51. The Intelligence Services are each required to keep the justification for
continued retention and use of BPD under review, as set out at §§7.1-7.2:
“7.1 Each Intelligence Service must regularly review the operational and
legal justification for its continued retention and use of each bulk personal
dataset. Where the continued retention of any such data no longer meets the
tests of necessity and proportionality, all copies of it held within the relevant
Intelligence Service must be deleted or destroyed.
7.2 The retention and review process requires consideration of the following
factors:
The operational and legal justification for continued retention, including its
necessity and proportionality;
Whether such information could be obtained elsewhere through less
intrusive means;
An assessment of the value and examples of use;
Frequency of acquisition;
The level of intrusion into privacy;
The extent of political, corporate, or reputational risk;
Whether any caveats or restrictions should be applied to continued
retention.”
52. Thus, the justification for the retention of BPD, including whether it remains
necessary and proportionate, the level of intrusion into privacy, and whether
such information could be obtained elsewhere less intrusively, is not simply
considered at the stages of acquisition, use or disclosure, but is kept under
continuing review.
Other management controls
53. §§8.1-8.2 set out the requirement for each Agency to have an internal Review
panel which scrutinises the acquisition, disclosure and retention of BPD:
”8.1 The acquisition, retention and disclosure of a bulk personal dataset is
subject to scrutiny in each Intelligence Service by an internal Review Panel,
whose function is to ensure that each bulk personal dataset has been properly
acquired, that any disclosure is properly justified, that its retention remains
necessary for the proper discharge of the relevant Service’s statutory
functions, and is proportionate to achieving that objective.
8.2 The Review Panel in each Intelligence Service meets at six-monthly
intervals and are comprised of senior representatives from Information
Governance/Compliance, Operational and Legal teams.”
54. In addition, use of BPD is monitored by an audit team within each Agency:
“8.3 Use of bulk personal data by staff is monitored by the relevant audit team
in each Intelligence Service in order to detect misuse or identify activity that
may give rise to security concerns. Any such identified activity initiates a
formal investigation process in which legal, policy and HR (Human
Resources) input will be requested where appropriate. Failure to provide a
68