Report of the Independent Surveillance Review
109
5.51
There are further concerns about what happens to an individual’s data after it has been
collected, in particular the circumstances in which this data is interrogated and analysed
(explored in the warrantry-regime section below), and for how long data is kept.
5.52
From our evidence sessions, we heard that issues of data retention can also be
controversial. As discussed in previous chapters, there are good reasons for which data
may be retained and analysed (particularly since, at the point of collection, the true value
of the data may not be known and it may take time to process the data to filter what is
needed). However, this also raises the possibility of future mission creep, and that the
data will be used for purposes other than that for which it was collected, violating wellestablished principles of data protection. The longer the data is held, the greater the risk
of course that the data may be lost and/or stolen.
5.53
The Panel believe that such fears can be managed by improving oversight, and remain
convinced there is a case for certain data to be retained within set timeframes, under
certain conditions and subject to the requirements of data-protection law. Policies on
data retention must be subject to regular review by oversight bodies to ensure they
remain proportionate (and, as noted above, oversight mechanisms must have the
technical knowledge to monitor this effectively).
Recommendation 8: The capability of the security and intelligence agencies to collect and
analyse intercepted material in bulk should be maintained with stronger safeguards as set
out in the Anderson Report. In particular, warrants for bulk interception should include
much more detail than is the case currently and be the subject of a judicial authorisation
process, save for when there is an urgent requirement (see Recommendation 10, point 2).
The Warrantry Regime
5.54
Warrants are an established and important legal mechanism authorising the use of
intrusive powers. They are crucial in being able to monitor, record and audit the use of
these powers. A number of aspects of the warrantry system are the subject of debate.
Key questions we consider include: Who has the power to sign a warrant? What is the
process and criteria for applying for warrants? How are warrants audited to ensure
compliance, and by whom?
5.55
The Panel gave particular thought to the current warrantry system. We believe that any
changes to the current system must ensure efficient and occasionally urgent processing,
but with sufficient rigour of examination. The process must ensure consistency (such
that the same input will produce the same decision) and must be scalable, particularly if
the number of warrant applications increases.
5.56
The distinction between content data (the interception of which requires a warrant)
and communications data (requiring an authorisation) remains relevant, but new
definitions are required in legislation, particularly given the ever-growing volumes of