The hon. Lady will no doubt be unsurprised to hear that I do not accept that I am wrong. She is cherry-picking her way through the evidence that was heard. There was evidence contrary to the position that she has stated. I accept that there is a debate about this point, but I take the side that the review of judicial review principles does not go far enough. Why not go as far as other countries? Why not have one stage of judicial authorisation? That is the norm in comparable jurisdictions, by which I mean the United States, Australia and Canada. Judicial authorisation would help us, because it would encourage co-operation from US technology firms.
On a practical note, a two-stage process—whereby the issue goes to a Minister first and then to a judicial commissioner—risks delay. There is a huge volume of surveillance warrants, and it looks like there will be an awful lot more as a result of this Bill. It is unsuitable for a small number of Cabinet Ministers to deal with them.
I want to deal with another false premise that is often used to justify ministerial involvement in the issuance of warrants. Some people seek to argue that Ministers are democratically or politically accountable to this House on the issue of surveillance warrants, but that is a misconceived argument. Ministers are not really democratically accountable for their role in issuing warrants, because, first, the disclosure of the existence of a warrant has been criminalised and it will remain as such under the Bill. Secondly, all of us know—even those such as me who have been in this House for only nine months—that requests for information concerning such matters in this House are routinely parried with claims about national security. I do not accept that Ministers are practically, politically or democratically accountable to this House on the issuance of warrants. To return to the jurisprudence of the Strasbourg Courts, they have made it very clear that it is important to have effective supervision by an independent judiciary. We query whether the double lock mechanism meets that test.
We agree with many others that the case for collecting internet connection records, including the claimed benefit for law enforcement, is flawed. That is not just my say-so: there are many concerns across the industry. People who understand the technicalities far better than I do have explained the problem to me. I again associate myself with what the shadow Home Secretary said: the internet is not like the telephone system. An internet connection record cannot be compared to a telephone bill. The phone system consists of a set of records
relating to when A calls B. If we collect phone system records, we will see at what time A called B and the duration of the call. As I understand it, the internet is more like a mailbox that collects packets of information and then takes them from A to B.
To take a rather middle-aged example, if somebody uses the Facebook messenger service, all the internet connection record will show is that he or she has connected to Facebook messenger. It will not show with whom he or she then communicated, because that occurs at a higher or lower level or in another unreachable packet. The internet connection record will not show the when, where and who that the Government say they want, and which they already get from phone records.
What the internet connection records will show is a detailed record of all of the internet connections of every person in the United Kingdom. There would be a 12-month log of websites visited, communication software used, system updates downloaded, desktop widgets, every mobile app used and logs of any other devices connected to the internet. I am advised that that includes baby monitors, games consoles, digital cameras and e-book readers. That is fantastically intrusive. As has been said, many public authorities will have access to these internet connection records, including Her Majesty’s Revenue and Customs, and the Department for Work and Pensions, and it will be access without a warrant. Do we really want to go that far? There is no other “Five Eyes” country that has gone as far. David Anderson QC said:
“Such obligations were not considered politically conceivable by my interlocutors in Germany, Canada or the US”
and therefore, he said, “a high degree of caution” should be in order.
Finally, let me turn to bulk powers. I have already made the point that even the Interception of Communications Commissioner’s Office says that bulk provides at the outset generalised initial intercept. We became aware of these bulk interception programmes only when they were disclosed by Edward Snowden in June 2013—whatever Members think about those disclosures and whether they were appropriate, that is how we became aware of the matter. This House has never before debated or voted on bulk powers, so we are being asked to do something very novel and very challenging, and we must do it properly.
The power to conduct mass interception has been inferred from the vaguely worded power in section 8(4) of RIPA, which illustrates the danger of vaguely worded legislation. Targeting bulk warrants at a telecommunications system or at entire populations rather than at specific individuals is a radical departure from both the common law and human rights law, yet that is the approach that will be maintained in this Bill. In many respects, that is the most worrying part of the Bill. Indeed, it is the part of the Bill about which the UN special rapporteur on privacy is most concerned. Let me read what he said, because it is very respectful of the tradition of the United Kingdom and it makes some very good points. He said:
“It would appear that the serious and possibly unintended consequences of legitimising bulk interception and bulk hacking are not being fully appreciated by the UK Government. Bearing in mind the huge influence that UK legislation still has in over 25% of the UN’s member states that still form part of the Commonwealth, as well as its proud tradition as a democracy
which was one of the founders of leading regional human rights bodies such as the Council of Europe, the SRP encourages the UK Government to take this golden opportunity to set a good example and step back from taking disproportionate measures which may have negative ramifications far beyond the shores of the UK. More specifically, the SRP invites the UK Government to show greater commitment to protecting the fundamental right to privacy of its own citizens and those of others and also to desist from setting a bad example to other states by continuing to propose measures, especially bulk interception and bulk hacking, which prima facie fail the standards of several UK parliamentary Committees, run counter to the most recent judgements of the European Court of Justice and the European Court of Human Rights, and undermine the spirit of the very right to privacy.”
The rapporteur is appealing to the better tradition in this country, and saying that we should look at this Bill very carefully. He is suggesting not that we should throw it out, but that we scrutinise it very carefully, bearing in mind how far it intends to go in comparison with other countries and with existing international case law.