Lord Evans of Weardale (CB)

- View Speech - Hansard -

Copy Link

-

Not at all.

My Lords, I do not intend to make a long speech. This Bill proposes an important but, I suggest, relatively modest updating of the existing authorisation regime for the use of surveillance powers. It is also based on the excellent and clear review undertaken by the noble Lord, Lord Anderson, who has been thanked many times already and to whom I also give my thanks. His expertise and good judgment in these areas is widely acknowledged, not least within the police and intelligence agencies themselves.

The Investigatory Powers Act 2016 was significant in that it brought the authorisation of surveillance powers into the modern, digital age. Before the 2016 Act, the legal justification for surveillance was achieved by stretching and interpreting laws from an earlier era to cope with new conditions. The 2016 Act addressed modern needs directly with an unprecedented degree of frankness about what was actually possible and necessary. The Act also recognised the highly intrusive nature of investigatory powers that were being authorised and therefore matched those intrusive powers with strong and independent oversight mechanisms.

I respectfully disagree with the right reverend Prelate the Bishop of St Albans: I do not believe the Bill vastly expands the powers of the intelligence agencies. In some areas, it introduces more controls, but it is also very careful to balance any powers with independent oversight. The noble Lord, Lord Strasburger, helpfully drew our attention to the effectiveness of independent oversight where problems have arisen, and he demonstrated that the agencies are drawing attention to areas of failure and that the oversight mechanisms are making the appropriate decisions as to what needs to be done about it. I reassure the right reverend Prelate the Bishop of St Albans that, certainly in my experience, the agencies are extremely conscious of the ethical dimension of their work. In terms of both their external relationship with oversight bodies and their internal discussions, ethical factors are strongly considered and taken seriously.

We are all aware of the speed with which data capabilities, new platforms and artificial intelligence as a whole are developing. It is important that the law should be updated from time to time to keep up with the art of the possible. Data is at least as important as interception when it comes to preventing the very real security threats that we face from causing damage. If we do not update the law, one of two things will happen: either security will be put at risk, or those using the powers will rely on an increasingly creative and elaborate interpretation of the law to keep up with a new situation. We cannot operate within old legislation; neither of those alternatives is desirable, so a new Act is needed.

The key proposals in the Bill seem to be the new regime for bulk datasets and the arrangements for bulk datasets held by third parties but to which the intelligence agencies have access. Neither of these proposals involves a significant increase of intrusion into individual privacy, and in each case, tough oversight controls remain in place. On bulk personal datasets, the 2016 Act created what, in retrospect, appears to be a rather odd situation where the intelligence agencies are not able to use completely open data—such as Wikipedia data—without quite stringent authorisation, but which any member of the public can access without permission. A police force can also access that data without restriction. Our close intelligence allies can do so too, but our own security and intelligence agencies cannot. The same constraints apply for historical or open datasets of the sort that are needed to train artificial intelligence systems to operate effectively.

I cannot think of any good reason why these constraints are needed in their current form, and they have a negative impact on the speed and flexibility with which the agencies can respond to threats. I am therefore glad to see that the Government’s proposals for a less restrictive approach to datasets where there is no or low expectation of privacy have been included. The Investigatory Powers Commissioner will continue to police the low/no boundary so that there is no risk that the less stringent regime will be misapplied or that there will be any form of mission creep. I therefore support the Government’s proposals.

On third-party datasets, the situation appears to some extent to have been reversed, in that access to sensitive data held by third parties is currently not covered by as stringent a regime. This appears to be a small loophole in the 2016 regime, and it is right that access to such datasets should be brought within the authorisation regime, as the Bill proposes. Events since the 2016 Act, including the war in Ukraine, increased state threats and political interference and recent terrible events in the Middle East all mean that the security threats that we face and from which the intelligence agencies help to protect us are at least as acute today as they were seven years ago. At the same time, the technical environment within which the agencies work has changed very fast, and it is right that we should update the legislation that enables them to succeed in their work. I therefore support the proposals in the Bill.