UK and US sign landmark agreement to fast-track access to data from technology companies 

On Thursday evening (October3), Home Secretary Priti Patel and US Attorney General William P. Barr signed a “world-first” Bilateral Data Access Agreement that will dramatically speed up investigations and prosecutions by enabling agencies, with appropriate authorisation, to go directly to the technology companies to access data.

The agreement was signed in Washington DC, where the Home Secretary met security partners to discuss the two countries’ cooperation on security.

Ms Patel also published an open letter calling on Facebook to end plans for end-to-end data encryption, which would prevent law enforcement agencies from safeguarding children.

Currently, agencies make requests for communications data from central governments via Mutual Legal Assistance (MLA), which can often take six months to two years. Once in place, the agreement will see the process reduced to a matter of weeks or even days.

The Home Office said the agreement will accelerate complex investigations into suspected terrorists and paedophiles, such as Dr Matthew Falder, who was sentenced in 2018 to 32 years in prison, later reduced to 25 years, for an eight-year campaign of online child sexual abuse, blackmail, forced labour and sharing of indecent images.

Falder used the Facebook accounts of vulnerable victims to blackmail them into sending increasingly explicit indecent images of themselves, which he traded on ‘hurt core’ forums.

UK law enforcement spent at least a year trying to satisfy US legal criteria and establish probable cause. In the end the evidence was obtained directly from victims, retraumatising some and considerably slowing case file preparation.

The Home Office said this meant less evidence was available than might have been if the UK was able to seek evidential material directly from US providers. 

Under the agreement, the US will have reciprocal access, under a US court order, to data from UK communication service providers.

The Home Office said the UK has obtained assurances, which are in line with the Government’s continued opposition to the death penalty in all circumstances.

“Any request for data must be made under an authorisation in accordance with the legislation of the country making the request and will be subject to independent oversight or review by a court, judge, magistrate or other independent authority,” it said in a statement.

Ms Patel said:“Terrorists and paedophiles continue to exploit the internet to spread their messages of hate, plan attacks on our citizens and target the most vulnerable.

“As Home Secretary I am determined to do everything in my power to stop them. This historic agreement will dramatically speed up investigations, allowing our law enforcement agencies to protect the public.

“This is just one example of the enduring security partnership we have with the US and I look forward to continuing to work with them and global partners to tackle these heinous crimes.” 

Mr Barr added:“This agreement will enhance the ability of the US and the UK to fight serious crime – including terrorism, transnational organised crime, and child exploitation – by allowing more efficient and effective access to data needed for quick-moving investigations.

“Only by addressing the problem of timely access to electronic evidence of crime committed in one country that is stored in another, can we hope to keep pace with 21st century threats.

“This agreement will make the citizens of both countries safer, while at the same time assuring robust protections for privacy and civil liberties.”

However, the Home Office said it does not change the way companies can use encryption and does not stop companies from encrypting data.

In her open letter to Facebook, co-signed by Mr Barr, Acting US Homeland Security Secretary Kevin McAleenan and Australia’s Minister for Home Affairs Peter Dutton, Ms Patel expresses “serious concerns” with the company’s plans to implement end-to-end encryption across its services, such as Instagram and Messenger.

Addressed to Facebook’s chief executive officer Mark Zuckerberg, the letter calls for a halt to the proposals unless the company can provide assurances that there will be no reduction in Facebook’s ability to keep its users safe and enable law enforcement access to content in exceptional circumstances.

Facebook made 16.8 million reports of child sexual exploitation and abuse content to the US National Centre for Missing and Exploited Children in 2018, of which it is estimated 12 million would be lost if the company pursues its plan to implement encryption.

The National Crime Agency estimates that these referrals from Facebook led to more than 2,500 arrests in 2018 and almost 3,000 children safeguarded.

Ms Patel said:“Tech companies like Facebook have a responsibility to balance privacy with the safety of the public.

“So far nothing we have seen from Facebook reassures me that their plans for end-to-end encryption will not act as barrier to the identification and pursuit of criminals operating on their platforms.

“Companies cannot operate with impunity where lives and the safety of our children is at stake, and if Mr Zuckerberg really has a credible plan to protect Facebook’s more than two billion users it’s time he let us know what it is.”

The National Police Chiefs’ Council lead for child protection, Chief Constable Simon Bailey, said: “Technology advances have given criminals easy ways to target and groom children and vulnerable people online and so quick access to their communications is vital.

“This evidence can help us secure prosecutions but more importantly, find victims and end their exploitation. I welcome this agreement as will law enforcement colleagues around the country.

“In respect of Facebook, if their current policy for end-to-end encryption is implemented, they will knowingly put the safety of children at risk. They have so far provided no reassurance that this change will not impede law enforcement and our ability to target offenders and safeguard children. They have a moral responsibility to ensure this does not happen.”