|Regulation of Investigatory Powers Bill
Mr. Charles Clarke: I should like to congratulate the hon. Gentleman on what may be a record number of amendments in one group. In the late hours of last night I counted them and there are 39, which is impressive.
I hope that the hon. Gentleman will acknowledge that during our proceedings the Government have not argued that any amendments have been deficient in character. That can sometimes be argued, but not in this Committee. We have tried to deal with all amendments on their merits, and I shall do that now.
It is important to place on the record an explanation of communications data, because there is much controversy about what the term means. In so doing, I shall answer some of the hon. Gentlemen's specific questions about the extent to which the data are collected at present.
In simple terms, communications held by the communication service provider, but do not cover the content of the communication itself. Typical examples of communications data are subscriber details to a particular means of communication such as a telephone or itemised billing, although in a small minority of cases the data can be more intrusive than that.
My officials have creatively produced an example that I shall explain to the Committee. If one draws an analogy between the types of communications data and the proceedings in this Room under your chairmanship, Mrs. Michie, subscriber details would equate to a police force being able to find out by examining records who are the members of the Committee; itemised billing would equate to the police force being told who spoke in each part of the debate and how long they spoke for-in some cases a long time, in others briefly; internet data may be capable of equating to the publications that members of the Committee brought into the Room this morning and the documents that the picked up from the Desk; and full interception would equate to the Hansard record of the debate. I am grateful to my officials for generating that example so that we can use our own experience to show graphically what communications data are.
Clearly, therefore, although accessing communications data is an intrusive activity that requires proper regulation, the degree of intrusion is several orders of magnitude lower than interception.
Mr. Allan: I assume that the Minister is saying that his third category-the internet data-is included within communications data. Visits to websites are a practical thing that people do now. If people monitored my website, they could find out who I banked with and shopped with, whether I had been to a travel agent and so on, which is far more intrusive than anything has been historically.
Mr. Clarke: I shall come to that specific point.
As I was saying, although accessing communications data is an intrusive activity requiring proper regulation, the degree of intrusion is several orders of magnitude lower than interception and equates more closely to physical surveillance. However, members of the Committee might consider, as I do, that being followed around the streets by a surveillance team would constitute a greater intrusion into my privacy than someone looking through my itemised telephone bill or even examining the websites that I visited in my last internet session, to take the hon. Gentleman's example.
There is no question that access to data affects the way in which we all do business in this country-the hon. Gentleman gave some examples about his banking and so on, but it goes wider than that-and involves not only law enforcement, security and intelligence agencies but anyone who offers a service. If one phones up to book a holiday, one no longer needs to give one's address: one simply gives the postcode, name and house number, and the person at the other end of the phone knows the street, town and credit rating. That happens routinely now. Any member of the public can buy databases off the shelf that provide all sorts of personal information, including communications data. Yet the amendments suggest that, if the police want to obtain such data to investigate a crime, they should first go to a judge to obtain authorisation.
The number of requests made currently for communications data is far greater than the number of interception warrants, but that is not surprising. There is much more crime than serious crime in this country and far more police officers employed in the investigation of crime than serious crime alone. It is because communications data are so useful that so many requests are made each year. The Committee will want reassurance that the data are being used proportionately and where necessary, so I am happy to give the information that the hon. Gentleman requested.
So far this calendar year, 96.8 per cent. of all the communications data requests-for example, by Customs and Excise-have been for subscriber details, the most basic level of check, while 2.9 per cent. of the remainder has been for itemised billing inquiries and the remaining 0.3 per cent. for other services, none of which is more intrusive than those carried out by a surveillance team. To give an idea of the scale, that equates to a total of 18,940 requests for data-far more than could be accommodated by judicial authorisation.
The implication of the hon. Gentleman's question is, ``Are these requests necessary?'' The Bill addresses that question, requiring that no authorising officer may authorise a notice unless obtaining the communications data is both necessary and proportionate. We return to those important qualifications relating to the ability to act under the provisions of the Bill. A significant element of our consideration of the Bill involves making its provisions work within the context of the Human Rights Act 1998, and the words ``necessary'' and ``proportionate'' are important in that context.
At present, the Data Protection Act safeguards are faily lax, and have been made tighter only through voluntary co-operation between the telecoms industry and law enforcement. There is currently no independent oversight. The Bill places oversight of the use of this power under the remit of the interception of communications commissioner, which will give greater guarantees to the citizen than those that exist under the present arrangements.
An audit team from the commissioner's office will undertake periodic inspections of each body to ensure that the power is being used responsibly. I hope that the hon. Gentleman will welcome that proposal. The teams will inspect records, checking the details to ensure the necessity and proportionality of what has been requested.
Mr. A. J. Beith (Berwick-upon-Tweed): I was struck by the Minister's references to audit teams from the commissioner's office. This will be a significant development, compared with the experience to date under the Interception of Communications Act 1985, which has been a relatively lonely task. What scale of resources does the Minister envisage being involved in this task?
Mr. Clarke: It is worth making the point that, under the IOCA requirements high levels of interception were being discussed. As I have said previously in Committee, we are talking about a relatively small amount of data. However, communications data such as I have described will require a larger responsibility; I have been keen to be frank with the Committee about what is taking place in that context.
I used the term ``audit teams'' to establish that an audit will check what is happening in practice, rather than examine every case universally. We do not anticipate the need for a substantial apparatus to carry out that task. However, we do anticipate that proper regimes, such as audits, will be put in place to check that procedures are being properly followed. We shall then be able to make judgments about the necessity and proportionality of what is being done. I should like to put the right hon. Gentleman's mind at rest about the scale of the operation. I used the word ``audit'' because we want to establish systems that will genuinely assess what is taking place.
Mr. Beith: I want to reassure the Minister that my inquiry was based on the concern that there should be sufficient resources at the commissioner's disposal to enable him to send in audit teams.
Mr. Clarke: I appreciate that that was the right hon. Gentleman's intention, and I welcome it. We shall discuss this matter when we reach the clauses relating to the commissioner. We are actively considering the details of those provisions at present, which is why I am being slightly less than specific in my response. However, I wanted to lay to rest the idea that we might introduce some great bureaucratic operation, and to explain why I used the word ``audit'' rather than specifying a universal method of checking.
I have explained that the information that can be obtained through communications data is no more intrusive, and generally less intrusive, than directed surveillance. That is why we have the level of authorisation that we have. Directed surveillance is, as the Committee knows, surveillance in a public place that gives information about life style, contacts and movements. This is a normal, day-to-day policing activity and is authorised within the police force at an appropriate level. We consider that the level of superintendent is right for that type of authorisation, and we also consider that an appropriate level for accessing communications data. From the point of view of levels of intrusion, we believe that internal authorisation is right.
We must also consider the number of notices likely to be served under the provisions. It will be far higher than the number of interception warrants, because communications data are used for many more purposes than interception of communications-as I have suggested in an answer to the right hon. Member for Berwick-upon-Tweed (Mr. Beith)-or other highly intrusive techniques. Judicial authorisation would be inappropriate, and would place unacceptable strains on the court service.
I have tried to be as open as I can be in dealing with the points that have been made and to give information not only to the hon. Member for Hallam but to other members of the Committee-and, through Hansard, to the wider public-about what is happening with regard to communications data. I am worried that there has been insufficient understanding of their nature. I emphasise that I refer not to the hon. Gentleman-it is clear from his comments that he fully grasps the subject-but to the wider discussions that have taken place. That is why I gave such a full explanation.
On that basis, I hope that the hon. Gentleman will withdraw the amendment. Otherwise, I shall resist it and ask the Committee to vote against it.
|©Parliamentary copyright 2000||Prepared 28 March 2000|