A modern MI5
Andrew Parker, the Director General of MI5, delivered the annual Lord Mayor's Defence and Security lecture in London on 28 October 2015.
1. My Lord Mayor, Secretary of State, Aldermen, Sheriffs, Ladies and Gentlemen, it is a pleasure to be here this evening.
2. MI5 has a long association with the City of London. As many of you will know we work through the Centre for the Protection of National Infrastructure with financial institutions and businesses on physical, personnel and cyber security – an ever increasing challenge on a scale that is not always fully understood. Many here are customers of our work in that area.
3. And of course we work, in close partnership with the City of London Police, to keep this great, diverse city safe from the threat of terrorism. We do so for the people who live and work here. And we do it because without that security, the economic prosperity and democratic values we are all proud of in the UK cannot flourish. I would like to pay tribute to the leadership and contribution of the outgoing Commissioner Adrian Leppard, who has also been a great colleague.
4. This evening I want to talk about a modern MI5. About how MI5 is changing, just as the world around us is changing. And about what we need to do if we are to continue to protect the UK against those who wish us all harm.
5. But I also want to reflect on where we have come from as an organisation. We are proud of our 106 year history, and we have a long tradition of innovation, and of responding successfully to the changing threats we face. We also have deeply held core values as an organisation, about integrity, professionalism and teamwork.
6. It is those strong foundations that give me confidence we can continue to do our job effectively in the modern era – in the face of a threat that is different in intensity to anything I have previously experienced in my 32 year career, and against the backdrop of the challenges posed by technological change.
Where we have come from
7. MI5 came into being in 1909. As tensions between Britain and Germany continued to rise in the run up to the First World War, the Secret Service Bureau was established under the auspices of the War Office and the Admiralty, to counter foreign espionage. The Bureau began life as only two officers, Captain Vernon Kell and Commander Mansfield Cumming, in a small and probably unprepossessing office on Victoria Street. It faced a daunting and ill-defined task.
8. Within a year it had been agreed that the Bureau would be divided into two, with Kell focusing on all work at home and in the Empire, and Cumming on work abroad. That is the broad division of responsibility that remains today between MI5 and MI6 (minus the Empire!).
9. But as I will come on to say, our work is in fact much more interconnected than this might suggest, not least because MI5 needs to operate across international boundaries to address the global threat we face.
10. Winston Churchill, then Home Secretary, was a great early supporter of the Bureau’s work, and there were very important successes in identifying and prosecuting networks of spies. By the end of the Great War, MI5 employed no fewer than 844 staff, many from military backgrounds, in a new Headquarters off Haymarket.
11. Treated as a military entity, MI5 was radically cut back during the inter war years of austerity to the point at which, in the 1920s, Kell had only a handful of officers and was able to maintain “no agents in the accepted sense of the word, only informants..he might employ for a specific purpose” – this despite increasing concerns about the rise of communism, Soviet subversion and the Nazi threat. I’ll return later to one of the consequences of that.
12. MI5 grew again during the Second World War, and played a key role in the war effort. Our role in recruiting double agents enabled both the obtaining of German ciphers, and the feeding of misinformation to the Nazi regime – including, vitally, in the lead up to the D Day landings. Together with the pivotal work of our partners at Bletchley Park in cracking the ‘Enigma’ code, the intelligence efforts of MI5 provided a crucial wartime advantage.
13. In the decades that followed, the Service – 2,000 strong by the 1970s – was focused on the very different, and no less challenging, threats of the Cold War era. It was not till 1984, just after I joined the Service, that MI5 established a dedicated Counter Terrorism Branch, as our work on both Middle Eastern and Northern Ireland related terrorism grew in prominence.
14. And it has been the growth of our international counter terrorism work that stands out over my three decades in the Service. The tragic events of 9/11 showed the world in the most chilling terms the lengths to which Islamist terrorists were prepared to go to inflict mass casualty attacks on the West.
15. And, after a series of thwarted plots, that threat became a reality here in London on 7 July 2005, with the bombings on our transport system. Appalling acts committed by individuals who had grown up here in the UK, but who decided for their own twisted reasons to identify their own country as the enemy. Those individuals, and those who share their world view, represent a tiny fraction of the population. But the societal and security challenge this represents is a huge one.
16. 7/7 transformed our counter terrorism operations. Since the early 2000s, MI5 has doubled in size to around 4,000 members of staff, and the vast majority of that growth has been in our counter terrorism work, which now makes up more than two thirds of our effort. We have developed a highly sophisticated and integrated response, working with the Police, SIS and GCHQ and other partners.
17. That response is rightly the envy of many other countries, all over the world. And it has been critical – on many occasions over the years – in keeping this city safe against the Provisional IRA threat in the 1990s, and against the Islamist terrorist threat we face today. Without those partnerships, we would not have the security that allows our society and economy to prosper.
A three dimensional threat
18. Today we face a three dimensional threat: at home, overseas, and online. An increasing proportion of our casework links to Syria and to ISIL. Even three years ago, when Jonathan Evans gave this lecture, we could not have predicted how the ISIL terrorist phenomenon has developed since. More than 750 extremists from this country have travelled to Syria, and the growth in the threat shows no sign of abating.
19. We are seeing plots against the UK directed by terrorists in Syria; enabled through contacts with terrorists in Syria; and inspired online by ISIL’s sophisticated exploitation of technology. It uses the full range of modern communications tools to spread its message of hate, and to inspire extremists, sometimes as young as their teens, to conduct attacks in whatever way they can.
20. The speed at which the process of radicalisation can occur online, and the emphasis on relatively low sophistication but nevertheless potentially deadly plots, are two major challenges that flow from ISIL’s mode of operation. On top of that, in a range of attacks in Europe and elsewhere, this year we have seen greater ambition for mass casualty attacks. All of this underlines the growing threat we face.
21. Meanwhile the threats to the UK from Al Qaeda in South Asia, the Arabian Peninsula, parts of Africa have not gone away, and terrorists continue to aspire to mass casualty attacks against the UK and our allies. All of this means that the threat we are facing today is on a scale and at a tempo that I have not seen before in my career.
22. With our partners, we have thwarted six attempts at terrorist attacks in the UK in the last year, and several plots overseas.
23. It may not yet have reached the high water mark, and despite the successes we have had, we can never be confident of stopping everything. The death of 31 British nationals in the Sousse attacks in June was an appalling reminder of the threat.
24. Beyond counter-terrorism we are also working in close partnership with GCHQ and with the City of London Police to provide advice and support to industry and to the Critical National Infrastructure against the growing range and intensity of cyber threats we face, underpinned by the understanding we have from our investigations.
25. That work spans the finance, energy, civil nuclear, telecommunications, water and transport sectors as well as government institutions – and I do not need to tell this audience how important cyber security is to the City of London, and to the UK’s economic prosperity in the online age.
26. When put together with the wider work we do against espionage threats, and our work on Northern Ireland related terrorism, MI5 faces huge challenges and must make difficult choices every day.
The capabilities we need
27. As the threat has evolved, so too have our capabilities.
28. Much of MI5’s early work focused on recruiting agents against the pre-war espionage threat, and later communism. Running agents was – and remains – inherently risky and difficult work. But many of our greatest successes as an organisation have depended on it, and without the insight and bravery of our agents we would not be able to keep the country safe. The intelligence we gather from them remains central to our work today.
29. But today we need to operate increasingly across international boundaries, with the terrorist threat to the UK emanating from some of the most difficult environments possible, including Syria. And we also operate in an online age, against adversaries such as ISIL who use modern technology and media in an increasingly sophisticated way.
30. The ability to intercept the communications of those who mean us harm has also been a key component in MI5’s toolbox throughout our history – and one which has always generated debate. In the years leading up to the Great War, interception was about accessing letters, under a Home Secretary warrant. But the Post Office argued forcefully at the time that it was undesirable to “shake public confidence in the security of the post”, and that in any case it was improbable that any spy would correspond in this way. In fact the interception of letters produced absolutely vital intelligence for MI5 in identifying espionage networks and preventing the flow of valuable information to our enemies.
31. In the 1930s the interception of telephone calls became increasingly important, with MI5 developing what – at the time – was groundbreaking technology with the Dictaphone Company for recording conversations. A system of Home Secretary warrants was introduced in 1937.
32. Interception has remained a vital capability ever since. But today the conversations of our adversaries are happening on a bewildering array of devices and digital platforms, often provided by companies based overseas. And an increasing proportion of such communications are now beyond our reach – in particular with the growing prevalence of sophisticated encryption.
33. We cannot, of course, hold back the tide of technological change. Nor do we want to. But the idea that that there are spaces where terrorists can communicate safely and increasingly out of sight of the intelligence agencies – ‘going dark’, as it is known, is not something that anyone either intended or voted for. It presents us with an enormous challenge.
34. We all conduct so much of our lives online, carrying smart phones in our pockets, accessing information and communicating with each other in a whole variety of ways. That brings huge benefits to society and to the economy. But those same opportunities are also exploited by terrorists and those plotting against us. Information gathered from the technology terrorists use, often in the same way as the rest of us, may sometimes be the only way to stop them.
35. And so we need the tools to access terrorists’ communications online just as much as we intercepted written communications and telephone calls in years gone by.
36. This means securing the co-operation of Communications Service Providers in a much more diverse and globalised telecommunications market, both in the UK and overseas. Those providers rightly want to maintain the privacy and security of their customers’ data – but they also have an obligation, and I would argue an ethical responsibility, to work with law enforcement and other agencies to prevent their services being used for the purposes of serious crime and terrorism. We have strong partnerships, but it is an issue on which we need to continue to make progress.
37. We also need to draw upon a range of wider tools to mitigate the challenges. This includes the ability to conduct operations online and to mount IT attacks (known as equipment interference) – under a warrant authorised by the Home Secretary – against terrorist networks, so that we can access their communications.
38. It also means that our ability to access and analyse data is more important than ever before.
39. Kell and his staff developed a ‘carding system’ which before the Great War to index information the early MI5 held on ‘aliens. Not extra-terrestrials, I’m sorry to say, but the contemporary term for foreign nationals who might present a security concern. It might have been the “cutting edge of data management” at the time, as Christopher Andrew described in his authorised History of MI5. But it would not get us very far with a modern counter terrorism investigation.
40, We use data to save lives. Accessing data quickly, reliably and at scale is as fundamental to our work – whether that is communications data (the ‘who’, ‘when’ and ‘where’ of communications, not that ‘what’), or whether it is travel data, passport information or other data sets. Data is critical to our ability to identify threats in the first place, and it enables us to join the dots in our investigations, to identify those who may be involved in planning attacks.
41. Without communications data for example we could not have detected and disrupted numerous plots over the last decade as the terrorist threat to the UK has grown in scale and complexity.
42. To take just one example, without vital access to such data sets, we would not have been able to identify, at speed, links between the individuals plotting to bomb the London Stock Exchange in 2010. And we would not have been able to work with the police to prevent that attack.
43. We use these tools within a framework of strict safeguards and rigorous oversight, but without them we would not be able to keep the country safe.
44. As I have said before, we do not, and could not, go browsing at will through the lives of innocent people.
45. I welcome the detailed scrutiny of this subject by the three independent reviews that will inform the forthcoming Investigatory Powers Bill: all three reviews rejected the notion that the intelligence agencies are engaged in ‘mass surveillance’, and all three concluded that we work within the laws set down by Parliament.
46. We do not seek sweeping new intrusive powers in that legislation, but rather a modern legal framework that reflects the way that technology has moved on, and that allows us to continue to keep the country safe.
Transparency and trust
47. This brings me to the theme of transparency and trust. For much of our history my predecessors, and Governments of different persuasions, have wrestled with the inherent tension between the necessary secrecy of our operations, and the legitimate desire for greater transparency about the nature of our powers.
48. A post-war review of the Security Service in 1945, quoted in the authorised History, concluded that “there is no alternative to giving [the Director General] the widest possible discretion in the means he uses and the way in which he applies them – always provided he does not step outside the law”. But because the Service’s powers were not defined in law, their extent was, at that time, unclear.
49. The world feels very different today:
- We operate under the Security Service Act, which sets out our functions and principles that apply to all our work – a piece of legislation that MI5 actively championed.
- There is extensive legislation governing our use of intrusive powers, principally under the Regulation of Investigatory Powers Act 2000 – albeit legislation that needs updating for the online age
- We are subject to rigorous scrutiny – by the executive, through the Home Secretary’s role in personally signing off warrants for our most intrusive activity; by Parliament, through the Intelligence and Security Committee; and by the judiciary, through the two independent Commissioners (both former senior judges) and the Investigatory Powers Tribunal.
50. And as we prepare for the Government’s forthcoming legislation on investigatory powers, an unprecedented amount of material has been put into the public domain through the independent reviews I have mentioned. That is something we welcome: we depend on the trust of Parliament and the British public to do our work, and it is right that we should operate within a modern legal framework for the online age, that better meets the increasing expectation of transparency. The inaugural Transparency Report to be published very shortly by the Government adds to that picture, and is a welcome further step.
51. But some things will necessarily need to remain secret, if we are to continue to operate effectively against our adversaries. To take an example from our history, in the late 1920s, a public disclosure of intercepted Russian telegrams led the Soviet regime to move to a more secure means of communications. As a result little high grade intelligence was decrypted until the end of World War II – a period during which we now know that Russia was recruiting the Cambridge spy ring, who were able penetrate the heart of British government.
52. And in more recent times, I do not need to repeat the comments that others have made about the damage that Snowden’s disclosures have caused in giving our adversaries an advantage.
53. When Parliament debated the Security Service Act in 1989, it was said there were never more than about 40 MPs in the chamber. I imagine the debates on the forthcoming legislation will attract rather wider interest – and it is right that they do so.
54. But I hope that the public debate will be a mature one, informed by the three independent reviews, and not characterised by ill-informed accusations of ‘mass surveillance’, or other such lazy two-worded tags.
55. Public trust in our work is vital, and that is why I recently gave the first live media interview by a serving Director General. Now a Today programme grilling is not something I hope to have to repeat too often, but I thought it was right to explain directly what MI5 is doing to tackle the terrorist threat and to talk about how we work.
A modern MI5
56. I want to finish by saying a few words about what a modern MI5 means for our people and the way we do our business. I have talked about our growth, to the 4,000 strong organisation we are today. But it is not just about numbers of course. The skills we need today, and the way we work, are very different to the organisation I joined in 1983.
57. We are already a much more diverse workforce, employing staff from all backgrounds, and drawing on a vast range of skills from many disciplines. And our work is more closely intertwined – and often co-located – with that of our partners: with each partner bringing its unique expertise to bear against the shared problems we face.
58. But we need to continue that journey of change if we are to address the modern challenges we face. Certainly we need to retain and evolve our traditional strengths in gathering and assessing intelligence, and recruiting and running agents. But just as important today are the way in which we harness technology, our data analysis skills, and the quality of our partnership working – with SIS and GCHQ, with the police, and with international partners.
59. All these aspects of our work have been transformed beyond all recognition during my time in the organisation. And they will need to transform again over the coming years as we respond to the scale and shape of the threat we now face in the online age.
60. It is the quality of our people and our partnerships – and that ability to adapt and to innovate – that gives me greatest confidence about the future. All of our activity is conducted within the framework that Parliament has set, and our staff have ingrained in them the principles of necessity and proportionality – the language of our Act. They are intensely committed to our mission of keeping the country safe, and they are tirelessly professional and ethical in the way they conduct their work. Christopher Andrew quotes a new recruit in 1953 being told by a personnel officer that “one of the best things about working here is that the percentage of bastards is extremely low”. I may be biased, but I firmly believe that remains the case today.
61. The men and women of MI5 are ordinary people, who do extraordinary things. They have a very strong ethos of public service, but yet their work often goes unnoticed in the public domain. I commend their skills and bravery, and those of the partners we work with, particularly GCHQ, SIS and the Police.
62. Let me conclude with this. In the coming months, we will see important choices that will set our path as an organisation for the next period. Government will determine the size and shape of our effort on counter terrorism and cyber security – amongst other things – through the Strategic Defence and Security Review, and the Spending Review. And Parliament will consider our legislative framework and oversight through the Investigatory Powers Bill.
63. You have seen from what I have said this evening the scale and complexity of the three dimensional terrorist threat we face in the UK, overseas and online. My own view is simple: there should be no more MI5 than is necessary to keep the country safe. And it is right, in the democracy that we value and protect, that Government and Parliament make these choices.
64. But as we approach these decision points, it is our strengths and values as an organisation, our people and our partners, that give me confidence that the modern MI5 can continue to succeed in protecting this country in changing times – however tough that challenge can seem.