Sir Mark Waller, the Intelligence Services Commissioner, has delivered his fourth annual report to the Prime Minister, revealing that GCHQ's internal monitoring system slurped up its own employees' privates to an unauthorised degree.
The 69-page report [PDF] noted that GCHQ reported an error to the commissioner in 2014, "when an internal monitoring system of some staff communications was found to be capturing more information that it was authorised to".
"I followed up on this error during my May inspection," Waller continued. "The team explained that because of a lack of understanding of the system's full capability, more data than had been authorised had been collected. It was clear to me that this was a technical error and not deliberate."
After discovering this error, according to the commissioner, GCHQ "deleted the captured data and reconfigured the system to ensure that it only collected the information that it was authorised to collect."
The commissioner also required the agencies to report to him any errors which might have occurred during a warrant application, authorisation, or when the warrant was put into operation. These errors were classed in three categories:
Number of errors, by agency, reported in 2014
- Category A: An administrative error such a typo, which may be easily fixed
- Category B: An inadvertent failure, such as an untimely warrant renewal when such a warrant would have been given
- Category C: A deliberate decision to act without intention to seek authority
The commissioner revealed 43 errors in 2014, 34 of which were reported by the agencies and nine were discovered during his own inspections. The majority were Category B errors. None were Category C.
Eric King, deputy director at Privacy International (PI), told The Register that "the attention to detail the Commission brought to bear on inaccuracies and errors in the warrants is impressive."
He continued: "I wonder if similar errors would be spotted in other areas of GCHQ's work if the commissioner had a larger staff, including those with significant technical capability, and the resources and remit to dig deep."
King added that "in a recent decision in the IPT [the Investigatory Powers Tribunal], the Tribunal found errors in both the length of retained communications and those who accessed them".
The Intelligence Services Commissioner is responsible for auditing the authorisations required by the intelligence agencies, and the Ministry of Defence, to enable their lawful use of intrusive powers, such as those available under the Regulation of Investigatory Powers Act and the 1994 Intelligence Services Act.
The report concludes that human errors have occurred in the intelligence services "as they will in any large organisation". Alongside some small recommendations, the commissioner's overall conclusion is that:
The agencies and the MoD take compliance extremely seriously and seek to obtain their authorisations on a correct legal basis, establishing necessity to do what they seek to do, and properly considering proportionality and the justification for any intrusion into privacy.
Following the line of Parliament's intelligence committee, which decided that dragnet communications data collection did not constitute mass surveillance, the commissioner wrote: "I am satisfied that the agencies properly consider and keep under review whether it is necessary and proportionate to hold or continue to hold Bulk Personal Data."
PI's King told us: "It’s clear that a more detailed, more overarching rethink of GCHQs mandate and legal framework was needed than was being provided by existing Commissioners, whose time wouldn’t stretch far enough to complete the usual oversight as well as a 'big picture' review."
He continued: "This is why the ISC, RUSI [the Royal United Services Institute] and David Anderson were all asked to take a step back and make recommendations on the issue as a whole. With that space, the ISC then described our current legal framework as 'unnecessarily complicated' and David Anderson called it 'opaque' and 'undemocratic'." ®