Report of the Interception of Communications Commissioner - 2016
Recent inspections of the Security Service and GCHQ sought to assess the progress made
in relation to the recommendations included in the review report13 and in relation to the
draft code of practice.14 In relation to current practice, my inspectors have concluded:
a) The Security Service and GCHQ each keep a central record of section 94 directions
given by the Home Secretary or Foreign Secretary, respectively, on their behalf. The
central record includes the date when the direction was given; the name of the Secretary
of State giving the direction; the PECN to which the direction relates; a description of the
conduct required to be undertaken and the date when the direction was served on the
PECN. These records have been made available for inspection by IOCCO. This addresses
Recommendation 1 in the review report.
b) A process is in place which allows for the secure electronic transfer of copies to IOCCO,
from the Security Service and GCHQ, of section 94 directions given by a Secretary of
State. This addresses Recommendation 2 in the review report.
c) Section 94 directions for bulk communications data now indicate the specific
communications data that is required to be disclosed by the PECN. This addresses
Recommendation 3 in the review report.
d) An application process has been developed that accounts for the requirements of the
Investigatory Powers Act 2016. This addresses Recommendation 4 in the review report.
e) The Security Service and GCHQ undertake reviews every 6 months as to whether the
acquisition of bulk communications data remains necessary and proportionate. The
results of these reviews, and their recommendation to keep the direction in place, modify
or cease its use are submitted to the Secretary of State. This addresses Recommendation
6 in the review report.
f) There is a mature process in place for the reporting of errors. This mirrors the processes
for reporting other errors to IOCCO.
g) All existing directions were replaced by new directions in October 2016 as a consequence
of the recommendations.
Access to the bulk communications data retained by
the agency
Recent inspections of the Security Service and GCHQ examined the procedures in place
to access data for operational purposes. My inspectors interviewed those in charge of
intelligence operations, senior managers authorising access, analysts within operational
teams and those who undertake internal audits.
13 See Page 54 & 55 http://iocco-uk.info/docs/56208%20HC33%20WEB.pdf
14 See footnote of this report
28
@iocco_oversight