Another independent report into U.K. government surveillance has concluded interception warrants should require judicial sign-off, rather than being sanctioned by ministers as is the case now.
This follows the publication of the Anderson surveillance review last month which also urged the government to adopt judicial sign-off. The U.K. is alone among the so-called Five Eyes intelligence alliance powers in not having a judicial process for signing off interception warrants.
Late last month Home Secretary Theresa May said the government was considering the Anderson recommendations, and had not yet made a decision on the judicial sign-off point, although in earlier comments (reported in The Guardian) the government appeared to pour cold water on the idea of handing off warrant authorization to judges.
The government has said it is committed to introducing new surveillance legislation, the forthcoming Investigatory Powers Bill, in the current parliament, with a timetable to introduce a draft bill this autumn — with a view to gaining Royal Assent next year before emergency surveillance legislation (DRIPA) expires at the end of 2016.
The latest U.K. surveillance powers review, conducted by defense and security think tank, the Royal United Services Institute (RUSI) — at the request of the government’s former deputy Prime Minister, in the wake of the Edward Snowden revelations — concludes it found “no evidence” the government “knowingly acts illegally in intercepting private communications”.
This despite the judicial oversight body for the U.K.’s intelligence agencies, the IPT, itself ruling earlier this year that GCHQ had acted unlawfully in the past in its data-sharing arrangements with the NSA. A second IPT ruling also judged GCHQ has broken the law in its handling of intercepted comms data pertaining to two humans rights organizations — breaching its own internal rules and violating the human rights of the target groups.
The RUSI’s report aligns with the government position on mass surveillance being a ‘necessary tool’ for intelligence gathering too — arguing that “some degree of untargeted data collection, involving the collection of data in bulk, may sometimes be required, especially given the nature of modern communications” — and claiming it found no evidence that mass surveillance is being used to provide the state with “a perpetual window into the private lives of British citizens”.
Anderson’s report generally supported the use of mass surveillance — going against the prevailing view from European rights bodies and recent political moves to row back domestic dragnets in the U.S. — although he said such powers must be “subject to strict additional safeguards”, such as the aforementioned judicial sign-off for intercept warrants, if they are to be acceptable.
The RSUI follows what is now a clear consensus that reform of U.K. surveillance legislation is needed, identifiing an urgent need for “a new, comprehensive and clearer legal framework” for authorizing interception, noting: “We have seen evidence that the present legal framework authorising the interception of communications is unclear, has not kept pace with developments in communications technology, and does not serve either the government or members of the public satisfactorily. A new, comprehensive and clearer legal framework is required.”
That said, it does not support the earlier Intelligence and Security Committee’s call for a single act of Parliament to govern how spy agencies operate, arguing that “substantial” reform does not require consolidating all existing legislation in this area. It is also not supporting separate legislation for the police and the security agencies.
The RSUI calls for new surveillance legislation “in this session of Parliament to provide a new democratic mandate for digital intelligence”, asserting that: “The present arrangements are too complex to be understood by the citizen and have contributed to a public credibility gap that must be addressed.”
It also sets out “ten tests” it believes any new legislation must pass before it can be regarded as giving the police and the intelligence agencies a “democratic licence to operate” — such as intrusion being in accordance with the rule of law; being justified as necessary to “explicit tasks and missions”; being “judged as proportionate to the advantages gained”; being subject to an effective oversight regime, and the applicable legal regime being transparent and clear, and comprehensive to the public.
“The ‘secret parts of the state’ must draw and observe clear boundaries between that which must remain secret (such as intelligence sources or the identity of its employees) and all other aspects of its work which should be openly acknowledged. Necessary secrecy, however, must not be a justification for a wider culture of secrecy on security and intelligence matters,” the report adds.
The 154-page report, entitled A Democratic Licence To Operate, is based on a year of “investigation and consultation”, and draws on views from investigative journalism, the Internet, law, policing, political life, moral philosophy. Former heads of the three U.K. intelligence and security agencies were also consulted.
Update: Responding to the report, civil liberties campaign group Privacy International flags up the RSUI’s finding that the existing technical oversight regime “does not check the code [that underlies GCHQ’s interception capabilities], nor does it have the capacity to do so” — arguing this is a clear deficiency and asymmetry in U.K. surveillance oversight capabilities.
“GCHQ’s mass surveillance systems rely heavily on computer automation and processing to crunch the large numbers of private communications that it collects. When GCHQ’s processing goes wrong, it results in ‘large volumes of material erroneously collected’. Adequate technical oversight is necessary to prevent this from happening,” it says.
Commenting in a statement, Privacy International’s deputy director, Eric King, added: “It should be obvious that the most technologically advanced government agency, with the most intrusive powers, would require oversight bodies to have the independent technical chops to match. Yet today, our oversight relies on technical errors to be self-reported by GCHQ itself.
“Fundamentally, our safeguards against abuse will not be effective when the core technical activities of GCHQ cannot be kept in check by equally technically-equipped overseers. While recent efforts by the Interception Commissioner have been made, they are essentially trying to make the best of what is an impossible situation.
“While we applaud such efforts to navigate this problem, this is a gaping structural deficiency, plain as day, that needs to be fixed. A better resourced, more technically-equipped oversight body who can take GCHQ to task should be a priority in the coming discussion of reform.”