What do you do if a regulator has failed? Leave them unreformed and instead give them greater powers? That is the line Home Office Minister James Brokenshire is arguing.
The regulator in question is the Interception of Communications Commissioner and the powers relate to online monitoring. For the Draft Communications Data Bill would not only give the government far more scope to monitor what we do online, but Brokenshire also argues we should be reassured that a large part of these new powers would be monitored by that Commissioner.
However, take a look at the record and what you see is a failed regulator. Most damningly, in 2011 the New York Times published strong prima facie evidence that the current interception rules were being regularly and systematically broken, with journalists getting illegal access to the very data the Commissioner is meant to protect. The Commissioner’s response? To do nothing. No investigation, no action – not even a brief passing mention in his report on what happened in 2011.
And it gets worse, because this was not the first time such evidence has been presented. The Information Commissioner’s infamous 2006 report into phone hacking suggested it too, as did Nick Davies’s best selling 2008 book. As in 2011, the Commissioner’s response was the same: no action. Perhaps the illegal acts they all documented involved accessing data via means outside the Commissioner’s remit – but it doesn’t look like that on the face of it, and a good regulator would have investigated to check. Instead, three times the regulator failed to regulate.
Nor is this the exception. Reading through the Interception of Communications Commissioner’s annual reports to Parliament throws up frequent examples of possible problems not investigated.
The huge growth in the number of interceptions, reaching over half a million a year – way in excess of the few, carefully controlled cases expected when the legislation was originally passed – has not been closely analysed and investigated. Instead we get bland comments that despite causes unknown, it must all be OK.
No examination either of the pros or cons of the privatisation of large parts of the interception administration (to SinglePoint, before it went out of business): did it work, was it safe? Not asked. The list goes on, the message is the same – a regulator who didn’t ask the right questions.
So when James Brokenshire argues that new government powers will be carefully controlled by the Interception of Communications Commissioner, that isn’t a reason to be reassured. It is a reason to be deeply worried.