Equipment interference, also known as computer network exploitation (CNE), allows MI5 to interfere with electronic "equipment". This includes computers, computer media (such as CDs or USB sticks) and smartphones for the purpose of obtaining communications or other information. Equipment interference encompasses a range of activity, from remote access to computers and other electronic equipment to covertly downloading the contents of a mobile phone or storage media during a search.
Where necessary and proportionate, MI5 needs to be able to access communications or other information held on computers or other equipment in order to gain valuable intelligence in national security investigations. Equipment interference plays an important role in making up for the loss of intelligence that may no longer be obtained through other techniques, such as interception, as a result of sophisticated encryption. It can sometimes be the only method by which we can acquire the data.
MI5's use of equipment interference is currently provided for under general property interference powers in the Intelligence Services Act 1994. A draft Code of Practice was published earlier this year and governs the use of equipment interference by MI5.
The Investigatory Powers Act will provide for a new, more explicit equipment interference regime that will govern the use of these techniques. It will prevent the use of other powers to obtain stored communications and information from "equipment" where the interference is in the UK and would otherwise constitute a Computer Misuse Act offence, and it will introduce new, enhanced safeguards around the product. The use of this power will be limited to the same statutory purposes as interception. The regime will be overseen by the Investigatory Powers Commissioner.