3.9 In the same 12-month period a total of 595 errors were reported to my office
by public authorities; approximately three quarters are attributable to public
authorities and the remainder to CSPs and ISPs. This may seem a large number but
it is very small when it is compared to the numbers of requests for data which are
made nationally. I am not convinced that any useful purpose would be served by
providing a more detailed report of these errors. I should add that neither I nor any
of my Inspectors have uncovered any willful or reckless conduct which has been
the cause of these errors. A considerable proportion of these errors were due to the
incorrect transposition of telephone numbers and of course human error can never
be eliminated completely. I am pleased to say more and more police forces are
introducing automated systems to manage their requirements for communications
data and these will inevitably reduce the number of keying errors which occur.
3.10 In October 2007, when the Code of Practice was approved by Parliament,
changes were made to the arrangements under which public authorities report
errors because previously they were required to notify me of any error, even
though it did not result in any intrusion upon the privacy of an innocent third party.
For example, if subscriber information was requested erroneously, in relation to
a telephone number which did not even exist, then this would still have to be
reported as an error. Additionally, certain other errors which were effectively
procedural breaches of the Code of Practice also had to be reported. For example,
the failure by a police force to serve a Notice upon a CSP retrospectively within
one working day of an oral request being made for communications data when
there was an immediate threat to life.
3.11 Accordingly I agreed to a change in the error reporting system whereby
public authorities now only report errors which have resulted in them obtaining
the wrong communications data and where this has resulted in intrusion upon
the privacy of an innocent third party. In my judgment this change was necessary
in order to highlight the most serious errors which have impacted, or potentially
impacted upon individuals and to reduce unnecessary bureaucracy associated
with reporting of procedural errors, particularly in relation to the police forces
and law enforcement agencies, and to bring more perspective and clarity to the
error reporting system. My Inspectors review these errors during the inspections
to ascertain why they occurred and how recurrence can be avoided, and they work
closely with the public authorities to ensure that errors are kept to the absolute
minimum.
3.12 Each public authority must also keep a log of any ‘recordable’ errors which
have occurred during the process of acquiring communications data. Generally
these are procedural errors relating to non-compliance with the Code of Practice
but not resulting in intrusion. I have already given one or two examples of these
types of error in the preceding paragraphs. These errors have to be recorded and
the record produced on inspections, as they are relevant to the inspection, and
because the errors may also indicate underlying problems within the systems
and processes for acquiring communications data which may require remedial
attention. The frequency of ‘recordable’ errors may indicate to an Inspector that
the overall level of compliance may not be quite as good as it should be and this is
important.
Communications data and the work of the Inspectorate
during the period covered by this report.
Police Forces and Law Enforcement Agencies
3.13 There are 43 police forces in England & Wales; eight police forces in
Scotland; and the Police Service of Northern Ireland which are all subject to
inspection. Additionally my Inspectors also inspect the British Transport Police;
Port of Liverpool Police; Port of Dover Police; Royal Military Police; Royal Air
Force Police; Civil Nuclear Constabulary; Ministry of Defence Police; and the
Royal Navy Police.
11