2012 Annual Report of the Interception of Communications Commissioner
My inspectors seek to ensure that the communications data was acquired for the correct
purpose as set out in Section 22(2) of RIPA and that the disclosure required was necessary
and proportionate to the task in hand. I am providing more information this year in relation
to how my inspectors’ satisfy themselves of this in order to address a comment made by the
Joint Committee on the Draft Communications Data Bill. It is important to understand that
my inspectors look at each request on an individual, case by case basis. The inspectors examine
the justifications that have been set out in the application. The necessity and proportionality
tests for acquiring communications data are quite specific – in order to justify necessity under
Section 22(2) the applicant must make the link between the crime / offence (or other purpose),
the suspect, victim or witness; and the phone or communications address – in order to justify
proportionality the applicant must explain how the level of intrusion is justified when taking
into consideration the benefit the data will give to the investigation, provide a justification as
to how the specific date / time periods requested are proportionate and consider, if relevant,
whether the objective could be achieved through less intrusive means. Collateral intrusion must
also be considered and any meaningful collateral intrusion described (for example, the extent
to which the privacy of any individual may be infringed and why that intrusion is justified in
the circumstance). The case must be made for each specific data request and the application
supporting the request should stand on its own. My inspectors seek to ensure that all of the
above matters have been considered. If the inspector has concerns that the tests have not been
met, they will speak to the applicant and / or the DP. The inspector may also ask to see further
supporting documentation (such as the case file, policy logs, operational book etc).
The inspectors assess the guardian and gatekeeper function being performed by the SPoC
against the responsibilities outlined in the Code of Practice. A range of applications that have
been submitted by different applicants and considered by different DPs are examined to ensure
that there is uniformity in the standards and that the appropriate levels of authority have been
obtained. My inspectors scrutinise the quality of the DPs considerations and the content of any
authorisations granted and / or notices issued.
My inspectorate receives good co-operation from the CSPs who have a requirement to comply
with any lawful requests for communications data which are received from the public authorities.
The CSPs are asked to provide my inspectors with details of the communications data they
have disclosed to the public authorities during a specified period. The disclosures are randomly
checked against the records kept by the public authorities in order to verify that documentation
is available to support the acquisition of the data.
My inspectors conduct informal interviews with senior investigating officers, applicants and
analysts to examine what use has been made of the communications data acquired and to
ascertain whether it has been used to good effect. During this part of the inspection if necessary
they will, and often do, challenge the justifications for acquiring the data. Later in my report I will
highlight some more examples of how communications data has been used effectively by public
authorities to investigate criminal offences.
Any errors which have already been reported or recorded are scrutinised to check that there
are no inherent failings in the systems and procedures, and that action has been taken to prevent
recurrence. It is worth pointing out that if the inspectors identify an error / issue during the
25