Report of the Interception of Communications Commissioner - 2016
The relative proportion of red, amber and green recommendations has remained broadly the
same over recent years, although the specific public authorities inspected change each year.
My previous annual report noted that there had been a slight rise in the average number
of recommendations per public authority, from 4 to 5. This rise was attributed to
difficulties in understanding or otherwise complying with the requirements in the revised
Code of Practice regarding record-keeping, DP independence and applications relating
to sensitive professions. This year, the average number of recommendations per public
authority in 2016 reduced to fewer than 3.5 per authority. This may indicate that the
requirements of the Code are being better understood and complied with.
At the end of each inspection, the authority is given an overall rating of good, satisfactory or
poor, depending on an assessment of the total number and severity of recommendations
made. Whether previous recommendations have been achieved is of particular relevance.
In 2016, 61 public authorities achieved a ‘good’ rating. Seven were scored ‘satisfactory’.
No public authorities received a ‘poor’ rating. A list of public authorities’ scores in
communications data inspections can be found in Annex B.
Principal Recommendations and Key Issues
The most common subjects of recommendations are:
•
•
•
•
•
•
Records and record-keeping compliance (46)
Quality of applications (43)
SPoC efficiency and effectiveness (27)
DP’s independence (24)
DP’s considerations (18)
Sensitive professions (18)
Records and Record-keeping Compliance (46)
These recommendations are frequently the result of authorisations or statutory notices
failing to contain the necessary content (see paragraphs 3.37 and 3.47 of the Code of
Practice). Other occurrences include failures to maintain auditable records or to provide
IOCCO with comprehensive or accurate statistical returns.
Quality of Applications (43)
Some applications failed to fully justify necessity or proportionality, in particular where:
•
•
•
•
•
applicants did not account for the link between the communications address
and their investigation;
an incorrect statutory purpose had been specified in the application;
it was unclear what specific crime type was being investigated;
the likelihood of collateral intrusion had not been sufficiently considered; or
the relevance of the date or time periods sought had not been justified.
www.iocco-uk.info
15