By Emilio DE CAPITANI
The Council of Europe’s, European Commission for Democracy Through Law (VENICE COMMISSION) during its 102nd Plenary Session (Venice, 20-21 March 2015) has updated its 2007 Report on the democratic Oversight of the security services and report on the democratic oversight of Signals Intelligence Agencies.
In a time where EU founding States such as France are discussing some very cotroversial rules on potential mass interception and the European Union is more and more attracted by the so called “intelligence led policing” the Venice Commission recommendations are particulary timely and worth reading.
Below the Executive Summary of the updated Venice Commission’s Report.
1. The scope of the study.
As a result of processes of globalization and of the creation of internet, internal and external security threats may not be easily distinguished anymore. Significant threats may come from non-state actors. Consequently, one of the most important developments in intelligence oversight in recent years has been that Signals Intelligence or SIGINT does not relate exclusively to military and external intelligence anymore, but also falls to some extent into the domain of internal security. Thus, signals intelligence now can involve monitoring “ordinary telecommunications” (it is “surveillance”) and it has a much greater potential of affecting individual human rights. Different states organize their signals intelligence function in different ways. The summary which follows discusses issues generally, and should not be seen as asserting that all states follow a particular model of signals intelligence, or regulate it in a particular way.
2. Is there a need for improved democratic control?
Strategic surveillance involves access both to internet and telecommunications content and to metadata (all data not part of the content of the communication). It begins with a task being given to the signals intelligence agency to gather intelligence on a phenomenon or a particular person or group. Very large quantities of content data, and metadata, are then collected in a variety of different ways. The bulk content is subjected to computer analysis with the help of “selectors”. These can relate to persons, language, key words concerning content (e.g. industrial products) and communication paths and other technical data.
3. Unlike “targeted” surveillance (covert collection of conversations by technical means (bugging), covert collection of the content of telecommunications and covert collection of metadata), strategic surveillance does not necessarily start with a suspicion against a particular person or persons. Signals intelligence aims to inform foreign policy generally and/or military/strategic security, not necessarily at investigating internal security threats. It has a proactive element, aiming at find or identify a danger rather than merely investigating a known threat. Herein lies both the value it can have for security operations, and the risks it can pose for individual rights.
4. Agencies engaged in signals intelligence tend to have the bulk of the intelligence budget, and produce most intelligence, but the systems of oversight over them have tended to be weaker. There are a variety of explanations for this.
First, it is argued that access to mere metadata does not seriously affect privacy, and nor does access to content data because this is done by computerized search programmes (“selectors”). However, metadata now can reveal much about private life, and the content selectors can be designed to collect information on specific human beings and groups.
Second, telecommunications used to be mainly by radio, with an ensuing lower level of privacy expectations; however, the vast bulk of telecommunications is now by fiber-optic cable.
Third, strategic surveillance being aimed at external communications, it was argued that it is the privacy of non-citizens or non-residents which is affected; however, leaving aside the issue of whether such a distinction is acceptable under the ECHR, for technical reasons there is an inevitable mixing of the internal and external communications, and an ensuing risk of circumvention of tougher domestic controls and oversight which might exist over “ordinary” surveillance. Fourthly, controls have been weaker on account of the technical complexity and rapid technological growth of the area. It should be borne in mind, however, that if this sector is left unregulated, it will be the intelligence agency itself instead of the legislature which carries out the necessary balancing of rights, with the risk of erring on the side of over-collecting intelligence. The fifth reason is that various factors – too rapid growth in the size of a signals intelligence agency, rapid growth in technology, loss in institutional memory, political pressure to secure quick results – may adversely impact the integrity and professionalism of the staff. Finally, signals intelligence is an international cooperative network, which creates specific oversight problems.
5. Strategic surveillance is not necessarily “mass” surveillance but can be when bulk data is collected and the thresholds for accessing that data are set low. Signals intelligence agencies tend to possess much more powerful computing facilities and thus have a greater potential to affect privacy and other human rights. They thus need proper regulation in a Rechtsstaat.
The collection of signals intelligence may legitimately take place on the territory of another state with its consent, but might still fall under the jurisdiction of the collecting state from the view point of human rights obligations under the ECHR. At any rate, the processing, analysis and communication of this material clearly falls under the jurisdiction of the collecting State and is governed by both national law and the applicable human rights standards. There may be competition or even incompatibility between obligations imposed on telecommunications companies by the collecting state and data protection obligations in the territorial state; minimum international standards on privacy protection appear all the more necessary.
7. Accountability. Organization.
Signals intelligence is expensive and requires sophisticated technical competence. Hence, while all developed states nowadays require a defensive function – cyber security – only some have an offensive signals intelligence capacity, either in the form of a specialist signals intelligence agency or by allocating a signals intelligence task to the external intelligence agency.
8. Form of the mandate.
Most democratic states have placed at least part of the mandate of the signals intelligence function in primary legislation, as required by the ECHR. More detailed norms or guidelines are normally set out in subordinate legislation promulgated either by the executive (and made public) or by the Head of the relevant agency (and kept secret). There may be issues of quality of the law (foreseeability etc) in this respect.
9. Content of the mandate.
The mandate of a signals intelligence agency may be drafted in very broad terms to allow collection of data concerning “relevant” “foreign intelligence” or data of “relevance” to the investigation of terrorism. Such broad mandates increase the risk of over-collection of intelligence. If the supporting documentation is inadequate, oversight becomes very difficult.
10. Collection of intelligence for “the economic well-being of the nation” may result in economic espionage. Strategic surveillance however is useful in at least three areas of business activity: proliferation of weapons of mass destruction (and violation of export control conditions generally), circumvention of UN/EU sanctions and major money laundering. A clear prohibition of economic espionage buttressed by strong oversight and the prohibition for the intelligence agencies to be tasked by the government departments or administrative agencies involved in promoting trade would be useful prevention mechanisms.
11. Bulk transfers of data between states occur frequently.
In order to avoid circumvention of rules on domestic intelligence gathering, it would be useful to provide that the bulk material transferred can only be searched if all the material requirements of a national search are fulfilled, and this is duly authorized in the same way as searches of bulk material obtained through national searches.
12. Government control and tasking.
Taskers depend on the nature of the intelligence sought (diplomatic, economic, military and domestic). Taskers should not be regarded as external controls.
13. Network accountability.
Due to their different geographical location and to the nature of internet, states frequently collect data which is of interest to other states or have access to different parts of the same message. The links between allied states as regards signals intelligence may be very strong. The “third party” or “originator rule” may thus be a serious obstacle to oversight and should not be applied to oversight bodies.
14. Accountability and the case law of the European Court of Human Rights.
The ECHR consists of minimum standards, and it is only a point of departure for European States, which should aim to provide more extensive guarantees. The European Court of Human Rights has not defined national security but has gradually clarified the legitimate scope of this term. In its case-law on secret measures of surveillance, it has developed the following minimum safeguards to be set out in statute law in order to avoid abuses of power: the nature of the offences which may give rise to an interception order; definition of the categories of people liable to have their telephones tapped, a limit on the duration of telephone tapping; the procedure to be followed for examining, using and storing the data obtained; the precautions to be taken when communicating the data to other parties; and the circumstances in which recordings may or must be erased or the tapes destroyed.
15. The Court’s case law on strategic surveillance is so far very limited, although there is also national case law and oversight bodies practice based on the ECHR. Several of the standards related to ordinary surveillance have to be adapted to make them apply to strategic surveillance. The first safeguard (applicable only to states which allow the use of signals intelligence to investigate crimes) is that the offences which may be investigated through signals intelligence should be enumerated, and thus provision should be made for the destruction of data which might incidentally be gathered on other offences. The exception of transferring data to law enforcement should be narrowly defined and subject to oversight.
16. Another safeguard is a definition of the categories of people liable to have their communications intercepted. The power to contact chain (i.e. identify people in contact with each other) should be framed narrowly contact chaining of metadata should normally only be possible for people suspected of actual involvement in particularly seriously offences, such as terrorism. If the legislature nonetheless considers that such a widely framed contact-chaining power is necessary, then this must be subject to procedural controls and strong oversight.
17. As regards searches of content data, there are particular privacy implications when a decision is being considered to use a selector which is attributable to a natural person (e.g. his or her name, nickname, email address, physical address etc.). Strengthened justification requirements and procedural safeguards should apply, such as the involvement of a privacy advocate. The safeguard is also relevant as regards subsequent decisions to transfer intelligence obtained by strategic surveillance to internal security agencies, to law enforcement or to foreign services.
18. Interception of privileged communications by means of signals intelligence is particularly problematic as is use of signals intelligence against journalists in order to identify their sources. Methods must be devised to provide lawyers and other privileged communicants and journalists with some form of protection, such as requiring a high, or very high, threshold before approving signals intelligence operations against them, combined with procedural safeguards and strong external oversight.
19. The safeguard of setting out time limits is not as meaningful for strategic surveillance as it is for ordinary surveillance. Periods of surveillance tend to be long, and continually renewed. Retention periods also tend to be long: data originally thought to be irrelevant may, as a result of new data, come to be seen as relevant. Provision could be made for a requirement to make periodic internal reviews of the (continued) need to retain the data. To be meaningful, such a duty must be backed up by external oversight.
20. Two very significant stages in the signals intelligence process where safeguards must apply are the authorization and follow-up (oversight) processes. That the latter must be performed by an independent, external body is clear from the ECtHR’s case law. The question which arises here is whether even the authorization process should be independent.
21. Internal and governmental controls as part of overall accountability systems. For a number of reasons, It has been particularly tempting to rely primarily on internal controls in the area of strategic surveillance, but they are insufficient. Generally speaking, external oversight over signals intelligence needs to be strengthened considerably.
22. Parliamentary accountability.
There are a number of reasons why parliamentary supervision of strategic surveillance is problematic. First, the technical sophistication of signals intelligence makes it difficult for parliamentarians to supervise without the aid of technical experts. Second, the general problem of parliamentarians finding sufficient time for oversight along with all their other duties is particularly acute as regards strategic surveillance, where for controlling the dynamic process of refining the selectors (as opposed to a post-hoc scrutiny), some form of standing body is necessary. Thirdly, the high degree of network cooperation between certain signals intelligence agencies means an added reluctance to admit in parliamentary oversight, which can thus affect not simply one’s own agencies, but also those of one’s allies. In some states the doctrine of parliamentary privilege means that parliamentary committees cannot be security-screened, adding to an already-existing fear of leaks. The other, crucial, factor is that strategic surveillance involves an interference with individual rights. Supervision of such measures has traditionally been a matter for the judiciary. The constitutional principle of separation of powers can make it problematic for a parliamentary body to play such a quasi-judicial role.
23. A decision to use particular selectors, resembles, at least in some ways, a decision to authorize targeted surveillance. As such, it can be taken by a judicial body. As the decision involves considerable policy elements, knowledge of intelligence techniques and foreign policy are also desirable. Finding a group of people who combine all three types of competence is not easy, even for a large state. Thus, it is easier to create a hybrid body of judges and other experts. As regards follow-up (oversight) it is necessary to oversee decisions made by automated systems for deleting irrelevant data, as well as decisions by human analysts to keep the personal information collected, and to transfer it to other domestic and foreign agencies. This type of oversight is of a “data protection” character, most suitably assigned to an independent, expert administrative body. Neither of these types of decision is “political” in nature. What, by contrast, is more “political” is the prior decision taken, that somebody, or something, is of sufficient importance to national security to need intelligence about. This is the type of decision which would benefit from a (closed) discussion in a political body, where different spectrums of opinion are represented. Another type of policy-oriented issue is deciding the general rules regarding who, and under what circumstances, signals intelligence can be exchanged with other signals intelligence organisations. A third is making a general evaluation of the overall effectiveness and efficacy of signals intelligence measures. A fourth role for a political body is to engage in a continuous dialogue with whatever expert oversight body is established.
24. Judicial authorization.
A system of authorization needs to be complemented by some form of follow-up control that conditions are being complied with. This is necessary both because the process of refining selectors is dynamic and highly technical and because judges do not tend to see the results of the signals intelligence operations as these seldom lead to prosecutions. Thus the safeguards applying to a subsequent criminal trial do not become applicable.
25. Accountability to expert bodies.
The boundary line between parliamentary, judicial, and expert bodies is not hard and fast; in some states, oversight bodies are a mixture of the three. Expert bodies have a particular role to play in ensuring that signals intelligence agencies comply with high standards of data protection.
26. Complaints mechanisms.
Under the ECHR, a state must provide an individual with an effective remedy for an alleged violation of his or her rights. Notification that one has been subject to strategic surveillance is not an absolute requirement of Article 8 ECHR. If a state has a general complaints procedure to an independent oversight body, this can compensate for non-notification. There are certain requirements before a remedy can be seen as effective.
27. Concluding remarks.
States should not be content with the minimum standards of the ECHR. Signals intelligence has a very large potential for infringing the right to private life and other human rights. It can be regulated in a lax fashion, meaning that large numbers of people are caught up in a trawl and intelligence on them is retained, or relatively tightly, meaning that the actual infringement with private life and other human rights is kept down. The Swedish and German models have definite advantages over the other models studied from this perspective. In any event it is necessary to regulate the main elements in statute form and to provide for strong mechanisms of oversight. The national legislature must be given a proper opportunity to understand the area and draw the necessary balances.