Investigatory Powers Bill

Written Evidence submitted by Remote Control Project (IPB 55)

The Remote Control project is a project of the Network for Social Change hosted by Oxford Research Group. We examine and challenge ways of modern warfare which take place ‘behind the scenes’ rather than being conducted on a traditional battlefield. This includes the use of drones, developments leading to autonomous weapons, special operations forces (SOF), private military and security companies (PMSCs) and cyber and intelligence activities. We believe that the long-term consequences of remote control methods need to be factored into security policies and promote sustainable solutions to conflicts.

Summary

1. Remote Control has a number of concerns about the Investigatory Powers Bill. These include:

i. Lack of evidence for the effectiveness of mass surveillance as an intelligence gathering tool.

ii. The diversion of resources from more effective traditional methods of intelligence gathering.

iii. The potential for mass surveillance to cause alienation and contribute to radicalisation.

iv. Inadequate safeguards to guard against misuse.

2. We therefore recommend the following changes to the IP Bill:

i. Replacing all provisions for bulk data collection and retention with provisions for targeted surveillance based on reasonable suspicion.

ii. At a minimum, we recommend removing the most draconian of the provisions for bulk data collection, including removing the section proposing bulk retention of internet connection records in its entirety, removing the section proposing bulk equipment interference warrants, and removing the section proposing bulk dataset warrants.

iii. Amending the Bill to establish a full system of judicial authorisation for communications intercept, with a judge rather than a minister playing the exclusive oversight role. Failing this, ensuring judges have the scope (including access to all relevant material) to conduct a full merits review of warrants rather than just examine the procedure.

Concerns about mass surveillance in general

Lack of evidence for ability to foil terror plots

1.1. Three reports have been published in the US in recent years casting doubt on the effectiveness of mass surveillance programmes to thwart terror plots. The first is a joint report in 2009 by Inspector Generals for five intelligence and law enforcement agencies (the Department of Defence, the Department of Justice, the CIA, the NSA, and the Office of National Intelligence) on the NSA’s Stellar Wind mass surveillance programme. To quantify its value for counter-terrorism operations the report conducted two statistical studies. The first found that just 1.2% of tips gained from mass surveillance had made a "significant" contribution to identifying a terrorist, deporting a terrorism suspect or development of confidential information about terrorists. The second found that none have proved useful.

1.2. The second report was published by Washington based think tank New America Foundation in 2014. It similarly attempts a quantitative analysis by compiling a database of all individuals in the US (as well as US persons abroad) recruited by al-Qaeda or likeminded groups or inspired by al-Qaeda’s ideology, and charged in the US with an act of terrorism since 9/11, in order to ascertain the initial impetus for investigation. It found that NSA mass collection played an identifiable role in, at most, 1.8% of terrorism cases examined. Traditional investigative methods initiated the majority (60%) of terrorism cases. This includes community or family tips which made up 17.8% of total cases, as well as informants (16%), routine law enforcement (12%), militant self-disclosed by publicizing extremist activity (4%) and suspicious activity reports (8.4%).

1.3. Finally, a report from The President’s Review Group on Intelligence and Communications Technologies, a panel appointed by President Obama to review the government’s surveillance activities, also questioned the effectiveness of mass collection techniques. Their report ‘Liberty and Security in a Changing World’, published in December 2013 found on the question of mass collection that: "Our review suggests that information contributed to terrorist investigations by the use of section 215 telephony meta-data was not essential to preventing attacks and could readily have been obtained in a timely manner using conventional section 215 orders".

Lack of accuracy

2.1. The use of data-mining and automated data-analysis techniques used to filter down the vast amounts of data acquired in mass surveillance programmes comes with a high risk of false positives. False positives are bad data or imperfect search models that incorrectly identify terrorist suspects. As computer scientist Ray Corrigan has written, "Even if your magic terrorist-catching machine has a false positive rate of 1 in 1,000-and no security technology comes anywhere near this-every time you asked it for suspects in the UK it would flag 60,000 innocent people."

Diverting resources

3.1. Another concern with data mining is that the false positives and ‘noise’ it generates will cause a sea of data that will swamp analysts, taking investigative and analytical resources and attention away from more appropriate counter-terrorism methods. Michael Adebolajo and the Hebdo attackers, for example, were known to intelligence services before their attacks, suggesting the intelligence failures were caused by a lack of attention rather than lack of data.

Alienation

4.1 Counter-radicalisation experts have argued that mass surveillance may alienate Muslim communities, making them distrustful of the police and possibly even contributing to radicalisation. In 2014, Jonathan Russell from the counter-extremism group Quilliam wrote that the "introduction of a sweeping [mass surveillance] law…will be exploited by extremists to show that the government wants to spy on its own citizens [and] that all Muslims are suspected of being terrorists."

Concerns about the IPB in particular

General warrants

5.1. Part 6 of the Investigatory Powers Bill allows the security services to use ‘general warrants’ to intercept data from entire communications systems or sections of the public. GCHQ is believed to use about 20 of these warrants to collect approximately 50 billion communications events per day, including emails, browsing records, webpages, locations, and other data. We believe this is a clear case of mass surveillance.

Internet connection records

6.1. The IPB includes a new provision for the bulk retention of internet connection records. This means every internet user’s browsing histories will be stored automatically by internet service providers for 12 months. A wide range of public authorities will have access to internet connection records, including HMRC and the Food Standards Agency. Moreover, a warrant will not be required for access. Instead, a "designated person" within the relevant public authority can grant access. This gives blanket access to vast quantities of data with very little oversight.

Equipment interference

7.1 The Bill allows for ‘bulk equipment interference warrants’, which could enable the security services to hack into people’s computers and mobile phones en masse. This is another example of indiscriminate intrusion.

Bulk datasets

8.1. The IPB contains a provision for class warrants to be used to collect bulk personal datasets, such as medical records. Obtaining this data in bulk means the records of many people not under suspicion will be included in any dataset.

Oversight

9.1 The Bill proposes switching from ministerial authorisation for intercept warrants to a ‘double-lock’ system of ministerial authorisation combined with judicial review. In reality, this does not meet the requirement for proper judicial oversight, as the judge will only be able to review the procedure by which the minister authorises warrants rather than the merits of the warrants themselves. Without full, independent judicial oversight, the government is effectively signing off on its own warrants. This creates serious potential for abuse of powers.

April 2016

 

Prepared 6th April 2016