IPCO Annual Report 2018
11.65
We found exemplary practice in relation to sensitive professions in two agencies. The SPoCs
conduct regular audits of all relevant applications to ensure that sensitive casework is
properly identified and set out in applications. We reviewed results from these audits and
found them to mirror our own processes and considerations.
11.66
In those organisations where CD is acquired in support of warranted investigations, it
was apparent that confusion has arisen from historical practices as to whether, and in
what circumstances, such data should be acquired under Part I RIPA (Section 20), or by
way of an application under Part I Chapter 2 RIPA. We made a recommendation for one
organisation to tighten processes and assist the public authority to achieve the best
possible level of compliance with RIPA and the CoP. This issue has also been the subject
of further discussions with the Home Office Policy Unit to ensure that the guidance in this
area is clear and compliant and revised legislation, with appropriate interpretation, is to be
introduced under the IPA in 2019.
Sensitive Professions
11.67
During our inspections, we review applications relating to individuals of sensitive
professions and consider whether the relevant safeguards are being applied appropriately.
We had no concerns that the relevant data was being obtained unnecessarily but in some
cases the records did not fully reflect the sensitivity of this data. We recommended that
within all applications linked to sensitive professions, the applicant, the SPoC processing
the application and the Designated Person granting the authorisation, must include
an assessment of whether the data being sought is likely to involve a higher degree of
interference with an individual’s human rights, whether there might be any unintended
consequences, or whether the public interest is best served in the application.
11.68
On previous inspections at two agencies, for example, we had noted shortcomings in
relation to the enhanced considerations of privacy that are required when dealing with
applications relating to certain sensitive professions (such as lawyers and doctors). Our
2018 inspection found a good level of compliance with the provisions of the CoP in this
area, resulting from improved internal processes.
11.69
We conducted two inspections of one agency in 2018. Our first inspection similarly
identified shortcomings in relation to sensitive professions. The CoP requires that the
application should state if the data requested is relevant to a sensitive profession, if
known, and that the person granting the authorisation should consider whether the
request is appropriate given the sensitivity of the material intended to be acquired. We
have seen some progress in this area, although we found that the depth of considerations
offered were inconsistent. This is not to say, however, that this sensitive material is not
lawfully obtained nor appropriately safeguarded upon receipt. We expect to see further
improvements in this area in 2019.
Protected Information
11.70
LEAs may require the disclosure of the protected information, which they have lawfully
obtained or are likely to obtain lawfully, in an intelligible form or to acquire the means to
access the information. The National Technical Assistance Centre (NTAC) is the lead national
authority in relation to this form of activity and approval must be granted by NTAC to any
LEA seeking to obtain to exercise these powers. The usage of the powers is infrequent, with
66 approvals granted in 2018.
81