requests under Technical Capability Notices.
Answered by Dan Jarvis - Minister of State (Home Office)
This Government recognises the importance of online privacy and security safeguards such as strong encryption.
Technical Capability Notices can be used to maintain capabilities that provide for responsible and exceptional access to data by law enforcement and intelligence agencies, with service provider assistance, without undermining user privacy or security.