MI5 makes 1,061 bugging errors

Security Service was responsible for 62% of wrong applications for communications data in 2010

More on privacy issues here.


Powered by Guardian.co.ukThis article titled “MI5 makes 1,061 bugging errors” was written by SA Mathieson, for theguardian.com on Friday 1st July 2011 15.16 UTC

MI5 wrongly collected subscriber data on 134 telephone numbers as a result of a software error, according to interception of communications commissioner Sir Paul Kennedy’s annual report.

A spreadsheet formatting error caused the service to apply for data on the identity of telephone numbers ending in 000, rather than the actual last three digits. “The subscriber data acquired had no connection or relevance to any investigation or operation being undertaken by the Security Service,” writes Kennedy.

He adds that the resulting material was destroyed, the formatting fault fixed and numbers are now checked manually before MI5 requests subscriber data from communications providers.

MI5 also acquired data on the histories of 927 internet protocol addresses without authorisation from a sufficiently senior officer, of GD3 rank or above. This was due to an “incorrect setting on the system used by the Security Service,” according to Kennedy, although the requests themselves were necessary and proportionate. MI5 has corrected the setting on its systems.

Overall, Kennedy reported that public authorities submitted 552,550 requests for communications data during 2010, and the number is increasing by about 5% a year. He could not give a precise reason for the growth, but said “it is indicative of the growth in communications technology,” with “certain police forces” increasing their use.

Nearly two-thirds of requests for communications data, about communications rather than contents, were for subscriber data. This was usually part of an attempt to find the owner of a mobile phone. About a quarter of requests were for traffic data.

Sir Peter Gibson, the intelligence services commissioner, also published his annual report. Having been granted powers under the Identity Cards Act to monitor use of the National Identity Register by intelligence services, he reported that he is “not aware of any acquisition, storage and use made” by such organisations before the register was destroyed earlier this year.

He collected statistics on the number of warrants and authorisations issued to the security and intelligence agencies or armed forces, but these have only been included in a confidential annex. He defended the secrecy by saying publication would “assist those unfriendly to the UK were they able to know the extent of the work” of those agencies.

This article is published by Guardian Professional. For weekly updates of news, debate and best practice on public sector IT, join the Government Computing Network here.

guardian.co.uk © Guardian News & Media Limited 2010

Published via the Guardian News Feed plugin for WordPress.