A new report affirms the need for UK security agencies to gather bulk data, but there are still reasons to be cautiousby Rupert Stone / August 19, 2016 / Leave a comment
David Anderson QC, the independent reviewer of terrorism legislation, has just issued a report evaluating the effectiveness of bulk data collection in counter-terrorism, counter-espionage, and other work performed by the British security agencies. The report comes at a crucial moment as the government is attempting to steer its new surveillance legislation, the Investigatory Powers Bill, through parliament. That bill would give the government broad powers to hoover up emails (“bulk interception,” in the British government’s jargon), gather phone and internet records (“communications data”), hack electronic devices en masse (“bulk equipment interference”), and obtain “bulk personal datasets” on people not suspected of a crime.
However, human rights groups and some politicians have expressed reservations about the need for such intrusive capabilities. Earlier this year, in a debate on the bill, shadow home secretary Andy Burnham said that the government still had to “convince people that the powers are needed” and called for a review. In response, Anderson was appointed to conduct a fresh inquiry into the utility of such methods. His lengthy report largely vindicates the government, concluding there is a “proven operational case” for three of the bulk powers—bulk interception, bulk acquisition of communications data, and bulk personal datasets—and a “distinct (though not yet proven) case” for the fourth, bulk hacking. The impressive study gives more detail than was previously available and goes some way to establishing that such practices are essential. Use of other techniques, while “sometimes” productive, would be “less effective, more dangerous, more resource-intensive, more intrusive or slower” than broader powers, the report determines.