For example, my inspectors might conduct a query-based search to check that intercepted
material has been examined in a timely fashion, or to scrutinise the intelligence value of the
interception. Another example might be to run query-based searches on keywords (e.g.
“solicitor”, “legal”) to identify cases where communications subject to legal privilege may have
been intercepted and retained. Inspectors would then check whether that material has been
handled in accordance with the section 15 safeguards and the special procedures outlined in
Chapter 3 of the Code of Practice. On a number of occasions, inspectors have recommended
the modification of warrants, required changes to operational practice to safeguard privacy,
required additional information to be provided to the Secretary of State straight away or at the
point of next renewal, or recommended a cancellation.
This audit function is easily achievable for the majority of the law enforcement agencies
because they hold the warrant documentation and the intelligence reports relating to the
intercepted material on standalone systems. This is because of the requirement to separate
interception-related documentation and intelligence from other business areas, which are
subject to the disclosure provisions of the Criminal Procedure and Investigations Act (CPIA)
1996). The same is not the case for the intelligence agencies, as their systems do not need to
separate intercepted material from other types of intelligence which I may not have a role in
overseeing. My inspectors have made arrangements to view the applications electronically in
one of the intelligence agencies, and would like to do this in the other two.
Retention, storage and deletion of intercepted material and related communications
data. Every interception agency has a different view on what constitutes an appropriate
retention period for intercepted material and related communications data. There is no period
prescribed by the legislation, but the agencies must consider section 15(3) of RIPA, which
provides that the material or data must be destroyed as soon as retaining it is no longer
necessary for any of the authorised purposes in section 15(4).
The vast majority of content is reviewed and automatically deleted after a very short period
of time unless specific action is taken to retain the content for longer because it is necessary
to do so. The retention periods differ within the interception agencies and range between 30
days and 1 year. The retention periods for related communications data also differ within the
interception agencies, but range between 6 months and 1 year.
On an annual basis, inspectors are provided with an update on any changes to the retention,
storage and deletion arrangements for systems containing intercepted material and related
communications data.
Retention of interception applications and associated documentation. There is no
explicit provision in RIPA or the Code of Practice requiring or inferring a requirement for the
destruction of warrantry applications and associated documentation. Conversely, there is no
reference requiring its retention. That said, if an application or renewal contains information
that discloses it to be the product of warranted interception, the document may well fall within
section 15(3) of RIPA. This requires that any material should be destroyed as soon as there are
no longer any grounds for retaining it.
Some of the interception agencies and warrant-granting departments retain this documentation
indefinitely. Others, mostly the law enforcement agencies, destroy it within a reasonable period
of time after the interception has been cancelled and any legal proceedings have finished.
www.iocco-uk.info
43