CHAPTER 14: EXPLANATIONS
intercept external communications in order to assist their statutory functions,
stated that he personally thought it “obvious” that, subject to sufficient
safeguards, they should be.36 In the same report he gave nine reasons,
informed by his own detailed consideration, why “the section 8(4) process does
not have a significant risk of undue invasion of privacy”.37
(b)
The IPT, though not tasked in that judgment with the consideration of
proportionality, echoed and updated its own conclusion in 2004 that the s8(4)
regime was “in accordance with law”.38
14.41. The ISC concluded that “GCHQ’s bulk interception is a valuable capability that should
remain available to them” and that the legal safeguards protecting the
communications of people within the UK were “reassuring”: it made some specific
suggestions for enhancing the safeguards.39
14.42. The law relating to bulk collection is dealt with in this Report at 6.45-6.59 above, its
utility at 7.20-7.27 above (with accompanying Annex) and its importance for the
security and intelligence agencies at 10.14(b) and 10.22-10.26 above. The opposition
expressed in some civil society submissions is summarised at 12.35-12.38 above.
14.43. It is sometimes assumed that GCHQ employs automated data mining algorithms to
detect target behaviour, as is often proposed in academic literature. That, it would
say, is realistic for tasks such as financial fraud detection, but not for intelligence
analysis. Much of its work involves analysis based on a fragment of information which
forms the crucial lead, or seed, for further work. GCHQ’s tradecraft lies in the
application of lead-specific analysis to bring together potentially relevant data from
diverse data stores in order to prove or disprove a theory or hypothesis. As illustrated
by the case study on GCHQ’s website,40 significant analysis of data may be required
before any actual name can be identified. This tradecraft requires very high volumes
of queries to be run against communications data as results are dynamically tested,
refined and further refined. GCHQ runs several thousand such communications data
queries every day. One of the benefits of this targeted approach to data mining is that
individuals who are innocent or peripheral to an investigation are never looked at,
minimising the need for intrusion into their communications.
14.44. Contrasting reports on bulk collection have come out of the Council of Europe in 2015:
(a)
36
37
38
39
40
41
A parliamentary committee reported in January that “electronic mass
surveillance is not even effective as a tool in the fight against terrorism and
organised crime, in comparison with traditional targeted surveillance”, and
calling upon Council of Europe member and observer states to cease bulk
collection and analysis.41 Its observations were founded, in part, on the
IOCC Report, April 2014, 6.5.56. It may be of interest to note that Sir Anthony May, who wrote those
words, was one of the judges who ruled against the intelligence agencies in the well-known case of R
(Binyam Mohamed) v Secretary of State for Foreign Affairs [2010] EWCA 65.
Ibid., 6.5.43.
The ECtHR cases on bulk collection are discussed at 5.31-5.34 above.
See Recommendations F, P and generally at F-T.
“How does an analyst catch a terrorist?” (GCHQ website): 7.5 above.
PACE Committee on Legal Affairs and Human Rights, “Mass Surveillance”, January 2015, para 126
and Resolution 17.1. The notion that bulk surveillance is not effective as a tool is contradicted by the
268