| Response to the Consultation Paper
Introduction
In March 2003 the Home Office published a consultation paper
Access to communications data: respecting privacy and protecting
the public from crime (http://www.homeoffice.gov.uk/docs/consult.pdf)
inviting views on the implementation of Part I Chapter II of
the Regulation of Investigatory Powers Act 2000 (RIPA).
2. Part I Chapter II of RIPA provides for the lawful acquisition
of communications data by public authorities for specific purposes,
primarily for the purpose of preventing and detecting crime,
and only then when both necessary and proportionate to what the
authority is seeking to achieve.
3. Section 25 of RIPA lists those public authorities that
Parliament has already approved should have lawful access to
communications data using RIPA. The consultation paper concerned
additional public authorities that might be added to that by
an Order approved by Parliament.
4. Specifically the consultation paper invited views on:
- options for imposing restrictions upon additional public
authorities’ lawful access to communications data under
RIPA
- options for additional safeguards regulating their access
to data
5. The consultation also invited views on the need for a review,
wider than the issue of communications data, of the balance between
privacy and protection of the public. The responses on that will
be published separately.
6. This paper attempts to summarise over 170 responses that
covered a wide range of opinions submitted in a range of formats
from thought-provoking papers to terse e-mails. Inevitably it
is not possible to describe all those responses in detail. The
objective is to reflect the views that emerged.
7. Further information about this paper and about the detailed
consultation responses is available from:
Simon Watkin
Covert Investigation Policy Team
Home Office
Room 732
50 Queen Anne’s Gate
London
SW1H 9AT
and by e-mail commsdata@homeoffice.gsi.gov.uk
Summary of responses
8. Although the consultation period ended on 3 June some late
responses were accepted. In all 178 responses were received.
Of those 31 were from commercial organisations, 27 from a variety
of interest groups, 52 from individuals and 68 from public authorities.
The annex to this document lists the respondents, excluding 5
that asked that their response be treated in confidence.
9. In parallel to the consultation exercise the Home Office
commissioned independent research into the views of a representative
sample of UK public opinion regarding access to communications
data by additional public authorities.
10. There was broad acceptance of the Government’s approach,
described in the consultation paper – that public authorities’
access to communications data should be restricted within a regulatory
regime that is transparent, compliant with human rights legislation
and under the oversight of an independent commissioner.
Public authorities access to communications data
11. The consultation paper, and supporting material published
on the Home Office website (http://www.homeoffice.gov.uk/crimpol/crimreduc/regulation/part1/pas.html),
described in some detail why various public authorities responsible
for crime prevention and detection and public safety use, or
need to use, communications data to reduce crime and safeguard
the public. Although the consultation paper did not explicitly
ask for views on the necessity of their requirements to access
data, some respondents had comments.
12. Thirteen respondents expressly stated they did not wish
any public authorities to have access to communications data
under RIPA, a further 11 expressly opposed any of the proposed
additional authorities.
Access to communications data under RIPA
13. Support for a single regime governing public authorities’
access to communications data, and for RIPA as that regime, was
given explicitly by 19 respondents. Only 2 respondents explicitly
opposed RIPA providing a single regime for the lawful acquisition
of communications data.
14. There were 26 respondents who called either for the repeal
of so-called “legacy” legislation, which public authorities
use to lawfully acquire communications data or called for public
authorities not to use pre-existing legislation once the RIPA
legislation come into force. Repeal of legislation is not straightforward.
The powers being used are usually information-gathering powers
used to lawfully obtain information, of which communications
data is a part and often a small part.
15. One respondent submitted a draft Bill that would have
the effect of amending the Data Protection Act 1998 such that
the disclosure of personal data, which is also communications
data, would be permitted only in accordance with RIPA or the
Order of a Court.
16. Many respondents (92) chose to comment on certain public
authorities, 76 were supportive and 16 opposed to particular
public authorities having access to data. Local authorities were
most commented on – both favourably and unfavourably (though
many of the favourable comments came from local authorities themselves).
17. There was clear support from a number of respondents (11)
for the Radiocommunications Agency to be allowed access to the
full range of communications data in order to combat effectively
the nuisance and dangers posed by pirate radio stations.
18. Responses on behalf of, or from individual members of,
Crime and Disorder Reduction Partnerships were supportive of
local authority trading standards and environmental health services
having access to communications data.
Human Rights Principles
19. The statutory safeguards within RIPA were overwhelmingly
supported. The tests of necessity and proportionality that must
be met in every requirement for data were supported explicitly
by 27 respondents and opposed by none. The designation of suitably
senior persons within public authorities able to exercise the
powers received more support (32 respondents) and no opposition.
Restricted access to communications data by purpose
20. Support (27 responses) was expressed for restricting the
purposes for which public authorities may require communications
data. Two respondents opposed restricting access by purpose.
Restricted access to communications data by purpose
and function
21. One third of respondents expressing an opinion (8 out
of 26) were against the proposal of restricting access to data
by both purpose and function (although it received a better reception
in public opinion research). Most of those opposing restriction
by purpose and function were public authorities – simply
because of the practical difficulties in defining public authority
functions in legal terms. Local authorities, in particular, are
responsible for enforcing wide and diverse pieces of legislation.
Respondents also argued restriction by function was not necessary,
as public authorities investigating crime not within their statutory
remit would be acting ultra vires by definition, and not in accordance
with the law.
Restricted access by type of communications data
22. An opinion on restricting access by type of data was expressed
by 44 respondents. Of those 35 supported such a restriction.
23. The case for restricting access to communications data
by data type was put by the Government in the consultation paper.
This was an acknowledgement that an approach which gave all public
authorities the potential to acquire sensitive communications
traffic data, subject to meeting the statutory tests of necessity
and proportionality in each case, was inappropriate – because
most public authorities had no requirement for such data.
24. Some public authorities used their response to the consultation
paper to demonstrate the range of communications data they have
cause to acquire in support of their statutory functions to prevent
and detect crime or protect the public.
Designation of specific persons within public authorities
25. Ahead of the public consultation there was concern that
“anyone” in a public authority could, without reference
to a suitably senior official, acquire communications data. RIPA
provides for designation of individuals holding particular posts,
ranks or grades. 32 respondents commented specifically on this
and all expressed support for clear designation of specific suitably
senior officials able to authorise disclosure of data.
Accreditation and Single Points of Contact (SPoCs)
26. The consultation paper indicated the Government’s
support for an accreditation scheme for officials in public authorities
involved in access to communications data, linked to single points
of contact between an authority and the communications service
industry. This builds practice and training modules established
by the police and customs with the support of industry. Thirty-eight
respondents commented favourably on accreditation. Thirty-six
supported the idea of SPoCs. None were against.
27. The consultation paper acknowledged that consideration
might need to be given to the creation of multi-agency SPoCs
to support additional public authorities that seek to acquire
communications data only infrequently. Notwithstanding that section
23 (3) of RIPA has the effect of requiring the disclosure of
data to the person who gave notice of that requirement or to
a person within the same public authority, 32 respondents expressly
supported the concept of one or more multi-agency SpoCs. Only
one respondent took an expressly opposite view.
28. Nine respondents commented on the need for a process,
or processes, to authenticate RIPA notices requiring disclosure
of data or to provide accelerated processes for the emergency
services. Five respondents commented that a central register
of – variously – public authorities, accredited personnel
and SpoCs should be established. Six respondents (6) commented
that, notwithstanding section 23(3) of RIPA, additional public
authorities should exercise their requirements for communications
data through their local police SPoC.
Oversight of the Interception of Communications Commissioner
29. The consultation paper acknowledged the statutory role
of the independent Interception of Communications Commissioner
to keep under review the exercise of powers under RIPA to acquire
communications data. Oversight by the Commissioner received explicit
support from 16 respondents and opposition from 3 others.
30. However, there were some concerns expressed about the
Commissioner’s role. Firstly, would the Commissioner have
enough resources available to him effectively to oversee the
exercise of powers under Part I Chapter II of RIPA as well as
those exercised quite separately, and very differently, under
Part I Chapter I to intercept lawful the content of communications.
Secondly, it was argued by 8 respondents that the public profile
of the Commissioner and his work is, and might remain, too low
to provide significant reassurance that he is truly independent
and both championing and protecting the interests of the public.
The level of public recognition of the Interception of Communications
Commissioner was contrasted with that of the Information Commissioner.
31. One respondent suggested that the appointment of a lay
regulator and a panel of lay people would provide further oversight
of use of the RIPA powers.
32. Those who took part in the public research thought both
the Commissioner and the Investigatory Powers Tribunal, which
considers complaints about the exercise of RIPA powers, were
crucial safeguards. One respondent to the consultation considered
that a Parliamentary Select Committee should replace the Tribunal.
Sanctions
33. The consultation paper addressed the issue of sanctions
for officials from public authorities who access communications
data inappropriately or unlawfully. Just 6 respondents specifically
addressed this point, 2 were content with the sanctions currently
available. 4 were not.
Double lock on restricted access
34. The consultation paper invited views on a range of potential
additional safeguards, described in the paper as a “double
lock” on access that might supplement the statutory safeguards
contained in RIPA. Respondents’ views on the various double
lock options were mixed.
35. Judicial authorisation of requirements to acquire communications
data attracted divergent views. Opinions were split almost equally
amongst those respondents who expressed a view about it –
24 against, 20 in favour. The responses from public authorities
showed clear opposition to judicial authorisation (17 against,
2 in favour). This was one of the few areas where the view of
public authorities differed significantly from other respondents.
The public opinion sampled in research did not see judicial authorisation
as an important safeguard.
36. Some doubts were expressed about prior approval by an
independent third party but it was more popular than judicial
approval, both in responses from public authorities and others.
In all 48 respondents expressed an opinion, 28 were in favour
and 20 against. Excluding responses from public authorities,
18 were in favour and 6 against.
37. A clear majority of respondents (33 out of 37 expressing
an opinion) were against requiring the police to undertake investigations
on behalf on public authorities. Public opinion research showed
greater support for this option, though here too there were doubts,
and more popular was the police working in conjunction with the
additional public authorities.
38. The most widely supported form of additional safeguard
was a certification scheme for public authorities with access
to communications data providing a positive public statement
that a public authority was fit to exercise its powers under
RIPA and that its processes met, or exceeded, a required standard.
Although certification gained only lukewarm support from the
public research groups, 47 of 49 respondents who commented on
it were in favour. (This was the highest number of respondents
to comment on any one aspect of the consultation.)
The Short List Option
39. The consultation paper floated the option of a “short
list” of additional public authorities comprising a small
number of police bodies and other emergency services. Only one
respondent explicitly favoured the short list approach, 29 expressed
opposition to that.
Other Issues
40. Respondents to the consultation raised a number of issues
not addressed directly in the paper.
41. Some respondents mentioned a need for openness and publication
of statistics about the extent of the use of the RIPA powers,
including one that called for the annual publication of a full
table of disclosures made under RIPA.
42. Several correspondents mentioned the importance of public
authorities having robust processes for safeguarding data they
have acquired and for guarding against onward disclosure.
43. Eleven respondents specifically called for the after-the-event
notification of individuals whose communications data had been
subject of a disclosure requirement, envisaging that public authorities
should inform anyone whose data they have acquired – delaying
that notification where it would be prejudicial to an ongoing
investigation. The respondents commented that such notification
would reassure the public about the use made of powers to acquire
communications data and would discourage abuse of powers by officials
of public authorities.
44. Nineteen respondents commented that the statutory definitions
of communications data contain in RIPA needed clarifying or amending.
45. Five respondents expressed specific concern that public
authorities would “fish” for information from communications
data records without a necessary and proportionate requirement.
46. “Scope creep”, or a perceived inevitable extension
of the number of public authorities able to access communications
data or the range of purposes for which public authorities might
lawfully access data was mentioned by one or two respondents.
Conclusion
47. The Home Office is very grateful to all the respondents
for their comments, particularly those who took the time to prepare
very detailed submissions.
48. The responses have provided a variety of views about the
issues surrounding public authorities’ access to communications
data and the implementation of Part I Chapter II of RIPA specifically.
Some issues raised by respondents about access to communications
data, relating to trust in public authorities and their officials
and the openness and accountability with which they exercise
powers that impact on individual privacy, have a much wider relevance.
They will be considered with the comments about the need for
a wider review of the balance of individual privacy and protection
of the public.
49. The response to the consultation paper, both at the time
of its publication and in the comments from respondents, have
indicated broad support for the fresh approach to implementation
of Part I Chapter II of RIPA signalled in the consultation paper.
50. The Government will lay a revised RIPA (Communications
Data) Order very different to the withdrawn Order, the adverse
reaction to which prompted the consultation. The comments and
views put forward in response to the consultation paper have
informed the development of the new Order and are informing the
development of new double lock safeguards.
Home Office
September 2003
Back
to top
|