Asked by: Peter Kyle (Labour - Hove)
Question to the Ministry of Justice:
To ask the Secretary of State for Justice, what estimate he has made of the number of Youth Offending Teams offering Intensive Supervision and Surveillance as part of Youth Rehabilitation Orders.
Answered by Lucy Frazer - Secretary of State for Culture, Media and Sport
A Youth Rehabilitation Order (YRO) with Intensive Supervision and Surveillance (ISS) is a community order which may be given by a court in relation to an offence which would be serious enough to make a custodial sentence appropriate. The community order must include supervision, curfew and activity of between 90 and 180 days and may include electronic monitoring.
The information requested is not collected centrally. Youth Justice Statistics are published annually, including information of sentencing occasions resulting in a YRO, and the number and type of requirements given to children who received a YRO. This information can be found in the Youth Justice statistics: 2018 to 2019 supplementary tables, Chapter 5 – Sentencing of Children, Table 5.7 https://www.gov.uk/government/collections/youth-justice-statistics
Asked by: Ed Davey (Liberal Democrat - Kingston and Surbiton)
Question to the Foreign, Commonwealth & Development Office:
To ask the Secretary of State for Foreign and Commonwealth Affairs, what assessment he has made of the potential for NSO's Pegasus software being used to target foreign journalists and campaigners; and if he will make a statement.
Answered by James Cleverly - Home Secretary
There have been allegations that this software has been used in a way that is not in line with UK Human Rights Standards. We continue to champion human rights and media freedom around the world. Given these allegations are subject to ongoing investigations, it would not be appropriate for us to comment further.
Asked by: Ed Davey (Liberal Democrat - Kingston and Surbiton)
Question to the Ministry of Defence:
To ask the Secretary of State for Defence, what assessment he has made of the threat to the UK's cyber-security of NSO Group's Pegasus software; and if he will make a statement.
Answered by James Heappey
The issue of cyber security is one the UK takes very seriously; the cyber threat is continually changing in scope and complexity. For reasons of safeguarding national security, we do not routinely disclose detailed information about the threats to UK networks.
Asked by: Mark Pritchard (Conservative - The Wrekin)
Question to the Cabinet Office:
To ask the Minister for the Cabinet Office, what steps he is taking to counter threats posed by the use by foreign governments and other entities of commercially available cyber intrusion and other surveillance technology against UK citizens, companies and government departments.
Answered by Penny Mordaunt - Lord President of the Council and Leader of the House of Commons
The cyber threat landscape and tools commercially available to hostile actors are diverse, but the UK is clear that it will not tolerate malicious cyber activity and will react robustly and proportionately to the threat using the full spectrum of HMG capabilities at our disposal.
The National Cyber Security Centre (NCSC) and the Centre for the Protection of Critical National Infrastructure (CPNI) provides ongoing advice and guidance for Government departments, Critical National Infrastructure, businesses, organisations and the general public.
Working closely with industry partners and experts through campaigns like ‘Industry 100’, Cyber Essentials and Cyber Aware, they produce guidance and support that sets out protective measures that can be taken to protect against a range of threats and threat actors, including espionage and cyber-attacks.
Asked by: Mark Pritchard (Conservative - The Wrekin)
Question to the Cabinet Office:
To ask the Minister for the Cabinet Office, what steps he is taking to ensure that commercial spyware and surveillance technology is not used by foreign governments against UK nationals.
Answered by Penny Mordaunt - Lord President of the Council and Leader of the House of Commons
The cyber threat landscape and tools commercially available to hostile actors are diverse, but the UK is clear that it will not tolerate malicious cyber activity and will react robustly and proportionately to the threat using the full spectrum of HMG capabilities at our disposal.
The National Cyber Security Centre (NCSC) and the Centre for the Protection of Critical National Infrastructure (CPNI) provides ongoing advice and guidance for Government departments, Critical National Infrastructure, businesses, organisations and the general public.
Working closely with industry partners and experts through campaigns like ‘Industry 100’, Cyber Essentials and Cyber Aware, they produce guidance and support that sets out protective measures that can be taken to protect against a range of threats and threat actors, including espionage and cyber-attacks.
Asked by: Ben Bradshaw (Labour - Exeter)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what plans he has to increase protections for members of the public from bugs and other covert listening devices bought online that may intrude on their privacy in public settings.
Answered by John Whittingdale
Private organisations using surveillance equipment will need to ensure that their use of this equipment complies with the UK’s data protection laws.
Our data protection laws impose strict obligations on both individuals and organisations to process people’s data fairly and lawfully and to ensure that any data collected is held securely. There must also be a legal basis for processing data. The way in which personal data is collected and handled must be fair and transparent, and the data should be processed in a way which individuals would expect.
The UK’s data protection laws are enforced independently of Government by the Information Commissioner's Office (ICO). Organisations that fail to comply may be subject to enforcement action by the Information Commissioner’s Office. Whilst a breach of these laws is not generally a criminal offence, the Information Commissioner can impose significant financial penalties for non-compliance.
Where this equipment is used by individuals for private purposes, data protection rules will not normally apply, but criminal offences, such as stalking and harassment, might be relevant depending on the circumstances of the case.
Whilst the Government remains open to considering any gaps identified in the law, it currently considers that the range of existing legal provisions provides a robust framework.
Asked by: Ben Bradshaw (Labour - Exeter)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what steps his Department is taking to (a) regulate, (b) supervise and (c) control the sale of covert listening and filming devices.
Answered by John Whittingdale
Private organisations using surveillance equipment will need to ensure that their use of this equipment complies with the UK’s data protection laws.
Our data protection laws impose strict obligations on both individuals and organisations to process people’s data fairly and lawfully and to ensure that any data collected is held securely. There must also be a legal basis for processing data. The way in which personal data is collected and handled must be fair and transparent, and the data should be processed in a way which individuals would expect.
The UK’s data protection laws are enforced independently of Government by the Information Commissioner's Office (ICO). Organisations that fail to comply may be subject to enforcement action by the Information Commissioner’s Office. Whilst a breach of these laws is not generally a criminal offence, the Information Commissioner can impose significant financial penalties for non-compliance.
Where this equipment is used by individuals for private purposes, data protection rules will not normally apply, but criminal offences, such as stalking and harassment, might be relevant depending on the circumstances of the case.
Whilst the Government remains open to considering any gaps identified in the law, it currently considers that the range of existing legal provisions provides a robust framework.
Asked by: Ben Bradshaw (Labour - Exeter)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what plans he has to bring forward legislative proposals to limit the ability of (a) private companies and (b) the general public to spy, stalk and harass people with covert devices.
Answered by John Whittingdale
Private organisations using surveillance equipment will need to ensure that their use of this equipment complies with the UK’s data protection laws.
Our data protection laws impose strict obligations on both individuals and organisations to process people’s data fairly and lawfully and to ensure that any data collected is held securely. There must also be a legal basis for processing data. The way in which personal data is collected and handled must be fair and transparent, and the data should be processed in a way which individuals would expect.
The UK’s data protection laws are enforced independently of Government by the Information Commissioner's Office (ICO). Organisations that fail to comply may be subject to enforcement action by the Information Commissioner’s Office. Whilst a breach of these laws is not generally a criminal offence, the Information Commissioner can impose significant financial penalties for non-compliance.
Where this equipment is used by individuals for private purposes, data protection rules will not normally apply, but criminal offences, such as stalking and harassment, might be relevant depending on the circumstances of the case.
Whilst the Government remains open to considering any gaps identified in the law, it currently considers that the range of existing legal provisions provides a robust framework.
Asked by: David Davis (Conservative - Haltemprice and Howden)
Question to the Home Office:
To ask the Secretary of State for the Home Department, how many (a) Technical Capability Notices and (b) National Security Notices have been issued in each year since 2016.
Answered by James Brokenshire
The Investigatory Powers Act 2016 allows the Government to place obligations on telecommunications operators or postal operators through a Technical Capability Notice or National Security Notice.
The Act governs these notices and provides extensive privacy safeguards and a robust oversight regime, including approval of notices by an independent Judicial Commissioner.
For reasons of national security, it would be not be appropriate to disclose the number of Technical Capability Notices and National Security Notices issued.
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Question to the Home Office:
To ask Her Majesty's Government what plans they have to ensure that the security services are granted access to encrypted messages in exceptional circumstances.
Answered by Baroness Williams of Trafford - Captain of the Honourable Corps of Gentlemen-at-Arms (HM Household) (Chief Whip, House of Lords)
The UK Government supports strong encryption, which is a vital part of our digital economy, but we have been clear that technology companies should not deliberately design out their ability, and that of law enforcement agencies, to access content, even to prevent and detect the most serious crimes such as child sexual exploitation and abuse and terrorism. As the Director General of MI5, Sir Andrew Parker, made clear last week, lawful access to encrypted communications is a vital part of keeping our citizens safe.
This is not just about one company. It is about protecting the public across the globe as technology develops. However, as we have made very clear, we are extremely concerned about Facebook’s current proposals to apply end-to-end encryption across their messaging services. The US National Center for Missing and Exploited Children (NCMEC) estimates that these proposals would result in the loss of 12 million reports related to child abuse every year. The UK National Crime Agency (NCA) estimates that, in 2018, NCMEC reporting from Facebook will have resulted in more than 2500 arrests by UK law enforcement and almost 3000 children safeguarded in the UK.
In order to make progress on this issue, we have been consistently clear that industry must be willing to engage in detailed, technical consultation with governments that can have a genuine impact on their design decisions and that is what the Home Secretary called for from Facebook in an open letter to Mark Zuckerberg on 4 October last year.
We believe that this sort of engagement is necessary in order to identify potential solutions that can keep the public safe, without undermining cyber security or individuals’ privacy. We recently set out our approach to this issue in a testimony to Congress, clearly, factually and in significant detail, dispelling myths that prevent proper debate. We would encourage anyone who is interested in our position to read it in full https://www.gov.uk/government/publications/open-letter-to-mark-zuckerberg