Wednesday, 12 August 2015

The Coming UK Surveillance Debate: Bulk interception, Part 3

One of a series of posts on the forthcoming Investigatory Powers Bill

Selection of intercepted material for examination. Whereas RIPA Section 8(4) controls what can be captured to form the pool of intercepted material, Section 16(2) limits the kinds of hook that can be used to fish in it: the selection factors. Section 16 is among the most obscure in RIPA. Furthermore when deciphered it is not as limiting as might be thought on first impression. That is especially true of the restrictions on searches relating to people within the British Isles. (See discussion here at [19] to [23].)

An important aspect of the selection factors system is that it can be and is used not just to find communications of persons against whom there are existing grounds for suspicion, but to look for new targets.  The agencies refer to this as ‘target discovery’. 

The agencies are fond of the analogy of finding a needle in a haystack.  The supposition is that a needle is recognisably different from the surrounding hay.  But to revert to the fishing metaphor, when you wind in the line it is not necessarily obvious whether your target discovery algorithm has caught a fish or a rusty tin. It may have found a genuine malefactor. But even if the material looks suspicious it may in fact be entirely innocent. An analyst cannot necessarily be certain about what s/he is looking at. 

This is true both of the content of communications and of communications data analysis, in which the agencies try to join myriad dots to spot a suspicious pattern, or (say) to home in on a possible identity for an unrecognised associate of a known terrorist.  This can be seen from GCHQ’s own description of target discovery, in which the end point of the communications analysis process is an ‘investigative lead’:
“Signals Intelligence can be a powerful tool to answer seemingly impossible questions. The ability to use fragmentary information to build theories and perform complex searches against our metadata can narrow down thousands of options quickly. We can hone in on the most likely targets and only when we have sufficient justification that a lead is suspicious do we have the ability and resource to dig deeper and look at content to progress our investigations. … 
Example case study continues 
Although still at the theory stage, we now have a possible real life identity for our stranger overseas. We can report the findings so far and pass the information to MI5 as an investigative lead.”
 The target discovery aspect of Section 8(4) is in principle more intrusive than using it only to find communications of known wrongdoers and suspects, since it can be used to form suspicions based on searches of data, rather than the converse: starting from a reasonable suspicion of wrongdoing as the justification for accessing someone’s data. The ISC Report described it thus:
"The examples GCHQ have provided, together with the other evidence we have taken, have satisfied the Committee that GCHQ’s bulk interception capability is used primarily to find patterns in, or characteristics of, online communications which indicate involvement in threats to national security. The people involved in these communications are sometimes already known, in which case valuable extra intelligence may be obtained (e.g. a new person in a terrorist network, a new location to be monitored, or a new selector to be targeted). In other cases, it exposes previously unknown individuals or plots that threaten our security which would not otherwise be detected." [90]
Criticisms of broad interception powers are sometimes answered along the lines of “well in reality we don’t do that”.  So for instance, although Section 8(4) undoubtedly empowers algorithmic data mining to search from scratch for suspicious behaviour, and the above extract from the ISC report appears to describe something of that nature, the agencies told the Anderson Review that that is unrealistic for intelligence analysis. 
"It is sometimes assumed that GCHQ employs automated data mining algorithms to detect target behaviour, as is often proposed in academic literature. That, it would say, is realistic for tasks such as financial fraud detection, but not for intelligence analysis."[14.43]
Typically they are said to start with a seed – in the GCHQ website case study quoted above, a stranger who was given a concerning message by a known terrorist group member. The Anderson report goes on:
“Much of [GCHQ’s] work involves analysis based on a fragment of information which forms the crucial lead, or seed, for further work. GCHQ’s tradecraft lies in the application of lead-specific analysis to bring together potentially relevant data from diverse data stores in order to prove or disprove a theory or hypothesis.” [14.43]
In a similar vein the Anderson report records that internal communications may be read if they are selected to be examined by reference to a factor not prohibited by Section 16(2), “although GCHQ inform me that they may not use this route in order to deliberately seek access to internal communications and that it is unlikely to occur in practice.” [6.57(c)]

Should broad powers be narrowed to correspond with actual practice? The Anderson report is entitled ‘A Question of Trust’. Sometimes broad powers may be thought useful as a way of maintaining the secrecy of specific techniques. However it could also be corrosive of trust if a government body armed with broad intrusive powers were stoutly to resist any narrowing of powers to match what is said to happen in practice. 

The recommendations of the reviews in relation to selection and examination of material collected under a bulk interception warrant are: 

Searching for and examining the communications of a person known to be in the UK should always require a specific warrant, authorised by a Secretary of State. (Recommendation Q)

The communications of UK nationals should receive the same level of protection under the law, irrespective of where the person is located. The interception and examination of such communications should therefore be authorised through an individual warrant like an 8(1), signed by a Secretary of State. (Recommendation R)

The Interception of Communications Commissioner should be given statutory responsibility to review the various selection criteria used in bulk interception to ensure that these follow directly from the Certificate and valid national security requirements. (Recommendation S)
Content that relates to a communication involving a person believed to be in the UK should be made available to be read, looked at or listened to only on the basis of a specific interception warrant issued by a Judicial Commissioner. (Recommendation 79)

The new law should in addition provide for appropriately rigorous and rights-compliant procedures for the purposes of authorising access to:
(a) content that is acquired pursuant to a bulk warrant and that does not relate to a communication involving a person believed to be in the UK; and
(b) (if Recommendation 42(b) is adopted), communications data that are obtained pursuant to a bulk warrant. (Recommendation 80)
No specific recommendation

[Updated 13 August 2015 with additional extract from ISC report.]

No comments:

Post a Comment