National security: certificate

Part of Data Protection Bill [Lords] – in a Public Bill Committee at 2:00 pm on 15 March 2018.

Alert me about debates like this

Photo of Victoria Atkins Victoria Atkins The Parliamentary Under-Secretary of State for the Home Department, Minister for Women 2:00, 15 March 2018

The Government fully accept that national security certificates should be capable of being subject to judicial oversight. Indeed, the current scheme—both under the 1998 Act and this Bill—provides for just that. However, the amendments would radically change the national security certificate regime, because they would replace the existing scheme with one that required a Minister of the Crown to apply to a judicial commissioner for a certificate if an exemption was sought for the purposes of safeguarding national security, and for a decision to issue a certificate to be approved by a judicial commissioner.

This, again, is the debate that we had when we were considering the Investigatory Powers Act 2016. There were some who would have preferred a judicial commissioner to make the decision about warrantry before the Secretary of State. However, Parliament decided that it was not comfortable with that, because it would have meant a great change. For a member of the judiciary to certify on national security issues, rather than a member of the Executive—namely the Prime Minister or a Secretary of State—would have great constitutional implications.

There were great debates about the issue and the House decided, in its wisdom, that it would maintain the constitutional tradition, which is that a member of the Executive has the ultimate responsibility for national security, with, of course, judicial oversight by judicial commissioners and by the various tribunals that all these powers are subject to. The House decided that the decision itself must be a matter for a Minister of the Crown, because in the event—God forbid—that there is a national security incident, the House will rightly and properly demand answers from the Government of the day. With the greatest respect, a judicial commissioner cannot come to the Dispatch Box to explain how the Government and those assisting them in national security matters have responded to that situation. That is why we have this fine constitutional balance, and why we have adopted in the Bill the regime that has been in place for 30 years.

We are keen to deal with the point about the Investigatory Powers Act and the obtaining of information. The nature of the conduct carried out in the case of an authorised warrant under the IPA is entirely different from the operation of the national security exemption and the use of national security certificates. Warrants authorise operational activity, which may have an impact on the right to respect for a private life when that is necessary and proportionate for a statutory purpose. They are about obtaining information, not processing it. In the context of the Bill, the application of an exemption would prevent an individual from ascertaining what personal data is being processed by a data controller.

The hon. Member for Sheffield, Heeley mentioned equipment interference, but there are other types of warrantry in the Investigatory Powers Act, such as for interception of communications. That is about the obtaining of information—that can be quite intrusive, which is why Parliament has placed a number of judicial and other oversights on it—but this Bill is about the processing of personal data. It is quite a different thing.

In the impact on the data subject, the national security exemption is similar in kind to the other exemptions in the Bill, which have been approved in the other place and in this Committee’s debates thus far.