Report of the Interception of Communications Commissioner - March 2015
requirement), and why such access is proportionate. Although I consider that the selection
procedure is carefully and conscientiously undertaken both in general and, so far as
we were able to judge, by the individuals concerned, this process relies mainly on the
professional judgement of analysts, their training and management oversight. There is no
pre-authorisation or authentication process to select material.
6.39 However, random audit checks are conducted retrospectively of the justifications
for selection, by or under the direction of GCHQ’s Internal Compliance Team, and, in
addition, the IT Security Team conducts technical audits to identify and further investigate
any possible unauthorised use. The results of the retrospective audits are provided to my
office during our inspections and any breaches of the section 15/16 safeguards will have
already been reported to my office (see errors section of this chapter). Although the
retrospective audits are a strong safeguard and also serve to act as a deterrent against
malign use, I consider that a number of matters need further thought including whether
it might be feasible (or indeed desirable) to introduce some sort of pre-authorisation
or authentication process, or whether the retrospective audits could be broadened and
enhanced. If the retrospective audits were enhanced and did not indicate any systemic
compliance issues, then that would seem to provide sufficient evidence that the
safeguards are adequate and are being appropriately applied. GCHQ has undertaken a
significant amount of work to consider and scope these matters with both the technical
and analytical communities to assess their feasibility and to evaluate the impact on the
business. These changes would be significant. Another option might be for my office to
have a more explicit role in this audit process in the same way as we do when reverse
auditing communications data requests disclosed by CSPs and auditing the streamlining
procedures under Chapter II of Part I of RIPA 2000 (see Section 7 of this report for more
detail). At present the Commissioner is only responsible under section 57(1)(d) for
reviewing the adequacy of the arrangements as a whole under section 15 (and 16).
6.40 The related matters that my office investigated included the detail of a number
of other security and administrative safeguards in place within GCHQ (which are not just
relevant to interception work). These included the security policy framework (including
staff vetting), the continuing instruction and training of all relevantly engaged staff in
the legal and other requirements of the proper operation of RIPA 2000 with particular
emphasis on Human Rights Act requirements, and the development and operation of
computerised systems for checking and searching for potentially non-compliant use of
GCHQ’s systems and premises. I was impressed with the quality, clarity and extent of the
training and instruction material and the fact that all staff are required to undertake and
pass a periodic online test to demonstrate their continuing understanding of the legal
and other requirements.
Statistics for Interception Warrants
6.41 Figure 1 shows the number of new interception warrants issued in each of the
years 2012-2014 for the nine interception agencies. The total number of warrants issued
during 2014 was 2795, an increase of 1.3% on 2013.
26
@iocco_oversight