The bulk personal datasets collected by British intelligence agencies is reminiscent of dark days and dark regimes, Yair Cohen, of the London-based law firm Cohen Davis Solicitors.
The documents cover a ten-year-long period between 2005 and 2015. According to the documents, which Yair Cohen had accessed, the data was largely obtained through third-party voluntary suppliers.
It appears that the vast majority of the data was being supplied on a voluntary by organisations that used to the handling of vast amount of communication such as Internet service providers. The information came about after a human rights watchdog, Privacy International, has obtained a cache of documents which shed light on UK’s controversial bulk personal datasets or BPDs.
The data was analysed by solicitor Yair Cohen who considered that the bulk personal datasets are in fact collections of personal data of people, most of had never presented any particular interest for intelligence services and have never paused any risk to the national security.
The existence of the data has been kept in secret for years, and little was known about the methods by which the intelligence services sources the data or handled it afterwards Recently, in response to a legal challenge filed by Privacy International last year, a newly released documents of the UK Government Communications Headquarters include a vast range of details on internal policies and procedures regarding the bulk collection of data by the security services have shed light on the processes and procedure for the collection and retention of personal data.
The documents cover a ten-year-long period between 2005 and 2015. According to the documents, which Yair Cohen had accessed, the data was largely obtained through third-party voluntary suppliers. The key categories included information on individual’s biography, travels, finances and communications. It appears that the vast majority of the data collected was collected without obtaining court orders and without any judicial supervision.
Some of the information disclosed shows how loose the requirements have been to collect personal data, including confidential data and conversations between journalists and their sources and even more significantly communications between lawyers and their clients. What was in fact disclosed, which is the basis for concluding how serious the breaches of confidential data were, were policy documents (as opposed to the data itself) that show us what was required from a junior member of the security in order to be permitted to collect and access such data.