Investigatory Powers Governance Committee
BT believes that government must have investigatory powers to protect society- and we support the UK government in protecting national security and fighting crime. It is vital, however, that there are proper controls over investigatory powers and how they are used. We played a significant part in the development of the regime introduced under the Investigatory Powers Act 2016. But it is also very important that we have strong internal oversight of what we do, and that we can demonstrate this to our customers and other stakeholders.
The Investigatory Powers Governance Committee is the body that is responsible for what BT does in this area. We have to comply with the law- but we also have a responsibility to respect human rights, especially the right to privacy. The role of this Committee is to help ensure that BT gets the balance right.
Terms of reference
1.1The Committee is a formal Committee of BT Group plc (“BT Group”) and replaces BT’s National Security Committee with effect from 13 December 2016. It derives its authority from, and reports to, the Board of Directors of BT Group plc (the “Board”). It includes permanent members of the Board.
1.2 The Committee is responsible for:
1.2.1 assessing and responding to all requests in relation to Investigatory Powers (see section 10) made to British Telecommunications plc and its subsidiaries (“BT”), by or on behalf of public authorities in the United Kingdom and overseas;
1.2.2 all operational activities undertaken by BT in relation to Investigatory Powers, and any policies relating to those activities; and
1.2.3 any other matters arising on requests from, or provision of assistance to, public authorities for purposes relating to national security, law enforcement or critical national infrastructure.
2. Membership and attendance
2.1 Subject to their holding the security clearances described in section 4 at all times whilst holding office on the Committee, the Committee shall comprise the following permanent members (the “Permanent Members”) :
2.1.1 the Chairman of BT Group, who shall also act as the chairman of the Committee (the “Committee Chairman”);
2.1.2 the Chief Executive Officer of BT Group, who shall act as the vice chairman of the Committee (the “Committee Vice Chairman”);
2.1.3 the President of BT Security;
2.1.4 the Director of Group Engineering Services (GES);
2.1.5 one or more independent non-executive directors;
2.1.6 a BT in-house legal adviser with specialist knowledge of investigatory powers law and human rights requirements (the “Legal Adviser”); and
2.1.7 any other individuals who may be appointed as Permanent Members under section 2.2 from time to time.
2.2 The Permanent Members identified in sub-section 2.1 shall be appointed by the Board. In the event that an individual in one of the roles specified in sections 2.1.1 to 2.1.4 is unable to obtain the appropriate level of security clearance, the Board shall appoint an alternative senior BT manager to the Committee who has the appropriate level of security clearance.
2.3 Only Permanent Members have the right to attend and vote at Committee meetings.
2.4 Other individuals (“Invited Members”) may be invited to attend all or any part of a Committee meeting, as and when appropriate.
3. Committee Secretary
3.1 The Committee Chairman shall appoint an individual to act as secretary of the Committee (the “Committee Secretary”). That individual must have at least the level of security clearance required by Permanent Members under section 4.
4. Security clearance
4.1 Permanent Members must hold appropriate security clearances. Invited Members must hold a level of security clearance appropriate to the matters that are discussed in the Committee meeting, or part, that they attend. The Committee Secretary is responsible for ensuring that no attendee is present for discussion of any matters for which they do not hold the appropriate level of security clearance.
5.1 Subject to section 8, the quorum for Committee meetings shall be three Permanent Members, to include (as a minimum): (i) the Committee Chairman or the Committee Vice Chairman; (ii) the Director of GES; and (iii) the Legal Adviser. A duly convened meeting of the Committee at which a quorum is present shall be competent to exercise all or any of the authorities and duties vested in or exercisable by the Committee.
5.2 Voting shall be by a simple majority with the Chairman to have a casting vote.
6. Frequency of meetings
6.1 The Committee shall meet at least quarterly, or more frequently if required (i) to meet business needs, (ii) to advance priority activities, or (iii) in an emergency for urgent matters (an “Emergency Meeting”) and at other times when the Committee Chairman requires.
7. Notice of meetings
7.1 Meetings of the Committee shall be called by the Committee Secretary at the request of the Committee Chairman.
7.2 The Secretary shall draw up any supporting papers (in conjunction with the Director of GES and the Legal Adviser). The Secretary shall hold the papers securely given the sensitive nature of their subject matter and they shall be available to each Member of the Committee only for the duration of the meeting. The circulation of non-sensitive papers shall not be subject to this restriction.
8. Emergency Meeting for urgent matters
8.1 If the Committee needs to make a decision urgently, and there is no time to call a full meeting, an Emergency Meeting shall be held.
8.2 Any Permanent Member may be the delegate for the Committee Chairman or Committee Vice Chairman for the purposes of an Emergency Meeting.
8.3 The quorum for a decision taken in an emergency basis shall be either (i) the Chairman or Vice Chairman (or the relevant delegate), (ii) the Director of GES or (iii) the President of BT Security, in each case together with the Legal Adviser (or their delegate).
8.4 Those Permanent Members present at the Emergency Meeting shall decide the appropriate course of action and shall report the decision at the next meeting.
8.5 If, in exceptional circumstances, it is not possible to include the Legal Adviser (or their delegate) at an Emergency Meeting, the Secretary shall inform the Legal Adviser of the issue and any decision taken as soon as possible thereafter and the Legal Adviser shall review the matter to report back to the next full meeting.
8.6 In very exceptional circumstances, the scope of which are to be determined as far as practicable by the Committee, where a decision is required immediately, the Director of GES may make an immediate decision on behalf of the Committee and shall, as soon as is practical, call an Emergency Meeting to report on the issue.
9.1 The Committee Secretary shall minute the proceedings and resolutions of all meetings of the Committee, including recording the names of those present and in attendance.
9.2 After each meeting of the Committee, the Committee Secretary shall prepare a set of meeting minutes (the “Draft Minutes”), to be held securely and approved by the Permanent Members in attendance at the next full meeting.
10. Principal duties
10.1 For the purposes of these terms of reference, “Investigatory Powers” means those capabilities and obligations referred to in the Regulation of Investigatory Powers Act 2000, the Investigatory Powers Act 2016, its subordinate legislation (Regulations and Codes of Practice) and any related or successor legislation, together with any similar capabilities and obligations wherever enacted in other countries. It includes interception of content under a warrant, the acquisition, retention and disclosure of communications data, equipment interference and the issuing of national security and technical capability notices.
10.2 The Committee shall put in place policies and measures, as appropriate, to assess, in relation to each request for assistance, whether:
10.2.1 there is a lawful basis for the request;
10.2.2 the request is lawfully and properly executed;
10.2.3 it is reasonably practicable for BT to accede to the request;
10.2.4 further information should be sought from the requesting authority;
10.2.5 on its face a request may give rise to concerns in relation to BT’s human rights commitments (see also sub-section 7); and
10.2.6 the request should be referred to the appropriate regulatory authority.
10.3 The Committee may delegate its authority to assess individual requests to the Director of GES and the Legal Adviser and/ or appropriate representatives of their respective functions. In so doing, the Committee shall provide guidance as to the circumstances in which a request may be agreed and actioned by the appropriate operational staff within BT, and the circumstances in which a request requires further consideration or rejection.
10.4 The Committee shall put in place appropriate governance in respect of any contractual arrangements entered into by BT with public authorities for any activities related to Investigatory Powers.
10.5 The Committee shall ensure that BT’s Investigatory Powers operational activities are subject to ongoing legal review, with reference to all applicable law, and assessment against BT’s human rights commitments (including Article 13 of the UN Guiding Principles).1
10.6 The Committee shall procure and oversee, as it deems fit, any audit or investigation of activities which are within the remit of these Terms of Reference.
11. Reporting and transparency
11.1 The Committee Chairman shall report annually to the Board on the Committee’s proceedings and how it has discharged its responsibilities. The Committee Chairman shall ensure that no information is provided to members of the Board that it cannot share with them for security or legal reasons.
11.2 The Committee shall make whatever recommendations to the Board it deems appropriate on any area within its remit where action or improvement is needed, for example in relation to resources required or risk management.
11.3 The Board, the Operating Committee and the Human Rights Steering Group may submit requests for information relating to the Committee’s activities. The Committee shall accede to any such request, provided that it does not disclose information that it cannot share with members of the requesting body for security or legal reasons.
11.4 The Committee shall also produce a report on its activities (to the extent that it is permitted to do so under the relevant legislation) to be included in BT’s Annual Report.
11.5 The Committee shall ensure that these Terms of Reference are available on BT’s intranet and public website.
The Committee shall:
12.1 have access to sufficient resources to carry out its duties, including, but not limited to:
12.1.1 statistics relating to requests received by BT (including any errors made by BT in response to such requests);
12.1.2 any records which may exist of any external meetings attended by Permanent Members with public authorities which relate to the Committee’s activities; and
12.1.3 legal advice as set out in section 14;
12.2 be provided with appropriate and timely training (including human rights), both in the form of an induction programme for new Permanent Members and on an ongoing basis for all Permanent Members;
The Committee is authorised by the Board:
13.1 to seek any information it requires from any employee of BT or other internal BT bodies in order to perform its duties;
13.2 to obtain, through the BT Group General Counsel and Company Secretary, outside legal help and any professional advice, at the BT Group’s expense, which might be necessary to enable the Committee to fulfil its duties;
13.3 to arrange for periodic reviews of its own performance and, at least annually, review these Terms of Reference, to ensure it is operating at maximum effectiveness; and to recommend any changes it considers necessary to the Board for approval;
13.4 to instigate, at BT’s expense, special projects or investigations relating to any matter within the Committee’s Terms of Reference;
13.5 to call any employee for questioning at a meeting of the Committee as required; and
13.6 to amend the Terms of Reference from time to time as required, with prior Board approval.
14.1 To ensure that legal advice is always available to the Committee, any BT legal adviser with specialist knowledge of investigatory powers law and human rights, and with the appropriate level of security clearance, may be the delegate for the Legal Adviser.
1Article 13 says the responsibility to respect human rights requires that business enterprises (a) avoid causing or contributing to adverse human rights impacts through their own activities, and address such impacts when they occur and (b) seek to prevent or mitigate adverse human rights impacts that are directly linked to their operations, products or services by their business relationships, even if they have not contributed to those impacts.