The Intelligence and Security Committee of Parliament is a committee of Parliament designed to oversee the intelligence and security activities of the Security Service, the Secret Intelligence Service and GCHQ. It was established in the Justice and Security Act 2013; prior to this the committee was established by the Intelligence Services Act 1994. It is thus a statutory committee and enjoys more powers than a standard parliamentary select committee.
The Committee consists of nine Members drawn from both Houses of Parliament. The Chair is elected by its Members. The Members of the Committee are subject to Section 1(1)(b) of the Official Secrets Act 1989 and are routinely given access to highly classified material in carrying out their duties.
The Committee sets its own agenda and work programme. It takes evidence from Government Ministers, the heads of the intelligence Agencies, officials from the intelligence community, and other witnesses as required. The Committee is supported in its work by an independent Secretariat and an Investigator. It also has access to legal, technical and financial expertise where necessary.
2015 Report on Privacy and Security
A report published by the committee in 2015 investigated the legality of the Agencies use of interception and other powers. [1] A major focus of the investigation was the scale of Agency interception of communications. The committee found that GCHQ’s bulk interception systems collect only a small amount of communications from a small percentage of the bearers that make up the Internet; these activities “cannot therefore realistically be considered blanket interception” [2]. The use of filters and search queries reduce the quantity of communications that are opened and read by human analysts.
The report also distinguished between ‘internal’ communications between two or more people in the UK, and ‘external’ communications’ involving at least one foreign participant. Different systems of warrants apply here: in the former case, a RIPA 8(1) warrant signed by a Secretary of State naming the individual is required for targeted interception; in the latter case, a broader authority exists under section 8(4) for searching without naming an individual, also through a warrant signed by a Secretary of State.
The report also addresses the question of the access to and use of communications data, or metadata. It finds a continuing meaningful distinction between content and communications data, finding that “while the volume of CD available has made it possible to build a richer picture of an individual, this remains considerably less intrusive than content. It does not therefore require the same safeguards as content does. [3]” Nonetheless, the report highlights the growing grey area between these two categories of data, including “information such as web domains visited or the locational tracking information in a smartphone.” The report therefore recommends that this category of data be labelled ‘Communications Data Plus”, and that it should “attract greater safeguards than the narrowly drawn category of Communications Data.”
In addition, the report considered agency use of other powers, including targeted surveillance, interference with property and wireless technology, the reading of encrypted communications and the use of covert human intelligence sources.
[1] Intelligence and Security Committee, Report on Privacy and Security, 2015. Accessible at http://isc.independent.gov.uk/files/20150312_ISC_P+S+Rpt(web).pdf
[2] Ibid., p.4
[3] Ibid., p.6