132
Investigatory Powers Commissioner’s Annual Report 2019
in chapter 12 we have reviewed the adequacy of processes and policies in place to prevent
continued occurrence of errors of this kind.
18.21
The vast majority of errors stemmed from human mistakes, either from a misunderstanding
or lack of awareness of the activity which had been authorised, or from covert activity
which had continued beyond a cancellation or expiry of an authorisation. In all cases, after
further investigation by the public authority, or by an Inspector, additional administrative
measures or training have been introduced within the organisation to ensure that there
is no repetition. Should errors continue to be repeated within an organisation we will
prioritise investigating the issue at our next inspection.
18.22
Errors in online directed surveillance has been a focus of our attention in 2019. In 2018,
we noted concerns that new and developing capabilities to monitor social media activity
online might result in a high proportion of errors resulting from surveillance without proper
authorisation. Fortunately, we have not found this to be the case and only five errors of
this kind were reported in 2019. We found that this relatively new methodology has been
appropriately deployed and robustly monitored within organisations. We examine the
relevant policy and procedures at each surveillance inspection to ensure that appropriate
audit structures are in place; this allows suitable oversight and provides assurance that the
tactic is being used in a lawful and compliant manner. We have found that the pattern of
errors is in line with those occurring in traditional directed surveillance operations, largely
aligned to human error and a lack of awareness of the parameters within authorisations.
Public authorities
18.23
Seven directed surveillance errors were reported by public authorities. These all related to
directed surveillance having been conducted without appropriate authorisation.
Local authorities
18.24
Errors caused by local authorities are rare, which is to be expected given the low number
of authorisations sought and relied on by councils conducting investigations. Where they
do arise, this is often either due to inadequate policy and processes or because of a lack
of awareness of, or willingness to abide by, guidance on the use of CHIS or surveillance.
During 2019 we were made aware of one error where a local authority had undertaken
surveillance utilising static cameras placed outside the home address of persons reporting
that they had been the victim of harassment and anti-social behaviour. A second error
reported to us by a different local authority related to the use of CHIS without appropriate
authority. In both cases no authorisation was sought; it appears that this was due to a lack
of suitable policies and processes to facilitate authorisation.
Prisons
18.25
There were two errors reported by prisons in 2019, one by Her Majesty’s Prison and
Probation Service (HMPPS) and one by an individual prison. Although there is no
obligation to report errors for surveillance conducted under Prison Rules, we encourage
error reporting as best practice. No errors were reported regarding other investigative
powers and, as with all low-reporting authorities, it is important for us to consider
whether such figures reflect a failure to recognise and or report errors, which would be of
significant concern. However, we judge that the low number of RIPA, surveillance and CD
authorisations relied on by prisons means that this is proportionate to the error rates we
are seeing reported elsewhere.