Julian Huppert
Main Page: Julian Huppert (Liberal Democrat - Cambridge)Department Debates - View all Julian Huppert's debates with the Home Office
Intelligence and Security Services
Julian Huppert Excerpts(10 years, 6 months ago)
Westminster HallRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Westminster Hall is an alternative Chamber for MPs to hold debates, named after the adjoining Westminster Hall.
Each debate is chaired by an MP from the Panel of Chairs, rather than the Speaker or Deputy Speaker. A Government Minister will give the final speech, and no votes may be called on the debate topic.
This information is provided by Parallel Parliament and does not comprise part of the offical record
Dr Julian Huppert (Cambridge) (LD)
It is a pleasure to serve under your chairmanship, Mrs Riordan. I thank the hon. Members for West Bromwich East (Mr Watson) and for Esher and Walton (Mr Raab) for supporting me in securing this debate. I also thank the Backbench Business Committee for finding the time for it so quickly after we submitted our bid. I hope that that shows how timely the debate is; the Committee realised that we needed to hold it at the earliest possible juncture. Although the discussion is live in America and much of Europe, Members of Parliament have been fairly mute so far and have not had the chance to discuss it thoroughly.
As technology changes and the capacity of the state and companies to collect and analyse data grows massively, we are in danger of sleepwalking into a surveillance society on a scale that peacetime Britain has never seen. It is not planned, and nor is it the actions of malevolent individuals; it is merely the natural trend of what will happen if nothing is done to stop it.
It can be argued that the definitions of war and peace are no longer the same, and that our enemies are faceless and splintered and will attack our way of life if we give them an inch—that argument is often made by Prime Ministers and Home Secretaries—but if we shape our laws solely in response to that fear, chipping away at our own liberty and privacy, those enemies have already won.
The key questions of security, privacy and liberty in a digital age will come to define the 21st century. The world is changing. All of us carry around tracking devices, in the shape of our mobile phones, wherever we go. We carry devices that can be activated and controlled remotely and that store much of our most personal information. Who can read it? Who has access to that information? How do we want to protect it? We have to agree the rules now, before we lose control completely.
Sir David Omand, former head of GCHQ, said:
“Democratic legitimacy demands that, where new methods of intelligence gathering and use are to be introduced, they should be on a firm legal basis and rest on parliamentary and public understanding of what is involved”.
In no sense do I oppose the people who work in our intelligence and security services; the work that they do is fundamental to our fight against crime and terrorism, not only in the UK but beyond our borders. Their work force make up the front line, and for the most part, they do exactly what we would expect of them, for we have given them the tools through legislation to monitor and take action against those who threaten the fabric of our society. As the Prime Minister said, they deserve to be recognised for keeping us safe while working in the shadows.
Julian Smith (Skipton and Ripon) (Con)
Does my hon. Friend agree that the very people about whom he is talking have been put under grave threat by some of the reporting, particularly by The Guardian newspaper, of the leaks?
Dr Huppert
No, I do not. I understand that the secretary who looks at the defence advisory notices has confirmed that nothing has been published in The Guardian that suggests a risk to life. The Guardian has not published photos on its website of anybody who works in the area without pixellating their faces.
Mr Ben Wallace (Wyre and Preston North) (Con)
How does the hon. Gentleman know that? He does not have complete oversight of either The Guardian’s material or the intelligence material with which it fits in. He is just assuming that what he has read in The Guardian is fine, safe and vetted by Guardian journalists. That is simply not enough to satisfy people of their personal safety.
Dr Huppert
The hon. Gentleman makes an interesting point. His argument, unfortunately, falls foul of the fact that one could say that about absolutely anything: one can never know whether some innocent revelation has been made. However, it is clear that The Guardian has been in contact with the security services and has spoken to the DA notices committee since 17 June. That is the assurance that it has had.
I think that The Guardian has been deeply responsible. It would have been irresponsible if it had refused to have any role in the matter and allowed the information to be passed out by other people who might not have the same regard for our security and staff.
Dr Huppert
I will give way to the hon. Member for Brighton, Pavilion (Caroline Lucas), but then I would like to make further progress.
Caroline Lucas (Brighton, Pavilion) (Green)
I am grateful to the hon. Gentleman for giving way, and I congratulate him on securing this debate. Does he agree that the focus on and obsession with The Guardian is extraordinary compared with what is happening in the US, where they are talking about the really important issues, such as mass surveillance and its implications for citizens’ privacy? Should we not get on with talking about that and worry rather less about what seems to have been a responsible use of data?
Dr Huppert
I agree. It is interesting that a clear effort is being made to focus on The Guardian rather than the wider issues, which affect more of us.
We must ensure that the laws and guidance available to the staff of our intelligence and security services are clear, and that we ourselves understand the framework in which we expect them to operate. President Obama put it well when he said that what they are able to do is not necessarily what they should do. He called for additional constraints on how we gather and use intelligence, and said we need to weigh the risks and rewards of activities more effectively. Our Prime Minister agreed in a European statement:
“A lack of trust could prejudice the necessary cooperation in the field of intelligence gathering”.
This is a global issue acknowledged by world leaders. We should be talking about it here.
Lorely Burt (Solihull) (LD)
I congratulate my hon. Friend on obtaining this important debate. Next week, the director general of MI5, the chief of MI6 and the director of GCHQ will all give evidence in person before a parliamentary Committee, which is welcome. In light of the reviews being carried out in America following the revelations there, does my hon. Friend agree that if the responses given by those three individuals are not entirely satisfactory, there might be a case for considering a review of accountability in the United Kingdom?
Dr Huppert
There is definitely a strong case for it. I am pleased that those people will appear in public, as there has been a long tradition of reluctance about talking about such issues. A senior Home Office civil servant has even refused to give public evidence at the Home Affairs Committee; that, fortunately, is about to change.
When the Foreign Secretary spoke at the London conference on cyberspace in 2011, he championed freedom of expression and privacy online, and he specifically criticised Governments who incorporate surveillance tools into their internet infrastructure. I agree that that is a problem. He also said at that conference that
“it is increasingly clear that countries with weak cyber defences and capabilities will find themselves exposed over the long term”.
The Foreign Secretary is right. That is why it is a problem when people break encryption systems. If anyone—whether it is the US, the UK or anybody else—puts a back door in an otherwise secure system in order to access it for intelligence purposes, that makes it easier for anybody else to break the protections, whether they are from the intelligence community or cyber-criminals. It makes no sense to argue that we should defend cyber-security and simultaneously be part of the effort to break it. If that means that we can no longer rely on the encryption of financial transactions, for example, that would be catastrophic for the global economy.
Martin Horwood (Cheltenham) (LD)
Can my hon. Friend name a single intelligence agency anywhere in the world that he thinks is not trying to break encryption systems?
Dr Huppert
My hon. Friend makes a helpful point. Of course, I do not have a list of every single intelligence service. The difference is between trying to break encryption after things have been encrypted and trying to break the entire system, leaving a back door open, which fundamentally means that anybody can access it. That is different from brute-force methods or other techniques used.
My hon. Friend makes the good point that this is an international issue. How would we feel if it were not GCHQ or the American National Security Agency but the Chinese who were involved? How would we react if the Chinese admitted that they had been tapping the Prime Minister’s phone? Would we be annoyed and concerned, or would we say, “That’s fine; that’s business as usual”? Clearly, we do not take the situation seriously enough.
For example, we allow the Chinese company Huawei to supply a lot of the equipment that makes up the core of our infrastructure. I suspect that our intelligence agents would not miss the chance to install some equipment if we were given the chance to put in the backbone of the Chinese internet, so we should not assume that the Chinese would miss such an opportunity. That was criticised by the Intelligence and Security Committee, which highlighted the disconnect between the UK’s inward investment policy and its national security. If we can understand it sometimes, we should understand it more broadly.
A change is occurring. Individual surveillance is one thing, but the mass hoovering up of information enabled by new technologies has changed the system completely. It means that suspicion no longer comes first. I think that very few people think it inappropriate to target individuals where there is a serious suspicion of wrongdoing, but in the new approach, we are all suspects whose personal histories can be foraged through if ever there is interest in us later.
The Foreign Secretary spoke at the conference of his passionate conviction that all human rights should carry full force online—not just the right to privacy, but the right to freedom of expression. I agree. How we choose to respond to the challenge will define the age that we live in. As parliamentarians and as Parliament, we must be at the heart of this debate.
In America, Dianne Feinstein, the chair of the Senate Select Committee on Intelligence, has spoken out about the revelations that America has been spying on Angela Merkel in Germany and on 34 other world leaders. She said:
“Congress needs to know exactly what our intelligence community is doing.”
She then said:
“It is abundantly clear that a total review of all intelligence programs is necessary.”
She criticised the fact that her committee was not satisfactorily informed. I have not yet heard the Chair of our Intelligence and Security Committee being so outspoken. Perhaps we will hear from him later in the debate, but would he know whether he was not being told things in the way that Dianne Feinstein was not?
There are differences in the debate between the UK and the USA. The US Constitution and Bill of Rights sets out a contract between the state and its citizens with a bias towards favouring individual liberty and privacy. Perhaps that is one of the reasons why the debate is happening so loudly in the US but not here.
In Germany, too, there is a loud debate. It is deeply concerned about what has happened. It has the history of the Stasi, which operated within the law as it then stood, but well beyond the bounds of morality and ethics. I am sure that no member of our current intelligence agencies would dream of following the Stasi’s lead; I do not suggest that for a moment. Germany is aware of what can happen when such systems go wrong.
Mr Tobias Ellwood (Bournemouth East) (Con)
The hon. Gentleman makes some interesting comparisons between what we do in this country and what is done in Germany, the United States and so forth. Obviously, we can scrutinise only what happens here. Does he agree that it is difficult to find a country where the clandestine community performs so well, but under such scrutiny within the confines of the democratic process?
Part of this debate must be about the use of technology and the internet. I express a concern that, as we rightly debate this matter, we should be careful that we do not place limitations on operations that will expose us to more danger, because of those people who choose to do us harm.
Dr Huppert
It is absolutely right that we should have that debate. We have to agree it—we cannot just give carte blanche to people. I think that view is shared by everybody here. The hon. Gentleman is right. We must be balanced. None of us wants the details of exact techniques to be publicised. None the less, we do need to have the discussion about what is okay, what is not okay and where the line is drawn.
We know that the National Security Council was not even told of the scale and scope of the surveillance on our own citizens. We have heard that there were concerns about what would happen if the public knew what was happening. It was feared that it could lead to public debate and legal challenge—well, so be it. Public debate and legal challenge are an important part of the rule of law, and to avoid accountability through secrecy is simply not the solution.
Dr Julian Lewis (New Forest East) (Con)
The hon. Gentleman is being extremely generous in taking interventions. A few moments ago, he said that he did not want detail to be released. The problem with the mass release of thousands of stolen documents is that nobody knows the detail before they release them and propagate them. Is that not rather different from whistleblowing on an individual error or abuse, when one is putting out there hundreds of thousands of documents that one has not even read oneself?
Dr Huppert
The hon. Gentleman is absolutely right to say that it would be irresponsible to publish hundreds of thousands of documents without having a look at them. That is why I am so glad that that is what The Guardian has explicitly not done. It has taken a responsible approach and managed to prevent that. We can imagine what could have happened if there had been a WikiLeaks-style publication. The hon. Gentleman should be concerned about the fact that a contractor was able to get hold of all the information, and that is a serious failure from the NSA and a great disgrace. If it cannot protect information to that level of security, it should be very worried. There are, I think, 850,000 people who could have had access to that information. Was the NSA certain that none of them would pass it on to a foreign power? Frankly, passing it on to The Guardian is probably about the safest thing that could have happened to it.
One of the functions of Parliament is to pass legislation and scrutinise the work of the Government. However, if we do not know what is happening, how can there be any scrutiny? We see legislation such as the Regulation of Investigatory Powers Act 2000 being used beyond the original intentions of the House, and that makes it impossible for Parliament to do its job. People say, “If you have done nothing wrong, you have nothing to fear.” I suggest that they say that to the green activists infiltrated by the police or to members of the Lawrence family. Human behaviour changes when people know that they are being watched. Is that the world in which we want to live?
There is also an economic issue. Our actions are hitting our own economic interests. The internet is a huge factor in business here—some £110 billion of GDP. It is a dynamic market, and it can move. If people are concerned about the privacy of their data here, whether their personal information or important company secrets, they will simply move where they store that information. Germany is already launching schemes to encourage businesses to go there instead, with e-mail systems that guarantee that no data will leave German boundaries while e-mails are being sent, so there is not the problem of information going overseas and coming back again to be looked at. That will hit us financially, regardless of anything else.
We must look at the balance between intelligence gathering and privacy. We need to have oversight. Although I am pleased that we are having the heads of the intelligence and security services coming to a public forum, it has been incredibly hard to get that to happen. Of course national security should not be taken lightly, but the public needs to understand what is being done in their name.
Hazel Blears (Salford and Eccles) (Lab)
I congratulate the hon. Gentleman on securing this debate. It is essential that parliamentarians from every part of the House debate such issues, including, where possible, classified information. He has talked about balance, which is absolutely central to this debate. It is the balance between security, liberty and privacy and the need to keep our secrets safe and to enable our agencies to do their job. He is a scientist and believes in making decisions on the basis of evidence. There is a real danger here that we have this big debate about privacy almost in a vacuum. Does he accept that virtually every operation that has foiled a terrorist plot in this country has been dependent on communications data over the past decade or so, and that it is essential for our agencies to have those powers, but obviously within a robust legal framework?
Dr Huppert
I thank the right hon. Lady for her intervention. No one is saying that we should make illegal the collection of communications data; that would be a problem. She is also right to say that we need evidence; we cannot have a vacuum. That is exactly why it is helpful to know some of what is being said. We have heard people who say that we should never publish anything that would inform this debate. I want an informed debate, and I am pleased that we can have one.
Mark Field (Cities of London and Westminster) (Con)
The hon. Gentleman refers to the Stasi and to the different cultural approach that we have here in the UK towards many of these issues. A view that is shared by people with a similar mindset—perhaps it is one that he thinks is not true—is that somehow the intelligence agencies are able to intercept at will. Will he go into some detail about precisely the protection—the amount of warranty and the legal framework—that is absolutely necessary before any internet account or telephone can be tapped?
Dr Huppert
The hon. Gentleman makes an interesting point, and there are a number of routes to that. For communications data, he will be aware that no warrant is required. He will also be aware that, with the sole exception of evidence collected by local councils under RIPA, there is no judicial oversight of any kind at any stage. I am not aware of exceptions to that, and that is a weakness. There is an internal process—I do not doubt the good intentions of the people who work on this—but there is no independent external oversight from a judicial process, which is what many of us would like to see.
Let me return to the ISC. It works extremely hard, but its reports are redacted by the security services and the Prime Minister, and it is hard to know whether that is done in the interests of national security and not just to avoid embarrassment. Sir Francis Richards, a former senior intelligence official, has said that it is
“not a very good idea”
for an ex-Minister to head it. There is the problem of people being asked to scrutinise the consequences of decisions that they made, and that makes it hard to develop the right sort of relationship.
The ISC is under-resourced and not properly accountable to Parliament. There is a real issue to understanding the detailed technological components of much of this. I am not certain whether there is enough support to ensure that members understand the consequences of fake secure socket layer certificates and how phishing or man-in-the-middle attacks work. I am sure that the right hon. Member for Salford and Eccles (Hazel Blears) will be happy to explain them when she speaks later.
We need better scrutiny generally and not just of the Intelligence and Security Committee. We keep hearing messages about the risk of “going dark”—we heard all about that in relation to the draft Communications Data Bill. It is simply not true. There is far more information available now to the intelligence and security community and to the police than at any time in the past. People now carry mobile phone devices that keep track of where they are almost constantly. I do not blame the agencies. Of course I can see the argument that there will always be for having more information, but we must provide a counterbalance. Dame Stella Rimington, former head of MI5, said:
“It’s very important for our intelligence services to have a kind of oversight which people have confidence in. I think that it may mean it is now the time to look again at the oversight.”
I agree with her.
We have seen further calls for even more information to be collected. The previous Government established the interception modernisation programme to create a vast database designed to log all details of text messages, phone calls and e-mails in the UK. In the interests of cross-party unity, I will not go on about other authoritarian measures: the drive for 90-day detention without charge, ID cards, control orders and allowing people to be forcibly relocated. They are all now things of the past, and I am pleased that that is the case.
Given such concerns, I was pleased with much of the coalition agreement. We Liberal Democrats insisted on a particular element, which was a commitment to ending
“the storage of internet and email records without good reason”.
That was accepted by both parts of the coalition. I am not sure whether the Home Secretary saw that, because she then pushed ahead with the draft Communications Data Bill, which would have required the storing of e-mail and internet records for everybody, which blows a hole through the idea of “without good reason”. It was envisaged that an extra £1.8 billion would be spent over 10 years to keep those extra records. That would have allowed the Home Secretary to require internet service providers to keep track of every website that everyone in the country goes to—everything that we do on Facebook or Google—with a huge growth in surveillance.
Dr Huppert
I want to make a little more progress. I am sure Members will want to speak later.
The Deputy Prime Minister insisted that the draft Bill be scrutinised, and the Joint Committee that did so produced a damning report. It stated that the Bill paid
“insufficient attention to the duty to respect the right to privacy, and goes much further than it need or should for the purpose of providing necessary and justifiable official access to communications data.”
The report was a unanimous cross-House report, which described information provided by the Home Office as “fanciful and misleading”. I am pleased to say that that Bill is now dead.
We said that the information was misleading before we knew that the intelligence and security services already had access to much of the information that they claimed was missing. To quote the Chair of the Joint Committee, the former Conservative Home Office Minister, Lord Blencathra:
“Some people were very economical with the actuality. I think we would have regarded this as highly, highly relevant. I personally am annoyed we were not given this information.”
The Home Office needs to be clear with Parliament when asking for new powers.
Even our current laws are incredibly broad. Although we have very welcome reassurances from the Foreign Secretary that the agencies stick to the law—I absolutely credit that—the law is vague and broad. Section 94 of the Telecommunications Act 1984, for example, allows secret directions
“of a general character”
that are
“in the interests of national security or relations with the government of a country or territory outside the United Kingdom.”
So if the US asks for something, we are supposed to provide it. The information does not have to be provided to Parliament, and it gags whoever the directions are served on.
When the Joint Committee looked at this, we had to admit that we could not find any information about how the power was being used. There was no ability to have any oversight. RIPA has drawn lots of criticism for its widespread use. It was originally introduced to take account of technological change, but it is so broad that it led to serious abuses of privacy. It allowed council officials to put children and their parents under surveillance at home and in their daily movements to find out whether they lived in a particular school catchment area. Most of us would not think that that was in the same vein as counter-terrorism. That is clearly disproportionate.
So what now? Before we even consider new powers, whether explicitly granted or acquired through new technology, we need a pause. We need a proper and full investigation into the powers already available to the intelligence and security services, and it has to be done competently and with an element of independence. We should commission independent, post-legislative scrutiny of both RIPA and the Intelligence Services Act 1994, and other related legislation, to see how they interact with each other. We would then have a clear, open understanding of where we stand now.
As Lord Carlile, the former independent reviewer of terrorism legislation said:
“the current legislation, including the Regulation of Investigatory Powers Act 2000, should be re-examined and rewritten to fit the current situation.”
That is not a radical suggestion. In the US, the Obama Administration have realised that proper and competent oversight is needed, and he has established the Privacy and Civil Liberties Oversight Board, which includes those within the Washington system and those outside it. It includes people with experience of working for not-for-profit organisations. It is citizen engagement and shows trust. We could follow that model and create such a board.
We could do much more to fix the loss of trust and confidence. We could publish, as happens in the US, the legal opinions used to underpin the surveillance framework. We could provide a clearer account of such expenditure and lift the legal restrictions on British companies publishing transparency reports about the requests that they receive. We should proactively publish information about the surveillance requests made: in bulk, the broad purpose, with no identifying details.
In the long term, we should look at signing up to the international principles on the application of human rights to communications surveillance. The 13 principles are legality, legitimate aim, necessity, adequacy, proportionality, competent judicial authority, due process, transparency, public oversight, integrity of communications, safeguards for international co-operation and safeguards against illegitimate access.
We should absolutely defend the right of our intelligence and security services to go after the bad guys, to use the powers that they have to protect us and make the UK and the world a safer place. However, it should not be at a disproportionate cost to the liberty and privacy that form the very foundations of our society.
The work that our intelligence and security services carry out on behalf of us all is valued and important, but we should not give them carte blanche. We would not want that. We need to have an open debate about what the rules are, what is acceptable and what we consider goes too far. It has taken us too long to get into this debate, but now that we are here, with so many right hon. and hon. Members, I hope we are now firmly here to stay in this discussion.
Julian Smith
I am going to push on, but it is important to say that the intelligence services are doing critical work in both categories, and we need to support that work.
On the issue of the documents that The Guardian holds, when hon. Members talk about prosecutions not happening and things not really being that bad, I ask them to look at the online discussions that Guardian editors have had. They have admitted to sending internationally the most detailed documents and underlying data about GCHQ specifically. I do not want to talk too much about David Miranda today, but his data were on a games console. Those data, in data dumps throughout the world, are still out there, and hackers claim that they have access to it. The Independent, which also had access to those documents, started reporting on them but then stopped because it realised that to do so was problematic. The issue with The Guardian is current; the data are out there and are a danger to our national security.
The third element that I want to discuss today is the fact that The Guardian is not talking to the Government. If it really was confident in its position, and I believe that there is quite a lot of tension at The Guardian on the approach it has taken, it would have a discussion with the Government, who have been very clear. Look at the witness statements for the Miranda trial. They have been so careful about ensuring that they do not interfere with The Guardian as a newspaper and with its right to report. However, The Guardian should come forward now and tell the Government what intelligence data it has overseas and where those intelligence data are. Is there identifying information about our agents in the data? What protections are there in The Guardian offices to look after that material?
Dr Huppert
I thank the hon. Gentleman for giving way. I could pick up on a lot of his points. He says that The Guardian should be talking to the Government about this. Is he aware that it has been talking to the DA notice secretary? They have been in touch for many months, talking about these things. Does he think that part of the onus should be on the Government to provide advice if they are concerned about such things? The Guardian, as I understand it, is quite happy to talk about how to make sure the data are secure, and frankly, the NSA should never have lost them in the first place.
Julian Smith
If my hon. Friend looked at witness statement 1 by Oliver Robbins, he would see the approach to the Miranda trial. He would see the approach that The Guardian has taken, which, essentially, in the first two reports in June, was not to get clearance from the Government. Following a reasonable discussion with the Government, that was just ignored and documents were sent overseas.
I urge Mr Rusbridger today to begin an open dialogue with the Government to tell them where the dumps of data are, and to come clean on whether they contain information that could lead to the identification of our security agents. I also urge Mr Rusbridger, his board and his editorial team to talk to the Government before publishing any further reports on our security services, intelligence gathering and our activity, because The Guardian, which had every right to report on the issue and has raised important topics of debate in a digital, global, interesting way, with good journalism, has threatened the security of our country, and stands guilty today, potentially, of treasonous behaviour.
Mr Meacher
The right hon. and learned Gentleman is correct, but the question is whether that is an effective way for the legislature to make the choice. It is all very well to say that there is a provision that will work if it is used diligently and systematically by the House. I submit that it is not, and that we need to change it.
Dr Huppert
It might help the right hon. Gentleman to know that clause 1 of the Justice and Security Act 2013 states:
“A person is not eligible to become a member of the ISC unless the person…is nominated for membership by the Prime Minister, and…is not a Minister of the Crown.”
Mr Meacher
Of course, that is the point. The House can reject a name that is proposed by the Prime Minister. It cannot propose its own name, as happens with the other Select Committees.
When the Committee has completed an inquiry, often, of course, at the behest of the Prime Minister—although I am aware that it can pursue its own investigations—it sends its report directly to the Prime Minister. That is a secret back channel within the existing power structure, with no direct accountability to the public. The Prime Minister can modify the report in any way he or she chooses and then publish it without any indication of the changes, or publish it in redacted form, or not publish it at all. That is not serious scrutiny. It is a safe cover for the Prime Minister, to give the impression that a difficult and sometimes, for the Government, embarrassing issue has been properly investigated, when, in fact, MI5 or GCHQ disclose to the Committee only what they choose, and the Prime Minister reveals what he or she wants to. Genuine accountability in such matters is needed, and is long overdue.
The Intelligence and Security Committee should, like all other Select Committees, be elected by Parliament, although I think that the Government should choose the Chair. Where the security services are unwilling to disclose documents on national security grounds, the Committee should have the right to ask the Information Commissioner to review the documents and decide whether their disclosure would genuinely put national security at risk—in which case of course there would be no question of their being revealed—as opposed to merely being inconvenient to the security services or the Government, as has so often proved the case in the past. The Information Commissioner’s decision would be final, and the Committee’s report, once finalised, would be issued to the House for public consumption, not to the Prime Minister.
It will be said that we should trust the security services, which look after the nation’s safety—a vital role—and let them get on with the job. We did that, of course, and then found out, not from them but from the Snowden files, what the NSA in the US and GCHQ in Britain were really up to, including monitoring the phones of Angela Merkel and 35 other world leaders—one wonders how much else—and that all assurances about privacy were not worth the e-mails that they were written on. The Intelligence and Security Committee never found out or told us. We were assured by its current Chair—whom I greatly respect—that the security services always acted strictly in accordance with the law, that all operations were officially approved and that there was nothing to worry about. It was only later that we discovered that in fact GCHQ, through the Tempora programme, had devised a way of obviating all that.
It is high time, not for the ISC to tweak its existing work programme to respond to the global furore, as seems to be proposed, but for an independent committee of inquiry to be established to examine the issue thoroughly and systematically, taking full account of international experience, particularly in the United States, and to report to the House, not to the Prime Minister.
Sir Malcolm Rifkind
I am sorry, but I cannot at this stage.
Given our willingness to have our first public hearing with the intelligence chiefs next week in front of the cameras, plus other public sessions, as well as the new powers we are already exercising, I ask right hon. and hon. Members to test whether we use such powers properly. They should not say that we do not have those powers in the first place, because there is not a single new power that they have suggested should be given to the Intelligence and Security Committee that we do not now have.
Sir Malcolm Rifkind
I cannot, unfortunately.
Right hon. and hon. Members should by all means scrutinise whether we use the powers properly, but they should please do so on the basis of knowledge about the Act that Parliament approved within the past 12 months.
Dr Julian Lewis (New Forest East) (Con)
I genuinely congratulate my near namesake, the hon. Member for Cambridge (Dr Huppert), not only on securing this debate but on the way in which he presented his case and the exceptionally generous way in which he handled interventions. I hope that it will not damage his credibility on the left too much if I point out how very strongly I agreed with at least one of the points that he made in response to my intervention on him.
There are three questions that I want to address. First, on which the hon. Gentleman responded, why is it so easy for junior personnel to engage in mass leaking? Secondly, is it easier than before, as he suggested, to track or spy on people? Thirdly, who should rightly be regarded as a whistleblower? That is the point that I was touching on when I intervened on him. On the first question, he is absolutely right. If these secrets are so sensitive, there is something terribly wrong with the system that allows an Army private or a junior technician access to them.
Dr Lewis
I am glad to see the hon. Gentleman endorsing what I am saying. Any system that allows tens of thousands of top secret documents to be downloaded by such junior personnel in such quantity must be at risk.
In an absolutely outstanding contribution to the debate, the hon. Member for Cheltenham (Martin Horwood)—I do congratulate him on his measured and exceptionally well-informed contribution—referred to the whole business of Enigma and the ultra secret of world war two.
Colleagues might remember that in 1974 the book, “The Ultra Secret”, perhaps regrettably—historians are grateful—revealed the secret that, as a result of the development of the Enigma machine, we were decrypting codes during the war that people thought were unbreakable. The book was published. Its author was F. W. Winterbotham. If I remember correctly, his role was to be in charge of the signals liaison units, which comprised members of the special services who were involved in the distribution of the Enigma decrypts and who were spread around all parts of the military infrastructure that received that intelligence. In other words, they were crucially aware of the need to keep top secret material secure. As such, they had special security arrangements to prevent anything like the Snowden case and the Bradley Manning case from happening. There is a huge gap in the security arrangements for the handling of such material.
On whether it is easier than before to track and spy on people, as the hon. Member for Cambridge has suggested, in one sense, he is absolutely right. We have electronic devices that offer more ways in. In another sense, though, he is not quite right. The problem is that in the past, when we wanted to track or spy on someone, all we had to do was to get a court order to enable the interception of mail or telephone calls. Now, with so many new systems of communication, it is actually much harder to track and spy on people who ought to be tracked and spied upon, according to the process of law, because there are so many other ways to communicate.
Dr Huppert
I thank the hon. Gentleman for giving way and for some of his earlier comments. There is an interesting issue. Communications data are increasingly available to the police, but records of the locations where people had phones are now kept for a year. We can join the dots to find out exactly where somebody went. That information is available to the police and is used in many investigations. That would never have been available before. He is right that there are some safeguards; but 20 or 30 years ago, there would have been no way to say, “Three months ago, where was Dr Julian Lewis at any particular moment?”
Dr Lewis
I entirely accept that point, which was partly covered by the hon. Member for Cheltenham when he briefly referred to the need to hoover up haystacks to be able to search for the needles in them afterwards. The question is whether we then have access to the irrelevant parts of the haystack, or legally supervised targeted access to those needles in the haystack, which can be detected as a result of modern technology. This is all about the mass collection, mass storage and interrogation of mass data so collected and stored.
I now come back to the third question: who should rightly be regarded as a whistleblower? I would like to reach a point of agreement again with the hon. Member for Cambridge. In his defence of The Guardian newspaper, he said that it is precisely because The Guardian is not simply publishing everything that has fallen into its hands that it is acting responsibly. We can argue the finer points of that; he certainly has an arguable case. Where there can be no argument, however, is in the case of a person who steals the mass database and transmits it to other unauthorised individuals or organisations, or indeed newspapers, when he cannot possibly have read or in any way assessed whether the contents of that database had been properly collected or whether an abuse of the intelligence services’ powers had in fact taken place. That person is not acting responsibly, so the hon. Member for West Bromwich East (Mr Watson), whom I always admire, should be a little more careful before ascribing the term “brave whistleblower” to someone like Snowden.
Snowden is no more a whistleblower than someone like Julian Assange or anyone else who gets a mass of information and feels that it is right to publish it and put it into the public domain for no other reason than it is classified secret or top secret. Basically, their rationale can only be that they do not think anything should ever be classified secret or top secret. Once they admit that there is a purpose in classifying some information, and that some information ought to be kept secret, then we get into the area of who decides what should be kept secret and what should be the result of whistleblowing activities.
When I see somebody who blows the whistle on an identifiable abuse, I say, “Well done”, provided, of course, that they have used and exhausted all the right channels and were left with no alternative. But when I see someone who abuses their access to a massive database and then publishes it widely, I say that that is not whistleblowing; that is irresponsible—
James Brokenshire
I say to the hon. Gentleman that publicly discussing sensitive techniques and sensitive tactics of our intelligence agencies is simply not appropriate in terms of safeguarding their work. However, I can also say to him very clearly that arrangements are in place to ensure that GCHQ neither obtains nor discloses any material except so far as necessary in pursuit of its statutory functions, as defined in the Intelligence Services Act 1994, which he will be very well aware of.
As far as interception activity by GCHQ is concerned, GCHQ operates at all times in accordance with RIPA. That is not just a statement; GCHQ’s activity is overseen by the commissioners, who analyse its work in detail. They also analyse some of the codes of practice that the agencies have in place to ensure their adherence to RIPA.
Such levels of assurance are in place within our oversight regime, which I believe is very effective because our intelligence agencies’ activity is overseen by a greater variety of bodies than many other areas of Government business. At the parliamentary level, the ISC examines the policy, administration, past operations and expenditure of the intelligence agencies and parts of the wider Government intelligence community. Indeed, the ISC’s position has been strengthened by the Justice and Security Act 2013, which has only been passed into law through this House very recently.
Dr Huppert
The Minister makes the extremely good point that it is “past operations” that can be looked at, and there are constraints on what the ISC can look at; it does not have a completely free rein on operational matters. What happens if an operation lasts for many, many years? At what stage is there any sort of scrutiny of that?