Investigatory Powers Commissioner’s Annual Report 2019
involved at the inspection. During our inspections we also had direct access (via a GCHQ
operator) to the IT systems used to request and approve these activities, and we were able
to select further cases for examination. We conducted our selection to ensure that we
examined cases from a variety of business areas within GCHQ.
Law Enforcement Agencies
7.8
There have been no changes to our inspection methodology for law enforcement agencies
(LEAs), other than the initiation of the data assurance programme. We have found that our
methodology allows us to access both records and the personnel necessary to establish a
clear picture of the compliance culture and processes at each force we visit.
7.9
We have continued to request details of use of powers ahead of each inspection and to
require each force to demonstrate progress against previous recommendations.
7.10
All law enforcement agencies are inspected annually on their use of communications data
(CD) and to inspect their use of property interference, surveillance, CHIS and equipment
interference powers; some of these inspections are combined depending on how the
force is structured. As noted in our 2018 report, we have conducted trials combining
these inspections, or running them concurrently. This has the benefit of giving us a more
comprehensive overview of operations across the force and, where the force governance
is structured to cover both elements, this has strengthened the value and impact of our
recommendations. In some cases, however, the distinct structure of the force means that
this approach is not appropriate and so we have continued to conduct separate inspections.
We have found that this does not impair the consistency and rigour of our inspections.
From 2020, these inspections will also incorporate oversight of the use of targeted
equipment interference (TEI). In many cases, TEI is conducted by regional specialists based
in a regional organised crime unit (ROCU) and so we will be inspecting both activity at these
hubs and the interplay with the forces they support. Annually, we also inspect all LEAs using
interception powers.
7.11
A specific focus for 2019 has been the handling of intelligence, gathered as a result of the
use of surveillance techniques or CHIS, to ensure that all relevant material is appropriately
safeguarded and destroyed when retention is no longer justified. Decisions in this context
continue to be complicated by the disclosure requirements of criminal proceedings, which
meant that LEAs may be required to retain copies of intelligence for longer than otherwise
would be operationally necessary. We have taken a more in-depth approach to testing
whether staff properly understand the requirements of the law in this context in 2019 and
will carry this on into 2020.
7.12
In relation to CD, our priority has been supporting the transition to the new model of
approval via the Office for Communications Data Authorisations (OCDA). This has meant
that we have focused on ensuring that new format applications are completed accurately
and consistently across law enforcement.
Intercepting authorities
7.13
Since the introduction of the JC approval process to targeted interception warrants, our
primary focus of inspections has been on those elements of the process that are not
subject to the ‘double-lock’ under the IPA and so not subject to prior approval by IPCO.
This has meant that the use of modifications has been a focus of our examinations in 2019.
The effect of modification is to extend the scope of a warrant or to narrow it (by removing
35