Last week, Computer Weekly published my article headlined ‘MI5 staff repeatedly overrode data surveillance rules’. This was one of several interesting stories contained within the documents released by Privacy International in late July which I rounded up in the article, another being specific statements by GCHQ, MI5 and SIS (or MI6) in witness statements that they do not retain bulk personal datasets of medical records, from the NHS or anywhere else.
Tweeting this attracted a fair bit of attention, including some querying the careful language quoted in the article. Given the interest, here are the sections regarding medical records from each of the three agencies, all from this document which contains the three witness statements. By bulk personal datasets (BPDs), the agencies mean untargeted data covering a lot of people, most of whom will be innocent – the haystack rather than just the needles.
GCHQ: “We hold no BPDs consisting of medical records, whether sourced from the NHS or other health providers; information which relates to medical condition can however appear in a BPD e.g. travel. some people may include information regarding medical conditions in booking data or in their passports.” Paragraph 24 of GCHQ witness statement, page 5 of PDF
MI5/Security Service: “In relation to medical data, I am able to confirm that MI5 does not currently hold, and has never held, a BPD of medical records. However, and as our forms for the acquisition of BPD recognise (see the foregoing paragraph), it is possible that data relating to medical conditions may appear in BPDs.” Paragraph 52 of MI5 witness statement, page 47 of PDF
NB. The previous paragraph to this one discusses the extra restrictions around collecting bulk personal data that includes “financial, medical, religious, journalistic, political, legal” information.
MI6/Secret Intelligence Service: “A statement has been made by the Claimants in relation to medical data. I refer to the statement made by the Minister John Hayes on 26 April 2016:
” ‘I am prepared in this specific instanace to confirm that the security and intelligence agencies do not hold a bulk personal dataset of medical records. Furthermore, I cannot currently conceive of a situation where, for example, obtaining all NHS records would be either necessary or proportionate.’
“SIS can confirm that it does not currently hold, and has never held, a bulk personal dataset of medical records, whether sourced from the UK or overseas healthcare providers, including the NHS. Occasionally, information which relates to health or medical conditions will appear in bulk personal datasets, for example the requirement for a braille passport.”
Paragraph 12 of SIS witness statement, page 71 of PDF; John Hayes’ statement was made to the public bill committee looking at the investigatory powers bill, recorded in Hansard
Reading through the witness statements there are plenty of examples of neither-confirming-nor-denying from the agencies – if they want to dodge a question they do, in other words – but on medical records the agencies have provided clear denials from senior if unnamed staff in legally-binding witness statements.
The fact that they all say they hold some medical data in other datasets (such as the braille passports example given by SIS) sounds like legal caution rather than an opportunity to hold medical records under another label; and the agencies anyway are clearly more interested in communications, travel, finance and policing records (which are much more likely to help identify terrorists than medical data). But make up your own mind.