My Lords, this group contains a number of amendments specific to Part 7 of the Bill, which covers bulk personal datasets. I first turn to government Amendments 219, 220, 224, 226, 227, 229, 230, 237, 238, 239, 240 and 265, 266 and 267.
In David Anderson QC’s review of bulk powers he stated:
“It has come to my attention that some”,
bulk personal datasets,
“may contain material that is comparable to the content of communications, and in rare cases even material subject to”,
legal professional privilege. He continued:
“In the light of these facts I have already recommended to the Home Office that consideration be given to the introduction of additional safeguards to the Bill and Code of Practice”.
We welcome David Anderson’s review and the attention he has given to these matters. I stress that it is unlikely to be the case that many bulk personal datasets will contain this sort of material, but in those instances where they do, it is right that it is protected appropriately. These amendments ensure that the Bill provides such protection.
Amendment 219 explains that an intelligence agency may not use a class BPD warrant to,
“retain, or retain and examine, a bulk personal dataset”,
that consists of or includes “protected data”. Amendment 220 would insert a new clause which defines what protected data are in this context. In essence, protected data are the same class of data as “content” in the telecommunications context or “protected material” in the equipment interference context. Protected data in a bulk personal dataset may include, for example, the contents of letters, e-mails or other documents. They do not include identifying data—for example, data that may help to identify persons, systems, services, locations or events—nor do they include systems data, which are data that enable or facilitate the functioning of any system or service.
5.30 pm
If the data cannot be classified as either identifying data or systems data, then they will fall within the definition of protected data so long as they are private information. Non-private information that would fall outside the definition may include publicly available information, such as books, newspapers, TV and radio broadcasts and data that are freely available online and are not subject to any privacy settings or access controls.
Amendment 227 is a new clause which gives the Secretary of State the power to impose conditions which must be satisfied before protected data may be selected for examination where an individual is known to be in the British Islands at the time of selection. The bulk personal datasets code of practice will provide further detail on what those conditions will be. The draft code of practice published by the Government before Report includes an annex of indicative text that the Government propose including in the body of the code if Parliament passes these amendments.
I now turn to government Amendments 239 and 240. These two new clauses outline additional safeguards for items subject to legal professional privilege in bulk personal datasets. As David Anderson noted, material
subject to legal professional privilege would only rarely be contained in a bulk personal data set, but again the Government agree that in those instances where datasets contain this sort of material, it is right that it is protected appropriately.
Amendment 239 is a new clause which outlines additional safeguards which apply when protected data subject to legal professional privilege are selected for examination. These safeguards will apply where the purpose of selecting protected data for examination is to identify any items subject to legal privilege or if it is likely to identify such items. Amendment 240 provides additional safeguards for the retention of items subject to legal professional privilege following examination. These amendments give effect to David Anderson’s recommendations and ensure that legally privileged protected data retained in reliance on a specific bulk personal dataset warrant are subject to the same stringent safeguards that apply when data are examined under Part 6.
Amendments 224, 226, 229, 230, 237, 238, 265, 266 and 267 are consequential amendments to the amendments I have outlined.
Government Amendments 221, 222, 223 and 225 specify the information that must be included about operational purposes in class and specific BPD warrant applications. These are technical drafting amendments that bring the drafting of Part 7 into line with the drafting of Part 6.
Amendments 235 and 242 are technical amendments to make clear the test that a judicial commissioner should apply when reviewing two particular decisions made under Part 7. That test is the same one that is applied throughout the Bill. Although this is clear in many places in the Bill, there is currently no explicit language on this point in Clauses 200 and 203. These are essentially tidying-up amendments to rectify this point.
Finally in this group I turn to government Amendment 236. This is a minor and technical amendment to ensure consistency of drafting with equivalent provisions in Part 6. In short, it ensures that particular requirements on the Secretary of State relating to the safeguards for the examination of material by the agencies are the same for Part 7 as they are for Part 6.
Taken together the amendments in this group add further safeguards to and otherwise fine-tune the provisions in Part 7. I beg to move.