Out-Law News 2 min. read

'Lack of transparency' over communications surveillance, admits oversight body


The "piecemeal" and "unnecessarily complicated" rules governing communications surveillance activities in the UK has led to a "lack of transparency" over whether UK intelligence and security agencies are operating within the law, a parliamentary committee has concluded.

The Intelligence and Security Committee (ISC) said, though, that it is "satisfied that the UK’s intelligence and security agencies do not seek to circumvent the law", including existing human rights legislation.

However, the Committee has recommended a complete overhaul of the UK's surveillance laws. It said the new framework "must clearly set out the intrusive powers available to the agencies, the purposes for which they may use them, and the authorisation required before they may do so".

The Intelligence and Security Committee's report (149-page / 1.43MB PDF) on privacy, security and the legal framework was the result of an inquiry it held into the full range of UK spy agencies' intelligence gathering capabilities. The ISC has responsibility for oversight of the UK intelligence community.

The ISC said it had "scrutinised" what capabilities UK intelligence agency GCHQ has to engage in "bulk interception" of communications. It said it found that the law enforcement and security agencies "do not have the legal authority, the resources, the technical capability, or the desire to intercept every communication of British citizens, or of the internet as a whole".

It said the systems GCHQ use for mass surveillance "operate on a very small percentage of the bearers that make up the internet." and that it was satisfied that filtering and selection processes ensure that only a proportion of the data being carried over internet networks is actually collected.

The ISC said that "further targeted searches ensure that only those items believed to be of the highest intelligence value are ever presented for analysts to examine" and that, as a result, "only a tiny fraction of those collected are ever seen by human eyes".

The Committee also said that it had assessed the oversight of communications surveillance and established that "bulk interception cannot be used to target the communications of an individual in the UK without a specific authorisation naming that individual, signed by a secretary of state".

ISC described its findings as "reassuring" but said they did not detract for the need for "a new, transparent legal framework" to be introduced in the UK.

"There is a legitimate public expectation of openness and transparency in today’s society, and the intelligence and security agencies are not exempt from that," the ISC said.

However, Jim Killock, executive director of civil liberties campaigners the Open Rights Group, said the ISC "should have apologised" for "their failure to inform parliament about how far GCHQ's powers have grown". He said the ISC's report "fails to address any of the key questions apart from the need to reform our out-of-date surveillance laws" and demonstrated that the ISC "lacks the sufficient independence and expertise to hold the agencies to account".

A new report published by the ORG called on the government to overhaul existing laws on intelligence gathering and implement new ones that permit the UK's security services and law enforcement agencies to engage only in "targeted" as opposed to "mass" surveillance.

Surveillance decisions should also be subject to prior judicial authorisation, and communications data should benefit from the same legal protections as the content of communications, the ORG said.

Earlier this year, UK prime minister David Cameron pledged to give UK law enforcement and intelligence gathering agencies "comprehensive" new powers to monitor communications and access data associated with those communications if he is still prime minister after May's general election.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.