40
IPCO Annual Report 2018
6.33
During inspections, we are given access to the system used by MI5’s investigators and
analysts for their applications and we undertake random sampling and run query-based
searches on the system. For example, Inspectors might use the system to identify every
application which included the word ‘journalist’. This means that our Inspectors can,
for example, evaluate the analysts and investigators’ necessity and proportionality
considerations, examine particular operations and identify requests for more intrusive data
sets or those requiring data over longer time periods.
6.34
The Targeted Communications Data CoP (paragraphs 8.23 to 8.33 and 8.38 to 8.44) contains
detailed guidance for examination where the purpose is not to identify or confirm a
journalistic source but where this is nonetheless likely. These protections are not mirrored
in the Bulk Data CoP. We have, therefore, proposed that UK Intelligence Community (UKIC)
should read across the additional guidance provided in the Targeted Communications Data
CoP when considering BCD related to journalism and have proposed to the Home Office
that the Codes should be amended to ensure consistency.
6.35
MI5 have been working to demonstrate a number of improvements that they have brought
in to their authorisation processes, internal oversight and audit of this work, post October
2018, but we believe that there is more to be done in this area. They have developed a
capability to undertake retrospective internal audit checks, which commenced in October
2018, and the managers we interviewed explained and demonstrated how it is envisaged
the audit processes will develop and work in the future. Some basic internal retrospective
audit checks are taking place but the process is in its fledgling stage.
Bulk Personal Datasets (BPD)
6.36
The use of BPD is an area that has been under close scrutiny by IPCO during 2018, both
through inspections and via the double lock. This reflects the level of public interest in how
this data, which is vital to everyday work by investigators and analysts, is used and retained
by MI5. Prior to the implementation of IPA warrants to approve BPDs, we were content that
MI5’s records were well kept and clearly articulated. This continues to be the case since the
introduction of the double lock.
6.37
In preparing for the commencement of Part 7 of the IPA, which governs UKIC’s retention
and use of BPDs, MI5 independently considered each bulk data holding to ensure that
appropriate safeguards were in place and the IT infrastructure complied with the IPA.
MI5 introduced a front-end system to record the justification given by their officers when
querying bulk data. MI5 also scrutinised the necessity and proportionality case for retaining
each dataset, along with an assessment as to whether it was ‘bulk’ or ‘targeted’ in nature
(that is, whether or not the majority of individuals to whom the dataset related were of
interest or likely to become of interest to MI5 in the pursuit of its statutory functions).
6.38
Under the new provisions of the IPA, MI5 is required to keep the proportionality of its
BPDs under constant review. Before the commencement of section of the Act, MI5 judged
it appropriate to retain all BPD holdings for ten years; the justification for this period of
retention had been explained to the Commissioner. Under the IPA, MI5 is required to assess
whether the retention of each of its BPDs remains necessary and proportionate every six
months, upon renewal of the warrant. However, we have recommended that MI5 should
take a more nuanced approach, considering whether retention is proportionate for all fields
in BPD holdings and for each BPD held. We were not satisfied that MI5 was meeting this
recommendation in full at the end of 2018 and they are now introducing a new process to
discharge this requirement.