Report of the Interception of Communications Commissioner - March 2015
6.89 Figure 4 shows that 78% of the errors reported fell into 3 key categories: Section
15/16 safeguards breaches; failure to cancel interception; or interception of the incorrect
communications address.
Section 15/16 safeguards breaches.
6.90 36% of the errors constituted breaches of the section 15/16 safeguards. The errors
in this category can be broken down into four distinct areas and some examples of the
errors are provided here.
6.91 Over-collection. These were technical software or hardware errors that caused
over-collection of intercepted material and related communications data. Where errors
are caused by a single technical fault there may be multiple consequences (i.e. large
volumes of material erroneously collected). In some of these cases the material and
data contained details of individuals’ private communications, whereas in other cases
the material contained communications that were not personal in nature. These errors
can take a number of months to investigate and generally the cause of the error or
system malfunction is identified and completely resolved. A significant amount of work
is undertaken to implement measures to prevent recurrence and, in some cases periodic
sampling and checking procedures were implemented to enhance the interception
agency’s ability to monitor and detect such errors. In all cases steps are taken immediately
to ensure that the erroneous material and data is deleted.
6.92 Unauthorised selection / examination. One example of an error in this
category is where an analyst had mistakenly continued to select the communications of
an individual based overseas after the individual was known to have entered the United
Kingdom. In one very serious case last year an employee at GCHQ deliberately undertook
a number of unauthorised searches for related communications data. The employee was
immediately suspended from duty on discovery of the illegitimate searches and a full
investigation was launched. This abuse of the systems amounted to gross misconduct
and the individual’s employment was terminated and vetting status withdrawn. Given
the actions undertaken, i.e. that the individual accessed GCHQ’s computers for an
unauthorised purpose, it is arguable that an offence under section 1 of the Computer
Misuse Act was also committed. This is the first known instance of deliberate abuse of
GCHQ’s interception and communications data systems in this way.
6.93 Unauthorised disclosure. These error instances constitute non-compliance with
section 15(2) of RIPA 2000. They were caused by the interception agency not limiting
the number of persons to whom (or the extent to which) any of the material or data
was disclosed or otherwise made available to the minimum that was necessary for the
authorised purpose. For example, in a small number of cases intercepted material or the
fact of the existence of an interception warrant was disclosed to additional persons within
an interception agency or to persons outside of an interception agency.
6.94 Incorrect dissemination. These error instances also constitute non-compliance
with section 15(2) of RIPA 2000. They were caused by CSPs misdirecting the intercepted
40
@iocco_oversight