Skip Navigation
Home Office - Building a safe, just and tolerant society
Tuesday, 27 September 2005Tuesday, 27 September 2005
Home | Contact us | A-Z index | Search | What's new
Inside the Home Office
Community & Race Crime & Policing
Crime Statistics
Community Safety
Crime Types
Organised & International Crime
Extradition
Encryption
European Union Issues
Proceeds of Crime
AGIS Funding Programme
Regulation of Investigatory Powers Act
Mutual Legal Assistance
Policing
Justice & Victims
Tackling drugs
Terrorism
Immigration & Nationality
Passports
Research & Statistics
UK Visas Website
Crime & Policing
> Home > Crime & Policing > Organised & International Crime > Regulation of Investigatory Powers Act

The Regulation of Investigatory Powers Act (RIPA)

RIPA PART I Chapter II: Acquisition and Disclosure of Communications Data

Part I of RIPA contains two chapters:

  • Chapter I relates to the interception of communications.
  • Chapter II relates to the acquisition and disclosure of communications data.

Background

Chapter II of Part I of RIPA provides a legislative framework to cover the requisition, provision and handling of communications data. It explains the duties and responsibilities placed upon each party involved in these processes and creates a system of safeguards, reflecting the requirements of Article 8 of the ECHR.

Provisions

The Chapter II provisions draw a distinction between interception of communications in the course of their transmission, which is activity excluded from Chapter II, and conduct involving the obtaining or disclosure of communications data, which is activity covered by Chapter II.

Conduct to obtain communications data is lawful in response to a properly authorised notice or authorisation - the two methods of obtaining communications data under Chapter II. There is no liability attached to actions undertaken as a result of a requirement or authorisation under Chapter II.

Definition of Communications Data

The definition includes information relating to the use of a communications service but does not include the contents of the communication itself. It is broadly split into 3 categories: "traffic data"; the use made of the service by any person e.g. itemised telephone records; and any other information that is held or obtained by an operator on a person they provide a service to e.g. subscriber information.

The definition of "traffic data" includes:

  • identity information relating to a person, apparatus or location e.g. calling line identity and mobile phone cell site location details.
  • data identifying or selecting apparatus e.g. routing information.
  • signalling information to actuate apparatus. To cover 'dial thru fraud' (in very simple terms a call is set up which allows the control of an exchange so that a protagonist can dial thru numbers at no cost).
  • 'packets' of data which indicate which communications attach to which communications. (Note: data identifying individual pages or websites, or interacting with the internet is not included in communications data (this is content of a communication).

Obtaining and Disclosing Data

A strict test of "necessity" must be met before any communications data is obtained under Chapter II. An authorising officer must not only consider the communications data to be necessary but must also consider the conduct involved in obtaining the communications data to be "proportionate". The grounds on which it is necessary are:

  • in the interests of national security;
  • for the purpose of preventing or detecting crime or of preventing disorder;
  • in the interests of the economic well-being of the United Kingdom;
  • in the interests of public safety;
  • for the purpose of protecting public health;
  • for the purpose of assessing or collecting any tax, duty, levy or other imposition, contribution or charge payable to a government department;
  • for the purpose, in an emergency, of preventing death or injury or any damage to a person’s physical or mental health, or of mitigating any injury or damage to a person’s physical or mental health.

There are two ways in which communications data may be obtained. Firstly, by an authorisation. The provisions provide a means for someone to be authorised within the same relevant public authority as the authorising officer. This provides a legal basis upon which the public authority may collect the communications data themselves e.g. if a communications service provider (CSP) was technically unable to collect certain communications data, the authority would allow an investigating body to collect the data themselves. The second way in which communications data may be obtained is where a notice is served upon the holder of the data, requiring them to comply with the terms of the notice.

Data may only be disclosed to the person giving the notice or another specified person who must be from the same relevant public authority. The authorisation period of authorisations and notices is set at one month which may be renewed. A notice has to be cancelled as soon as it is clear that the reasons for which it was granted are no longer valid.

In the case of a notice, the service provider has to comply within a reasonably practicable time and only supply data if it is reasonably practicable to do so. If a CSP fails to provide the required communications data then the Secretary of State may take civil proceedings against them, which may result in the issue of, inter alia, an injunction which would have the effect of compelling the provision of data.

Arrangements for Payments

Agreements are in place between communications service providers and public authorities that provide for cost recovery where a service provider is called upon to provide communications data. The agreements have been reached independently of the Government and take account of the fact that a requirement to provide communication data places operational and financial burdens on the service provider. The Act itself allows for payment arrangements to be made in order to compensate holders of communications data for the costs involved in complying with the notices issued under Chapter II. This may include arrangements for payments to be made out of money provided by Parliament.

The "relevant public authorities" currently listed in the Act for Chapter II purposes are:

  • a police force;
  • the National Criminal Intelligence Service;
  • the National Crime Squad;
  • HM Customs and Excise;
  • the Inland Revenue;
  • the Security Service;
  • the Secret Intelligence Service;
  • the Government Communications Headquarters.

Code of Practice

The Chapter II provisions are subject to a statutory code of practice, a draft of which has been published for public consultation. The code relates to the powers and duties conferred or imposed under Chapter II. It provides guidance on the procedures that must be followed before access to communications data can take place under those provisions. The Act provides that the code is admissible in evidence in criminal and civil proceedings. If any provision of the code appears relevant to a question before any court or tribunal hearing any such proceedings, or to the Tribunal established under the Act, or to one of the Commissioners responsible for overseeing the powers conferred by the Act, it must be taken into account. The code applies to the relevant public authorities described in Chapter II and extends to England, Wales, Scotland and Northern Ireland.

The draft code of practice lays out in more detail the application process. For example, it requires in writing:

  • the reason why obtaining the requested data is considered to be necessary for one or more of the purposes listed;
  • an explanation of why obtaining the data constitutes conduct proportionate to what it seeks to achieve;
  • specifying the individual to whom the data relates and the exact data that is required;
  • where authorisations have been improperly obtained that a report and explanation be sent to the Interception of Communications Commissioner.

Oversight

As with Part I Chapter I independent oversight of Part I and Chapter II is provided by the Interception of Communications commissioner (see Part IV).

The Act provides for an Interception of Communications Commissioner whose remit is to provide independent oversight of the use of the powers contained within Part I.

The Act establishes an independent Tribunal, which is made up of senior members of the legal profession or judiciary and is independent of the Government. The Tribunal has full powers to investigate and decide any case within its jurisdiction.

Back to top
More on this
What's New
Text of RIPA
Explanatory Notes
Statutory Instruments
Myths and misunderstandings
Consultation Exercises
Forms
Archives
Useful Links
RIPA part 1
RIPA Part 2
RIPA part 3
RIPA part 4
Commons debate on draft Interception Code of Practice
Lords debate on draft Interception Code of Practice
Results of Public Consultation on the draft Interception Code of Practice
Commons Debate on the Draft Regulation of Investigatory Powers (Maintenance of Interception Capability) Order 2002
Summary of responses to consultation on section 12 of RIPA
The Technical Advisory Board (TAB)
Commons Debate on the Draft Regulation of Investigatory Powers Technical Advisory Board) Order 2001
Accessibility | Complaints | Freedom of Information | Terms & Conditions | Site Map | Cymraeg