Section 3: Part I Chapter II – Acquisition and
Disclosure Communications Data
General
3.1 The term ‘communications data’ embraces the ‘who’, ‘when’ and ‘where’
of a communication but not the content, not what was said or what was written.
Certain public authorities are approved by Parliament to acquire communications
data and amongst others they include the intelligence agencies, police forces, local
authorities and other law enforcement agencies, such as Her Majesty’s Revenue &
Customs. The Act and its Code of Practice contain explicit human rights safeguards
– particularly to safeguard the rights of individuals to respect for their private
lives. These safeguards include restrictions set by Parliament on the purposes for
which public authorities may obtain data; on what data public authorities may
obtain; on which senior officials within public authorities may exercise the power
to obtain data; and on which individuals within public authorities undertake the
work to obtain data.
3.2 All public authorities, permitted by Parliament to obtain communications
data using the provisions of RIPA, are required to adhere to a Code of Practice
when exercising their powers and duties under the Act. Generally the acquisition
of communications data under the Act involves four roles within a public authority
and these are the applicant, designated person, single point of contact and the
senior responsible officer. Persons who are involved in processing and approving
applications for communications data have key responsibilities under the Code of
Practice and they have a duty to ensure that the public authority acts in a lawful and
informed manner. Additionally, designated persons must generally be able to act
objectively and independently when approving applications for communications
data and they must have a current working knowledge of human rights principles,
specifically those of necessity and proportionality. Good adherence to the Code
of Practice is essential if the rights of individuals are to be respected and all
public authorities have a requirement to report any errors which result in unlawful
intrusion.
3.3 I have a responsibility to oversee the use which public authorities have
made of their powers under the Act and how they have exercised their rights
and responsibilities. In this respect I am supported by a Chief Inspector and
five Inspectors who all have experience of managing or supporting criminal
investigations and are highly trained in the field of communications data. A
programme of inspections is drawn up with the assistance of members of my
Secretariat and the Inspectors firstly engage with the Senior Responsible Officer
(SRO) from the public authority concerned. For example, this would normally be
a Superintendent in a police force or a Head of Service in a local authority.
3.4 Within every public authority each SRO must be responsible for:
s
s
s
the integrity of the process to acquire communications data;
compliance with the Code of Practice;
oversight of the reporting of errors to me, identifying their causes and
taking
s
s
appropriate action to minimize the repetition of errors;
s
oversight of the implementation of post-inspection Action Plans, approved
by me.
engagement with my Inspectors and ensuring that all relevant records are
produced for the inspection;
3.5 Following each inspection a detailed report is prepared by the Inspector
and this will outline inter alia what level of compliance has been achieved with
the Code of Practice. Where necessary the Inspector will produce a schedule
7