2011 Annual Report of the Interception of Communications Commissioner
considers and authorises the application; the Single Point of Contact (SPoC) who is an accredited
individual responsible for acquiring the data from the Communication Service Provider (CSP)
and ensuring that the public authority acts in an informed and lawful manner; and the Senior
Responsible Officer (SRO) who is responsible for the overall integrity of the process. Adherence
to the Act and Code of Practice by public authorities is essential if the rights of individuals are to
be respected and all public authorities have a requirement to report any errors which result in
the incorrect data being disclosed.
The primary objectives of the inspections are to:
• Ensure that the systems in place for acquiring communications data are sufficient for the
purposes of the Act and that all relevant records have been kept.
• Ensure that all acquisition of communications data has been carried out lawfully and in
accordance with Part I, Chapter II of RIPA and its associated Code of Practice.
• Provide independent oversight of the process and check that the matter under investigation
was such as to render the acquisition of data necessary and proportionate.
• Examine what use has been made of the communications data acquired, to ascertain whether
it has been used to good effect.
• Ensure that errors are being ‘reported’ or ‘recorded’ and that the systems are reviewed and
adapted where any weaknesses or faults are exposed.
• Ensure that persons engaged in the acquisition of communications data are adequately trained.
At the start of the inspections my inspectors review any action points and recommendations from
the previous inspection to check that they have been implemented. The systems and procedures
in place for acquiring communications data within the public authority are examined to check
they are fit for purpose.
My inspectors carry out an examination of the communications data applications submitted
by the public authority. It is difficult to set a target figure for the number of applications that
are examined in each public authority as the volume will obviously vary significantly depending
on the public authority being inspected. Where the public authority has only submitted a small
number of applications it is likely that they will all be examined. However for the larger users, a
random sample is selected which embraces all of the types of communications data the particular
public authority is permitted to acquire.
My inspectors seek to ensure that the communications data was acquired for the correct
purpose as set out in Section 22(2) of RIPA and that the disclosure required was necessary and
proportionate to the task in hand. The inspectors assess the guardian and gatekeeper function
being performed by the SPoC against the responsibilities outlined in the Code of Practice. A range
of applications that have been submitted by different applicants and considered by different DPs
are examined to ensure that there is uniformity in the standards and that the appropriate levels
of authority have been obtained. My inspectors scrutinise the quality of the DPs considerations
and the content of any authorisations granted and / or notices issued.
27