Today, I’m setting out some of the recommendations
in the Joint Committee’s report that have not received any significant media
attention.
While this week’s media reports have
concentrated on the Bill’s defects, it is accepted that some form of official access
to some types of communications data is necessary.
Accordingly, what measures ought to be
in place to maintain an appropriate level of official accountability and public
reassurance, once it has been determined what types of data should
investigators be able to access?
The
authorisation process
The Single Point of Contact process should be enshrined in primary
legislation. A specialist centralised SPoC service should be established
modelled on the National Anti-Fraud Network service which currently offers SPoC
expertise to local authorities. The Home Office should consider allowing police
forces to bid to run this service. This new service should be established by
statute, and all local authorities and other infrequent users of communications
data should be required to obtain advice from this service.
Although approval by magistrates of local authority authorisations
is a very recent change in the law, we think that if our recommendations are
implemented it will be unnecessary to continue with different arrangements
applying only to local authorities.
The
Interception of Communications Commissioner
The IoCC should carry out a full review of each of the large users
of communications data every year. While sampling is acceptable as a way of
dealing with large users, the requests of users making fewer than 100
applications in a year should be checked individually. The annual report of the
IoCC should include more detail, including statistics, about the performance of
each public authority and the criteria against which judgements are made about
performance. It should analyse how many communications data requests are made
for each permitted purpose. For this the IoCC will need substantial additional
resources, both as to numbers and as to technical expertise. There should be
full consultation with him on this. His role should be given more publicity.
The IoCC's brief should explicitly cover the need to provide
advice and guidance on proportionality and necessity, and there should be
rigorous testing of, and reporting on, the proportionality and necessity of
requests made.
The IoCC will be key to public confidence in the Request Filter.
The IoCC will need the necessary expertise properly to examine the operation of
the Request Filter. He will have to report on the scale of searches via the
Request Filter and rigorously test the necessity and proportionality of
requests put to the Filter. All this information should be included in the
public section of his annual report so that if there are any signs that the
Filter is resulting in more intrusive requests Parliament can review the
legislation.
The
Information Commissioner
If the Government believe that additional safeguards can be
provided by the Information Commissioner, they should undertake detailed
discussions with him as to what such safeguards might be, how they might be
undertaken, and what additional powers and resources he might need. The Bill
should make clear that the Information Commissioner will need to be shown all
notices issued under clause 1.
Other
Surveillance Commissioners
Work should be done to rationalise the number of commissioners
with responsibility for different areas of surveillance. This work should aim
to simplify the situation and make it easier for the public to understand,
while ensuring that all surveillance powers are subject to rigorous oversight.
Consideration should be given to a new unified Surveillance Commission
reporting to parliament with multi-skilled investigators and human rights and
computer experts.
Security and
destruction of data
We consider the Home Office's cost estimates may underestimate the
cost of security and destruction of data. Since the cost of security and
destruction will ultimately be borne by the taxpayer, the Home Office will have
to carry out a careful cost/benefit analysis and obtain advice and assurances
from a wider body of experts that the companies that stand to earn money from
devising secure storage solutions.
Offence of
misuse of communications data by a public authority
The House of Commons Justice Committee recommended that the power
under section 77 of the Criminal Justice and Immigration Act 2008 should be
exercised "without further delay". Nearly a year later the Home
Affairs Committee reached the same conclusion. We agree with the Information
Commissioner and with both these Committees that this power to allow custodial
sentences to be imposed in appropriate cases should be exercised without delay.
The Bill should provide for wilful or reckless misuse of
communications data to be a specific offence punishable in appropriate cases by
imprisonment.
In the final blog of this short series, I’ll
be reviewing some of the immediate reaction to the report’s recommendations.
Source:
http://www.publications.parliament.uk/pa/jt201213/jtselect/jtdraftcomuni/79/79.pdf
.
.
Posts
