|It is the duty of Government to maintain the safety and security of citizens. This is not only in the public interest; it is in the interest of law-abiding members of the public. For this the law enforcement agencies must be given the tools they need. Reasonable access to some communications data is undoubtedly one of those tools. But the Government also have a duty to respect the right of citizens to go about their lawful activities, including their communications, without avoidable intrusions on their privacy. These duties have the potential to conflict.
More than a decade ago the Regulation of Investigatory Powers Act 2000RIPAset out the conditions which the law enforcement agencies and others have to satisfy if they wish to access communications datathe details about communications, but not their content. The Act specifies what data can be accessed, by whom, for what purposes, and subject to what conditions. Since 2000, however, methods of communicating have changed, and the volume of communications data potentially available to public authorities has increased very significantly. The draft Bill which we have been considering is the Government's endeavour to bring the law up to date.
We accept that there is a case for legislation which will provide the law enforcement agencies with some further access to communications data, but we believe that the draft Bill pays insufficient attention to the duty to respect the right to privacy, and goes much further than it need or should for the purpose of providing necessary and justifiable official access to communications data. Clause 1 would give the Secretary of State sweeping powers to issue secret notices to communications service providers (CSPs) requiring them to retain and disclose potentially limitless categories of data. We have been told that she has no intention of using the powers in this way. Our main recommendation is therefore that her powers should be limited to those categories of data for which a case can now be made. If in future a case can be made for the power to be increased, this should not be done without effective Parliamentary scrutiny. We recommend the procedure for this.
The same procedure should apply if the power to request communications data is to be given to more authorities than the police, intelligence and security services, SOCA, HMRC, FSA and UKBA. If data is required for wider purposes than at present, this needs primary legislation.
We believe that the current safeguards on the authorisation of applications for access to data are working better than is often thought, but we make recommendations for improving them, and for strengthening the roles of the Interception of Communications Commissioner and the Information Commissioner. We suggest amending the definition of "communications data" which no longer meets current needs. We have looked at jurisdictional problems which will face overseas network providers in particular. We criticise the Government's estimates of the cost of the Bill and the benefits to be derived from it; some of the figures are fanciful and misleading.
We believe our recommendations would result in a Bill which would give the law enforcement agencies the essential tools they need to tackle serious crime and terrorism but at the same time limit the risk of intrusion into the privacy of the vast majority of honest citizens.