38
BIG BROTHER WATCH AND OTHERS v. THE UNITED KINGDOM JUDGMENT
103. According to section 3 of the ISA, one of the functions of GCHQ is
to monitor or interfere with electromagnetic, acoustic and other emissions
and any equipment producing such emissions and to obtain and provide
information derived from or related to such emissions or equipment and
from encrypted material. This function is exercisable only in the interests of
national security, with particular reference to the State’s defence and foreign
policies; in the interests of the economic well-being of the United Kingdom
in relation to the actions or intentions of persons outside the British Islands;
or in support of the prevention or detection of serious crime.
(d) Counter-Terrorism Act 2008
104. Section 19 of the Counter-Terrorism Act 2008 allows the disclosure
of information to any of the intelligence services for the purpose of the
exercise of any of their functions. Information obtained by an intelligence
service in connection with the exercise of its functions may be used by that
service in connection with the exercise of any of its other functions.
105. Information obtained by MI5 may be disclosed for the purpose of
the proper discharge of its functions, for the purpose of the prevention or
detection of serious crime, or for the purpose of any criminal proceedings.
Information obtained by MI6 may be disclosed for the purpose of the proper
discharge of its functions, in the interests of national security, for the
purpose of the prevention or detection of serious crime, or for the purpose of
any criminal proceedings. Information obtained by GCHQ may be disclosed
by it for the purpose of the proper discharge of its functions or for the
purpose of any criminal proceedings.
(e) The Data Protection Act 1998 (“DPA”)
106. The DPA is the legislation transposing into United Kingdom law
Directive 95/46/EC on the protection of personal data. Each of the
intelligence services is a “data controller” for the purposes of the DPA and,
as such, they are required to comply – subject to exemption by Ministerial
certificate – with the data protection principles in Part 1 of Schedule 1,
including:
“(5) Personal data processed for any purpose or purposes shall not be kept for
longer than is necessary for that purpose or those purposes ...
and
“(7) Appropriate technical and organisational measures shall be taken against
unauthorised or unlawful processing of personal data and against accidental loss or
destruction of, or damage to, personal data.”
(f) The Official Secrets Act 1989 (“OSA”)
107. A member of the intelligence services commits an offence under
section 1(1) of the OSA if he discloses, without lawful authority, any