Joint Committee on the Draft Communications Data Bill

In May 2012 a motion in the Lords was agreed that a Joint Committee on the Draft Communications Data Bill should consider and and report on the draft Bill by 30 November 2012.[1] The 12 member select committee was chaired by Lord Blencathra.[2]

Commons MPs sitting on the committee were Julian Huppert MP, Nicholas Brown MP, Michael Ellis MP, Stephen Mosley MP, Craig Whittaker MP, David Wright MP.[3] Lords were Lord Blencathra (chair), Lord Strasburger, Lord Armstrong of Ilminster, Baroness Cohen of Pimlico, Lord Faulks, Lord Jones[4] (See committee website.)

The committee ceased to exist after the report was finalised at the end of November 2012.


The final report was published on Tuesday 11th of December 2012.[5] Available online as HTML or PDF.

Written evidence is available as written_evidence_Volume.pdf. Oral evidence is available as Oral_Evidence_Volume.pdf.

Summary of recommendations


  • It is the duty of government—any government—to maintain the safety and security
  • For this the law enforcement authorities should be given the tools they need.
  • Reasonable access to some communications data is undoubtedly one of those tools.


  • Government also has a duty to respect the right of law-abiding citizens to privacy


  • These duties have the potential to conflict.
  • Where and how the balance should be struck between these conflicting duties in a mature Parliamentary democracy Parliament has to decide; indeed perhaps only Parliament can in the end decide.


  • Our overall conclusion is that there is a case for legislation which will provide the law enforcement authorities with some further access to communications data, but that the current draft Bill is too sweeping, and goes further than it need or should.
  • We believe that, with the benefit of fuller consultation with CSPs than has so far taken place, the Government will be able to devise a more proportionate measure than the present draft Bill, which would achieve most of what they really need, would encroach less upon privacy, would be more acceptable to the CSPs, and would cost the taxpayer less.


  • Part of the data gap is down to a lack of ability on behalf of law enforcement agencies to make effective use of the data that is available. Addressing this should be a priority.


  • Before re-drafted legislation is introduced there should be a new round of consultation with technical experts, industry, law enforcement bodies, public authorities and civil liberties groups.
  • on the basis of the narrower, more clearly defined set of proposals on definitions, narrower clause 1 powers and stronger safeguards which are recommended in this report.
  • CSPs should be given a clear understanding of the exact nature of the gap which the draft Bill aims to address so that those companies can be clear about why the legislation is necessary.


  • [CPSs should] be told what obligations might be imposed on them


  • Meaningful consultation can take place only once there is clarity as to the real aims of the Home Office, and clarity as to the expected use of the powers under the Bill.


  • The Home Office has however made clear that it does not currently need the power under this legislation to require other types of data be retained, and does not for the present intend to issue notices going more widely (except to CSPs which are not covered by the EU Data Retention Directive, which might be asked under this legislation to retain for 12 months data which they already create for business purposes). Clause 1 therefore should be re-drafted with a much narrower scope,


  • We do not think that Parliament should grant powers that are required only on the precautionary principle. There should be a current and pressing need for them.


  • Parliament and government both need to accept that legislation that covers the internet and other modern technologies may need revisiting and updating regularly.


  • Whether clause 1 should allow notices that require CSPs to retain web logs up to the first “/” is a key issue. The Bill should be so drafted as to enable Parliament to address and determine this fundamental question which is at the heart of this legislation.


  • We acknowledge that storing web log data, however securely, carries the possible risk that it may be hacked into or may fall accidentally into the wrong hands, and that, if this were to happen, potentially damaging inferences about people’s interests or activities could be drawn.
  • Parliament will have to decide where the balance between these opposing considerations should be struck.


  • The Home Office has also given a commitment that no CSP will be asked to store or decrypt encrypted third party data. These commitments should be given statutory force.


  • The Request Filter will speed up complex inquiries and will minimise collateral intrusion. These are important benefits. On the other hand the Request Filter introduces new risks, most obviously the temptation to go on “fishing expeditions”. New safeguards should be introduced to minimise these risks.


  • Any public authorities which make a convincing business case for having access to communications data should, like the six we have specified in paragraph 25, be listed on the face of the Bill.


  • The House of Lords Delegated Powers and Regulatory Reform Committee recommended that any additions to this list should require primary legislation. We agree. Clause 9(7), which allows the Secretary of State to add further permitted purposes by order, should be deleted.


  • we recommend that the Government should consult on whether all the permitted purposes are really necessary.


  • The language of RIPA is out of date and should not be used as the basis of new legislation. The Bill should be re-drafted with new definitions of communications data.
  • The challenge will lie in creating definitions that will stand the test of time.
  • There should be an urgent consultation with industry on changing the definitions and making them relevant to the year 2012.


  • A new definition of subscriber data is needed that simply covers the basic subscriber checks that are the most commonly used.
  • How to define subscriber data should be a key element of the consultation,


  • A new hierarchy of data types needs to be developed. Data should be divided into categories that reflect how intrusive each type of data is.


  • It is imperative that everything is done to make clear that content cannot be requested under the provisions of this legislation. Content is not defined in the draft Bill.
  • it is nevertheless important that the content should be expressly excluded from all categories of communications data.


  • The SPoC process should be enshrined in primary legislation. A specialist centralised SPoC service should be established modelled on the National Anti-Fraud Network service which currently offers SPoC expertise to local authorities.
  • This new service should be established by statute, and all local authorities and other infrequent users of communications data should be required to obtain advice from this service.


  • The IoCC should carry out a full review of each of the large users of communications data every year.
  • For this the IoCC will need substantial additional resources, both as to numbers and as to technical expertise. There should be full consultation with him on this. His role should be given more publicity.


  • The IoCC’s brief should explicitly cover the need to provide advice and guidance on proportionality and necessity, and there should be rigorous testing of, and reporting on, the proportionality and necessity of requests made.


  • The IoCC will need the necessary expertise properly to examine the operation of the Request Filter.
  • He will have to report on the scale of searches via the Request Filter and rigorously test the necessity and proportionality of requests put to the Filter.


  • Work should be done to rationalise the number of commissioners with responsibility for different areas of surveillance.


  • The Bill should provide for wilful or reckless misuse of communications data to be a specific offence punishable in appropriate cases by imprisonment.


  • We are concerned that the Home Office’s cost estimates are not robust. They were prepared without consultation with the telecommunications industry on which they largely depend, and they project forward 10 years to a time where the communications landscape may be very different.

Committee meetings and evidence

scheduled events


Public consultation

Deadline for the public call for evidence was 23rd August 2012. Written evidence has been collected into a 447 page document Communications Data formatted written evidence.pdf

Publicly published submissions:

Responses to the report

See also Communications Data Bill/Media



  1. Communications Data Bill - Motion to Agree, Hansard, 2012-05-29
  2. Communications Data Bill: Need to know, 2012-05-28, "a separate, cross parliamentary committee of 12 under Lord Blencathra will also review the bill"