104
Investigatory Powers Commissioner ’s Annual Report 2019
14. Local authorities
Overview
14.1
Local authorities may only authorise the use of directed surveillance, covert human
intelligence sources (CHIS) or the acquisition of communications data (CD). Applications
for CD are made via the National Anti-Fraud Network (NAFN). Both surveillance and CHIS
authorisations require the approval of a magistrate in England, Wales and Northern Ireland.
14.2
We noted in our 2018 Report that we reduced the number of local authority inspections
due to resource constraints. In 2019 we inspected 96 local authorities in relation to CHIS
and surveillance powers and we plan to inspect all remaining location authorities by the
end of 2020. Applications for the use of CD by local authorities are managed centrally at
NAFN. From 2020, inspections will also address the adequacy of data retention safeguards
at individual councils, noting that the IPA and the Codes of Practice (CoP) place an
obligation on all authorities to ensure that any data they retain is stored properly. This will
include any copies of CD material acquired via NAFN and, for example, saved on desktop
computer systems. The process by which a local authority acquires material through NAFN
is as follows:
Local authority submits application for communications data material.
NAFN act as a Single Point of Contact on behalf of the local authority and quality assess the
application
NAFN submits the application to the Office for Communications Data Authorisations (OCDA) on
behalf of the local authority
If granted, NAFN will request the communications data material applied for from the
telecommunications operator
Once the communications data material has been provided, NAFN returns it to the requesting
local authority