Collecting intelligence to build up a detailed knowledge of threats to the country is at the heart of MI5’s work.
The assessment and investigation process helps us to make decisions about how to respond to these threats and what protective measures to take. Our judgements about the scale of various threats and how we allocate our resources in response are subject to validation by the Home Secretary and are made visible to our parliamentary oversight body, the Intelligence and Security Committee (ISC).
Although publicly available information is helpful for background purposes, usually the best way to find out about the threat that some organisations and individuals pose is to obtain secret intelligence about their activities. We gather this information and use it to find out about organisations of interest and their key personalities, infrastructure, intentions, plans, and capabilities.
If intelligence is worth recording we ensure that this is done accurately. We clearly mark its origin and authenticity, and ensure that it can be retrieved swiftly. If we assess that a particular threat needs to be investigated, we deploy resources to obtain further intelligence, and we continually adjust our assessments in light of new intelligence or events.
Our principal techniques for gathering intelligence are:
All of the techniques used are in accordance with the legal requirements established by the Security Service Act 1989, the Intelligence Services Act 1994 (ISA), the Regulation of Investigatory Powers Act 2000 (RIPA), and the associated Codes of practice. The use and authorisation of each technique is independently scrutinised by the Investigatory Powers Commissioner's Office (IPCO).
The Security Service Act 1989 makes the Director General responsible for ensuring that there are effective arrangements within MI5 to control when and how we obtain and disclose information. As well as formal handling arrangements, a major aspect of this control is a system of internal mechanisms, designed to make sure we only investigate genuine threats to national security. We do so with proper regard for the law, in proportion to the threat, and with external authorisation for intrusive measures (from the appropriate Secretary of State) where the law so requires. In other cases, we take decisions internally at a seniority level appropriate to the degree of intrusiveness.
These arrangements are designed to allow fast-moving investigations to proceed swiftly, whilst maintaining a high level of compliance.
At any one time we are likely to be conducting many investigations, but only in a very few of the most important ones would we need to use all of the methods of intelligence collection. Eavesdropping, for example, is not only highly intrusive, meaning our case for using it must be strong, but carrying it out securely is also technically complex and resource-intensive. As a result, it is used sparingly.
When using intrusive techniques to gather intelligence, our underlying aim is always to be effective with the minimum amount of intrusion and in proportion to the threat. Much of the skill of intelligence work lies in finding the right blend of techniques to meet the requirements of an investigation. Before we use our most intrusive intelligence gathering methods, which require a warrant, we must justify to a Secretary of State that what we propose to do is:
The Secretary of State needs to be satisfied that the information we expect to obtain could not reasonably be obtained by any other means. These are important tests and we take care to apply for warrants only where the threshold is clearly met. We only apply for warrants when we have a strong case and they are considered very carefully by Home Office officials before being put to the Secretary of State for a decision.
Naturally, people who threaten national security, such as terrorists or spies, are aware that their activities may attract our attention and they will do what they can to prevent us from detecting them. Equally, we try to gather intelligence without our targets realising we have them under investigation. This is not just to avoid compromising our investigations, but also to protect our methods so that we can use them again in the future.