Advertisement

Spies Sacked Over Personal Information Breaches

Spies have been sacked for "inappropriately accessing personal information" held in bulk personal datasets, it has emerged.

The Intelligence and Security Committee's report into security and privacy - which began in July 2013 as a result of Edward Snowden's disclosures - reveals for the first time the existence of the bulk personal datasets.

These are "large databases containing personal information about a wide range of people" which are not subject to any legislation.

The Prime Minister said these datasets would be put on a statutory footing underneath the Regulation of Investigatory Powers Act 2000 (RIPA).

Intelligence and Security Committee spokeswoman MP Hazel Blears told Sky News that spies who illicitly access personal data gathered by intelligence agencies should face criminal charges.

When asked by Sky News for further details about why intelligence staff were sacked, Ms Blears replied: "I think we say in the report that these incidents have been extremely rare.

"We also recommend in our report that these matters should be a criminal offence because we regard this as extremely serious indeed.

"If you're trying to get public confidence around privacy then if someone breaches the rules then there ought to be severe sanctions for that kind of breach.

"We're not in a position today to give you the detailed information ... but I think the fact the committee recommends it be a criminal offence gives an indication of how seriously we take it."

The ISC report stated that GCHQ's bulk interception programme did not amount to "blanket surveillance, nor does it equate to indiscriminate surveillance".

It said that the report contained "an unprecedented amount of information about those capabilities".

However, much of the report was heavily redacted.

The amount of communications collected by GCHQ was not disclosed, nor was specific instances where bulk interception prevented threats to the UK.

The committee said thousands of private communications are read by GCHQ spies on a daily basis using bulk interception methods.

In a section of the report that is heavily redacted, the committee said it is "unavoidable that some innocent communications may have been incidentally collected".

The ISC said that laws governing the security services are "unnecessarily complicated and - crucially - lacks transparency".

It called for a single Act of Parliament to replace all current legislation.

The report also looked at GCHQ's efforts to break encrypted communications.

The report acknowledged the existence of a GCHQ programme dedicated to this task, although its name was redacted.

The ISC asked GCHQ whether this programme "exposed the public to greater risk", and could have a commercial impact on UK communications companies, undermining trust in digital services like secure banking.

The director of GCHQ Robert Hannigan said: "The risk, the point about large scale damage to the internet, I believe is wrong, it is misplaced."

GCHQ's computer network exploitations - hacking into others' computer systems - were also detailed, to an extent.

The number of GCHQ hacks was redacted. The report said: "The agencies may undertake IT operations against computers or networks in order to obtain intelligence."

It called for a specific authorisation regime for such attacks. Earlier this year, the Franco-Belgian SIM card manufacturer Gemalto said it believed it had been hacked either by GCHQ or the NSA.

Shami Chakrabarti, director of rights campaign group Liberty, said: "The ISC has repeatedly shown itself as a simple mouthpiece for the spooks - so clueless and ineffective that it's only thanks to Edward Snowden that it had the slightest clue of the agencies' antics."