Challenge to Bulk Personal Datasets

Privacy International v. Secretary of State for Foreign and Commonwealth Affairs, Secretary of State for the Home Department, Government Communications Headquarters, Security Service, and Secret Intelligence Service

The ISC Report of March 12, 2015 defined “Bulk Personal Datasets” as “large datasets containing personal information about a wide range of people.” On June 8, 2015, Privacy International filed a challenge in the IPT alleging that the legal regime governing the intelligence and security services’ “acquisition, use, retention, disclosure, storage and deletion of Bulk Personal Datasetsis not sufficiently accessible to the public.” Statement of Grounds, para. 33. Nor does the legal regime “contain adequate safeguards to provide proper protection against arbitrary conduct.”Id. On this basis, Privacy International contended that Article 8 of the European Convention on Human Rights and section 6 of the UK Human Rights Act 1998 were violated.

In support of these claims, the Statement of Grounds notes that until the publication of the ISC Report , “the capacity to hold and use Bulk Personal Datasets was not publicly acknowledged, and there was no public or parliamentary consideration of the necessary privacy considerations and safeguards.” Id., para. 33(g).  There was no statutory provision for oversight of the use of Bulk Personal Datasets until on the day the ISC Report was published, Prime Minister David Cameron issued Intelligence Services Commissioner (Additional Review Functions) (Bulk Personal Datasets) Direction 2015.

In a press release, Privacy International called the GCHQ’s use of bulk personal datasets the equivalent of the NSA’s telephony metadata program, and noted that that program had been curtailed by the passage of the USA Freedom Act on June 2, 2015.

Leave a Reply