My Lords, I add my congratulations to the noble Lords, Lord Evans of Weardale and Lord Green of Deddington, on their maiden speeches and their thoughtful and insightful interventions on these vital issues of national security. Their experience is timely and we should all express our gratitude to them for serving in this House and bringing their great wealth of knowledge to this debate.
I welcome the opportunity to speak on this most important legislation and start by declaring my interest as the Prime Minister’s adviser on the digital economy. The focus of my remarks today will be on the issue of communications data and, specifically, Part 3 of the Bill, on data retention, which concerns a technical point but one with particular significance to counterterrorism efforts. I come to this discussion after decades of experience in executive roles with the world’s leading global internet and technology companies. In those roles I have witnessed first hand the vital importance of access to communications data to support law enforcement in serious and organised crime investigations as well as matters of national security.
It is important to be clear what we are talking about in Part 3. It is specifically about resolving IP address in order to identify the who, when, where and how of connections or communications. It does not provide for access to what people are saying or what they are sharing. Part 3 provides a simple technical fix to a technical problem of resolving an IP address. However, the value of that data can be pivotal in moving forward investigations. The police can use an IP address to prove or disprove an alibi, identify associations between suspects and tie an individual to a particular location or crime scene. Communications data have played a significant role in every security service counterterrorism operation over the last decade. These include the Oxford and Rochdale child grooming cases, the 2007 Glasgow Airport terror attack, and the Soham murders of Holly Wells and Jessica Chapman, to name but a few. If these data are not retained on reasonable terms, the implications are obvious.
Just last week, at the height of the horrific killings in and around Paris, Andrew Parker, director-general of MI5, spoke of the potential for mass casualty attacks in the UK by ISIL and al-Qaeda terrorists. He said:
“We increasingly face a world in which those who pose a serious threat may be able to operate beyond our reach”,
adding that MI5 will need,
“the right tools, legal powers and the assistance of companies which hold relevant data”.
He also warned that,
“a lack of cooperation from internet companies means that there is a risk of terrorists slipping through the net because MI5 cannot track them”,
and he renewed calls for enhanced access to digital communications.
As your Lordships will be aware, there are currently gaps in communications data capability that have a serious impact on the ability of law enforcement agencies to carry out their functions. One such gap is identified in the internet protocol address resolution in Part 3 of the Bill. The IP address identifies who in the real world was using the IP address at any point in time, or at least which device they were using, such as a mobile phone or a tablet. The IP address will not always tell us—