CHAPTER 6: POWERS AND SAFEGUARDS
6.102. IOCCO has in recent years under successive Commissioners and the Head of IOCCO,
Joanna Cavan, built up formidable expertise in the nuts and bolts of interception, to
add to its longer experience of communications data. By way of illustration:
(a)
IOCCO employs nine experienced and technically skilled inspectors, many with
a police or intelligence background, who were given access without reservation
not only to all the material they requested but to the Agencies’ own systems and
to the processes of the warrant granting department [WGD] that assists each
relevant Secretary of State. Similar access is also granted to each public
authority that is entitled to acquire communications data under RIPA Part I
Chapter 2.
(b)
The Commissioner’s latest report sets out the manner in which IOCCO
inspected every aspect of the interception process, from compliance with the
Interception Code and the previous Communications Data Code to the actual
application of individual selection criteria, the retention, storage and destruction
of intercepted material, security and administrative safeguards and audit checks
carried out by the Agencies.110
(c)
These inspections are by no means whitewashing exercises. Three significant
caveats were set out in the published report concerning the period up to the end
of 2014 and subsequently investigated;111 more than 400 recommendations
were made to public authorities; the necessity and proportionality of some
interceptions was challenged and a total of 69 recommendations were made to
the nine interception agencies in relation to pre-authorisation or authentication
processes, the enhancement of retrospective audits and a more explicit role for
the Commissioner in the audit process.112
6.103. There are constraints (not least in RIPA itself) on the transparency that is possible in
this area. It is also unfortunate that the IOCC’s reports do not receive more
widespread publicity, whether because of their technical nature or the sense that the
Commissioner and his staff are more interested in doing an excellent job than in
gaining publicity for it.113 But having spoken in depth to IOCCO, and reviewed a
number of reports of similar review bodies from different countries, I would comment
that they are a model of their kind.
6.104. As set out above, in March 2015, the IOCC agreed formally to oversee directions under
TA 1984 s94, a task which he anticipated would require “extra staff (and possibly
technical facilities)”.114 The ISCommr oversees the exercise by the Agencies of their
ISA 1994 and SSA 1989 powers, as set out above. However, there is no entity
appointed to oversee access to communications data under any of the myriad routes
110
111
112
113
114
IOCC Report, (March 2015), chapter 6.
Ibid., para 6.35.
Ibid., paras 1.9, 6.39-6.40, 6.69-6.70.
Though IOCCO has a twitter feed (@iocco_oversight), on which it has shown itself willing to engage
informally with critics and sceptics; and an impressive list of public engagements is given in its March
2015 report at para 3.4.
IOCC Report, (March 2015), para 10.4.
120