The Communications Data Bill: What Councils Need to Know

The Draft Communications Data Bill was laid before Parliament on 14th June 2012. The Bill provides an updated framework for ensuring the availability of communications data and its obtaining by public authorities. It will replace the communications data provisions within the Regulation of Investigatory Powers Act 2000 (RIPA).

The most controversial aspects of the Bill will enact proposals, announced in the Queen’s Speech in May, which will require Internet firms to give the Police, the Serious and Organised Crime Agency, the Intelligence Agencies and HM Revenue and Customs access to a wider range of communications data on demand and, in some cases, in real time. The Home Office says  that they are updating the law “in terms of social media and new devices”. Without action they say that there is a growing risk that crimes enabled by email and the Internet will go undetected and unpunished. However civil liberties groups, as well as Internet Service Providers have voiced concerns about the Bill from a privacy and technical perspective. See my previous blog entry  for a discussion about these concerns.

But what effect will the new Bill have on local authorities?

The Bill will replace Part 1 Chapter 2 of RIPA. Sections 21 to 25 of RIPA (and the Regulation of Investigatory Powers (Communications Data) Order 2010 (SI 2010/480)) currently set out who can access what type of communications data and for what purposes. This includes the police and security services as well as councils, government departments and various quangos. RIPA restricts access to the different types of communications data depending on the nature of the body requesting it and the reason for doing so.

The definition of “communications data” includes information relating to the use of a communications service (e.g telephone, internet and postal service) but does not include the contents of the communication itself.  Such data is broadly split into three categories: “traffic data” i.e. where a communication was made from, to whom and when; “service data” i.e. the use made of the service by any person e.g. itemised telephone records; “subscriber data” i.e. any other information that is held or obtained by an operator on a person they provide a service to.

Some public bodies already get access to all types of communications data e.g. police, security service, ambulance service, customs and excise. Local authorities are restricted to subscriber and service use data and even then only where it is necessary for the purpose of preventing or detecting crime or preventing disorder.

At present access to communications data is done on a system of self authorisation. There are forms to complete ((signed by a senior officer) and  tests of necessity and proportionality to satisfy. Notices have to be served on the service provider requesting the data.

The new Bill will broadly replicate the current system for accessing communications data by local authorities. There is no provision to widen the scope of the information available to councils or the grounds for doing so (unlike the police and law enforcement agencies mentioned above). However the Bill does replicate the changes to the local authority RIPA regime to be made by Protection of Freedoms Act 2012. In the future all local authority surveillance activity under RIPA, including a request for communications data (however minor), will have to be approved by a Magistrate. (See my earlier Blog Post for more detail about the 2012 Act.)

The Bill also implements a recommendation in the RIPA Review published by the Home Office on 26th January 2011.  This stated that the range of non-RIPA legislative frameworks by which communications data can in principle be acquired from Communication Service Providers “should be streamlined to ensure that as far as possible RIPA is the only mechanism by which communications data can be acquired.”

Clause 24 introduces Schedule 2 to the Bill which repeals certain general information powers so far as they enable public authorities to secure the disclosure by a telecommunications operator of communications data without the consent of the operator. This includes powers under the Trade Descriptions Act 1968, Environmental Protection Act 1990, Social Security Administration Act 1992 and the Enterprise Act 2002. Local authority officers in environmental health, trading standards and benefit fraud departments, who may not be have been using RIPA to gain access to communications data previously, will now need to get to grips with a new regime.

The Communications Data Bill will be subject to scrutiny by a joint parliamentary committee before the effort to bring the measures through Parliament and into law begins in earnest.  This comes on top of other recently announced changes to the criteria for local authority to authorise Directed Surveillance under Part 2 of RIPA.  The Home Office will have to issue a new code of practice and standard forms which Investigating Officers and their legal advisers will have to familiarise themselves with.

We have a series of courses on RIPA and Surveillance which cover all the recent changes to the RIPA regime including the Protection of Freedoms Act 2012. We also have a range online courses.

 

To RIPA or Not To RIPA: Changes to Council Surveillance Powers

The days of local authorities being able to use surveillance powers to tackle dog fouling and littering offences will soon be over. From 1st November 2012, local authorities will face severe restrictions upon the grounds for which they can authorise Directed Surveillance under the Regulation of Investigatory Powers Act 2000 (RIPA).

The Regulation of Investigatory Powers (Directed Surveillance and Covert Human Intelligence Sources) (Amendment) Order 2012, SI 2012/1500  (“the 2012 Order”), was made on 11 June 2012 and will come into force on 1 November 2012,

The 2012 Order amends the Regulation of Investigatory Powers (Directed Surveillance and Covert Human Intelligence Sources) Order 2010, SI 2010/521 (“the 2010 Order”), which prescribes which officers, within a public authority, have the power to grant authorisations for the carrying out of Directed Surveillance and the grounds, under Section 28(3) of RIPA, upon which authorisations can be granted. At present local authorities have one ground; where it is necessary “for the purpose of preventing or detecting crime or preventing disorder.” (Section 28(3)(b))

From 1st November 2012, local authority Authorising Officers may not authorise Directed Surveillance unless it is for the purpose of preventing or detecting a criminal offence and it meets the condition set out in New Article 7A(3)(a) or (b) of the 2010 Order. Those conditions are that the criminal offence which is sought to be prevented or detected is punishable, whether on summary conviction or on indictment, by a maximum term of at least 6 months of imprisonment, or would constitute an offence under sections 146, 147 or 147A of the Licensing Act 2003 or section 7 of the Children and Young Persons Act 1933. The latter are all offences involving sale of tobacco and alcohol to underage children.

Background

These changes have not come out of the blue. Responding to media stories of councils misusing “anti terror laws” both coalition parties promised in their election manifestos to overhaul Part 2 of RIPA, which regulates local authorities, amongst others, when conducting covert surveillance on citizens. They argued that such surveillance was often used to investigate minor offences and in a disproportionate manner. The introduction of a Serious Crime Test for Directed Surveillance was recommended in the Home Office review of counter-terrorism and security powers published on 26th January 2011.

Directed Surveillance has been the subject of substantial debate and controversy. It is often conducted by local authorities to, amongst other things, investigate a benefit fraud or to collect evidence of anti-social behaviour. Typical methods include covertly following people, covertly taking photographs of them and using hidden cameras to record their movements. Introducing a six months imprisonment test will ensure that such techniques are no longer an option when local authorities are investigating “minor offences” such as dog fouling and littering.

But the 2012 Order also removes the second limb of Section 28(3)(b) (“preventing disorder”). Directed Surveillance for the purposes of tackling anti social behavior will no longer be able to be authorised unless of course the activity involves criminal offences involved carrying a maximum prison term of six months or more. How will this impact on the work of local authority Anti Social Behaviour Units?

There is an exception to the general rule though. Because of the importance of Directed Surveillance in corroborating investigations into underage sales of alcohol and tobacco, the Serious Crime Test will not be applied when Directed Surveillance is being done in these cases.

The other recommendation of the RIPA Review (Magistrate’s Approval) will be implemented via the Protection of Freedoms Act 2012 which received Royal Assent on 1st May 2012. The RIPA provisions in this Act are yet to come into force but when they do they will require local authorities to have all their RIPA surveillance authorisations (i.e. Directed Surveillance, CHIS and the acquisition of Communications Data) approved by a Magistrate before they take effect. (Read more here: http://www.actnow.org.uk/content/47)

When the the Coalition Government published the Bill in February 2011, the Home Secretary, announced:

“The first duty of the state is the protection of its citizens, but this should never be an excuse for the government to intrude into peoples’ private lives. Snooping on the contents of families’ bins and security checking school-run mums are not necessary for public safety and this Bill will bring them to an end. I am bringing common sense back to public protection and freeing people to go about their daily lives without a fear that the state is monitoring them.”

Most local authorities feel that this is a disproportionate response to inaccurate media stories about their “overzealous” use of RIPA. The reality is that most authorities only use their powers in a handful of cases each year and only when there is no other viable means of investigating offences and then in a reasonable and proportionate manner.  The latest available annual report by the Office of Surveillance Commissioners (2010/2011) states:

“Generally speaking, local authorities use RIPA/RIP(S)A powers sparingly with over 50% granting five or fewer directed surveillance authorisations during the reporting period. Some 16% granted none at all.”

The changes to be made to the local authority RIPA regime via the 2012 Order, as well as the Protection of Freedoms Act, will have a big impact on their investigation and enforcement activities.  Now is the time to review RIPA processes and procedures and to make staff aware of the changing legal landscape.

We have a series of courses on RIPA and Surveillance which also cover the changes in the Protection of Freedoms Act. We can also provide in house customized training (e mail info@actnow.org.uk)

 

FOI Review : What to Expect

Last year the Justice Select Committee, chaired by Sir Alan Beith, launched a call for written evidence for its post-legislative scrutiny of the Freedom of Information Act 2000 (FOI). The Committee invited written evidence on the following issues (although those responding were free to discuss other matters):

  • Does the Freedom of Information Act work effectively?
  • What are the strengths and weaknesses of the Freedom of Information Act?
  • Is the Freedom of Information Act operating in the way that it was intended to?

The Committee has now finished hearing oral evidence. Its website contains more details including dates of hearings as well as uncorrected transcripts of evidence. Whilst much has been written and submitted to the Committee about what changes the Government should make to the FOI regime, some changes are more likely to be recommended by it than others:

1. A new exemption for Frivolous Requests

The Information Commissioner’s Office (ICO) has told the Committee (and a recent conference) that it would be in favour of an exemption being introduced to alleviate the burden of frivolous requests e.g. for zombie invasion plans.

My view is that this is a sacrificial lamb being offered by the ICO to try and deflect some of the recent criticism directed towards it. Public authorities have claimed that the ICO is not doing enough to help them at a time when they are being inundated with nuisance requests that clearly have no purpose or value. However the Committee may feel it needs to go further to address such concerns.

2. A Change to the Costs Regime

Many of those that have responded to the Committee’s call for evidence, have expressed concern about the sheer cost of dealing with FOI requests, although the basis of calculation of some of the figures seem highly dubious. It is likely that changes are made to allow more activities to be included as part of the costs limit of £450/£600 limit (under the Freedom of Information and Data Protection (Appropriate Limit and Fees) Regulations 2004) including perhaps the time it takes to redact exempt information from a document before disclosing the latter.

It seems that the Government is already pre judging the outcome of the Committee’s report. According to a BBC Newsnight report on 5th April 2012, a new fees regime could be introduced to reduce the number of FOI requests. Different tariffs could be used to charge different types of requestors. For more on this read Jonathan Baines excellent guest post for the Save FOI Blog.

3. A new Cabinet Minutes Exemption

The previous Government has on two occasions used the ministerial veto (under section 53) to exempt disclosure of cabinet minutes.  On 24th February 2009 the then Lord Chancellor, Jack Straw, issued the first ever ministerial veto  (See Cabinet Office and Christopher Lamb v IC (EA/2008/0024 & 0029)) when the Tribunal decided to uphold the ruling by the Information Commissioner that minutes of cabinet meetings from 2003 discussing the Iraq War should be disclosed.  On 10th December 2009, Mr Straw did the same again in respect of a decision of the Commissioner (Cabinet Office FS50100665) requiring disclosure of minutes of the Cabinet Ministerial Committee on devolution to Scotland and Wales and the English Regions in 1997.

Dominic Grieve, the Attorney General, also used the veto to block release of Cabinet Minutes relating to Scottish and Welsh Devolution. Recently the Health Secretary, Andrew Lansley, caused controversy when he used the veto to block access to the NHS Risk Register. On each occasion the veto has been used, the Commissioner has issued a report to Parliament expressing disappointment. However recently he has said that if the Government feels strongly about Cabinet Minutes being kept secret then an absolute exemption should be introduced. Bearing in mind what the Prime Minister and Lord O’ Donnel (the former head of the civil service) have said about FOI recently, this is a strong possibility.

4. Other Possible Changes

Looking at the various submissions to the Committee especially those from the ICO, it is also likely that statutory limits for Internal Reviews and the public interest test are recommended to avoid delays in dealing with requests. It may also be recommended that now FOI has bedded in, the role of the Qualified Person (under section 36) be removed so that there is no delay in Refusal Notices being issued where this exemption is claimed.

The Committee is due to report before the Summer Recess of Parliament.

Ibrahim Hasan is doing a web seminar on the changes to the FOI, DPA and RIPA regime to be made by the Protection of Freedoms Act. Click Here  for more information.

%d bloggers like this: