Report of the Interception of Communications Commissioner - July 2016
confidential information. We have therefore decided not to publish the statistics in this
category as we have serious concerns as to their reliability. We recommend that in future
all applications highlighted as relating to sensitive professions are checked by the SPoC
and any that have been miscategorised are corrected to ensure accurate reporting. This
should be easily achievable as the number of applications of this type per public authority
is relatively low.
7.38 Where we examined the applications that did in fact relate to a member of a
sensitive profession, we found that the applications were submitted principally because
that individual had been a victim of crime, e.g. a medical doctor, lawyer or MP receiving
malicious or threatening communications, or to a much lesser extent because the
individual was a suspect in a criminal investigation, both in circumstances related to their
occupation e.g. a lawyer suspected of perverting the course of justice, or unrelated to
their profession e.g. a medical doctor suspected of committing sexual offences outside
the workplace.
Inspection Regime
7.39 Our communications data inspections are structured to ensure that key areas
derived from Chapter 2 of Part 1 of RIPA and the Code of Practice are scrutinised. A
typical inspection may include the following:
•
•
•
•
•
•
•
•
the supply of a pre-inspection pack (two months prior to our visit) to the head
of the public authority to require information and arrange interviews with
operational teams;
a review of the action points or recommendations from the previous inspection
and their implementation;
an audit of the information supplied by the CSPs detailing the requests
that public authorities have made for disclosure of data. This information
is compared against the applications held by the SPoC to verify that the
necessary approvals were given to acquire the data;
random examination of individual applications for communications data to
assess whether they meet the requirements of necessity and proportionality;
query based examination of applications, via the secure auditable computer
systems used by the larger public authorities, to identify trends, patterns
and compliance issues in key parts of the process across large volumes of
applications;
scrutinising at least one investigation or operation from start to end to assess
whether the communications data strategy and the justifications for acquiring
all of the data were proportionate;
examination of the urgent oral approvals to check the process was justified
and used appropriately;
a review of the errors reported or recorded, including checking that the
measures put in place to prevent recurrence were sufficient; and,
www.iocco-uk.info
55