Bulk data | MI5 - The Security Service

The use of bulk data

Bulk data includes bulk personal datasets and bulk communications data, both of which are essential to MI5's investigations.

What are bulk personal datasets?

Bulk personal datasets are collections of personal information about a large number of people, most of whom will be of no interest to MI5. The datasets are held and analysed on secure electronic systems, although analysts will only look at the data relating to the minority who are of intelligence interest. Examples of these datasets include the electoral roll, telephone directories or travel-related data.

What are bulk personal datasets used for?

Bulk personal datasets are essential in helping MI5 identify subjects of interest or individuals who surface during the course of an investigation. They help us to establish links between individuals and groups, to better understand a subject of interest's behaviour and connections, and to quickly exclude anyone who is not of investigative interest. In short, bulk personal datasets enable MI5 to join the dots in an investigation and to focus our attention on individuals or organisations that threaten national security. The analysis of bulk personal datasets is a critical part of our response to the increasingly complicated and challenging task of defending the UK's interests and protecting our citizens in a digital age.

What is the legal framework governing use of bulk personal datasets?

MI5 will generally rely upon the Security Service Act 1989 to authorise our acquisition of bulk personal datasets. Under the Investigatory Powers Act, retention and examination of these datasets must be authorised by a warrant issued by a Secretary of State and approved by an independent judge. We will only acquire, retain and examine bulk personal datasets where it is necessary and proportionate to do so for the purposes of our statutory functions, including the protection of national security. Bulk personal datasets are held in accordance with a range of safeguards specified within the Investigatory Powers Act, and our use of them is subject to regular audit and inspection by the Investigatory Powers Commissioner’s Office.

Bulk communications data acquisition

What is bulk communications data?

Bulk communications data is the "who", "where", "when", "how" and "with whom" of communications, but not what was written or said. It includes information such as the subscriber to a telephone service or an itemised bill. Public authorities such as MI5 and the police may acquire this data from a telecommunications operator.

What is bulk communications data used for?

Fast, secure access to bulk communications data is essential to our investigations and has played a part in every major counter-terrorism operation over the last decade. It's a fundamental investigative tool that the UK’s intelligence agencies use on a daily basis, enabling us to identify and investigate potential threats in complex and fast-moving investigations.

What is the legal framework governing use of bulk communications data?

Bulk communications data is acquired under the Investigatory Powers Act. MI5 may apply for a bulk acquisition warrant where it is necessary and proportionate to acquire the data in support of our statutory functions. The warrant must include specified operational purposes for which the examination of the bulk communications data obtained under the warrant is or may be necessary.

A warrant will only be considered necessary in the interests of the economic well-being of the United Kingdom if the communications data to be obtained relates to the acts or intentions of persons outside the British Islands.