received their copy of the signed modification they realised an error had been
made; they cancelled the wrong line immediately. No calls had been
intercepted. GCHQ has modified its internal working arrangements to prevent
a recurrence.
43. The third case involved a GCHQ warrant that was issued by a senior
official at the Foreign Office on the authority of the Secretary of State in
accordance with Section 7(4) of RIPA. The warrant was subsequently renewed
by the Secretary of State. Before the renewal of the warrant an urgent
modification to add a further telephone number to the schedule was authorised
by the Director of Operations at GCHQ and was valid for five working days.
Although the warrant was renewed the modification should have been
submitted to the Foreign Office for approval before its expiry (it expired two
days after the renewal was signed). This administrative procedure was
overlooked and was not discovered until five days after the renewal instrument
was signed. A modification to add the number was then duly approved by the
Foreign Office. All the calls intercepted during this unauthorised period have
been destroyed.
44. The Security Service reported fourteen errors. Eight of the fourteen
errors related to breaches of the Security Service’s arrangements for handling
intercepted material. Five of these breaches occurred when the Security
Service judged it necessary for GCHQ to transcribe product from these five
separate warrants because of the linguistic resources required. Unfortunately
the relevant desk officers responsible for the warrants were not aware that it
was necessary to seek the agreement of the Security Service’s Deputy DirectorGeneral for the product to be transcribed by GCHQ and the product was
passed without that authorisation. I understand that Security Service staff have
been reminded of the requirement to seek the necessary authorisation before
passing raw or undisguised product outside the Security Service. These
breaches are somewhat technical, and there is no doubt that the Deputy
Director-General would, if asked, have given the necessary authorisation. This,
perhaps, emphasises the stringent criteria rightly applied by the Agencies in
reporting errors to me.
45. The circumstances surrounding the sixth breach of the Service’s handling
arrangements are exactly as that reported in the preceding paragraph except
this breach was compounded by the Security Service’s desk officer’s failure to
issue GCHQ with a caveat advising that no further dissemination should be
given to the product nor use made of it without prior reference to the Security
Service. In the absence of such a caveat GCHQ assumed that it was for it to
report the intercepted calls and so issued a number of reports. The material
was, of course, handled and reported in accordance with GCHQ’s own rigorous
security procedures. Security Service staff have been reminded of the
requirement to seek not only the necessary authorisation before passing raw or
undisguised product outside the Security Service but also of the need to include
an appropriate caveat when doing so.
46. The seventh handling breach occurred when a desk officer in the Security
Service passed undisguised product from an interception warrant to the
Department of Trade and Industry (DTI). The product was retrieved a couple
of days later when the mistake was noticed. The appropriate authorisation was
subsequently sought to pass the undisguised product to the DTI.
47. The eighth, and final, handling breach relates to the disclosure of legally
privileged material that occurred in connection with one of the Security
Service’s interception warrants. Intelligence was passed without the specific
protective handling caveats which are given to intercepts of legally privileged
communications on the prior approval of a Security Service legal adviser to an
9