2013 Annual Report of the Interception of Communications Commissioner
let alone be concealed from external observation or inspection. It would, for instance,
require one or more forged interception warrants or certificates and probably unlawful
complicity by CSPs. I reckon that the interception agencies and the CSPs would rightly
feel offended that the question needs to be asked.
6.6.15 At a more detailed level, possible unwarranted intrusion cannot happen in the
abstract. As I have said, a large body of unfiltered data is useless. An individual or
group of individuals cannot possibly have sentient access to a single minute’s amount
of unfiltered UK communications, let alone communications over any longer period. A
progressively selected tiny part of this is needed to make possible any examination by a
person upon specific individualised inquiry. This is precisely what sections 8(4) and 16 of
RIPA 2000 Part I permit. This, and only this, is what happens.
6.6.16 No one sits in front of a computer screen aimlessly trawling through unselected
intercepted material. All searches are for a specific authorised purpose. Any more generic
computerised search of stored material for intrusive purposes would be unlawful. But
any even theoretical possibility of this is heavily moderated by the facts that:
•
•
•
such material as is stored is required by section 15(3) to be deleted as soon
as there are no longer grounds for retaining it as necessary for any of the
authorised purposes;
the filter process necessarily discards large quantities of material which are
irrelevant to the interception agencies lawful activities. What remains for
any period before it is destroyed is scarcely amenable to mass intrusive
surveillance;
I have carried out the detailed survey of the Retention, Storage and Destruction
arrangements of all the interception agencies with powers to apply for
interception warrants (see paragraphs 3.48 to 3.57 of this report) with the
results which I have described.
6.6.17 A rogue individual or small group. There remains the conceivable, but highly
improbable, possibility of small scale unauthorised and unlawful intrusion within the
interception agencies by a malign rogue individual or small group. I need to do further
detailed research here (see paragraphs 6.6.8 to 6.6.9) and will report in due course, not
least to give assurance to the individuals who operate these systems that the work that
they do has proper and sufficient protective safeguards.
6.6.18 External cyber attack. This is conceivable, but not within my direct sphere of
responsibility or experience. In so far as it might be technically possible - which I simply
do not know - I am sure that the interception agencies take proper and appropriate
precautions.
60