British MI5 Taken To Supreme Court For Holding Large Volumes Of Personal Data Without Due Protection

British MI5 Taken To Supreme Court For Holding Large Volumes Of Personal Data Without Due Protection

Click to see full-size image

The UK’s MI5 security agency may have broken the law by holding on to large volumes of data without the proper protection, according to documents from the British Supreme Court.

The registry of the Supreme Court shows no record of the case receiving a final court decision, but that doesn’t mean there were no proceedings.

The 10 internal documents, which include letters from the most senior officials inside MI5, including correspondence from director Sir Andrew Parker, show repeated breaches of compliance, relating in particular to the storage of citizens’ data.

Letters to MI5 from the Investigatory Powers Commissioner’s Office (IPCO) – the body responsible for ensuring privacy protections are upheld – refer to “the undoubtedly unlawful manner in which data has been held or handled.”

On March 11th 2019, a letter from MI5’s director of policy, compliance, security and information reveals that an MI5 compliance team identified in January 2016 that “data might be being held in ungoverned spaces in contravention of our policies.”

The documents state that the MI5 allegedly broke the law because the “the task [of complying with it] was too large,” after initially beginning mitigation work in January 2018.

Compliance gaps were coded as red, amber or green, in relation to their severity. Several practices were colored red, including “review, retention and deletion”, which refers to data held on private citizens.

In general, the civil liberties group Liberty brought the legal challenge to the Supreme Court on June 11th.

In general, the claims against the MI5 include the following, as per the release by the watchdog group:

  • Illegal actions: The Commissioner concluded that the way MI5 was holding and handling people’s data was “undoubtedly unlawful”, setting out that: “Without seeking to be emotive, I consider that MI5’s use of warranted data… is currently, in effect, in ‘special measures’ and the historical lack of compliance… is of such gravity that IPCO will need to be satisfied to a greater degree than usual that it is ‘fit for purpose'”.
  • MI5 knew for three years before informing IPCO: MI5 failed to maintain key safeguards, such as the timely destruction of material and the protection of legally privileged material. This, says Lord Justice Fulford created “serious compliance gaps” in its legal duties. Shockingly, these gaps first became clear to MI5 staff in January 2016, and the MI5 board in January 2018, but were only brought to IPCO’s attention in February 2019. Even then Fulford accuses MI5 officials of continuing to use “misleading euphemism” when describing their failure.
  • False assurances: Warrants for bulk surveillance were issued by senior judges (known as Judicial Commissioners) on the understanding that MI5’s data handling obligations under the IPA were being met – when they were not. The Commissioner has pointed out that warrants would not have been issued if breaches were known. The Commissioner states that “it is impossible to sensibly reconcile the explanation of the handling of arrangements the Judicial Commissioners were given in briefings…with what MI5 knew over a protracted period of time was happening.”

The MI5 appeared to be fully aware of the situations, since a senior MI5 official allegedly admitted to the Commissioner that personal data collected by MI5 is being stored in “ungoverned spaces”, while the MI5 legal team claims there is “a high likelihood [of material] being discovered when it should have been deleted, in a disclosure exercise leading to substantial legal or oversight failure.”

There was also a statement by Home Secretary Sajid Javid admitting that MI5 did, in fact, breach the Investigatory Powers Act (IPA).

According to the statement, the Investigatory Powers Commissioner’s Office concluded those risks were “serious and required immediate mitigation”. Home Secretary Sajid Javid has said that he will now launch an independent review of this incident.

The statement as of June 12th appears to be unreachable.

The IPA provides the security services with extremely broad powers, under warrants issued by ‘Judicial Commissioners’, to hack computers and phones and intercept people’s communications. These powers allow the Government to carry out “bulk surveillance” on huge numbers of people who are of no intelligence interest. That information is then stored by the security services for potential investigations in the future.

In September 2018, Liberty, along with 13 other human rights and journalism groups and two individuals, won its challenge to the UK’s previous surveillance regime at the European Court of Human Rights. The European Court found that the UK’s previous regime for bulk interception of data was unlawful.

MORE ON THE TOPIC:

Subscribe
Notify of
guest
8 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Brother Ma

Where did the data on citizens come from? Was that illegally sourced as well? Courts like this are rubbish. Unless some high- ups are publicly found guilty and put in jail for crimes, M15 will flout all laws.

Ronald

While your observations are true, revenge and punishment is not the objective, but rather legal rulings that protect the individuals right of privacy.
Collecting data with a court warrant on a person under investigation is legal but bulk data collection like PRISM in the US is not.

Jens Holm

Thats right, and the laws are different from country to country as well.

Jens Holm

Same for You. You walk as a duck. You talk as a duck. Strange if You were sonething else.

Brother Ma

Yes Ronald we do need he law as a safety net but we need revenge and shaming so that the govs do not ride roughshod over citizen rights. We must somehow forge a cost to be had by them every time they do it. Trampling our rights has no cost presently ,so they don’t care.

Jens Holm

Everything is digitialized here. You can see what facebook, twitter and the others of that kind know. Its so easy.

So the allowences as well as the limitations are made by laws in the countries as well as they not always are kept and even ignored(as probatly here by MI5). Big accidents happens too.

Courts are not rubbish. Its very difficult for them to be in front at all. Internet is also crossing borders and fast develloped. Everything is more and more connected to everything.

If You dont like rubbish like this, it would be nice if You had something better. I look forward and hope to see many links about the improvements from You.

Maybee You will be renaded to Sir Nobel.

You can call me Al

Dear British Supreme Court….. please explain what you think MI5 is doing daily.

Thank you.
Name: ……………….Al.
Company: ………….British ignorant Imbecile Catcher.

Jens Holm

Very good example. In many countries things like that never would reach any court.