Spy watchdog: Privacy breached ‘because of incompetence’
Britain's intelligence agencies breached members of the public's privacy on multiple occasions in 2013 because of incompetence, the intelligence services commissioner has revealed.
Sir Mark Waller, the intelligence services commissioner, found human error was responsible for all 33 of the 'reportable' instances in which privacy was breached in 2013.
His annual report to the prime minister, made public today, shows that officials at MI5, MI6, GCHQ, the Foreign Office, the Ministry of Defence (MoD) and the Home Office made mistakes which led to privacy being breached.
Waller scrutinised 17% of the 1,887 warrants and authorisations approved across the intelligence services and the MoD in 2013. In 2012 he spotted just one containing administrative errors; in 2013 that number he noticed eight.
"Although these are correctable slips they are still unacceptable," he said.
"I have recommended that the agencies put in place procedures to prevent further reoccurrence and I will continue to monitor this."
MI5, the domestic intelligence agency, was the worst culprit with 19 reported errors. Eleven of these occurred because the correct authorisation was not applied for or renewed.
Waller suggested in his report he was not happy with all the explanations he received.
He added: "In most instances I was satisfied with the answers but still discussed the errors during my inspection and made clear that any error, but especially those which led to intrusion into privacy, were not acceptable."
MI6, the overseas intelligence agency, registered ten errors in 2013 which – again because of incompetence – were reported late and had actually occurred in 2012. A majority of the privacy breaches were due to procedural mistakes.
In one instance an internal authorisation which required approval from both an MI6 director and a senior Foreign Office official was only rubber-stamped by the MI6 chief. The operation went ahead without backing from William Hague's department.
"During a formal inspection visit I re-emphasised that individual officers in the Secret Intelligence Service must check, and be able to check, that an authorisation is in place before they engage in any intrusive activity," Waller said.
"In one case a manager had not been alerted and so did not electronically sign the form until the activity had already taken place.
"To prevent this happening again, the applying officer now speaks to the authorising officer and checks that the form is authorised.
"I recommended that this safeguard be put in place across the organisation."
The MoD breached part two of the Regulation of Investigatory Powers Act 2000, which covers covert surveillance and the use of covert human intelligence sources.
And the Home Office and Foreign Office were both guilty of administrative errors involving getting dates wrong. Waller forced Theresa May and William Hague to correct the paperwork.
GCHQ, which has faced scrutiny over its cooperation with the US' National Security Agency over the Prism scandal revealed by Edward Snowden, registered just three errors because of human error.
Waller addressed the 'media allegations' about GCHQ seeking to circumvent UK law in June 2013.
He insisted he visited GCHQ immediately to "confront them about the allegations", but found they were not attempting to sidestep the law.
However, the commissioner said he would not provide figures about the number of disciplinary findings he had been shown during 2013 relating to the potential misuse of data.
"Without the benefit of full context, which I cannot give in an open report, to provide such detail could be both inaccurate and misleading," he stated.
"Therefore I do not believe it is in the public interest to do so at this time."
#LatestFromLiberty: Reaction to today's Intelligence Services Commissioner Report #privacy https://t.co/JOw4anJwlJ pic.twitter.com/MlQWvzjDYi
— Liberty (@libertyhq) June 26, 2014