detection. Further, when working with CSPs overseas, GCHQ is entirely reliant
on the cooperation of those CSPs.206
Bulk acquisition
5.34.
Where communications data are concerned, bulk acquisition could in some
circumstances be an adequate alternative to bulk interception: but it would not be
noticeably less intrusive and would have a disadvantage in terms of speed,
amongst other concerns. We were told that it may take some time to persuade
an overseas service provider to cooperate, and some may not co-operate at all.
Most communications with overseas CSPs have to be made through foreign
intelligence partners, causing further delays. It may not be possible safely to
serve a national security-related warrant on an overseas CSP; and the CSP may
not hold the range of data required.207
Human sources
5.35.
In other instances examined by the Review team, potential alternatives were
unavailable or carried their own risks. It might, for example, in the case of threats
to Camp Bastion (A8/7), have been theoretically possible to seek information
about such threats from a human agent, assuming that one had been available.
However, the obvious dangers to agents and their handlers, whether acting in
volatile situations overseas or working to counter terrorism at home, must also
be taken into account.
Commercial cyber-defence products
5.36.
In the field of cyber-crime, there are undoubtedly commercial providers who offer
products to defend against cyber-attack. But only those customers who choose
to buy those products receive that protection. Case study A8/8 illustrates the
advantages that GCHQ has, through its use of bulk interception, in being able to
give victims advance warning of an attack. Further, GCHQ, unlike commercial
providers, can assess – and take measures against – the threat to the UK in
general, and not simply to specific customers.
5.37.
In its submission to me of July 2016, Liberty asserted that robust defence of
critical networks would be more appropriate than the use of bulk interception. It
argued that national cyber-security relied on “secure online platforms protected
by strong encryption; the promotion of industry-wide security standards; trust in
UK software, internet and communications service providers; public education in
206
207
See further, 5.34 below
As in A8/6: a hostage-taking in which bulk interception of communications data led to the
hostages being located relatively speedily.
87