MI5’s Use of Private Data Was ‘Illegal’
The safety service MI5 has controlled big amounts of private data in a “certainly illegal” way, a watchdog has said.
The Investigatory Controls Officer said this information collected under permits was kept too long and not kept securely.
Civil rights group Liberty said the breaches involved the “mass collection of data of innocent citizens”.
The high court heard MI5 knew about the topics in 2016 but kept them top-secret.
“MI5 have been holding on to people’s data – normal people’s data, your data, and my data – illegally for many years,” said Megan Goulding, a lawyer for Liberty, which brought the case.
“Not only that, they’ve been trying to keep their actually serious faults secrets – secret from the safety services watchdog, who’s supposed to know about them, secret from the Home Office, secret from the prime minister and secrets from the public.”
The disapproval of MI5 occurred in the High Court on Tuesday as Liberty challenged parts of the Investigatory Powers Act.
Under the act, MI5 can apply to judges for warrants to get data such as people’s location data, calls, messages and web browsing history.
But the act use safeguards about how all this data is stored and controlled. It is against the law to keep data when it is no lengthier needed, or to store it in a dangerous way.
MI5 had a “historical absence of compliance” with the law, said Lord Justice Sir Adrian Fulford, who supervises the safety service’s use of data as Investigatory Controls Officer.
In a ruling exposed for the duration of the court case, he said the safety service would be placed under greater scrutiny by judges when seeking warrants in future – which the commissioner compared to an unsuccessful school being placed in “superior measures”.
Liberty said the exposes meant that some of the warrants issued to MI5 may not have been legal, because the safety service knew over several years that it was not control data correctly but did not tell the judges.
The court heard that senior members of MI5 were alert three years ago that there were serious matters with the management of data.
MI5 informed the Home Office and Number 10 of the worries in April this year, but the commissioner said that they should have exposed them earlier.
Consultations between lawyers and clients were among the data incorrectly held by the safety service, Liberty said.
The security service has now occupied “instant and significant stages” to comply with the law, Home Secretary Sajid Javid has said.
Julian Milford, representing Mr. Javid and Foreign Secretary Jeremy Hunt, approved in court “the reality of serious compliance risks”.
But he said these precise problems were a “whole insignificance” to Liberty’s court case, which was challenging the legality of the whole system of data gathering created by the Investigatory Powers Act.