70
Investigatory Powers Commissioner’s Annual Report 2019
the relevant bulk (interception, equipment interference, personal data & BCD) warrant
permits overseas sharing, and also details the accesses covered and equity considerations;
• Each foreign partner has provided written assurance in relation to their handling of shared
bulk data;
• A dedicated team is the formal coordination point and record keeper of DSPs for the
sharing of bulk data with Five Eyes and other foreign partners; and
• GCHQ has invested in the development of a workflow tool to automate the DSP process
by marrying operational data sharing in their systems to the DSPs. This provides a doublecheck capability that mitigates the risk of sharing without permission. An additional
feature is the ability automatically to match warrants to operational purposes, thus
reducing the burden on those checking that the appropriate operational purpose/s are
present and correct.
10.44
We anticipate that the measures taken by GCHQ including the automated workflow tool,
when implemented, will improve compliance in this area. They will provide a centralised
record of what data is shared with whom, where and why. The decisions about sharing will
be accessible by GCHQ staff as required, by our inspectors and, when necessary, by the IPT
and will meet the requirements described in the Tribunal’s CLOSED judgment on the Privacy
International case in July 2018.
Bulk personal data (BPD)
10.45
Overall, administration of bulk personal datasets (BPDs) within GCHQ is to a high standard.
During this reporting period GCHQ introduced a clear and auditable process when
considering the classification of BPD. All decisions and details of the datasets are collated
internally and recorded in an auditable manner. We intend to review this material at future
BPD inspections.
10.46
As explained in paragraph 10.38 GCHQ has introduced an enhanced compliance team.
This team carries out retrospective audits of the justifications used to examine BPDs and
provides individual support via a network of staff who volunteer to assist the compliance
team. The members of staff who represent the Policy and Compliance Network (PCN) are
responsible for compliance with the IPA in their work areas or teams. They engage with the
central compliance unit and act as a conduit when, for example, an analyst’s justification
falls below standard. The PCN also trains staff and acts as mentors. We have commended
this approach, which we believe will ensure a good level of compliance across the agency.
10.47
In our last annual report, we highlighted recommendations in relation to providing staff
with additional training and guidance on the examination of BPDs. Prior to inspection,
we work with the compliance team to randomly select several hundred records used to
justify the examination of BPD by GCHQ officers. Unlike at MI5, each record will relate to
a single search conducted by GCHQ staff. The compliance team’s role is to identify any
inadequate justifications; if staff were suspected to be searching against BPD without the
right justification for doing so, we would expect staff to be interviewed and, if necessary,
appropriate action taken.
10.48
We examine these records, consider whether the compliance team are applying adequate
scrutiny to their review and advise on whether the threshold for further investigation or
breach are appropriate. In March 2019, we determined that 50% of the justifications for
bulk acquisition warrants that were reviewed by the GCHQ compliance team did not meet
the required standard. This was, rightly, seen to be a serious issue and the compliance team