What will this autumn’s draft Investigatory Powers Bill
contain? We can take a reasonable guess
at the outline. Interception powers will get a makeover: at a minimum RIPA has
to be rewritten intelligibly and reinforced to comply with human rights
norms. In the post-Snowden climate there
may be a little more openness about how law enforcement and agencies use their
powers. We will hear a lot about
proportionality, safeguards and oversight.
Filling in the picture is more difficult. Three surveillance reviews have reported in
the last 6 months and between them have made almost 200 recommendations. As yet
there is little indication of which ones the government intends to take up.
Some of the recommendations would involve wide consultation before a decision
could be taken. Yet time for consultations is running out if the draft Bill is
to be put before a Joint Parliamentary Committee for pre-legislative scrutiny
this autumn.
Perhaps the greatest uncertainty is around the government’s
stated intention to press on with the Communications Data Bill – dubbed the
Snoopers’ Charter – which stalled in December 2012 following severe criticism
of the draft Bill by an all-party Joint Parliamentary Committee. The CDB would have significantly expanded the
amount and types of communications data that service providers could be
required to retain (and, for the first time, be compelled to generate) for
access by public authorities. After pressure from the Committee the Home Office
identified three particular datatypes that it wanted UK service providers to
retain: IP address resolution data, weblog data and third party data (explained
below).
Bringing back the CDB is not a simple matter of dusting off
the 2012 draft. Retention of some IP address resolution data was implemented earlier this year by the Counter Terrorism and Security Act. The Anderson report accepted that retention
of weblog data would be useful, but went on:
“[I]f any proposal is to be brought forward, a detailed operational case needs to be made out, and a rigorous assessment conducted of the lawfulness, likely effectiveness, intrusiveness and cost of requiring such data to be retained.”
For third party data Anderson said:
“There should be no question of progressing proposals for the compulsory retention of third party data before a compelling operational case for it has been made out (as it has not been to date) and the legal and technical issues have been fully bottomed out.”
If those recommendations are heeded, that leaves only
compulsory generation of data and possibly the ‘request filter’ (see below)
that could be brought forward without first making a new case for them. In any
event the Anderson report contains hints that law enforcement themselves may
not now be pushing so strongly for some of the most ambitious and expensive
parts of the CDB. On the CDB generally Anderson comments that “law
enforcement itself wishes to reserve its detailed position on these proposals
pending further discussions with a Government that has a political mandate to
take it forward.” [9.67]
Nor could the government reintroduce unchanged the controversial Ministerial
order-making power in Clause 1 of the CDB, described by Anderson as
“excessively broad”. The power was at the heart of the CDB and was intended to
future-proof the legislation. It would
also have served to keep from public sight operational details of what data was
being retained. The Home Office told the Joint Committee in 2012 that it would
review the approach in Clause 1: “We did
receive from Mr Farr the important undertaking that Home Office officials would
look at clause 1 again, and advise Ministers on whether it can be changed,
enhanced or improved.”
A revised draft Communications Data Bill does exist within
the Home Office. Anderson reports that:
“The Home Office sought to take the recommendations of the JCDCDB into account and produced a pared-down draft Bill in early 2013, which I have been shown. … Though I asked Ministers in late 2014 for permission to show the draft Bill (or at least a summary of it) to CSPs with whom I discussed the issues … that permission was not forthcoming. It became clear that in the absence of unified political will to progress the proposals, there has been little discussion of them with important stakeholders.”
Add into the mix the Snowden fallout (the Chair of the CDB Joint
Committee was unamused to find that it had not been ‘even given any hint’ of
the existence of PRISM and TEMPORA), suggestions that the technological systems
proposed in the CDB are no longer as relevant or appropriate as they seemed in
2012 (Anderson para 14.29) and a clutch of recent court decisions that, among
other things, have invalidated (suspended until March 2016) the existing communications data retention
regime under DRIPA (the Data Retention and Investigatory Powers Act 2014) and we have a crystal ball that is cloudy in
the extreme.
Despite all of this, we can take a shot at predicting some
of what may be in the new draft Investigatory Powers Bill. (For a more comprehensive survey of the coming debate see here.)
GCHQ’s bulk interception warrant
What is it? The bulk interception warrant under Section 8(4)of RIPA. These warrants authorise GCHQ’s TEMPORA programme of tapping into
transatlantic fibre optic cables, one of the most significant Snowden
disclosures. According to the Snowden
documents back in 2012 TEMPORA processed some 40 billion items a day.
Section 8(4) is primarily a foreign investigatory tool, but has
significant domestic overlap. While it
focuses on capturing external communications (at least one end outside the
British Islands), those communications are mixed up in the cable with wholly
internal communications (both ends within the British Islands). In that
situation Section 8(4) allows internal communications to be collaterally swept
up into a common pool. The stream of data is filtered down by computers. GCHQ’s analysts can then track communications
of known suspects, search for suspicious material or try to join the dots of communications data to identify unknown suspects.
GCHQ’s computers and analysts cannot trawl indiscriminately
in the pool of external and internal communications. RIPA Section 16 is their
fishing permit. It specifies what they can fish for and some types of hooks
that they cannot use. They may examine
intercepted messages only within broad categories certified by the Minister. Without
special authorisation the analysts cannot search by content for communications
of people known to be within the British Islands at the time. However these constraints do not apply to communications data captured along with the
intercepted communications.
For: Regarded as a valuable tool for tracking the
communications of known suspects and identifying previously unknown threats.
Against: General warrants went out with John Wilkes, yet
Section 8(4) has the vice of the general warrant: collect in bulk
first, then use the intercepted material to form suspicions. By contrast a
targeted warrant is (or should be) justified only when there are pre-existing
grounds for suspicion. There are also many specific criticisms of the bulk
warrant system including the opaqueness of the drafting of RIPA Section 16, the
relative absence of controls over searching and analysing captured
communications data, the unworkability of the external/internal communications distinction and the ability of the Minister to authorise a search in the pool
for the communications of someone known to be within the British Islands.
Status: None of the reviews has recommended abolition of
bulk warrants. Anderson has recommended
several changes, including that each warrant should be much more specific in
its objectives. He has also recommended
a standalone bulk communications data warrant, to be used where interception of
content is not necessary.
Prediction: Bulk warrantry powers to stay, perhaps significantly modified.
Watch out for: Greater clarity of powers; public avowal of
how they are used; specific objectives for warrants; tighter constraints on
searching for communications of persons within British Islands; a framework for
searching captured communications data; a standalone communications data
warrant (perhaps including content-derived communications data); prior judicial
or quasi-judicial authorisation; tighter limits on who can apply for a bulk
warrant.
More on bulk interception warrants here.
Broad Ministerial powers
What is it? A wide statutory power in Clause 1 of the
draft CDB allowing Secretary of State to make regulations under which she could
give notices to CSPs to generate, obtain and disclose communications data and
to install designated equipment for that purpose.
For: Future proofing.
Against: Future proofing is inappropriate where intrusive
powers are concerned due to unknown consequences. Legislative powers and actual capabilities should be aligned. Overly broad powers breed suspicion. If the real substance is buried two layers
down in secret notices to CSPs then neither MPs nor the public can properly understand what is being voted on. An extended designated equipment power (the current RIPA power applies only to interception capability) smacks of surveillance by design, especially in conjunction with the power to compel communications data generation.
Status: Home Office told the Joint CDB Committee that it
would look again at Clause 1.
Prediction: Increased specificity, but government will still want a method of future-proofing.
Watch out for: A guessing game to work out how the powers
are intended to be used. Or will the government heed the ISC and Anderson’s
recommendations that all intrusive capabilities should be publicly avowed?
More on future-proofing here.
Browsing histories
What is it? Extension of current data retention powers so as to require storage of browsing histories (alias weblog data). This was one of the
most contentious aspects of the draft Communications Data Bill. It is like
keeping a list, which the authorities could demand to inspect, of all the books, newspapers and magazines that you have read in the
last year. Weblog data probably excludes web addresses
(URLs) ‘after the first slash’. That is like listing a book, but not every page
within it.
For: a step towards providing law enforcement authorities,
security agencies and other public authorities with perfect visibility of
anyone’s internet activity
Against: a step towards providing law enforcement
authorities, security agencies and other public authorities with perfect
visibility of anyone’s internet activity
Status: A centrepiece of the original draft Communications
Data Bill. Anderson wants a detailed operational case to be made out, and a
rigorous assessment conducted of the lawfulness, likely effectiveness,
intrusiveness and cost of requiring such data to be retained.
Prediction: Bank on this one coming back in some form.
Watch out for: Ambiguity and unintelligibility of datatypes: accurate, clear
explanations of the datatypes to be retained are essential if an informed
debate is to take place. Will a new case be made? Will there be prior
consultation separate from the pre-legislative Parliamentary scrutiny? Will it
be limited to law enforcement and service providers or will the wider public
and NGOs be consulted? How will invalidation of the existing data retention
powers in DRIPA be addressed?
More on weblog data retention here.
Digital footprints
What is it? Retention of the geolocation data that, thanks
to our smartphones and tablets, we leave like a breadcrumb trail behind
us. The Annex to the CDB Explanatory
Note explained that Communications data “includes information identifying the
location of equipment when a communication is or has been made or received
(such as the location of a mobile phone)”. A phone call, text, software update,
e-mail check, news feed update, an app checking in to its provider are all
communications and they happen all the time. Each could have precise GPS or
Wi-Fi location data associated with it.
For: The ability to access a minute by minute map of our
lives is useful to law enforcement.
Against: Not much different from the authorities putting a tracking bug on every one of us.
Status: The voluntary ATCSA Retention Code, which dates from
2003, specifies retention of location data for phone calls (12 months) and text
messages (6 months), in latitude/longitude form. DRIPA includes the mobile phone cell ID at
the start of the communication (up to 12 months). Location data was in scope of
the Secretary of State’s powers to direct retention under the draft CDB. The
current German draft data retention Bill would require location data to be kept
for 4 weeks.
Prediction: Probable.
Watch out for: This could get lost in the detail.
Data generation by decree
What is it? The Home Office would be able to order CSPs to
generate communications data for the benefit of the authorities. At the moment CSPs can only be made to retain
data that they already generate or process in the UK. Think about that list of
books, newspapers and magazines in the weblog data section (above). You don’t ordinarily keep a list? This is like compelling you to make one.
For: Law enforcement want the records to be made.
Against: Crosses a line into surveillance by design:
requiring systems to be designed for benefit of the authorities. Could be used
to require e.g. public wi-fi providers to collect name and address information
from users.
Status: Proposed in the draft Communications Data Bill. Not
yet implemented. Surprisingly little attention was paid in the three reviews to
this significant extension of existing powers.
Prediction: Data generation to reappear.
Watch out for: Will there be a lot of noise about it?
More on compelled data generation here.
Boundary between communications data and content
What is it? On the one side we have email addresses, user
IDs, IP addresses, domains, and the like.
On the other side content (including URLs beyond the first slash).
Public authorities have far readier access to communications data than to
content. There are also sub-divisions of
communications data (traffic data, service use data, subscriber data) that
under RIPA affect the conduct that is classified as interception. The powers of
public authorities to demand access to communications data vary depending on
the type of communications data.
Privacy advocates question the historic
assumption that content is necessarily more sensitive than communications data. Changes to the dividing line would have an impact on the data that the authorities could request and a knock-on effect on the scope of communications data retention.
Status: Anderson recommended that the boundary (including sub-divisions)
should be reviewed, with input from all interested parties including service
providers, technical experts and NGOs. The Intelligence and Security Committee
suggested an intermediate category of ‘communications data plus’ and that
content-derived information should continue to be regarded as content.
Prediction: Government will continue to maintain that
communications data is less sensitive than content. Possible clarification of the boundary
in areas of uncertainty such as social media and revision of communications
data categories.
Watch out for: Full consultation? A definition of content?
Treatment of content-derived communications data.
More on the content/communications data boundary here.
Third party data collection
What is it? A scheme that would enable the Home Office to
require CSPs to collect and retain communications data from foreign services
transiting their pipes. This was part of
the CDB.
For: A way of giving the authorities access to
communications data that they can’t collect from overseas providers.
Against: Expensive, utility unclear.
Status: As well as demanding that a compelling operational
case be made out before any proposals are progressed (see above), Anderson
hints that law enforcement may be less keen than they were in 2012: “Law
enforcement is also conscious that the proposal of third party data retention
was a particularly expensive one, and that its utility will be peculiarly
susceptible to technological developments. It may therefore be that this aspect
of the Communications Data Bill is no longer judged to be the priority that it
once was, even within the law enforcement community.” [9.64]
Prediction: Anyone's guess.
Watch out for: Lack of clarity over any proposed powers;
dividing line between content and communications data.
More on third party data collection here.
Request filter
What is it? A plan for a system enabling authorities to
search across communications data
collections retained by multiple CSPs.
Another part of the CDB.
For: said to be less intrusive by focusing searches
Against: Federated search implies storing detailed profiles
to link the databases together (CDB Joint Committee [114]).
Status: Anderson: “The Communications Data Bill contained
provision for the retention of third-party data and for a request filter. Law
enforcement still endorse the operational requirements which those provisions
were meant to address, but want to engage further with industry on the best
ways of meeting them.”
Prediction: Anyone’s
guess.
Watch out for: Clarity of technical proposal; consultation?
More on request filter here.
Judicial authorisation
What is it? Interception warrants in the UK are authorised
by a Minister, not by an independent judicial or quasi-judicial body. This has always been a bone of contention for
civil liberties advocates. Most demands
to access communications data are authorised internally by the requesting
authorities themselves.
For: The principle of the matter. The UK is out of step with
most other liberal democracies. Internet and tech companies based in the USA
may be more comfortable co-operating with judicial warrants.
Against: Ministers are in a better position to
judge the political implications of issuing a sensitive warrant. They are politically accountable for their actions.
Status: Up in the air.
Anderson has recommended a new Judicial Commission to take over
authorising interception warrants. RUSI has recommended a more limited scheme. The
judgment in the Davis/Watson judicial review of DRIPA has said (subject to
appeal) that the CJEU DRI decision means that there must be prior independent
authorisation of requests for mandatorily retained communications data. It could be said that the same should apply to
interception warrants.
Prediction: In the balance. The government
may prefer to retain Ministerial control over warrants. But if it wants the
new interception warrants regime to be legally bullet proof, the prudent course would
be to go with a scheme for judicial or quasi-judicial approval of interception
warrants. Separately it has to decide
how to deal with the regime for communications data demands following the Davis/Watson
decision.
Watch out for: Concentration on this issue to the detriment of others. It is important, but the scope and
reach of powers is critical.