The 2016 section 94 report highlighted that two distinct processes have developed
within the Security Service and GCHQ to access bulk communications data. The different
procedures mean that it is not possible to provide comparable statistical information
relating to the access and use of the bulk communications data.
Within GCHQ, all operational data gathered from a variety of different sources is treated
in the same manner. Where there is an operational requirement to gain access to any
operational data (which will include bulk communications data), an analyst is required to
justify why the access and examination of the data are necessary and proportionate. This
is a three-stage process covering:
•
•
•
why the search is necessary for one of the authorised purposes, for example,
“in the interests of national security”;
an internal reference number, which equates to the specific intelligence
requirement and priority for the search; and
a justification of the necessity and proportionality of accessing the data.
During an inspection into the selection of bulk communications data for examination
by analysts at GCHQ, my inspectors reviewed the breadth and depth of the internal
procedures and by auditing a number of individual requests made by analysts. They were
satisfied that, in the individual requests examined, the analysts had properly justified why
it was necessary and proportionate to access the communications data.
In 2016, 7.5% of GCHQ’s end product reports included material acquired under section 94.
Previous IOCCO reports15 have commented on the process within GCHQ for the selection
and examination of intercepted material and related communications data.16 The process
for the selection and examination of bulk communications data is essentially the same. I
therefore draw the same conclusion as last year, that, although the selection procedure
is carefully and conscientiously undertaken, the process relies mainly on the professional
judgment of analysts, their training and management oversight.
GCHQ undertakes robust retrospective audit checks. The senior managers interviewed
explained and demonstrated in detail how the audit processes work and the function of
GCHQ’s Internal Compliance Team, who carry out random checks of analysts’ justifications for
the selection of bulk communications data. In addition, GCHQ’s IT Security Team conducts
technical audits to identify and further investigate any possible unauthorised use.17
The Security Service has a policy and procedure for accessing bulk communications data,
which mirrors that used for data acquired under Chapter 2 of Part 1 of RIPA and the Code
of Practice for the Acquisition and Disclosure of Communications Data.18 The investigator
15 See for example Paragraphs 6.37 to 6.40 of the March 2015 Report http://www.iocco-uk.info/docs/IOCCO%20
Report%20March%202015%20(Web).pdf
16 See section 20 of the Regulation of Investigatory Powers Act 2000 for definitions of “intercepted material” and
“related communications data” http://www.legislation.gov.uk/ukpga/2000/23/section/20
17 See page 26 (paragraph 6.39) http://iocco-uk.info/docs/IOCCO%20Report%20March%202015%20(Web).pdf
18 See Chapter 3 – The General Rules on the Granting of Authorisations and Notices https://www.gov.uk/government/
www.iocco-uk.info
29