How the Home Office let their Minister down

A week ago the Home Secretary said that anybody opposed to the draft Communications Data Bill was ‘putting politics before lives’. Yesterday the Joint Committee on the draft Communications Data Bill, which was set up to scrutinise the proposals, published its damning report that concluded the draft Bill pays “insufficient attention to the duty to respect the right to privacy, and goes further than it need or should.”

The report delivers a pretty withering verdict on the Home Office team responsible for the draft Bill. It calls their evidence ‘fanciful and misleading’, for example. It’s clear that in the way the policy was developed and explained, the Home Office have badly let down the politicians, from the Home Secretary to the Deputy Prime Minister.

It has pushed the former to defend, in good faith but questionable language, what the Committee concluded are ill considered and unsupported proposals. And it has created an unnecessary fissure in the Coalition. All this because of the insular, overambitious and secretive process the Home Office insisted on running.

Below is a non-exhaustive set of examples of the Committee’s findings that demonstrate three key Home Office failings: a failure to consult; a failure to properly define the problem; and a failure to adequately explain and support their proposals with good evidence. It is a pretty damning catalogue of issues.

This is why we now need a fundamental review of surveillance law. The Home Office’s Snoopers’ Charter is a fudge of a solution to the problems of law enforcement in the digital age. They’ve aptly demonstrated that they should not be entrusted with the review. 

1. The costs and benefits estimates were not robust:

On the supposed financial benefits:

“267. It may be that, for some purposes, it is useful to be able to ascribe a monetary value to a life saved. We fail to understand what relevance this can have in the impact assessment for a draft Bill. The figures are used to attempt to show that the taxpayer, by spending £1.8 billion over ten years, will recoup perhaps three times that amount, when this is not the case. To suggest that these estimates can be used to calculate a net benefit from enactment of the draft Bill at between £3.2 and £4.4 billion is simply fanciful and misleading.

268. The use of figures in this way points to a further absurdity. We are asked to believe that access to a further 10% of communications data over and above the 75% already available would save perhaps a further 150 lives a year. Logically, it should follow that the communications data currently available is saving around 1,000 lives a year, but the Home Secretary told us that the figure was “1,000 to 2,000 lives being saved” over the 10 year period. None of our witnesses could provide specific evidence of significant numbers of lives saved to date.

269. The figure for estimated benefits is even less reliable than that for costs, and the estimated net benefit figure is fanciful and misleading. It ought not to be used to influence Parliament in deciding on the relative advantages and disadvantages of this legislation. Whatever the benefits of the Bill, they are unlikely to be financial.” (page 71)

On costs:

“257. …in his subsequent evidence Charles Farr told us that, on the basis of the regular discussions the Home Office had with the UK CSPs on their costs in implementing the RIPA arrangements, “we know in quite a high level of detail what those costs comprise [and] we have already formed the basis of our calculations about the costs that the CSPs may incur in future. We have added in considerable optimism bias on top of that. I would not want you to conclude that we have plucked these figures out of thin air. They are based on existing costs which we have already established with the providers. It is still our view … that these figures accurately represent the likely cost going out to 2020.” The business case was being “refreshed”, but he did not anticipate that it would come up with a figure higher than £1.8 billion.

258. Mr Farr repeated that this figure “builds in quite a lot of optimism bias”. For Microsoft, Mr Collins had told us: “… the costs will increase. Even if we gave you a figure now, I would be willing to bet money that in 10 years’ time that cost will have multiplied grotesquely.” The figure he was referring to was the cost to CSPs. We think he would be betting on a certainty. Future developments are entirely unpredictable. It is impossible to foresee what new communications providers or forms of communication may emerge, perhaps from overseas, that will suddenly become a significant player and incur recoverable costs. We expect the overall cost to the taxpayer over the next decade to exceed £1.8 billion by a considerable margin.” (pages. 68 and 69)

“262. We are concerned that the Home Office’s cost estimates are not robust. They were prepared without consultation with the telecommunications industry on which they largely depend, and they project forward 10 years to a time where the communications landscape may be very different. Given successive governments’ poor records of bringing IT projects in on budget, and the general lack of detail about how the powers under the Bill will be used, there is a reasonable fear that this legislation will cost considerably more than the current estimates.” (p. 70)

2. They did not define the problem properly:

“36. We are of the strong view that the 25% data gap is an unhelpful and potentially misleading figure. There has not been a 25% degradation in the overall quantity of communications data available; in fact quite the opposite.” (p 16).

“40. It was not long into our inquiry that we began to question the utility of the 25% figure and we asked the Home Office to identify what specific data types are currently missing. After some months the Government agreed to tell us on a confidential basis that there were three main data types that they hoped the legislation would be used to make available. At that point they argued that these data types could not be publicly identified without risking exposing loop holes to criminals. This need for secrecy was one of the drivers for the very broad drafting of clause 1.” (p. 18)

“288. The Home Office has argued that there is a case for keeping clause 1 wide because there may be other data types that emerge from time to time which will be important to law enforcement but will not be routinely retained by CSPs for business purposes. We do not accept that this is a good reason to grant the Secretary of State such wide powers now. We do not think that Parliament should grant powers that are required only on the precautionary principle. There should be a current and pressing need for them.” (p 75)

3. They did not adequately consult with the Information Commissioner:

“206. We found it hard to understand how additional duties could be imposed on the Information Commissioner without first consulting him, asking him what duties he thought sensible and feasible, whether he would be able to comply with them, and what additional resources he might need to do so. We put this to Home Office officials on 24 October, and Charles Farr replied:

“The Information Commissioner had seen the draft clauses of the Bill which affected him in advance. He had a meeting with the Minister; he had three hours with Richard going through the detail of the legislation.”

207. As in the case of the consultation with the CSPs, which we discussed in the preceding chapter, this evidence appeared to contradict what the Information Commissioner had told us. Subsequently however the Home Office agreed that the reference to a “meeting” with the Minister was an error; this was in fact a phone call following the publication of the draft Bill. As to the draft clauses affecting him, the Information Commissioner has told us in a letter of 6 November that he asked on 23 May to see them in advance of a meeting on 31 May; his request was refused, and it was only at that meeting that he was given a copy of those clauses. He was sent a copy of the draft Bill the day before it was published.” (p. 55)

“What is clear to us is that the Government has chosen to include in a draft Bill which had a very long gestation a clause imposing on the Information Commissioner additional duties, and that prior to the publication of the Bill there was no consultation with him about those duties, about the information he would need to carry them out, about whether it would in fact be possible for him to undertake those duties, about whether he would need further powers, and about what extra resources he might need. If they hoped that, by inserting this clause in this way, they would be providing an additional safeguard which might allay concerns about the draft Bill, we can only say that they were mistaken.” (p. 55 / 56)

4. Failure to consult with CSPs:

“53. What is absolutely clear to us is that the regular meetings with EE and the other major CSPs would have been an unrivalled opportunity for the Home Office to discuss with them the evolving policy and content of the Bill, and to seek their input on the many matters where their technical and general expertise could have made a valuable contribution; and that this opportunity was not taken. The draft Bill is the poorer for it.” (p. 22)

“49. …On behalf of Facebook, Simon Milner said categorically: “We had no dialogue with the Home Office before the Bill was published…we were never asked [for input] and we never provided it.” Similarly, Colin Crowell for Twitter: “We had one conversation with the Home Office about two and a half weeks ago.51 So we, too, were contacted after the Bill had been published and had one phone conversation with them about it.” (p. 20 / 21)

“51. In the case of the overseas providers, Mr Farr told us that he had read their evidence “with a lot of interest”; what he told us was almost the opposite of what they said.” (p. 21)

“55. Mr Farr told us: “Parliament and others had a right to see the legislation before we discussed it in detail with overseas providers.” We do not accept this. Parliament has a right to see, on its introduction, a Bill which seeks to implement as fully and clearly as possible the Government’s policy, however controversial that policy may be. If the policy depends to a large extent on whether it can be implemented by a few major international corporations, not to consult them in the formulation of the detailed policy seems unwise. We note that the Intelligence and Security Committee has come to a similar conclusion.” (p. 22)

“57. The evidence we received shows that United Kingdom CSPs were not given any details about the possible content of notices before the draft Bill was published, overseas CSPs were not consulted about the draft Bill at all, nor was there any further public consultation.”  (p. 22)

“58. Before re-drafted legislation is introduced there should be a new round of consultation with technical experts, industry, law enforcement bodies, public authorities and civil liberties groups. This consultation should be on the basis of the narrower, more clearly defined set of proposals on definitions, narrower clause 1 powers and stronger safeguards which are recommended in this report. The United Kingdom and overseas CSPs should be given a clear understanding of the exact nature of the gap which the draft Bill aims to address so that those companies can be clear about why the legislation is necessary.” (p. 22)

5. The lack of a public consultation:

“56. The Home Office should not have assumed that a consultation paper published in April 2009 could justify publication of draft legislation three years later without further consultation with the public and with those most closely affected by its proposals.” (p. 22)