The privacy and security debate over digital intelligence continues, but little by little the fog of controversy that followed the publication of material leaked by Edward Snowden is being cleared away.

Last month, the Prime Minister received the report[1] from the Independent Surveillance Review commissioned under the last government by Nick Clegg, then Deputy Prime Minister. The review panel reached a unanimous set of conclusions, perhaps to the surprise of some, given how broadly based the review panel was. It included former heads of the three British intelligence agencies and a senior retired police officer as well as a leading investigative journalist, parliamentarians, a law professor and an internet entrepreneur. The report called for fresh legislation both to justify necessary intrusions into privacy by the state and to regulate such activity through clear law and effective oversight.

The title of the RUSI report conveys its message: a new democratic licence to operate is needed for the security and intelligence agencies and for law enforcement. A licence for intrusive investigation that could be said to be based on three Rs: rule of law, regulation and restraint. The rule of law would allow the authorities, when necessary, through open and clear legislation, to acquire the secret intelligence needed for national security and to keep the public safe. Regulation would provide a set of strict processes for authorization of such activity, only when necessary and proportionate, and to provide for effective independent oversight to supervise and investigate governmental intrusion. Restraint would ensure that it never becomes routine for the state to intrude into the private lives of its citizens. The hallmark of a civilized society must be that the state is reluctant to intrude, is restrained in the powers it chooses to use and properly authorized when it deems it necessary.

This general approach has been reflected in other important recent reports. The Parliamentary oversight body, the Intelligence and Security Committee, has concluded, as has the distinguished QC David Anderson, the government's independent reviewer of counterterrorism legislation, that public safety and security today relies upon digital intelligence. This applies to countering jihadist terrorism, cyber criminality or people smuggling, or simply dealing with kidnaps, missing persons and would-be suicides. Just one example is the way in which law enforcement needs the leads that access to digital information about internet use and mobile communications can provide. But these major reports also concluded that the present legal framework authorising the interception of communications is unclear. They stated that it is not satisfactory for the intrusive powers used by the intelligence agencies and the police to be scattered over a number of acts of Parliament whose import in practice is, to say the least, obscure.

There is therefore increasing recognition that the public has not been satisfactorily kept abreast of how existing law has been used, for essential and legitimate purposes, to allow the interception of digital communications of all types, the use of bulk personal databases and of covert access to computer systems and networks. The case for fresh consolidating legislation has strengthened as it has become clearer how rapid developments in communication and data technology are affecting intelligence work – not least in the need to access cyberspace to defend the UK public from the effects of hostile cyber attacks.

For some privacy campaigners, however, it seems that no case made for the necessity of such digital intelligence methods will ever be enough. Nothing will quell their fears of abuse of intrusive and powerful intelligence tools by the authorities here and in the United States with what they claim to be potentially chilling effects on the everyday freedom of the citizen. For them, advanced digital intelligence will remain incompatible with the fundamental Article 8 European Human Right to personal privacy, whatever the future safeguards, but that seems increasingly to be a minority view

A clear rejection of the basis of that libertarian legal argument has now come from the independent UK Court (the Investigative Powers Tribunal) in a series of important judgements over the last year. Importantly, the court had demonstrated its independence from government by criticizing detailed aspects of the implementation by the intelligence agency GCHQ of its data-retention policies. It also criticized government for failing in its duty under the rule of law to explain clearly how some of the fundamental safeguards in law were being operated. The conclusions of the court are, nevertheless, not accepted by the most extreme of the campaigners, who are continuing their legal battle to challenge the lawfulness of digital intelligence through bulk interception. Such cases will no doubt eventually be heard by the European Court of Human Rights and possibly the European Court of Justice itself.

What is not contested, and certainly not by the majority of the public, is that there is a credibility gap for government exposed by the Snowden material. It is not that the British government knowingly acted illegally in intercepting private communications, or that the ability to collect digital data in bulk is being used by the government to provide it with a perpetual ‘mass surveillance’ window into the private lives of British citizens. The government has, however, tended too readily to assume that it has public consent for the activity of its secret agencies. The public will readily accept that the ‘secret parts of the state’ are necessary to the functioning and protection of the open society, and accept that intelligence activity cannot be more than minimally transparent without defeating its own purpose, but nowadays only if it is fully democratically accountable.

We wait to see how the British government fulfills its commitment to bring forward draft legislation on this subject in the autumn. Let us hope that the proposals will be sufficiently bold to bring to closure the controversies over privacy and security, not least so that those we rely upon to keep us safe and secure can focus on that task confident that they have a new democratic licence to operate.