Mr Howarth

- Hansard -

Copy Link

-

I was coming on to talk about the sorts of cases that we might be confronted with. If my remarks answer the hon. Gentleman’s point, so be it. If not, I am sure he will intervene again.

Temporary exclusion orders and the managed return process, as the Home Secretary described it, is seen as the alternative to a judicial process that for various practical reasons would either be not very just, or at least closed or partly closed. It would therefore be impractical and difficult to judge whether proceedings were fair or otherwise for anyone who was not involved, and even for some of those who were. In principle the provisions in clause 2(1) are probably acceptable, but I have a couple of issues—this goes directly to the point made by the hon. Member for Skipton and Ripon (Julian Smith)—about how they will work in practice. Perhaps one way of looking at it would be to give examples of the kinds of cases that we are likely to see with people returning from Syria or Iraq. For convenience, I have bracketed them under three headings. They are not mutually exclusive and it is possible that in some cases all three will apply, and in others just one.

Mr George Howarth

- Hansard -

Copy Link

-

I wish to begin by providing some context. The Intelligence and Security Committee’s report in February 2013 referred to the Home Office’s assessment that there was a

“25% shortfall in the communications data that public authorities would wish to access and what they are currently able to access.”

That is, of course, an estimate, as it is not possible to be precise about what is unknowable, but the existence of a shortfall is a legitimate cause for concern. The report goes on to suggest that

“left unchecked, this gap will increase.”

Perhaps the Minister will be able to say whether it has increased and, if so, whether by an appreciable amount. It would be interesting to know that, and I suspect it has increased.

It is worth spending a little more time examining what we know about both the scale and the sources of interceptions that take place. In his annual report for 2013, the interception of communications commissioner, Sir Anthony May, noted that the total number of authorisations for interception of communications data under part 1 of RIPA stood at 514,608, down from 570,135 in 2012. He pointed out that these figures do not represent sole individuals, because

“public authorities often make multiple requests for communications data in the course of a single investigation but also make multiple requests for communications data in relation to the same individual.”

The figures give some indication of the scale of this, rather than the number of individuals who are covered. Under the same process, Sir Anthony notes that 87.7% of authorisations were at the request of the police and law enforcement agencies, 11.5% were from the intelligence agencies, and the rest were from local and other public bodies.

Worldwide, the scale of online communications is daunting. About 3 billion people have access to the internet, and during the time I have been speaking more than 200 million e-mails will have been sent, 2 million Google searches will have been made and there will have been 6 million Facebook views. So why is it considered important that the police, intelligence agencies and other bodies have access to some of the data records of these online communications? Overwhelmingly, internet traffic is benign; it is people using the various platforms for perfectly legitimate and legal purposes. However, a small proportion—I estimate it to be no more than a tiny fraction of 1%—is used for illegal purposes, and my hon. Friend the Member for Kingston upon Hull North (Diana Johnson) referred to some other purposes that are cause for concern.

My hon. Friend’s new clause 2 would, if agreed, require the Home Secretary to review the time taken by communications service providers to disclose information linking an individual to an internet protocol address. That is important for two reasons. The first is that, as we tragically discovered with Fusilier Lee Rigby’s murder, CSPs will, on occasion, receive information that in some cases could crucially be the catalyst for a warrant to enable greater surveillance measures on an individual to take place. In turn that can, in some cases, prevent a terrorist attack.

IP addresses are the key to unlocking who is contacting whom, and that can be critical. But they are not straightforward. Typically, a communications service provider with, say, 10 million to 15 million customers would have allocated to it 100,000 IP addresses. For the larger commercial bodies or public bodies, a series of static IP addresses will be allocated. But for the vast majority of users, IP addresses are dynamic. In practice, a range of numbers is allocated randomly to customers, which is why the former head of GCHQ used the analogy of finding a needle in a haystack.

Secondly, the range of platforms is constantly changing, with new ones entering the market all the time. A good example of that is WhatsApp, which was recently acquired by Facebook for $22 billion. On 1 April, that platform, which is adaptable and easy to use, handled, over a 24-hour period, 64 billion messages, 20 billion of which were sent and 44 billion of which were received. In such a dynamic sphere of activity, it is vital that procedures are in place and properly monitored to ensure that, when the security and intelligence services need to locate a needle in a haystack, the haystack is still in place, and that is what this section of the Bill seeks to ensure. It means that urgent inquiries of either a historical or planned terrorist or criminal activity can be located.

Mr Howarth

- Hansard -

Copy Link

-

Had the hon. Gentleman waited a while longer, I was about to say what more could be done. It is right that we have a statutory provision, and, subject to the concerns that my hon. Friend the Member for Kingston upon Hull North highlighted being satisfied, the provisions contained in the Bill are appropriate. However, there is a problem that we cannot resolve within the context of our own domestic legislation. Many of the communications service providers are not based in the UK; they are based mostly in the United States. Increasingly, the Republic of Ireland is seen as a location of choice for some companies. Google and perhaps one other CSP have already relocated there. It is increasingly clear that whatever legislation we put in place, it will not, of itself, be enough to resolve the problem.