Bulk acquisition
3.27.
Confirming a view expressed in its 2013 report on the Communications Data Bill,
the ISC referred to access to communications data as “a critical capability”.135
3.28.
Because the bulk acquisition capability under TA 1984 s94 was not avowed until
November 2015, the parts of the ISC’s report that referred specifically to the use
of that capability were omitted from the open version.136 No opinion was
expressed, in the open or closed version, as to the utility of the bulk acquisition
power.
Bulk EI
3.29.
The ISC referred to CNE in a short and heavily-redacted part of its 2015
Report.137 While no detailed account of its utility was given, an acceptance of its
utility might be cautiously inferred from the open comments that “Agencies may
undertake IT Operations against computers or networks in order to obtain
intelligence” and that this work was growing.
3.30.
Even in the closed version of the ISC’s report, no specific mention was made of
bulk EI (in keeping with the February 2015 Code of Practice, which avowed EI
for the first time but also said nothing specific about bulk EI). This is unsurprising
in view of the fact that bulk EI had not (and has not) been used.
Bulk personal datasets
3.31.
The ISC examined the SIAs’ use of BPDs in chapter 7 of its March 2015 report,
citing the views of MI6 that BPDs:
“... are increasingly used to identify the people that we believe that we have
an interest in; and also to identify the linkages between those individuals and
the UK that we might be able to exploit”,
and of GCHQ that:
“they consider Bulk Personal Datasets to be an increasingly important
investigative tool, which they use primarily to ‘enrich’ information that has
been obtained through other techniques”.138
135
136
137
138
2015 ISC report, U (after para 132).
In particular, paras 134(ii), 147-150.
2015 ISC Report, Box and CC (p. 67).
2015 ISC Report, paras 152-153. Further citation of evidence (which I have read) was
redacted from the open Report.
54