Bulk Data

Bulk data includes bulk personal datasets and bulk communications data, both of which are essential to MI5's investigations.

Bulk personal datasets

What are bulk personal datasets?

Bulk personal datasets are sets of personal information about a large number of individuals, the majority of whom will not be of any interest to MI5. The datasets are held on electronic systems for the purposes of analysis, although analysts will only actually look at the data relating to the minority who are of intelligence interest. Examples of these datasets include the electoral roll, telephone directories or travel-related data.

What are bulk personal datasets used for?

Bulk personal datasets are essential in helping MI5 identify subjects of interest or individuals who surface during the course of an investigation, to establish links between individuals and groups, to better understand a subject of interest's behaviour and connections, and to quickly exclude the innocent. In short, bulk personal datasets enable MI5 to join the dots in an investigation and to focus its attention on individuals or organisations that threaten national security. The analysis of bulk personal datasets is a critical part of our response to the increasingly complicated and challenging task of defending the UK's interests and protecting its citizens in a digital age.

What is the legal framework governing use of bulk personal datasets?

MI5 will generally rely upon the Security Service Act 1989 to authorise our acquisition of bulk personal datasets.  Under the Investigatory Powers Act 2016, retention and examination of these datasets must be authorised by way of a bulk personal dataset warrant which has been issued by a Secretary of State and approved by a Judicial Commissioner.  We will only acquire, retain and examine bulk personal datasets where it is necessary and proportionate to do so for the purposes of our statutory functions, including the protection of national security.  Bulk personal datasets are held in accordance with a range of safeguards specified within the Investigatory Powers Act, and our use of them is subject to regular audit and inspection by the Investigatory Powers Commissioner’s Office.

Bulk communications data acquisition

What is bulk communications data?

Bulk communications data is the "who", "where", "when", "how" and "with whom" of communications, but not what was written or said. It includes information such as the subscriber to a telephone service or an itemised bill. Public authorities such as MI5 and the police may acquire this data from a telecommunications operator.

What is bulk communications data used for?

Fast, secure access to bulk communications data is essential to MI5 in pursuing our investigations. It has played a part in every major counter-terrorism operation over the last decade. It's a fundamental investigative tool that the agencies use on a daily basis, enabling us to identify and investigate potential threats in complex and fast-moving investigations.

What is the legal framework governing use of bulk communications data?

Bulk communications data is acquired under Part 6 of the Investigatory Powers Act 2016. Under Part 6, MI5 may apply for a bulk acquisition warrant where it is necessary and proportionate to acquire the data in the interests of national security, for the purpose of preventing or detecting serious crime, or in the interests of the economic well-being of the United Kingdom so far as those interests are also relevant to the interests of national security. The warrant must include specified operational purposes for which the examination of the bulk communications data obtained under the warrant is or may be necessary.

A warrant will only be considered necessary in the interests of the economic well-being of the United Kingdom if the communications data to be obtained relates to the acts or intentions of persons outside the British Islands.