time during the reporting year. These included the Independent Police Complaints
Commission, Office of the Police Ombudsman of Northern Ireland, Health &
Safety Executive, National Health Service Counter Fraud & Security Management
Services and the Office of the Information Commissioner.
3.53 By comparison with police forces and law enforcement agencies the above
mentioned public authorities make very limited use of their powers to acquire
communications data. For example, the Office of the Information Commissioner
used its powers on about 37 occasions during a 12 month period although the other
public authorities which were inspected for the second time had only averaged
between 10 and 15 applications during the year.
3.54 Generally these public authorities acquire communications data for specialist
purposes. For example, the Office of the Information Commissioner needed
communications data to investigate breaches of the Data Protection Act and the
Independent Police Complaints Commission made use of its powers primarily to
investigate deaths in police custody.
3.55 Restrictions have been placed upon the types of data which some of the
public authorities in this category may acquire. For example, the Health & Safety
Executive (HSE) is not permitted to acquire traffic data, i.e., data which would
enable it to identify the location from or to which a communication has been
transmitted. In one instance the HSE erroneously made an application for incoming
call data. This constitutes traffic data under Section 21(4)(a) of RIPA and this was
not picked up when the application was submitted or approved. Subsequently a
notice was served to acquire this data but fortunately the CSP spotted the error and
rightly it refused to comply with the request. The Inspector was satisfied this was
an isolated error, caused inadvertently, but it is worth mentioning it here because
it shows how the CSPs help regulate the public authorities and ensure that only
lawful requests are complied with.
3.56 With the exception of the above error the HSE managed to achieve a good
level of compliance with the Act and Code of Practice. The other public authorities
which were inspected in this category are also achieving good standards and they
use their powers responsibly.
Section 4: Interception in Prisons
General
4.1 At the request of the Secretary of State I have continued to provide oversight
of the interception of communications in prisons in England & Wales. This is a nonstatutory role and in practice most of the inspections are conducted by my Inspectors
although I have sight of every report which they produce. During this reporting year
I also received a request from the Director of the Northern Ireland Prison Service
to extend my non-statutory oversight responsibilities to the three prisons which
operate in the province. I was happy to do so and a first inspection has already been
conducted in all three establishments. They emerged quite well from the inspections
although a number of recommendations were made to improve the systems and
processes for conducting the interception of prisoners’ communications.
4.2 The interception of prisoners’ telephone calls and correspondence is
permitted, and in many cases is mandatory, under the Prison Act 1952 and the
National Security Framework (NSF). The NSF stipulates that any telephone call
may be listened to or letter read if intelligence suggests that this is necessary and
proportionate under Prison Rule 35A or YOIR 11(4). Interception is mandatory,
usually in the case of Category A prisoners and prisoners who have been convicted
of sexual or harassment offences, and who continue to pose a risk to children or
the public. Communications which are subject to legal privilege are protected and
there are also special arrangements in place for dealing with confidential matters,
such as contact with the Samaritans and a prisoner’s constituency MP.
19