In March 2003 the Home Office published a consultation paper
Access to communications data: respecting privacy and protecting
the public from crime (http://www.homeoffice.gov.uk/docs/consult.pdf)
inviting views on the implementation of Part I Chapter II of
the Regulation of Investigatory Powers Act 2000 (RIPA).
2. Part I Chapter II of RIPA provides for the lawful acquisition
of communications data by public authorities for specific purposes,
primarily for the purpose of preventing and detecting crime,
and only then when both necessary and proportionate to what the
authority is seeking to achieve.
3. Section 25 of RIPA lists those public authorities that
Parliament has already approved should have lawful access to
communications data using RIPA. The consultation paper concerned
additional public authorities that might be added to that by
an Order approved by Parliament.
4. Specifically the consultation paper invited views on:
- options for imposing restrictions upon additional public
authorities lawful access to communications data under
- options for additional safeguards regulating their access
5. The consultation also invited views on the need for a review,
wider than the issue of communications data, of the balance between
privacy and protection of the public. The responses on that will
be published separately.
6. This paper attempts to summarise over 170 responses that
covered a wide range of opinions submitted in a range of formats
from thought-provoking papers to terse e-mails. Inevitably it
is not possible to describe all those responses in detail. The
objective is to reflect the views that emerged.
7. Further information about this paper and about the detailed
consultation responses is available from:
Covert Investigation Policy Team
50 Queen Annes Gate
and by e-mail firstname.lastname@example.org
Summary of responses
8. Although the consultation period ended on 3 June some late
responses were accepted. In all 178 responses were received.
Of those 31 were from commercial organisations, 27 from a variety
of interest groups, 52 from individuals and 68 from public authorities.
The annex to this document lists the respondents, excluding 5
that asked that their response be treated in confidence.
9. In parallel to the consultation exercise the Home Office
commissioned independent research into the views of a representative
sample of UK public opinion regarding access to communications
data by additional public authorities.
10. There was broad acceptance of the Governments approach,
described in the consultation paper that public authorities
access to communications data should be restricted within a regulatory
regime that is transparent, compliant with human rights legislation
and under the oversight of an independent commissioner.
Public authorities access to communications data
11. The consultation paper, and supporting material published
on the Home Office website (http://www.homeoffice.gov.uk/crimpol/crimreduc/regulation/part1/pas.html),
described in some detail why various public authorities responsible
for crime prevention and detection and public safety use, or
need to use, communications data to reduce crime and safeguard
the public. Although the consultation paper did not explicitly
ask for views on the necessity of their requirements to access
data, some respondents had comments.
12. Thirteen respondents expressly stated they did not wish
any public authorities to have access to communications data
under RIPA, a further 11 expressly opposed any of the proposed
Access to communications data under RIPA
13. Support for a single regime governing public authorities
access to communications data, and for RIPA as that regime, was
given explicitly by 19 respondents. Only 2 respondents explicitly
opposed RIPA providing a single regime for the lawful acquisition
of communications data.
14. There were 26 respondents who called either for the repeal
of so-called legacy legislation, which public authorities
use to lawfully acquire communications data or called for public
authorities not to use pre-existing legislation once the RIPA
legislation come into force. Repeal of legislation is not straightforward.
The powers being used are usually information-gathering powers
used to lawfully obtain information, of which communications
data is a part and often a small part.
15. One respondent submitted a draft Bill that would have
the effect of amending the Data Protection Act 1998 such that
the disclosure of personal data, which is also communications
data, would be permitted only in accordance with RIPA or the
Order of a Court.
16. Many respondents (92) chose to comment on certain public
authorities, 76 were supportive and 16 opposed to particular
public authorities having access to data. Local authorities were
most commented on both favourably and unfavourably (though
many of the favourable comments came from local authorities themselves).
17. There was clear support from a number of respondents (11)
for the Radiocommunications Agency to be allowed access to the
full range of communications data in order to combat effectively
the nuisance and dangers posed by pirate radio stations.
18. Responses on behalf of, or from individual members of,
Crime and Disorder Reduction Partnerships were supportive of
local authority trading standards and environmental health services
having access to communications data.
Human Rights Principles
19. The statutory safeguards within RIPA were overwhelmingly
supported. The tests of necessity and proportionality that must
be met in every requirement for data were supported explicitly
by 27 respondents and opposed by none. The designation of suitably
senior persons within public authorities able to exercise the
powers received more support (32 respondents) and no opposition.
Restricted access to communications data by purpose
20. Support (27 responses) was expressed for restricting the
purposes for which public authorities may require communications
data. Two respondents opposed restricting access by purpose.
Restricted access to communications data by purpose
21. One third of respondents expressing an opinion (8 out
of 26) were against the proposal of restricting access to data
by both purpose and function (although it received a better reception
in public opinion research). Most of those opposing restriction
by purpose and function were public authorities simply
because of the practical difficulties in defining public authority
functions in legal terms. Local authorities, in particular, are
responsible for enforcing wide and diverse pieces of legislation.
Respondents also argued restriction by function was not necessary,
as public authorities investigating crime not within their statutory
remit would be acting ultra vires by definition, and not in accordance
with the law.
Restricted access by type of communications data
22. An opinion on restricting access by type of data was expressed
by 44 respondents. Of those 35 supported such a restriction.
23. The case for restricting access to communications data
by data type was put by the Government in the consultation paper.
This was an acknowledgement that an approach which gave all public
authorities the potential to acquire sensitive communications
traffic data, subject to meeting the statutory tests of necessity
and proportionality in each case, was inappropriate because
most public authorities had no requirement for such data.
24. Some public authorities used their response to the consultation
paper to demonstrate the range of communications data they have
cause to acquire in support of their statutory functions to prevent
and detect crime or protect the public.
Designation of specific persons within public authorities
25. Ahead of the public consultation there was concern that
anyone in a public authority could, without reference
to a suitably senior official, acquire communications data. RIPA
provides for designation of individuals holding particular posts,
ranks or grades. 32 respondents commented specifically on this
and all expressed support for clear designation of specific suitably
senior officials able to authorise disclosure of data.
Accreditation and Single Points of Contact (SPoCs)
26. The consultation paper indicated the Governments
support for an accreditation scheme for officials in public authorities
involved in access to communications data, linked to single points
of contact between an authority and the communications service
industry. This builds practice and training modules established
by the police and customs with the support of industry. Thirty-eight
respondents commented favourably on accreditation. Thirty-six
supported the idea of SPoCs. None were against.
27. The consultation paper acknowledged that consideration
might need to be given to the creation of multi-agency SPoCs
to support additional public authorities that seek to acquire
communications data only infrequently. Notwithstanding that section
23 (3) of RIPA has the effect of requiring the disclosure of
data to the person who gave notice of that requirement or to
a person within the same public authority, 32 respondents expressly
supported the concept of one or more multi-agency SpoCs. Only
one respondent took an expressly opposite view.
28. Nine respondents commented on the need for a process,
or processes, to authenticate RIPA notices requiring disclosure
of data or to provide accelerated processes for the emergency
services. Five respondents commented that a central register
of variously public authorities, accredited personnel
and SpoCs should be established. Six respondents (6) commented
that, notwithstanding section 23(3) of RIPA, additional public
authorities should exercise their requirements for communications
data through their local police SPoC.
Oversight of the Interception of Communications Commissioner
29. The consultation paper acknowledged the statutory role
of the independent Interception of Communications Commissioner
to keep under review the exercise of powers under RIPA to acquire
communications data. Oversight by the Commissioner received explicit
support from 16 respondents and opposition from 3 others.
30. However, there were some concerns expressed about the
Commissioners role. Firstly, would the Commissioner have
enough resources available to him effectively to oversee the
exercise of powers under Part I Chapter II of RIPA as well as
those exercised quite separately, and very differently, under
Part I Chapter I to intercept lawful the content of communications.
Secondly, it was argued by 8 respondents that the public profile
of the Commissioner and his work is, and might remain, too low
to provide significant reassurance that he is truly independent
and both championing and protecting the interests of the public.
The level of public recognition of the Interception of Communications
Commissioner was contrasted with that of the Information Commissioner.
31. One respondent suggested that the appointment of a lay
regulator and a panel of lay people would provide further oversight
of use of the RIPA powers.
32. Those who took part in the public research thought both
the Commissioner and the Investigatory Powers Tribunal, which
considers complaints about the exercise of RIPA powers, were
crucial safeguards. One respondent to the consultation considered
that a Parliamentary Select Committee should replace the Tribunal.
33. The consultation paper addressed the issue of sanctions
for officials from public authorities who access communications
data inappropriately or unlawfully. Just 6 respondents specifically
addressed this point, 2 were content with the sanctions currently
available. 4 were not.
Double lock on restricted access
34. The consultation paper invited views on a range of potential
additional safeguards, described in the paper as a double
lock on access that might supplement the statutory safeguards
contained in RIPA. Respondents views on the various double
lock options were mixed.
35. Judicial authorisation of requirements to acquire communications
data attracted divergent views. Opinions were split almost equally
amongst those respondents who expressed a view about it
24 against, 20 in favour. The responses from public authorities
showed clear opposition to judicial authorisation (17 against,
2 in favour). This was one of the few areas where the view of
public authorities differed significantly from other respondents.
The public opinion sampled in research did not see judicial authorisation
as an important safeguard.
36. Some doubts were expressed about prior approval by an
independent third party but it was more popular than judicial
approval, both in responses from public authorities and others.
In all 48 respondents expressed an opinion, 28 were in favour
and 20 against. Excluding responses from public authorities,
18 were in favour and 6 against.
37. A clear majority of respondents (33 out of 37 expressing
an opinion) were against requiring the police to undertake investigations
on behalf on public authorities. Public opinion research showed
greater support for this option, though here too there were doubts,
and more popular was the police working in conjunction with the
additional public authorities.
38. The most widely supported form of additional safeguard
was a certification scheme for public authorities with access
to communications data providing a positive public statement
that a public authority was fit to exercise its powers under
RIPA and that its processes met, or exceeded, a required standard.
Although certification gained only lukewarm support from the
public research groups, 47 of 49 respondents who commented on
it were in favour. (This was the highest number of respondents
to comment on any one aspect of the consultation.)
The Short List Option
39. The consultation paper floated the option of a short
list of additional public authorities comprising a small
number of police bodies and other emergency services. Only one
respondent explicitly favoured the short list approach, 29 expressed
opposition to that.
40. Respondents to the consultation raised a number of issues
not addressed directly in the paper.
41. Some respondents mentioned a need for openness and publication
of statistics about the extent of the use of the RIPA powers,
including one that called for the annual publication of a full
table of disclosures made under RIPA.
42. Several correspondents mentioned the importance of public
authorities having robust processes for safeguarding data they
have acquired and for guarding against onward disclosure.
43. Eleven respondents specifically called for the after-the-event
notification of individuals whose communications data had been
subject of a disclosure requirement, envisaging that public authorities
should inform anyone whose data they have acquired delaying
that notification where it would be prejudicial to an ongoing
investigation. The respondents commented that such notification
would reassure the public about the use made of powers to acquire
communications data and would discourage abuse of powers by officials
of public authorities.
44. Nineteen respondents commented that the statutory definitions
of communications data contain in RIPA needed clarifying or amending.
45. Five respondents expressed specific concern that public
authorities would fish for information from communications
data records without a necessary and proportionate requirement.
46. Scope creep, or a perceived inevitable extension
of the number of public authorities able to access communications
data or the range of purposes for which public authorities might
lawfully access data was mentioned by one or two respondents.
47. The Home Office is very grateful to all the respondents
for their comments, particularly those who took the time to prepare
very detailed submissions.
48. The responses have provided a variety of views about the
issues surrounding public authorities access to communications
data and the implementation of Part I Chapter II of RIPA specifically.
Some issues raised by respondents about access to communications
data, relating to trust in public authorities and their officials
and the openness and accountability with which they exercise
powers that impact on individual privacy, have a much wider relevance.
They will be considered with the comments about the need for
a wider review of the balance of individual privacy and protection
of the public.
49. The response to the consultation paper, both at the time
of its publication and in the comments from respondents, have
indicated broad support for the fresh approach to implementation
of Part I Chapter II of RIPA signalled in the consultation paper.
50. The Government will lay a revised RIPA (Communications
Data) Order very different to the withdrawn Order, the adverse
reaction to which prompted the consultation. The comments and
views put forward in response to the consultation paper have
informed the development of the new Order and are informing the
development of new double lock safeguards.
|Aberdeen City Council
Dr Yaman Akdeniz
Alliance Against Counterfeiting & Piracy
All-Party Internet Group
Belfast City Beat
Birmingham City Council (Environmental and Consumer Service Department)
Birmingham City Council (Legal Services)
Birmingham City Council (Trading Standards)
Blackburn with Darwen Crime and
Disorder Reduction Partnership
City of Bradford Metropolitan District
The British Computer Society
Buckinghamshire County Council (Community Services)
Cable & Wireless
Caerphilly County Borough Council
Cheltenham Borough Council
R J Cobbold
Commercial Radio Companies Association
Corporation of London Trading Standards Authorities
The Cruising Association
Data Protection and Privacy Practice
Department of Health, Social Services & Public Safety (Northern
Department of Enterprise, Trade and Investment (Northern Ireland)
Department for Work and Pensions (Jobcentre Plus)
Dundee City Council
EURIM (The European Information
Farmers For Action
FIPR (The Foundation for Information Policy Research)
Food Standards Agency
Michael Foster DL MP
Gloucestershire County Council (Trading Standards Service)
Gwynedd Council (Public Protection Service)
Hampshire County Council
Health & Safety Commission
Cllr Martyn Ingram
IEE (The Institution of Electrical Engineers)
IMIS (The Institute for the Management of Information Systems)
The Information Commissioner
The Institute of Chartered Accountants in England & Wales
Intellect (Information Technology Telecommunications & Electronics
Internet Service Providers Association UK (ISPA UK)
Joint Radio Company Ltd
Kent County Council Trading Standards
Kingston Communications (Hull) plc
Dr Anthony Kucernak
Reverend Roger Knight
LACORS (Local Authorities Coordinators of Regulatory Services)
The Law Society
The Law Society of Scotland
Leicestershire County Council Trading
Lincoln Crime Reduction Executive
Lincolnshire County Council Trading
Dr Charles Lindsey
The Local Government Staff Commission
for Northern Ireland
London Borough of Hounslow Trading
London Borough of Newham
|London Borough of Tower Hamlets
London Fire Brigade
London Underground Limited
Borough of Macclesfield
Manchester City Council (Trading Standards Service)
Siobhain McDonagh MP
Metropolitan Police Service
Mid and West Wales Fire Authority
Mid Sussex District Council
MidCOTS (Midlands Trading Standards Group)
NAFN (The National Anti-Fraud Network)
National Office of Animal Health Limited
The Newspaper Society
North Cornwall District Council
North East Trading Standards Association
North of England Trading Standards
Northamptonshire County Council Trading
Northern Ireland Ambulance Service
Northern Ireland Fire Brigade
Northumbria Police Authority
O2 (UK) Ltd
A M O'Leary
Potato Growers Action Group
Powys County Council
Professional Projects Co Ltd
Redcar & Cleveland Borough Council
Cllr David Rogers
Sandwell Metropolitan Borough Council
(Environmental Health and Trading
Scottish Advisory Committee on
SETSA (South East Trading Standards
Shell UK Exploration and Production
The Society of Chief Officers of Trading
Standards in Scotland (SCOTSS)
Soul City 107.5
South Wales Fire Service
Southampton Community Safety Partnership
Southend-on-Sea Borough Council
Southend-on-Sea Trading Standards
Staffordshire Fire & Rescue Service
The Standards Board for England
Suffolk County Council Trading Standards Service
T-Mobile (UK) Ltd
Taunton Deane Crime and Disorder Reduction Partnership
Tindle Radio Limited
Trading Standards Institute
Telecommunications United Kingdom
Fraud Forum (TUFF)
Veterinary Medicines Directorate
Virgin Radio Limited
City of Wakefield Metropolitan District
Prof. Clive Walker
Welsh Advisory Committee on
Welsh Local Government Association
Wolverhampton City Council
City of York Council
Five respondents requested anonymity or that their responses
be treated in confidence.