JOINT COMMITTEE ON THE DRAFT INVESTIGATORY POWERS BILL
CALL FOR WRITTEN EVIDENCEThe Joint Committee on the Draft Investigatory Powers Bill, chaired by Lord Murphy of Torfaen, was appointed by the two Houses of Parliament in late November 2015 to consider the Draft Investigatory Powers Bill, which was presented to the two Houses on 4 November 2015. The Committee invites any interested individuals and organisations to submit evidence to this inquiry.
The Committee in particular will explore the key issues listed below in detail, and would welcome your views on any or all of the following questions. Please note that questions are not listed here in any particular order of importance.
Written evidence should arrive no later than 21 December 2015. Public hearings will be held in November and December 2015 and January 2016. The Committee has been asked to report to the Houses, with recommendations, in February 2016. The report will receive a response from the Government. The time available for the Committee’s inquiry is short, and its focus will be on the contents of the draft Bill rather than more general aspects of policy. The Committee will not consider as part of its inquiry the merits of individual cases which have been, or are now, subject to formal proceedings in courts or tribunals.
Overarching/thematic questions:
Are the powers sought necessary?
o Has the case been made, both for the new powers and for the restated and clarified existing powers? Are the powers sought legal?
o Are the powers compatible with the Human Rights Act and the ECHR? Is the requirement that they be exercised only when necessary and proportionate fully addressed? Are they sufficiently clear and accessible on the face of the draft Bill? Is the legal framework such that CSPs (especially those based abroad) will be persuaded to comply? Are concerns around accessing journalists’, legally privileged and MPs' communications sufficiently addressed?
Are the powers sought workable and carefully defined?
o Are the technological definitions accurate and meaningful (e.g. content vs communications data, internet connection records etc.)? Does the draft Bill adequately explain the types of activity that could be undertaken under these powers? Is the wording of the powers sustainable in the light of rapidly evolving technologies and user behaviours? Overall is the Bill future-proofed as it stands?
Are the powers sought sufficiently supervised?
o Is the authorisation process appropriate? Will the oversight bodies be able adequately to scrutinise their operation? What ability will Parliament and the public have to check and raise concerns about the use of these powers?
Specific questions:
General
To what extent is it necessary for
(a) the security and intelligence services and
(b) law enforcement to have access to investigatory powers such as those contained in the Draft Investigatory Powers Bill? Are there any additional investigatory powers that security and intelligence services or law enforcement agencies should have which are not included in the draft Bill?
Are the new offences proposed in the draft Bill necessary? Are the suggested punishments appropriate?
Interception
Are there sufficient operational justifications for undertaking
(a) targeted and
(b) bulk interception? Are the proposed authorisation processes for such interception activities appropriate? Is the proposed process for authorising urgent warrants workable?
Are the proposed safeguards sufficient for the secure retention of material obtained from interception?
How well does the current process under Mutual Legal Assistance Treaties (MLATs) work for the acquisition of communications data? What will be the effect of the extra-territorial application of the provisions on communications data in the draft Bill?
Communications Data
Are the definitions of content and communications data (including the distinction between 'entities' and 'events' sufficiently clear and practical for the purposes of accessing such data?
Does the draft Bill allow the appropriate organisations, and people within those
organisations, access to communications data? Are there sufficient operational justifications for accessing communications data in bulk?
Is the authorisation process for accessing communications data appropriate?
Data Retention
Do the proposed authorisation regime and safeguards for bulk data retention meet the requirements set out in the CJEU Digital Rights Ireland and the Court of Appeal Davis judgments?
Is accessing Internet Connection Records essential for the purposes of IP resolution and identifying of persons of interest? Are there alternative mechanisms? Are the proposed safeguards on accessing Internet Connection Records data appropriate?
Are the requirements placed on service providers necessary and feasible?
Equipment Interference
Should the security and intelligence services have access to powers to undertake
(a) targeted and
(b) bulk equipment interference? Should law enforcement also have access to such powers? Are the authorisation processes for such equipment interference activities appropriate?
Are the safeguards for such activities sufficient?
Bulk Personal Data
Is the use of bulk personal datasets by the security and intelligence services appropriate? Are the safeguards sufficient for the retention and access of potentially highly sensitive data?
Oversight
What are the advantages and disadvantages of the proposed creation of a single Judicial Commission to oversee the use of investigatory powers?
Would the proposed Judicial Commission have sufficient powers, resources and independence to perform its role satisfactorily?
Are the appointment and accountability arrangements for Judicial Commissioners appropriate?
Are the new arrangements for the Investigatory Powers Tribunal including the possibility of appeal adequate or are further changes necessary?
GUIDANCE FOR SUBMISSIONS
Written evidence should be submitted online using the written submission form available at www.parliament.uk/draft-investigatory-powers-submission-form. This page also provides guidance on submitting evidence.
If you have difficulty submitting evidence online, please contact the Committee staff by email to
draftinvestigatorypowersbill@parliament.uk
or by telephoning 020 7219 8443. The deadline for written evidence is 21 December 2015.
Short submissions are preferred. A submission longer than six pages should include a onepage
summary.Paragraphs should be numbered. All submissions made through the written submission form will be acknowledged automatically by email.
Evidence which is accepted by the Committee may be published online at any stage; when it is so published it becomes subject to parliamentary copyright and is protected by parliamentary privilege. Submissions which have been previously published will not be accepted as evidence. Once you have received acknowledgement that the evidence has been accepted you will receive a further email, and at this point you may publicise or publish your
evidence yourself. In doing so you must indicate that it was prepared for the Committee, and you should be aware that your publication or re-publication of your evidence may not be protected by parliamentary privilege.Personal contact details will be removed from evidence before publication, but will be retained by the Committee Office and used for specific purposes relating to the Committee's work, for instance to seek additional information.
Persons who submit written evidence, and others, may be invited to give oral evidence. Oral evidence is usually given in public at Westminster and broadcast online; transcripts are also taken and published online. Persons invited to give oral evidence will be notified separately of the procedure to be followed and the topics likely to be discussed.
Substantive communications to the Committee about the inquiry should be addressed through the clerk of the Committee, whether or not they are intended to constitute formal evidence to the Committee.
This is a public call for evidence. Please bring it to the attention of other groups and individuals who may not have received a copy direct.
You may follow the progress of the inquiry at www.parliament.uk/draft-investigatorypow
Recently in Investigatory Powers Bill Category
UPDATE 26th November 2015:
The Chairman of the Draft Investigatory Powers Bill Joint Committee has been appointed: Lord Murphy of Torfaen. Paul Murphy was a Labour Minister for Northern Ireland (and Wales) and was the Chair of the Intelligence and Security Committee from 2005 to 2008, which failed to properly investigate the 7/7 2005 London bombings (required a second investigative report in 2009 with Kim Howells as Chair).
Draft Investigatory Powers Bill Joint Committee - membership
http://www.parliament.uk/business/committees/committees-a-z/joint-select/draft-investigatory-powers-bill/membership/
The target date for the scrutiny of this complicated 200 page Bill is set for 11th February 2016, which really is not enough time to do a thorough job, given the Christmas and New Year holidays.
Member | Affiliation | Notes |
---|---|---|
Victoria Atkins MP | Conservative | Barrister specialising in fraud, stood unsuccessfully in the Police and Crime Commissioner elections for Gloucestershire Constabulary |
Suella Fernandes MP | Conservative | Barrister |
Rt Hon David Hanson MP | Labour | Former Home Office Minister for Security, Counter-Terrorism, Crime and Policing |
Stuart C McDonald MP | SNP | Former immigration lawyer |
Dr Andrew Murrison MP | Conservative | Medical doctor and ex Royal Navy Surgeon-Commander |
Matt Warman MP | Conservative | Former technology editor of Daily Telegraph |
Baroness Browning | Conservative | Former Home Office Minister of State in the House of Lords |
Lord Butler of Brockwell | Crossbench | Former member of Intelligence & Security Committee (did look at previous Draft Comms Data Bill) , former Cabinet Secretary |
Bishop of Chester | Bishops | BA in Chemistry before becoming a cleric |
Lord Hart of Chilton | Labour | Former planning solicitor & Special Advisor |
Lord Henley | Conservative | Former Home Office Minister Crime Prevention and Anti-Social Behaviour Reduction |
Lord Murphy of Torfaen | Labour | Chairman of this Committee,former Chair of Intelligence & Security Committee (which failed to properly investigate 7/7 2005 London bombings etc.) |
Lord Strasburger | Liberal Democrat | Businessman, only member of previous Draft Communications Data Bill committee. |
Note the preponderance of likely "gone native" politicians with "experience" of Policing and Intelligence agencies.
Who will be elected as Chair of this Joint Committee ? Lord Butler the supposedly Cross Bench former Cabinet Secretary ?
Only Lord Strasburger (Liberal Democrat) served on the previous Draft Communications Data Bill Joint Committee, although Lord Butler of Brockwell did scrutinise some of it as a then member of the Intelligence and Security Committee.
The Emergency Debate on the Wilson Doctrine on Monday 19th October 2015:
Commons Hansard 19 Oct 2015 : Column 694
Almost no MPs bothered to attend this Emergency Debate on the operation of the Wilson Doctrine.
The MPs who did speak:
Chris Bryant (Rhondda) (Lab)
Mr Peter Bone (Wellingborough) (Con)
Mr David Davis (Haltemprice and Howden) (Con)
Lady Hermon (North Down) (Ind):
The Secretary of State for the Home Department (Mrs Theresa May)
Mr Kenneth Clarke (Rushcliffe) (Con)
Andrew Gwynne (Denton and Reddish) (Lab)
Tom Pursglove (Corby) (Con)
Mr Alistair Carmichael (Orkney and Shetland) (LD)
Mr David Winnick (Walsall North) (Lab)
Joanna Cherry (Edinburgh South West) (SNP)
Mark Field (Cities of London and Westminster) (Con)
Dr Andrew Murrison (South West Wiltshire) (Con)
Ms Margaret Ritchie (South Down) (SDLP)
Gavin Robinson (Belfast East) (DUP)
Caroline Lucas (Brighton, Pavilion) (Green)
Martin John Docherty (West Dunbartonshire) (SNP)
Will Her Majesty's Opposition hold the Government to account over this shoddy deception ? Or will the Corbynistas be overshadowed by the Scottish Nationalists ? Will the handful of Conservative MPs who seem to care about liberty and privacy and freedom have any effect on the Government ?
Chris Bryant, who lead this Emergency Debate, made a lot of sense in his analysis of the current Wilson Doctrine debacle, but the attitude of the rest of the Labour party, almost none of whom bothered to turn up, is still suspiciously unclear.
He rightly chided the Home Secretary for rushing through the Data retention and Investigatory powers Act in a single day, and hoped that the forthcoming Investigatory Powers Bill which might be able to ut the Wilson Doctrine or similar into law would not be similarly rushed through.
Andy Burnham (Lab) the Shadow Home Secretary turned up for a bit, and lurked next to Chris Bryant, but did not bother to speak
Where was the Deputy Leader Tom Watson (Lab), who is supposed to be a patron of the Open Rights Group and who did ask the Question which prompted Theresa May's "caveated statement" on the Wilson Doctrine earlier this year ? ?
Where were the Corbynistas ?
Dominic Grieve's contribution to the debate was restricted to promising that as Chair of the Intelligence and Security Committee, the Committee would consider MP and Constituency interception procedures along with other legally privileged lawyers and journalists etc.
Given the other things they must look into, it is unclear if they will contribute anything before the full Investigatory Powers Bill is set in motion early next year.
Peter Bone yet again asked the Home Secretary how many MPs have had their telephones intercepted since 1966. Her silence confirms that the number is clearly not zero, making a mockery of even the very narrow definition of the Wilson Doctrine which is now being spun by the Government.
David Davis correctly summed up the Wilson Doctrine is effectively dead:
"the doctrine is dead. Whether or not it is legally dead, it is in practice dead. It is dead in the eyes of the people--whistleblowers, campaigners and so on--who might come to us, and we have to do something to replace it."He also mentioned the vital importance of metadata, which the Wilson Doctrine sneakily does not "protect".
Spy Blog would also like to see protection for Constituents, Campaigners, Journalists, Whistleblowers and other elected representatives all the other RIPA an non-IPA surveillance techniques included in the new Investigatory Powers Bill e.g. MetaData / Communications data / Traffic Data (RIPA 2000 Part II) , compelled access access to Encrypted Data (RIPA III), CHIS Covert Human Intelligence Sources (informers and infiltrators), bugging and tracking devices (Police Act 1997 Part III) etc.
The Scottish Nationalist Party outnumbered the Labour Party and emphasised the need for Scottish Parliament, Welsh Assembly, Northern Ireland Assembly and UK Members of the European Parliament to have their communications with constituents and whistleblowers etc. protected.
The 3 MPs from Northern Ireland pointed out what even Theresa May admitted was a "conundrum" - it is unclear with the shifting changes made in secret to the Intelligence Agencies Guidance, did the Wilson Doctrine apply or not apply to those "double dipping" Members of Parliament MPs who were also simultaneously Members of the Legislative Assembly (MLA) ?
Caroline Lucas of course was a party to the the Investigatory Powers Tribunal case and mentioned the point Spy Blog noticed that even though the Wilson Doctrine has no legal power, neither do the Draft Code of Practice (not yet presented to, let alone approved by Parliament) nor the internal Intelligence Agency Guidance.
The lack of interest in their constituents' privacy and liberties shown by the absent MPs does not bode well for the forthcoming Draft Investigatory Powers Bill.
Police Oracle announced that Commissioner of the City of London Police Adrian Leppard has announced his retirement. Will this come in to effect before the Investigatory Powers Bill is scrutinised by Parliament in the autumn ?
City of London Police are supposed to be the UK National Policing lead for preventing economic crimes. They run two controversial private industry funded national units Police Intellectual Property Crime Unit (PIPCU) dealing with "intellectual property" and counterfeit goods and the
Dedicated Cheque and Plastic Crime Unit (DCPCU)
It is therefore very peculiar that Commissioner Adrian Leppard should put his name to this New York Times Op Ed article, attacking Apple and Google mobile phone handset encryption. How many billions of pounds of UK economic secrets are protected by such
encryption on mobile phones belonging to City of London financial industry workers ?
Commissioner Leppard should be collecting hard evidence of the numbers and types of of mobile phones his officers have actually seized as evidence and the numbers reported lost or stolen, with and without strong encryption enabled (N.B. only recent versions of Android can do this and the feature is not switched on by default)
so that he can inform the Investigatory Powers Bill scrutiny with some facts rather than cherry picked handwaving examples, which is the usual inadequate or deliberately deceitful Home Office and Police
Don't hold your breath though, as Commissioner Leppard is seemingly ignorant of some of the basics of today's internet protocols
UK Police: Enforcement won't work against a piracy
When Phone Encryption Blocks JusticeBy CYRUS R. VANCE Jr., FRANÇOIS MOLINS, ADRIAN LEPPARD and JAVIER ZARAGOZAAUG. 11, 2015
Cyrus Vance Jr. , clearly the main author of this article, is the son of the Washington political insider Cyrus Vance who is associated with several US Foreign Policy disasters such as the end of the Vietnam war and the Iran hostage crisis.
Like previous New York public prosecutors (these are political appointments), he may well be trying to stir up political support for a future political career, like Rudy Guiliani
In June, a father of six was shot dead on a Monday afternoon in Evanston, Ill., a suburb 10 miles north of Chicago. The Evanston police believe that the victim, Ray C. Owens, had also been robbed. There were no witnesses to his killing, and no surveillance footage either.With a killer on the loose and few leads at their disposal, investigators in Cook County, which includes Evanston, were encouraged when they found two smartphones alongside the body of the deceased: an iPhone 6 running on Apple's iOS 8 operating system, and a Samsung Galaxy S6 Edge running on Google's Android operating system. Both devices were passcode protected.
An Illinois state judge issued a warrant ordering Apple and Google to unlock the phones and share with authorities any data therein that could potentially solve the murder. Apple and Google replied, in essence, that they could not -- because they did not know the user's passcode.
The homicide remains unsolved. The killer remains at large.
Until very recently, this situation would not have occurred.
Last September, Apple and Google, whose operating systems are used in 96 percent of smartphones worldwide, announced that they had re-engineered their software with "full-disk" encryption, and could no longer unlock their own products as a result.
According to Apple's website: "On devices running iOS 8.0 ... Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user's passcode, which Apple does not possess."
A Google spokeswoman said, "Keys are not stored off of the device, so they cannot be shared with law enforcement."
Now, on behalf of crime victims the world over, we are asking whether this encryption is truly worth the cost.
Not only is this strong encryption worth the cost, there should, in fact be much more of it, switched on by default.
Between October and June, 74 iPhones running the iOS 8 operating system could not be accessed by investigators for the Manhattan district attorney's office -- despite judicial warrants to search the devices. The investigations that were disrupted include the attempted murder of three individuals, the repeated sexual abuse of a child, a continuing sex trafficking ring and numerous assaults and robberies.
Criminal defendants have caught on. Recently, a suspect in a Manhattan felony, speaking on a recorded jailhouse call, noted that "Apple and Google came out with these softwares" that the police cannot easily unlock.
Apple, Google and other proponents of full-disk encryption have offered several rationales for this new encryption technology. They have portrayed the new policy as a response to the concerns raised by Edward J. Snowden about data collection by the National Security Agency. They say full-disk encryption makes devices generally more secure from cybercrime. And they assert that, if the companies had master encryption keys, then repressive governments could exploit the keys.
These reasons should not be accepted at face value. The new Apple encryption would not have prevented the N.S.A.'s mass collection of phone-call data or the interception of telecommunications, as revealed by Mr. Snowden. There is no evidence that it would address institutional data breaches or the use of malware. And we are not talking about violating civil liberties -- we are talking about the ability to unlock phones pursuant to lawful, transparent judicial orders.
The NSA is not the only threat to privacy and security, how would Vance & his co-signatories protect our privacy and financial information from criminals and terrorists and hostile foreign intelligence agencies who may steal or access such secrets held on mobile phone handsets ?
In the United States, Britain, France, Spain and other democratic societies, the legal system gives local law enforcement agencies access to places where criminals hide evidence, including their homes, car trunks, storage facilities, computers and digital networks.Carved into the bedrock of each of these laws is a balance between the privacy rights of individuals and the public safety rights of their communities. For our investigators to conduct searches in any of our jurisdictions, a local judge or commissioner must decide whether good cause exists. None of our agencies engage in bulk data collection or other secretive practices. We engage in targeted requests for information, authorized after an impartial, judicial determination of good cause, in which both proportionality and necessity are tested.
Nonsense. There is is no independent judicial warrant involved in most UK mobile phone handset searches or seizures - these are self authorised by the UK police themsleves.
It is this workable balance that proscribes the operations of local law enforcement in our cities, and guides our residents in developing their expectations of privacy. But in the absence of laws that keep pace with technology, we have enabled two Silicon Valley technology companies to upset that balance fundamentally.The Evanston case is just one example. In France, smartphone data was vital to the swift investigation of the Charlie Hebdo terrorist attacks in January, and the deadly attack on a gas facility at Saint-Quentin-Fallavier, near Lyon, in June. And on a daily basis, our agencies rely on evidence lawfully retrieved from smartphones to fight sex crimes, child abuse, cybercrime, robberies or homicides.
Note the weasel words "smartphone data" - this is not SmartPhone handset encrypted data held on the internal or external microSD card or in the local address book or locally saved SMS message which is what the rest of this article is talking about.
Over the air SmartPhone metadata may have been used in the hunt for the Charlie Hebdo murderers (who brazenly called TV news stations whilst on the run), but there are no reports of any mobile phone handset encryption being used at all.
The murderers had been under full telephone monitoring and intercept for months previously, with nothing to alert the authorities.
It turns out the wives of the murderers had been in contact with each other hundreds of times, but the murderers themselves had stuck to face to face meetings.
Full-disk encryption significantly limits our capacity to investigate these crimes and severely undermines our efficiency in the fight against terrorism. Why should we permit criminal activity to thrive in a medium unavailable to law enforcement? To investigate these cases without smartphone data is to proceed with one hand tied behind our backs.
Nonsense. None of the Mobile Phone network generated calling pattern or physical location metadata is affected by "full disk encryption" - none of it is actually stored on the SmartPhone handset anyway. This is all accessible to law enforcement with a judicial warrant, or, in the UK, without one at all.
The new encryption policies of Apple and Google have made it harder to protect people from crime. We support the privacy rights of individuals. But in the absence of cooperation from Apple and Google, regulators and lawmakers in our nations must now find an appropriate balance between the marginal benefits of full-disk encryption and the need for local law enforcement to solve and prosecute crimes. The safety of our communities depends on it.
Cyrus R. Vance Jr. is the Manhattan district attorney. François Molins is the Paris chief prosecutor. Adrian Leppard is the commissioner of the City of London Police. Javier Zaragoza is the chief prosecutor of the High Court of Spain.
Recent Comments