I know the clear position that my hon. Friend has enunciated on many occasions in the House. There will be wider debates and discussions on the position of the European Convention and a British bill of rights, with which my hon. Friend is very familiar and which I personally support to ensure that our domestic law is framed properly in the context of convention rights. However, we have reflected carefully on the judgment—the right hon. Member for Blackburn (Mr Straw) described it as dense and complicated—which the Bill reflects on in the nature of the obligations set out therein. We have judged that primary legislation to avoid any uncertainty is appropriate and necessary, given the huge reliance that is placed on communications data and the right to be able lawfully to intercept for the prescribed purposes. I am sure that the wider debate—and the Select Committee that my hon. Friend chairs—is focused on the jurisdiction of the European Court of Justice over matters that are opted into and the position post-December 2014. We have reflected carefully on the application, scope and
enforceability of the Bill and its compliance with relevant legislation of whatever kind, and we are confident that it meets that challenge.
Given that the European Court was considering only the data retention directive and not how member states implemented it, it did not take into account the rigorous controls in place in the UK as part of its judgment. Access to communications data in the UK is stringently regulated and safeguarded by the Regulatory and Investigatory Powers Act 2000. Data are retained on a case-by-case basis and must be authorised by a senior officer, at a rank stipulated by Parliament, from the organisation requesting the data. The authorising officer may approve a request for communications data only if the tests of necessity and proportionality are met in the particular case.
Our system was examined in detail by the Joint Committee on the draft Communications Data Bill, and it was satisfied that the current internal authorisation procedure is the right model. However, to ensure that communications data cannot be accessed using information-gathering powers that are not subject to the rigorous safeguards in RIPA, the Bill ensures that data retained under this legislation may be accessed only in accordance with RIPA, a court order or other judicial authorisation or warrant.
Hon. and right hon. Members who followed the discussions surrounding the draft Communications Data Bill will be aware that communications service providers are also able to retain communications data on a voluntary basis under a code of practice made under the Anti-terrorism, Crime and Security Act 2001. This clause ensures that the regulations made under this Bill can apply the same security safeguards and access restrictions to data retained under that code. I therefore believe that the clause should stand part of the Bill.