CHAPTER 6: POWERS AND SAFEGUARDS
services at a particular point in time, though IP address resolution is still not possible
in all cases.
6.64.
6.65.
RIPA Part I Chapter 2 sets out the basis on which public authorities may seek and
obtain access to communications data. There are four major differences between the
law as it relates to interception and to communications data:
(a)
The list of public authorities which can obtain communications data is much
longer: a total of about 600 organisations as opposed to nine.
(b)
The list of grounds that can be used to justify access to communications data
is longer. As well as national security, detecting crime or disorder and the
economic well-being of the UK, communications data can be accessed on the
grounds of public safety, public health, collecting taxes or preventing death or
injury in an emergency. As with interception, those grounds are subjected to a
proportionality assessment.64
(c)
The content of the notice or authorisation does not need to be tightly defined
or restricted to an individual. It only needs to describe the communications data
that are required.65 For example, an authorisation might describe the IP
addresses of all users who have accessed a particular website or the phone
numbers of everyone who has telephoned a particular number.
(d)
The power to authorise interception lies with the Secretary of State, whereas
authority to obtain communications data resides with a designated person [DP]
at middle management level: for example a superintendent or inspector in the
police, or a Grade 7 in certain parts of the Civil Service.66
But that is not to say that the process is one of simple self-authorisation. Generally
speaking, the DPs (as prescribed by an order of the Secretary of State) work in
conjunction with a Single Point of Contact [SPoC]. SPoCs fulfil two principal roles:
(a)
advising whether an application is appropriate, lawful and practical, and
(b)
providing a consistent and knowledgeable interface with the service providers.
6.66.
The role of SPoCs is not set out in statute, but in the Acquisition Code.67 It is the
responsibility of the DP, rather than the SPoC, to give approval to a request to obtain
access to communications data. The DP must usually be independent of the
investigation concerned and of the SPoC.
6.67.
Local authorities are in a somewhat different position. As a result of changes made
by the Protection of Freedoms Act 2012 [PFA 2012], local authorities are required to
apply to the magistrates’ court for that authorisation or requirement, which may then
64
65
66
67
RIPA s22(2).
RIPA s23(2)(b).
See RIPA s25(2). For a full list see Regulation of Investigatory Powers (Communications Data) Order
2010, Schedules 1 and 2.
Paras 3.19-3.30.
111