On March 12, 2015, the ISC concluded its investigation by issuing a report, “Privacy and Security: A modern and transparent legal framework,” that “scrutinised GCHQ’s bulk interception capability in particular detail, since it is this that has been the focus of recent controversy.”
The Report’s principal conclusions are that the intelligence and security services (MI5, the Secret Intelligence Service (SIS or MI6) and GCHQ) “do not seek to circumvent the law,” including the requirements of the European Convention on Human Rights (ECHR), as incorporated in the UK Human Rights Act 1998. By contrast, the legal framework governing the agencies’ operations “is unnecessarily complicated,” raising “serious concerns about the resulting lack of transparency.” The ISC proposed that existing legal provisions be replaced by a single law and that more particular legal reforms be instituted before this basic change was made.
Concluding that the existing legal framework was “difficult to understand,” “unnecessarily secretive,” and consisted of different Acts of Parliament whose “interaction … is complicated,” the IPT called for a single Act of Parliament to replace the:
- Security Services Act 1989;
- Intelligence Services Act 1994;
- Wireless Telegraphy Act 2006;
- Telecommunications Act 1984;
- Counter-Terrorism Act 2008; and
- other “relevant” legislative provisions “as appropriate.”
Para. 275; Conclusion (Concl.) XX.
The call for a radical legislative overhaul was intertwined with recognizing the need for increased transparency. “We recognize that much of the detail regarding the Agencies’ capabilities must be kept secret. There is, however, a great deal that can be discussed publicly and we believe that the time has come for much greater openness and transparency regarding the Agencies’ work.” Concl. BBB.
Among the particular concerns about transparency were:
- The “broad general powers” that the Intelligence Services Act 1994 and Social Service Act 1989 respectively accorded to MI5 and to MI6 and GCHQ “could be misconstrued as providing the Agencies with a ‘blank cheque’ to carry out whatever activities they deem necessary.” Concl. MM.
- Although the ISC was “reassured that the Human Rights Act 1998 acts as a constraint on all the Agencies’ activities,” “[t]he interactions between the different pieces of legislation which relate to the statutory functions of the intelligence and security Agencies are absurdly complicated, and are not easy for the public to understand ….” Concl. NN.
- “[A]s a matter of both practice and policy,” GCHQ seeks raw SIGint from a foreign partner only “on individuals whom they themselves are intercepting – therefore there would always be a RIPA warrant in place already.” Concl. RR. Despite praising GCHQ, however, for having “gone above and beyond what is required in the legislation,” the ISC concluded that “it is unsatisfactory that these arrangements are implemented as a matter of policy and practice only.” Concl. SS. The ISC also recommended that statutes define the arrangements for exchanging analyzed intelligence reports with foreign partners.
Additional recommendations for transparency in regard to the distinctions between “external and “internal” communications and “communications data” and “Communications Data Plus” are respectively described in the posts, “Communications Data” and “The distinction between external and internal communications,” in our section on the ISC’s Evaluation of the Intelligence Services.
By contrast, although Contributors raised the issue, the ISC did not assess the adequacy of the government’s policy of issuing a Neither Confirm Nor Deny (NCND) response to all questions about the operation and oversight of the intelligence and security agencies.