Protection of Official Data Report
Total Page:16
File Type:pdf, Size:1020Kb
Protection of Official Data Report HC 716 Law Com No 395 Law Com No 395 Protection of Official Data Report Presented to Parliament pursuant to section 3(2) of the Law Commissions Act 1965 Ordered by the House of Commons to be printed on 1st September 2020 HC 716 © Crown copyright 2020 This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3. Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned. This publication is available at www.lawcom.gov.uk. Any enquiries regarding this publication should be sent to us at [email protected] ISBN 978-1-5286-2113-7 CCS0820043516 09/20 Printed on paper containing 75% recycled fibre content minimum Printed in the UK by the APS Group on behalf of the Controller of Her Majesty’s Stationery Office I The Law Commission The Law Commission was set up by the Law Commissions Act 1965 for the purpose of promoting the reform of the law. The Law Commissioners are: The Right Honourable Lord Justice Green, Chairman Professor Sarah Green Professor Nick Hopkins Professor Penney Lewis Nicholas Paines QC The Chief Executive of the Law Commission is Phil Golding. The Law Commission is located at 1st Floor, Tower, 52 Queen Anne's Gate, London SW1H 9AG. The terms of this report were agreed on 1st July 2020. The text of this report is available on the Law Commission's website at http://www.lawcom.gov.uk. ii Contents PAGE CHAPTER 1: INTRODUCTION 1 The genesis of this report 2 The terms of reference 2 The consultation 3 Classified evidence 5 The Report 6 Part I: Espionage offences 6 Part II: Unauthorised disclosure offences 7 Part III: Public interest disclosures 7 Acknowledgements 8 CHAPTER 2: THE OFFICIAL SECRETS ACTS 1911-1939 AND THE CRIMINAL LAW’S RESPONSE TO ESPIONAGE 11 Introduction 11 Historical overview 11 The Official Secrets Act 1911 11 Official Secrets Act 1920 12 Official Secrets Act 1939 13 Summary of current law and examples 13 Espionage by trespass/proximity 13 Examples of current law 14 Espionage by information gathering/communication 15 Example 16 Other criminal offences protecting sensitive sites 16 The Criminal Law’s protection against cyber espionage 17 Unauthorised access to computer material 17 Example 1 18 Example 2 18 Unauthorised access with intent to commit/facilitate further offences 18 Example 19 Unauthorised acts with intent to impair or recklessness as to impairment of a computer 19 Example 20 Impairing a computer such as to cause serious damage 20 Example 22 Ensuring computer networks are adequately protected 22 iii CHAPTER 3: THE OFFICIAL SECRETS ACTS 1911-1939: RECOMMENDATIONS FOR REFORM 24 Introduction 24 A new statute 24 Replacing the Official Secrets Acts 1911-1939 with a new statute 24 Recommendation 1. 25 Problems with the current law 25 Replacing “enemy” with “foreign power” 25 Recommendation 2. 31 Replacing “safety or interests of the state” with “national security” 31 Recommendation 3. 33 The fault element: purpose prejudicial 33 Recommendation 4. 35 The fault element: benefit to a foreign power (“useful to an enemy”) 35 Recommendation 5. 38 The list of prohibited places 38 Recommendation 6. 41 Archaic language to be reformed and elements to be retained 41 Recommendation 7. 45 Reverse burdens of proof 45 Recommendation 8. 47 Redundant provisions 47 Recommendation 9. 49 Extraterritoriality 50 Example 53 Recommendation 10. 53 CHAPTER 4: THE OFFICIAL SECRETS ACT 1989 AND THE REQUIREMENT TO PROVE DAMAGE 56 Introduction 56 The background to the Official Secrets Act 1989 56 The requirement to prove damage 57 Classified evidence 65 Analysis 66 Consultation question 6 67 Provisional conclusion 10 71 Analysis 72 Recommendation 11. 74 CHAPTER 5: OTHER REFORMS TO THE OFFICIAL SECRETS ACT 1989 75 Introduction 75 Liability for the security and intelligence agencies 75 Provisional conclusion 11 76 Consultation responses 77 Analysis 78 Recommendation 12. 79 iv Reform of the notification process and the definition of “member of the security and intelligence agencies” 79 Provisional conclusion 12 79 Consultation question 7 80 Consultation responses 81 Analysis 83 Recommendation 13. 84 Sentencing 85 Provisional conclusion 13 85 Consultation responses 86 Classified evidence 88 Analysis 88 Recommendation 14. 90 Access to legal advice 90 Consultation responses 92 Classified evidence 94 Analysis 95 Recommendation 15. 102 Recommendation 16. 104 Recommendation 17. 105 Prior publication 105 Provisional conclusion 15 106 Consultation responses 106 Analysis 109 Recommendation 18. 111 Categories of protected information 111 Consultation question 8 111 Consultation responses 111 Analysis 113 Recommendation 19. 114 Sensitive economic information 114 Consultation responses 114 Analysis 118 Recommendation 20. 118 Extraterritoriality 118 Provisional conclusion 16 119 Consultation responses 119 Classified evidence 120 Analysis 121 Recommendation 21. 122 Optimal legislative vehicle for reform 122 Provisional conclusion 17 122 Consultation responses 122 Analysis 123 v CHAPTER 6: MISCELLANEOUS UNAUTHORISED DISCLOSURE OFFENCES 124 Introduction 124 Data sharing between public bodies 124 Unauthorised disclosure offences and the protection of official data 125 Consultation question 10 126 Consultation responses 126 Analysis 128 Recommendation 22. 130 Section 55 of the Data Protection Act 1998 / section 170 of the Data Protection Act 2018 130 Consultation question 11 131 Consultation responses 131 Analysis 133 Recommendation 23. 134 National security disclosure offences 134 Consultation question 12 134 Consultation responses 134 Analysis 135 Recommendation 24. 136 CHAPTER 7: PROCEDURAL MATTERS RELATING TO INVESTIGATION AND TRIAL 137 Introduction 137 The Protocol 137 Background to the Protocol 138 The seven-step process 139 Provisional conclusion 18 141 Consultation questions 13 and 14 141 Consultation responses 142 Analysis 144 Recommendation 25. 146 Recommendation 26. 147 Recommendation 27. 147 Recommendation 28. 147 The ability to exclude members of the public from the court during proceedings 147 Provisional conclusion 19 149 Consultation responses 149 Analysis 151 Recommendation 29. 152 Jury Checks 152 Provisional conclusion 20 155 Consultation responses 155 Analysis 156 Recommendation 30. 156 vi Issues that apply more generally to criminal trials in which sensitive information may be disclosed 156 Provisional conclusion 21 158 Consultation responses 159 Analysis 160 Recommendation 31. 160 CHAPTER 8: AN INTRODUCTION TO PUBLIC INTEREST DISCLOSURE 162 Introduction 162 The structure of this part of the report 163 Our approach in the consultation paper to the statutory commissioner 164 The Civil Service Commission 164 Existing external mechanisms 168 Proposals for a statutory commissioner 169 Our approach in the consultation paper to the public interest defence 173 Responses of a general nature 173 Insufficient attention to the benefits of a public interest defence 174 Trust and loyalty of civil servants 177 Risk to others and national security 179 A public interest defence would create legal uncertainty 182 A public interest defence might “open the floodgates” 185 Open justice 187 Conclusion 188 CHAPTER 9: ARTICLE 10 OF THE EUROPEAN CONVENTION ON HUMAN RIGHTS 190 Introduction 190 Article 10 – an overview 191 What does compliance with Article 10 require? 192 Is the interference prescribed by law? 193 Does the interference pursue a legitimate aim? 193 Is the interference necessary in a democratic society? 194 Article 10 and public servants 196 Duty of discretion 196 Effective means of remedying the wrongdoing 198 How would Shayler be decided today? 199 Summary of the judgment 200 How would the case be decided today? 205 Article 10 and the media 206 The offences applicable to journalists 211 Consultation responses 212 Does Article 10 mandate a public interest defence? 214 Consultation responses 214 Conclusion 222 vii CHAPTER 10: RECOMMENDATIONS FOR AN EFFECTIVE INVESTIGATIVE MECHANISM 225 The statutory commissioner and consultation responses 225 The Investigatory Powers Commissioner’s Office (“IPCO”) 226 What would the statutory commissioner model look like? 227 Who can make disclosure to the Statutory Commissioner? 227 Evidence requirement 228 The SC’s duty upon receiving a complaint 229 Outcome of investigation 230 Time-sensitive complaints 234 Conflicts of interest 235 Appeals process 235 The statutory commissioner and its relation to the public interest defence 237 Injunctions and prior restraint 238 What is an injunction? 238 The liability of third parties 239 The purpose of injunctions 239 Injunctions and the use of the SC 240 Conclusion 242 Recommendation 32. 244 CHAPTER 11: PUBLIC INTEREST DEFENCE 245 Introduction 245 Our Consultation Paper 245 Our recommendation for a public interest defence 245 Why is a public interest defence desirable? 246 What is distinctive about a public interest defence? 248 A true public interest defence 249 Is it necessary to have different defences for different categories of defendant? 250 Burden of proof 250 Compliance with Article 6(2) 252 Public interest and the method of disclosure 254 Alternative models 255 A subject-matter approach 256 A broader, two-fold approach 257 A public interest defence for journalists 259 Conclusion 261 Recommendation 33. 261 CHAPTER 12: RECOMMENDATIONS 262 Recommendation 1. 262 viii Recommendation 2. 262 Recommendation