IPCO Annual Report 2017
be examined for a very short period to avoid losing essential intelligence on the written
authorisation of a senior official, when the person was believed to be abroad but it has
latterly been discovered that he or she had entered the British Islands.
7.32
Before an intelligence analyst is able to read, look at or listen to material obtained under a
bulk warrant, he or she must justify why access to the material is required, explaining how
the examination is linked to one of the statutory purposes, why it is a valid intelligence
requirement and why such access is proportionate.
7.33
The procedure relies mainly on the analyst’s professional judgement, and his or her training
and oversight, and there is no further internal pre-authorisation or authentication process
for the selection of any material. GCHQ’s Internal Compliance Team carries out retrospective
random audit checks of the justifications for selection and the IT Security Team carries out
technical audits to identify and investigate any possible unauthorised use.
7.34
There are a number of other security and administrative safeguards in place at GCHQ which
have general relevance. These include the security policy framework and staff vetting; ongoing
instruction and training for all staff on the legal and other requirements of operating within the
legislation (with particular emphasis on Human Rights Act requirements); and the development
and operation of computer systems designed to search for, and check on, instances of
potentially non-compliant use of GCHQ’s systems and premises. All staff must pass a periodic
online test to demonstrate their understanding of the relevant legal and other requirements.
7.35
Our inspections and audits show that, in so far as we are able to judge, the individuals
concerned carry out the selection procedure carefully and conscientiously. GCHQ has
historically reported the results of the retrospective audits and safeguard breaches to
IOCCO (please see the errors and breaches section). The retrospective audits are a strong
safeguard and serve to act as a deterrent against improper use.
Retention
7.36
Every interception agency has its own policy as to how long intercepted material and related
communications data can be retained before it is destroyed. All content is reviewed and
deleted after a very short period unless action is taken to retain the content for longer
because this step is necessary. The retention periods for selected content differ between
the interception agencies but range from between 30 days to one year. The retention periods
for any related communications data also differ, ranging from six months to two years.
How IPCO oversees these powers
7.37
IPCO will inspect the intercepting agency and the WGDs, and the interception inspections
are structured in order to ensure the key areas covered in the legislation and the CoP
are scrutinised. We inspected all nine intercepting agencies and the four WGDs in 2017,
examining 997 warrants for the relevant period. This equates to over 50% of the warrants
in force at the end of the year and 28% of the new warrants issued in 2017.
45