Surveillance: Citizens and the State - Constitution Committee Contents


CHAPTER 4: Legal Regulation and Safeguards

118.  The regulation of surveillance and data use is provided by statutory rules, common law decisions, and Codes of Practice and guidelines issued by regulatory authorities and by public and private organisations. Evidence focused on four main sources of domestic regulation:

  •   The Human Rights Act 1998 (HRA);
  •   The Data Protection Act 1998 (DPA);
  •   The Regulation of Investigatory Powers Act 2000 (RIPA); and
  •   The tort of breach of confidence.

119.  The Ministry of Justice argued that the current legal framework is "responsive and robust enough to meet both current and future needs." (p 315) While acknowledging that the pace of technological change presented challenges to the Government, Tony McNulty MP, the then Home Office Minister for Security, Counter-terrorism, Crime and Policing, expressed the belief that the fundamentals of the regulatory system were sound, and that the boundaries between acceptable and unacceptable surveillance were "very, very clear". (Q 936, 942)

120.  Dr David Murakami Wood, Lecturer at the School of Architecture, Planning and Landscape, University of Newcastle upon Tyne, and representative of the Surveillance Studies Network, suggested that an incremental approach to the development of regulations and safeguards could not keep pace with the speed of technological change and that, unless a greater effort was made to harmonise the various parts of the present legal framework, the Government would be poorly placed to respond effectively to future developments in the field of surveillance and data use:

    "We need to move ahead of the game ... The first thing to do is bring together those existing pieces of legislation, start to connect them, start to see where the holes are, to fill those holes and … to actually start to think in terms of the future about what might occur and how we might legislate for things that are now being developed or will be developed." (Q 67)

121.  In this chapter, we look at the various sources of regulation, and consider how effective they are at controlling the surveillance activities of the state and the private sector. We also look at how effectively two major forms of surveillance and data collection, the National DNA Database (NDNAD) and CCTV, are regulated.

The Human Rights Act 1998

122.  David Feldman, Rouse Ball Professor of English Law, University of Cambridge, argued that prior to the enactment of the Human Rights Act 1998 (HRA), there was no established right to privacy in UK law. (Q 522) Although individuals could appeal to the European Court of Human Rights if they felt that their right to privacy under Article 8 of the European Convention on Human Rights (ECHR) had been infringed, the right could not be pleaded in UK domestic courts. With the introduction of the HRA, however, the ECHR became a part of domestic law, and a general right to respect for private and family life under Article 8 was established in the UK. As a consequence, it became unlawful for any public body to act so as to interfere with an individual's privacy unless the body could point to one of the specific exceptions contained in Article 8(2). Although under the HRA the provisions of Article 8 can only be enforced against public bodies, in recent years the UK courts have sought to expand its ambit so that it can, under certain circumstances,[62] also be applied to private bodies and individuals. The courts have also taken decisions extending the common law tort for breach of confidence in the field of individual privacy interests. (Dr Metcalfe, Q 244)

123.  Article 8 of the ECHR provides the basis for a general right to respect for privacy and family life, but there is no accepted legal definition of privacy. Privacy is difficult to define, and both the European Court of Human Rights and UK courts have declined to offer a definition, preferring to judge the right on a case by case basis. While the European Court of Human Rights has not produced a definition of privacy as such, we note that it has been clear in stating that Article 8 encompasses a right to establish and develop relationships with other human beings.

124.  The definition of privacy given by Samuel Warren and the future US Supreme Court Justice Louis Brandeis in 1890, which held that an individual has the "right to be let alone", is perhaps too brief and concise to cover the range of circumstances and concerns considered in this report.[63] In 1990 the Calcutt Committee on Privacy and Related Matters adopted a helpful definition in its first report on privacy:

    "The right of the individual to be protected against intrusion into his personal life or affairs, or those of his family, by direct physical means or by publication of information."[64]

125.  The incorporation of Article 8 into UK law via the HRA means a public body engaged in any form of interference with an individual's privacy must be able to demonstrate that the surveillance in question is:

(i)  authorised by law;

(ii)  proportionate to the purpose in question;

(iii)  necessary; and

(iv)  conducted in accordance with one of the legitimate aims set out in Article 8(2) of the ECHR.

126.  The HRA and Article 8 of the Convention provide a privacy-based framework for the regulation of surveillance and data use in the UK. According to many of our witnesses the introduction of the HRA has led to a positive change in the way in which government agencies and private organisations approach matters of surveillance and data use. (Dr Metcalfe, Q 244; Professor Feldman, Q 525) We were told, for example, by Dr Eric Metcalfe, Human Rights Policy Director for JUSTICE, that Article 8 provides a basis for the development of a right to privacy in the UK, and that it has the potential to transform the way in which surveillance and privacy are handled. (QQ 244, 247)

127.  The incorporation of Article 8 into domestic law has affected the common law action for breach of confidence, which has historically acted as the primary protection for privacy interests in the common law. (Hugh Tomlinson, pp 439-40) According to Dr Metcalfe:

    "It has been interesting, since the Human Rights Act, in particular, to see the development of the common law in this area … We find the courts are now beginning to develop the traditional common law breach of confidence principles and use that to act as a more general remedy for breaches of a person's Convention rights since the Human Rights Act came into force." (Q 244)

128.  A number of witnesses drew attention to the limitations of the HRA and Article 8 of the Convention. According to Article 8(2) an interference with the right is permissible "in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others." As noted by Professor Bert-Jaap Koops, Professor of Law and Technology at Tilburg University Institute for Law, Technology and Society (TILT), in practice governments can interpret these limitations freely, without having to point to any empirical evidence about the need for such a limitation. (Q 492)

129.  Concerns were also raised about whether government agencies and other public bodies understand how the principles of necessity and proportionality operate in the context of privacy and the limitations set out in Article 8(2). In order to justify an interference with the Article 8 rights, on the basis of any of the exceptions laid out in Article 8(2), the state must be able to show that it is acting lawfully and for a legitimate aim, and that the interference is both necessary and proportionate. (Hugh Tomlinson, p 440) As Professor Feldman pointed out, the proportionality test can be "a very effective protection indeed". (Q 520)

130.  We were told that neither the European Court of Human Rights nor the English courts have applied a rigorous proportionality test in the context of interferences with Article 8. According to Hugh Tomlinson:

    "The crucial question is always that of proportionality … If the grounds on which it was justifiable to interfere with the right to privacy were to be restricted this should be done by requiring a stricter proportionality test to be satisfied." (p 440)

131.  We took evidence from a number of witnesses about the manner in which Article 8 rights have been pursued in the courts, and the extent to which they have provided a defence for the privacy interests of citizens. According to Dr Chris Pounder, then of Pinsent Masons:

    "I am not confident that Article 8 will provide satisfactory jurisprudence because there are very few cases going to the courts. Those cases that tend to go into the courts primarily involve … people who have celebrity status … Anybody who is trying to take an Article 8 case on has to take on the unlimited resources of the state." (Q 842)

132.  While the introduction of the HRA has helped to ensure that the privacy of citizens is better protected, we are concerned that Article 8 is not well understood by the public. The protections offered by the HRA against unlawful and overly intrusive surveillance are not readily accessible or comprehensible to most members of the public.

133.  Although the rights contained in Article 8 provide a substantial measure of privacy protection for the public, the law in this area is developing slowly. JUSTICE suggested that there has been a tendency on the part of the Government and the courts to see Article 8 as providing a minimum standard that must be attained rather than as a foundation for the development of better regulation. (p 110) We believe that more should be done to ensure that the HRA acts as a sufficient brake on intrusive surveillance practices and over-zealous data collection.

134.  In the light of these concerns, we recommend that the Government should instruct government agencies and private organisations involved in surveillance and data use on how the rights contained in Article 8 of the European Convention on Human Rights are to be implemented. The Government should provide clear and publicly available guidance as to the legal meanings of necessity and proportionality. We recommend that a complaints procedure be established by the Government and that, where appropriate, legal aid should be made available for Article 8 claims.

135.  Evidence was taken on the effectiveness of Article 8 in respect of loss of privacy. The spread of surveillance technology has the potential to affect large numbers of people in many ways. Gareth Crossman, the then Director of Policy at Liberty, argued that for a human rights based approach to privacy to work effectively, there is a need for a victim to bring an action. As a great deal of surveillance—particularly mass informational surveillance—affects "a very large number of people, but only in small ways", singling out a particular victim or identifying a single, serious harm may be extremely difficult. (Q 244)

136.  The introduction of the HRA has helped to ensure that the privacy of citizens is better protected, but the right to privacy alone cannot provide an adequate basis for the protection of individuals against over-zealous surveillance or data processing. There should be greater support given to groups who may have seen their overall privacy diminished by mass surveillance or the adoption of new data collection and sharing techniques by government.

137.  The Government should consider expanding the remit of the Information Commissioner to include responsibility for monitoring the effects of government and private surveillance practices on the rights of the public at large under Article 8 of the European Convention on Human Rights.

138.  The primary aim of this inquiry was to consider the constitutional implications of surveillance and data use, including the question of whether citizens have a constitutional expectation or right to privacy. There was a range of views on the question of whether the rights contained in Article 8 have the status of constitutional principles or rights. Hugh Tomlinson did not think "that there are any specific constitutional conventions or principles directly relating to surveillance or data protection." He explained that:

    "The major legal obstacle to the better protection of privacy in the United Kingdom is the absence of a strong 'constitutional' privacy right. Although the Courts have, in response to the impetus provided by the Human Rights Act 1998 developed a wide range of 'constitutional common law rights' in other areas, privacy has not been so recognised and Article 8 has, at present, only partially filled the gap." (pp 439-40)

139.  Professor Feldman told us that, whilst he was "not entirely convinced that surveillance generally raises important constitutional issues of an institutional kind", he did think that a number of "constitutional principles" might come into play when considering the proper limits of state surveillance. (QQ 517-18) In particular, he drew attention to the clear constitutional requirement that ministers are accountable to Parliament, and suggested that any surveillance or data collection activities undertaken under the authorisation of a minister should be open to parliamentary scrutiny. He added:

    "The UK's constitution has long relied on what one might describe as a principle of executive and legislative self-restraint in interfering with people or authorising interference with people and their activities. That is an important principle, although it is very rarely written about in any of the text books, and it is important because of the centrality of the idea of the legislative supremacy of the Queen in Parliament. If you have a situation in which the Queen in Parliament can authorise in principle anything, then it becomes very important to be self-controlled in the way in which those powers are used, so I like to think that there is a principle of both executive and legislative self-restraint that is increasingly under strain, I think, at the moment." (Q 518)

140.  We heard evidence about the constitutional implications of surveillance and data use from a number of civil liberties and human rights organisations. JUSTICE stated that it "regard[s] the Human Rights Act 1998 as a constitutional document and the rights protected therein as constitutional rights" (p 110), and drew our attention to a recent lecture by Lord Steyn, in which he argued that:

    "[A] premise of the democratic idea is that the basic values of liberty and justice for all and respect for human rights and fundamental freedoms are guaranteed. It is enshrined in the Human Rights Act 1998 which is our Bill of Rights".[65]

141.   But JUSTICE also stated that it is "important to bear in mind the limitations of the constitutional framework for the protection of constitutional rights in the UK", and that:

    "It is a mistake to suppose that judicial supervision is enough to maintain privacy as a public good in the UK. In particular, Parliament cannot abdicate to the courts its responsibility to govern well, in particular by restraining the executive's enthusiasm for the administrative benefits of surveillance and data-collection." (p 110) [66]

142.  A number of witnesses told us about the approach taken in other European countries. Joerg Fedtke, Professor of Law, University College London, gave an account of the operation of the data protection legislation in Germany, pointing out that surveillance was ultimately regulated by reference to a strict constitutional commitment to the principle of proportionality. It is, he maintained, one of the key elements "which public authorities need to take into account in exercising their powers, whether surveillance, whether it is dealing with personal data, or whether it is any other function they might perform." (Q 748) Dr Lee Bygrave, Associate Professor in the Faculty of Law, University of Oslo, told us that:

    "It is clear that if you look at, say, the Federal Republic of Germany, which arguably has the strongest protection for personal data in Europe, that constitutional platform has been very, very important for the case law of the Bundesverfassungsgericht [Constitutional Court] in curbing, particularly, the latest spate of surveillance measures being issued by the interior ministry in the Federal Republic, and, also, at Länder level." (Q 489)

143.  The evidence we received suggests that, though there may be no consensus about whether there is a constitutional case for restricting the surveillance and data use activities of the state, consideration should be given to placing the rights contained in Article 8 of the Convention on a clear legal footing.

144.  We regard privacy and the application of executive and legislative restraint to the use of surveillance and data collection powers as necessary conditions for the exercise of individual freedom and liberty. Privacy and executive and legislative restraint should be taken into account at all times by the executive, government agencies, and public bodies.

The Data Protection Act 1998

145.  The use of personal information is regulated by the Data Protection Act 1998 (DPA) which covers the circumstances under which personal information can be processed by public authorities and private organisations. Under the provisions of the DPA, any individual or organisation engaged in the handling of personal information is required to ensure that all information is:

146.  So as to ensure that the processing of personal data is open and transparent, the Act establishes a system of notification (DPA 1998, Part III) whereby all organisations engaged in the handling of personal information are required to notify the Information Commissioner's Office (ICO) (unless they are exempt under the Act) and to provide details of the type of data processing being undertaken. This information is then published in the register of data controllers and is available for public inspection. Failure to notify is a criminal offence under the Act (DPA 1998, section 47). The objective of the system is that members of the public are able to find out who is processing personal information and for what purpose. The system is designed to ensure that individuals are able to determine whether information relating to them is being held by another individual, government agency, or private organisation.

147.  One of the key features of the regime established by the DPA is that it does not provide individuals with substantive rights that can be enforced by the courts. Instead, an individual who believes that his or her personal information is being improperly held or used must make a complaint to the ICO. According to the Act, the Information Commissioner has the power to:

  •   undertake assessments to check whether organisations are complying with the Act;
  •   serve information notices requiring organisations to provide the ICO with specified information within a certain time period;
  •   serve enforcement notices and "stop now" orders where there has been a breach of the Act, requiring organisations to take (or refrain from taking) specified steps in order to ensure they comply with the law;
  •   prosecute those who commit criminal offences under the Act;
  •   conduct audits to assess whether organisations' processing of personal data follows good practice; and
  •   report to Parliament on data protection issues of concern. (DPA 1998, Part V)

148.  We took evidence on the operation and effectiveness of the DPA. In both his written and oral submissions, Richard Thomas, the Information Commissioner, gave an account of the work undertaken by his Office, and the challenges it currently faces as a consequence of advances in surveillance and data use technology. Although the Commissioner was keen to emphasise that he did not believe that "any sort of surveillance society is developing for malign reasons", he stressed that:

    "We think there is a need for much greater attention to be focused on the risks involved and the safeguards which are needed. We all now leave our electronic footprints in many places on a daily basis and as the pace accelerates our concern is to ensure that full consideration is given to the impact on individuals and society, that pre-emptive action is taken where necessary to minimise intrusion, and that measures are in place to safeguard against unacceptable consequences." (Q 2)

149.  We discuss the role of the Information Commissioner in relation to the DPA in more detail in Chapter 5.

The Regulation of Investigatory Powers Act 2000

150.  The third major piece of legislation we examined was the Regulation of Investigatory Powers Act 2000 (RIPA). Designed to replace the Interception of Communications Act 1985, RIPA established a framework for the use of surveillance and data collection techniques by the police, the security services, and other law enforcement agencies. In addition to criminalising the intercepting of a communication over a public network without consent or a warrant authorised by the Secretary of State,[67] the Act set out the circumstances under which public authorities—most notably the police—can engage in various types of surveillance activities. It provided a framework for the authorisation and review of those activities by the Office of Surveillance Commissioners (OSC) and the Intelligence Services Commissioner.

151.  According to section 48(2) of the Act, surveillance is described as:

  •   monitoring, observing or listening to persons, their movements, their conversations or their other activities or communications;
  •   recording anything monitored, observed or listened to in the course of surveillance; and
  •   surveillance by or with the assistance of a surveillance device.

152.  Under RIPA, surveillance may be categorised as "directed" and/or "intrusive", with implications for whether a particular type of surveillance can be authorised. Although the definitions of directed and intrusive surveillance are complex it is possible to define them as follows.

Surveillance is directed if:

  •   it comprises covert observation or monitoring by whatever means;
  •   it is for the purpose of a specific investigation or specific operation (any crime or other offence); and
  •   it will or is likely to obtain private information about any person, not just the subject of the operation.

Surveillance is intrusive if:

  •   it is covert;
  •   it is carried out on any residential property or in any private vehicle; and
  •   it involves the presence of an individual on the premises or in the vehicle, or the use of a surveillance device.

OPERATION OF THE RIPA REGIME

153.  There was disagreement between the Association of Chief Police Officers (ACPO) and the OSC as to the effectiveness of the current legal framework, and about the level of paperwork surrounding the system of authorisations. ACPO referred to a Review of RIPA commissioned in 2004:

154.  Although Assistant Chief Constable Nick Gargan, the former Chair of the Covert Investigation (Legislation and Guidance) Peer Review Group, stressed that ACPO regards RIPA as an effective piece of legislation, he also argued that:

    "The implementation of that piece of legislation has been difficult and it has created an excessive burden of unnecessary bureaucracy, which is the source of regular complaint from operational colleagues and commanders up and down the country ... We think that it is a fresh time to re-visit the legislation in its entirety." (Q 90)

155.  Nick Gargan specified problems arising from legal ambiguity such as authorisations of surveillance in cases of joint activity between forces or where police were working with non-police staff, and the installation of intrusive surveillance cameras in private dwellings. In addition:

    "Unfortunately, one of the consequences of our own cultural risk aversion is that we tend to over-authorise. We have tried to look for sources of advice that would give colleagues the confidence not to over-authorise activity … Let us apply a little common sense, for example to the case where we send someone into an off-licence and ask him to try to buy four cans of lager so that we can prosecute the shop-keeper if he is selling inappropriately. Let us not dress that up as covert policing." (Q 128)

156.  He went on to say that there was also a problem of contradictory advice being offered by the Information Commissioner and by the other Commissioners who have inspection powers under RIPA, and that "the fact of having separate bodies investigating largely the same field of activity creates a bureaucratic cost."(Q 132)

157.  That the system of regulation established by RIPA was overly bureaucratic was rejected by the current Chief Surveillance Commissioner, Sir Christopher Rose. When asked whether the requirements set out in RIPA were overly onerous, Sir Christopher stated:

    "If you choose to class paperwork as bureaucracy, so be it, but one of the features of the paperwork connected with covert surveillance which is beneficial to everybody is if there is an impeccable paper trail showing what is sought, what is authorised, what renewals and cancellations there have been, that helps everybody." (Q 642)

158.  Sir Christopher also suggested that the problems experienced by the police may be the result not of any deficiency in the legislation but its implementation:

    "So if ACPO or anybody else chooses to say there is far too much paperwork, one has to examine what that actually means. Sometimes, there is excessive paperwork because you will get an inexperienced police officer, for example, who is unduly repetitive either in what he is seeking to have authorised or in what is authorised. That is to be remedied, as it seems to me, by training the relevant officer to do his job better." (Q 642)

159.  We recommend that the Government undertake a review of the administrative procedures set out in the Regulation of Investigatory Powers Act 2000 so as to resolve the contrasting views expressed by the Association of Chief Police Officers (ACPO) and the Office of Surveillance Commissioners about the effectiveness of the current legal framework and the system of authorisations.

160.  Concerns were expressed by Liberty that the system for approving both directed and intrusive surveillance operations is insufficiently robust and independent, with operations capable of being approved internally by the police and the security services:

    "RIPA Powers are often self-authorising with lower level communications data powers being authorised internally and even the highest level interception powers only requiring the authority of a government minister. This can be contrasted with the USA where, historically, there has always been independent judicial authorisation at the heart of the US surveillance process." (p 106)

161.  Professor Feldman questioned the wisdom of allowing the intelligence services to be able to authorise their own surveillance activities in the absence of checks and balances. Although he acknowledged that the Investigatory Powers Tribunal (IPT) had the power to review the legality of such authorisations, he doubted its effectiveness:

    "I think the Investigatory Powers Tribunal has yet to prove itself—it has not had enough to do yet perhaps to be clear just how effective it is going to be—but I am a little bit worried about the extent to which these intrusive or relatively extensive activities can be authorised by a senior official of the agency that is going to carry out the activity without the need for external independent scrutiny in all cases." (Q 560)

162.  We are concerned about the level of independent and effective oversight of surveillance activities under RIPA. Although we accept that the OSC provides oversight, and the assurances of Sir Christopher Rose that the inspection system has helped to improve police practices, we consider that more should be done to protect the privacy of individuals from over-zealous state surveillance. We were concerned to hear from Hugh Tomlinson that the law provides little in the way of redress where surveillance powers have been exceeded. (p 442)

163.  We recommend that the Government consider introducing a system of judicial oversight for surveillance carried out by public authorities, and that individuals who have been made the subject of surveillance be informed of that surveillance, when completed, where no investigation might be prejudiced as a result. We recommend that compensation should be available to those subject to unlawful surveillance by the police, intelligence services, or other public bodies acting under the powers conferred by the Regulation of Investigatory Powers Act 2000.

LOCAL AUTHORITY POWERS UNDER RIPA

164.  During the course of the inquiry there were well-publicised examples of local authorities using the surveillance powers under RIPA to stop fly tipping, reduce dog fouling, and investigate fraudulent school place applications. David Holland, holder of the consumer protection brief for Cardiff Council, denied that local government had systematically abused its power:

165.  He also told us:

    "I think we have said that our role as a council is to protect and serve the local community. I will be frank with you; I will use every power I have available to do that because there are some real rogues out there that prey on the vulnerable and elderly … I will use whatever powers I have available to bring those people to book, but … I will work within RIPA and I will make sure that if my officers choose to undertake or apply for directed surveillance that that application is an absolutely necessary use of that power and that it is a proportionate response." (Q 789)

166.  These points were echoed by Donna Sidwell of the Local Authority Coordinators of Regulatory Services (LACORS):

    "There are certainly different degrees of seriousness … We would argue that the checks and balances already in place are fairly good at enabling a local authority to assess on necessity and proportionality grounds. There are some occasions when you may challenge the decisions that have been taken and you might say that if you were looking at it from the judicial perspective a different decision might have been taken. I think there are areas where additional guidance can assist and working with the Home Office, the Office of Surveillance [Commissioners] and the Office of the Interception Commissioner can help us in that … We want the local authority communities and residents to be confident and to believe that they are not being snooped on. We strongly do not believe that is the case." (Q 794)

167.  She also told us that:

    "There will be those occasions where it is more appropriate for covert surveillance to be used, for a covert human intelligence source to be authorised or for subscriber or billing information to be obtained. (Q 794)

168.  Professor Janice Morphet, a former local authority officer and Chief Executive, observed that covert surveillance was, for example, a traditional Trading Standards practice with regard to market stalls, dumping, and off-licence sales to minors:

    "The ones you have described in terms of schools and refuse are much more difficult to deal with. I do not think it needs covert surveillance … I would send an inspector along with the refuse collection team. I do not think I would make that person covert … Thinking about schools … I do not think I myself would go down that line … but what we have to recognise is that at local level this is the kind of issue that will absolutely fill the chief executive's postbag and that of the local members. I am not defending [covert surveillance] because I think I would try other things." (Q 918)

169.  Councillor Hazel Harding, Leader of Lancashire County Council and Chair of the Local Government Association Safer Communities Board, said:

    "From an elected member's point of view, I am appalled when I see some of those examples in the press as well … It is a case, in some instances, of using a sledgehammer to crack a nut." (Q 807)

170.  The Minister of State at the Home Office for Crime, Policing, Counter-terrorism and Security, Vernon Coaker MP, said that some such uses of RIPA powers were "inappropriate", and that he was working with the Department of Communities and Local Government (CLG) to look "at what we need to do to ensure that the powers are used appropriately and in a way which commands the respect of the public", in order to "stop some of these other things happening which undermine that support." (Q 1019) He added that "we need to look at the codes of conduct and see how we take them forward." (Q 1029) He also told us that Sir Simon Milton, the then Chairman of the Local Government Association (LGA), had written to local authorities to tell them "that when they used these powers they had to make sure they were used in a necessary and proportionate way and reminded them that that is in the guidance and that is what they should be doing." (Q 1022) The Minister referred to the use of RIPA powers "to tackle serious criminals":

    "North Yorkshire County Council used directed surveillance and communications data authorised by RIPA to prosecute three roofers who had persuaded 11 elderly victims to pay for unnecessary work on their roofs. These victims lost in excess of £150,000, two of the 11 victims lost their entire life savings, and the three criminals responsible were sentenced to between three, five and six years." (Q 1019)

171.  Such controversy led us to re-examine how local authorities came to possess such powers in the first place. Vernon Coaker explained that in the Act as passed in 2000, local authorities were not included in the list of public authorities that could have access to communications data. (p 360) During the passage of the Act, Bill Cash MP wrote to the then Home Secretary in relation to concerns raised with him that the Bill as drafted would extend the power to "a range of officials in several public-sector bodies including local authorities and … government departments."[68] The then Minister of State, Charles Clarke MP, wrote back to Mr Cash, explaining that such concerns "may be referring to the provision in the Bill allowing for the Secretary of State to make further additions to" the list of relevant public authorities with power to obtain data "at some future stage if it is deemed necessary … by means of the affirmative resolution procedure. I can, however, confirm even at this stage that such powers will not be made available to local authorities."[69]

172.  However, in the new Parliament in 2003 two Orders were passed by affirmative resolution in both Houses that gave a number of additional public authorities, including local authorities, access to communications data and the power to use directed surveillance and covert human intelligence sources within the RIPA regime.[70] The Orders were passed after a period of public consultation.[71]

173.  Vernon Coaker agreed that Charles Clarke had "confirmed that there was no intention to extend the provisions in RIPA to enable local authorities access to communications data." The Minister argued that "this was because a number of public authorities, including local authorities, already had access to communications data either by arguing individual exemptions under the Data Protection Act 1998 or by other statutory powers". He added that the decision to introduce the 2003 Order was made when "it became clear that a more systematic approach was required that ensured public authorities were subjected to the same regime and to ensure a more consistent and accountable approach to all aspects including authorisations, consideration of necessity and proportionality, independent oversight and appeals mechanisms." (p 361)

174.  Vernon Coaker subsequently elaborated on this, telling us that "the change of heart came because of a recognition of the problem that arose about the inconsistency of approach that was taking place. Some people were approaching internet service providers through RIPA legislation; others, like local authorities, were approaching them to get exactly the same information that they get under RIPA through other legislation, through the Data Protection Act, some of the exceptions that exist there, or through production orders under PACE [Police and Criminal Evidence Act 1984] … that is why we then went out to public consultation to say, 'Look: this is the situation. Would it not be better to include local authorities therefore within that?'" (Q 1012) He also attempted to reconcile Charles Clarke's categorical assurance with the Government's later desire for consistency: "Clearly, if an assurance has been given you like to try and ensure that that assurance is maintained, but … sometimes there are things that happen two, three, four, five, six years later … despite the assurance that was made there is a need to change". (QQ 1017, 1018)

175.  We are concerned lest this reversal set a precedent for future unforeseen policy changes in the field of surveillance.

176.  The situation regarding directed surveillance and covert human intelligence sources is also complicated. Local Authorities exercise their powers in this area under the Regulation of Investigatory Powers (Directed Surveillance and Covert Human Intelligence Sources) Order 2003. The debates in both Houses of Parliament when the Order was approved in 2003 seemed to indicate that these were not new powers.[72] We wrote to Vernon Coaker on 18 December to seek clarification of this point. His response of 12 January confirmed that these were not new powers: prior to RIPA, the use of directed surveillance or covert human intelligence sources by any public authority, including local authorities, was unregulated. The Minister explained that RIPA addressed the situation and was designed to ensure that public authorities complied with the ECHR. (p 337)

177.  We are concerned at the use by some local authorities of their surveillance and communication data collection powers under RIPA. We were pleased to note that the Home Secretary had announced a Government consultation on proposed changes to RIPA including revisions to the Codes of Practice that come under the Act, a consideration of which public authorities should exercise powers under RIPA and the possibility of the method by which RIPA powers are authorised being changed.[73] We recommend that the Government consultation on proposed changes to the Regulation of Investigatory Powers Act 2000 should consider whether local authorities, rather than the police, are the appropriate bodies to exercise such powers. If it is concluded that they are the appropriate bodies, we believe that such powers should only be available for the investigation of serious criminal offences which would attract a custodial sentence of at least two years. We recommend that the Government take steps to ensure that these powers are only exercised where strictly necessary, and in an appropriate and proportionate manner.

178.  We examine in more detail the question of the training of local authority personnel in Chapter 6.

The National DNA Database

179.  The National DNA Database (NDNAD) was established in 1995 in England and Wales (Scotland and Northern Ireland have their own databases), and contains profiles derived from DNA samples taken from anybody over ten years old arrested for a recordable offence (whether or not they are subsequently charged or convicted),[74] from volunteers and from crime scenes. It is not governed by one particular piece of legislation, although various acts have supported its establishment and development over the years. We consider the consequences of this fragmented system of regulation later in the report. [75]

180.  The NDNAD, in proportionate terms, is the largest of its kind in the world. It contains DNA profiles of 7.39 per cent of the UK population, according to Vernon Coaker. (Q 1049) Austria's forensic DNA database is the next largest in proportionate terms, and contains about one per cent of the population, while the USA's FBI "CODIS" database contains about 0.5 per cent.[76] The Nuffield Council on Bioethics states that "the threshold for holding DNA profiles on a forensic database is far lower in the United Kingdom than in any other Member State of the EU, and the proportion of the population included on the UK DNA Database is correspondingly far higher than in other EU countries."[77] England and Wales are alone in the EU in systematically retaining the profiles or samples of individuals who have not been convicted of a crime.[78] However the recent judgment in the case of S. and Marper v. the United Kingdom ruled that this practice was not compatible with the ECHR. We discuss this in more detail at paragraph 194.

181.  Since the establishment of the NDNAD, the use of bioinformation—especially DNA profiling—has increased substantially, for instance in crime detection, the investigation of offences and the conduct of prosecutions, and the identification of deceased persons and body parts. The Prime Minister has praised DNA as "one of the most effective tools in fighting crime."[79] Other witnesses agreed that the NDNAD could be a useful tool. The Nuffield Council on Bioethics argued that "well-functioning forensic databases have the potential to promote the public interest to a significant degree" and that "the science and technology of DNA profiling is increasingly robust and reliable".[80] GeneWatch UK told us that the NDNAD is "an important tool in criminal investigations" (p 72), whilst Liberty also affirmed the NDNAD's utility, given proper justification and proportionality.[81]

182.  Chief Constable Peter Neyroud, Chief Executive of the National Policing Improvement Agency (NPIA), the custodian body for the NDNAD, has stated that "the Database continues to grow in significance as a national intelligence resource in support of policing."[82] He told us that in cases of "serious offences and particularly serious violent offences … these databases are incredibly important in the investigation." (Q 108) He added that Ian Huntley, found guilty of the 2002 murder of two girls in Soham, "was arrested a considerable number of times before the events of Soham for offences that ranged between relatively minor potential sexual transgressions to quite significant ones. Mr Huntley would have, under the Criminal Justice Act 2003, appeared on the database. Prior to that he did not. That would have been a significant benefit to the investigation". (Q 113) He also told us that "the Police Service's case to Government when the last changes to the database were made was about the strong likelihood of serious crime detections that were there as a result of expanding the envelope beyond those who were convicted of a recordable offence or cautioned. That has indeed proved to be the case." (Q 120)

183.  Tony McNulty told us that the NDNAD enables perpetrators of a crime to be brought to justice—sometimes decades after the crime has taken place. (Q 960) His successor, Vernon Coaker, justified the NDNAD's size on the basis that "it has enabled us to solve a significant number of serious crimes. If you look at the numbers of murders, rapes, serious robberies and other violent crimes that have been solved as a result of having that database, we think that in the end is a proportionate response to tackling crime and it is a justification for it." (Q 1052) He further told us that, between May 2001 (when the provisions of the Criminal Justice and Police Act 2001 came into effect) and December 2005, approximately 200,000 profiles were retained that would have to have been removed prior to the passing of the Act. Of these, "approximately 8,500 profiles from some 6,290 individuals have been linked with crime scene profiles involving nearly 14,000 offences." (Q 1056) The Minister was unable to clarify, however, how many of these profiles had directly led to a conviction. (QQ 1057-60)

184.  On the other hand, Dr Helen Wallace, Director of GeneWatch UK, took issue with some of the claims made. She disputed Tony McNulty's emphasis on the value of the retention of individual DNA samples as opposed to the re-analysis of crime scene evidence, and also asserted that there have been occasions when "DNA matches have been confused with successful prosecutions, or that irrelevant cases have been cited in support of retaining innocent people's DNA." (pp 94-102)

185.  The Nuffield Council on Bioethics identified some of the possible dangers of relying on the NDNAD: "Deliberate or accidental contamination, misinterpretation of mixed samples (those originating from more than one person), mistaken interpretation of partial profiles and the misuse of statistics to establish the probability of a match."[83] Professor Peter Hutton, Chairman of the National DNA Database Ethics Group, further mentioned incomplete crime scene samples, the physical degradation of DNA, and the important element of laboratory technicians' judgment in comparing samples as factors that detracted from the forensic utility of DNA. (QQ 162-63)

186.  The effectiveness or otherwise of the NDNAD in solving crimes should not be the only consideration when considering the appropriateness of the current arrangements; also relevant is whether law-abiding citizens who have never been convicted of a crime are unfairly disadvantaged by being included on the Database. Dr Wallace believed that there were disadvantages because the purpose of retention is "to look for matches with any potential future crime scene profile" so that it is "a kind of biological tagging" which resulted in people being treated as "suspect[s] for any future crime." There was also a "potential threat to 'genetic privacy' if information is revealed about health or family relationships" and "potential for unauthorised access, abuses and/or misuses and mistakes: including the tracking of individuals and their relatives". (Q 168 and pp 97, 99) DNA profiles could potentially be used "to try to identify whether [somebody] has been present at scenes other than crime scenes (for example, a political or religious meeting)." (p 74)

187.  The Royal Academy of Engineering (RAE) suggested that the retention of DNA profiles for use in future investigations could be contrary to the DPA and that such profiles constituted "sensitive personal information that an individual should have the right to withhold if there is no specific need for it in the investigation or prevention of crime." (p 436)

188.  Some witnesses had concerns about possible discrimination. As Professor Hutton told us, "at the moment there are some groups who are hugely over represented on the database in relation to their population incidence in society in general", particularly black youths. (Q 189) Both Professor Graeme Laurie of the University of Edinburgh Law School (who contributed to the Nuffield Council on Bioethics' report on The forensic use of bioinformation: ethical issues) and Dr Wallace agreed that the number of ethnic minority people on the database did not reflect the number that had actually committed crimes. (QQ 192, 193) Professor Hutton suggested that this over-representation was "related to the stop and search policy which is occurring in community policing". (Q 189)

189.  By contrast, the NPIA argued that "inclusion on the DNA Database does not signify a criminal record and there is no personal cost or material disadvantage to the individual simply by being on it." (p 46) Tony McNulty insisted that "there are no guilty people on [the NDNAD] in the sense of guilty of future charges" and that "it is not an information source for all the naughty and potentially nasty people in the country … It is purely an informational and investigatory device for the police." (Q 960) He dismissed the suggestion that the Government was saying that "we have all these people on the database, they all must be guilty, now let us find a crime to attach to them" and told us that "I do not think there is a matter of principle here; I do not think there is any stigma attached at all with being on the database." (QQ 964-65) We were therefore puzzled by his declared opposition to a universal database on the grounds of "practical civil liberties" as well as "potentially legal concerns". (Q 966)

190.  We believe that the retention of the DNA profiles of people convicted of a recordable offence can be justified, although GeneWatch UK called for the reintroduction of "a system of time limits on how long people are kept on the Database—so that only DNA profiles from people convicted of serious violent or sexual offences are kept permanently". (p 76) In her speech of 16 December 2008 the Home Secretary said:

    "We will consult on bringing greater flexibility and fairness into the system by stepping down some individuals over time—a differentiated approach, possibly based on age, or on risk, or on the nature of the offences involved … The DNA of children under 10—the age of criminal responsibility—should no longer be held on the database … and we will take immediate steps to take them off."[84]

We welcome this commitment by the Government.

191.  Another pressing issue is the retention of the DNA profiles of people arrested for or charged with a recordable offence but not subsequently convicted—in other words people who are, in the eyes of the law, innocent of any crime and who should arguably be treated the same as people who have never been arrested.

192.  During the course of the inquiry we learned that in other jurisdictions the profiles of innocent people are generally not retained. For example, the American Civil Liberties Union (ACLU) told us that an argument is now being conducted in some US states over whether individuals who are arrested should have their profiles added to the database—but, unlike in the UK, most states pursuing this path were also specifying that an arrestee's profile should be removed if he or she is not charged or convicted of an offence.[85]

193.  We heard evidence on this point from several witnesses. Most recently, Vernon Coaker told us that the retention of such profiles was "appropriate", "proportionate", and "a response that commands the support of the population." (Q 1055) He added that, where such profiles are retained, there was "an appropriate threshold" because "police officers can only arrest somebody if they act in accordance with the PACE code, and the PACE code requires a police officer to have at least a reasonable suspicion that the person they have arrested has committed an offence. That offence has to be of the standard of a recordable offence … It is a proportionate response to the question, is it possible that some of the people who come into contact with the police in the way that I have said may be people who it would be beneficial in terms of the public good for their DNA to be retained." (QQ 1055, 1064-65)

194.  Shortly after Vernon Coaker's statement, the judgment of the European Court of Human Rights on 4 December 2008 in the case of S. and Marper v. the United Kingdom, was delivered. The case was brought by two individuals: one was arrested for and charged with, but acquitted of a recordable offence; the other was arrested for and charged with a recordable offence, but the case was formally discontinued. Both wanted their DNA to be taken off the NDNAD. The Court ruled that the Government's current policy breached Article 8 of the European Convention on Human Rights.[86] On 16 December 2008 the Home Secretary announced that the Government would produce a White Paper on forensics which would deal with the arrangements for DNA retention. She asserted that "we've seen convictions for serious crimes of culprits who had had their DNA taken and retained for a previous crime where they were arrested, but not convicted."[87]

195.  GeneWatch UK drew our attention to the regime in Scotland:

    "The Scottish Parliament voted against indefinite retention of DNA profiles and samples from persons acquitted or not proceeded against, in May 2006. Instead, police powers were expanded to allow temporary retention (for up to 5 years, with judicial oversight) from a much smaller number of people who had been charged but acquitted of a serious violent or sexual offence. The Scottish Government is currently conducting a review of this decision in order to assess whether the temporary retention of data from this more limited category of unconvicted persons is appropriate. In conducting its review, the Scottish Government has expressly ruled out the indefinite retention of fingerprint and DNA data acquired from individuals who are not convicted of any crime." (p 98)

196.  We believe that the retention of DNA profiles on the NDNAD potentially impinges on civil liberties. DNA profiles provide the state with large amounts of personal information about its citizens that could, in the future, be used for malign purposes.

197.  We believe that DNA profiles should only be retained on the National DNA Database (NDNAD) where it can be shown that such retention is justified or deserved. We expect the Government to comply fully, and as soon as possible, with the judgment of the European Court of Human Rights in the case of S. and Marper v. the United Kingdom, and to ensure that the DNA profiles of people arrested for, or charged with, a recordable offence but not subsequently convicted are not retained on the NDNAD for an unlimited period of time.

198.  In our view, it would only be acceptable to retain the DNA profiles of innocent people indefinitely if there were a universal DNA database containing the profiles of everybody in the country. However, this potential solution to the anomalous system which currently prevails was criticised by the Information Commissioner:

    "I think both for practical and civil liberties reasons I am really quite sceptical about the logic of saying that there are some unfair discriminations there at the moment and therefore we resolve that by having everyone's data on a mandatory basis." (Q 11)

199.  Tony McNulty, who agreed with the "logic" of a universal database, nonetheless thought that it would be "intrusive and unnecessary and cause all sorts of difficulties" and would carry implications in terms of costs and practicalities. (QQ 960, 962, 967) His successor, Vernon Coaker, told us that he would not find a universal database acceptable:

    "The Government's view at the present time is that a [universal] national DNA database, notwithstanding some of the benefits that might accrue, is not a proportionate response and is not something that would necessarily command the support of the population." (Q 1061. See also QQ 1054-55)

200.  Whilst a universal National DNA Database would be more logical than the current arrangements, we think that it would be undesirable both in principle on the grounds of civil liberties, and in practice on the grounds of cost.

201.  Finally we consider the retention of DNA profiles of witnesses or victims of crime who volunteer to give a DNA sample to help in a police investigation and then find that their DNA becomes part of a permanent record because of the choice they have made when giving the sample. Professor Hutton told us that there were some 16,000 such samples at the end of 2006 (Q 179), whereas Vernon Coaker gave a figure of 32,000 volunteers. (p 375) Peter Neyroud conceded that "there are some issues there around making sure people are properly informed at the time the sample is taken." (Q 113) He explained that:

    "In respect of volunteers, the process is that they can choose to have their DNA sample destroyed or consent to the profile being loaded on to the DNA database." (Q 115)

202.  However, Professor Hutton explained:

    "The method of taking consent is probably on occasions flawed in that the person taking consent from an individual may not meet the basic criteria in common law to be able to answer specific questions about what is going to happen to the sample and the processes it will go through." (Q 172)

203.  Professor Hutton went on to describe the procedures for gaining the consent of volunteers:

    "The current consent form in fact has on it two options. One is to sign so that the DNA and its derived data will only be used for that case; the second is to sign to say that it can be used for that case and the second sample retained and the DNA profile loaded on to the National Database". (Q 172)

204.  Professor Laurie addressed the question of whether volunteers should be asked if they are willing for their samples to be retained once an investigation is completed:

    "I think that may be a possible approach on certain conditions: first of all that it is demonstrated that that would actually further the ends of prosecution services to have volunteers who are effectively innocent persons by retaining that information. Secondly, that it would respect the fundamental tenets of the law of consent, being informed consent, that you were fully informed … of what were the consequences of you being kept on this if it is indefinitely. Thirdly, hopefully it is not 'indefinitely' because your right to refuse, again a fundamental tenet of the law of consent, should be respected, whereas at the moment it is not." (Q 178)

205.  The NDNAD Ethics Group has recognised the seriousness of this matter and has given it a prominent place in its work programme, where it has generated important recommendations.[88] Professor Hutton said that the Ethics Group prefers that volunteer samples should only be used for the case in hand, especially as research evidence suggests that, in most cases, there would be no loss to operational policing if the samples were not placed on the NDNAD. He added that "our work on this has been completely supported by ACPO". (Q 172)

206.  A further issue relating to DNA profiles of volunteers is when and whether such profiles should be deleted from the NDNAD. Such profiles are only loaded on to the NDNAD if the volunteer gives his or her consent. But, as Professor Hutton told us, once the profile is loaded onto the NDNAD, "it is there for 100 years and it is very difficult to get off; and removal is subject to the individual decisions of local Chief Constables." (Q 172) Similarly, Gareth Crossman warned us that profiles "only tend to be deleted when an individual is so bloody-minded about it that they continue to push and push until in the end the individual police force gets rid of it." (Q 264)

207.  Professor Hutton suggested that there would be few drawbacks to making it easier to have volunteer profiles deleted because, as a recent piece of work undertaken by the Ethics Group and ACPO had shown, "if, in the main, for the majority of cases volunteer samples were not loaded on to the National Database and were used only for the case in hand there would be no loss to operational policing." (Q 172) Tony McNulty suggested that he was open to this idea, telling us that "the notion that volunteers should have at least the option for retention being for a shorter period than forever is a fair one that we are exploring." (Q 970)

208.  We recommend that the law enforcement authorities should improve the transparency of consent procedures and forms in respect of the National DNA Database (NDNAD). We believe that the DNA profiles of volunteers should as a matter of law be removed from the NDNAD at the close of an inquiry unless the volunteer consents to its retention.

REGULATION OF THE NATIONAL DNA DATABASE

209.  The lack of a single legislative framework for the NDNAD worried a number of witnesses. Professor Laurie told us:

210.  Professor Hutton agreed with Professor Laurie that "there should be a better statutory basis" and noted that this argument had been made by the Ethics Group. (Q 208) He thought it was unsatisfactory that "the situation that exists is outside any national regulatory framework and has many elements of judgment in it." This means, for example, that "although the police can take samples and load them on to the database there is actually no compulsion on the police to take a sample when somebody is arrested, and once arrested and the sample has been taken there is no compulsion for it to be loaded [onto the NDNAD]—it is entirely at the discretion of the police." (Q 180) Dr Wallace also agreed that the NDNAD should be put on a specific statutory basis. (Q 204) The House of Commons Home Affairs Committee has backed this view, recommending that "alongside any conclusions of the PACE review the Government introduce primary legislation to replace the current regulatory framework for the National DNA Database".[89]

211.  The RAE thought that, in formulating new legislation, consideration should be given to establishing "a new body to oversee the collection, retention and use of bioinformation … [and] to check that records are not kept for excessive periods or without clear justification. Alternatively, the role of the Surveillance Commissioner could be extended to cover the collection, retention and use of bioinformation by the police service." (p 436)

212.  We are concerned that the National DNA Database (NDNAD) is not governed by a single statute. We recommend that the Government introduce a bill to replace the existing regulatory framework, providing an opportunity to reassess the rules on the length of time for which DNA profiles are retained, and to provide regulatory oversight of the NDNAD.

Regulation of CCTV

213.  At present, there are few restrictions on the use of public area CCTV cameras in the UK. According to paragraph 1.4 of the Covert Surveillance Code of Practice, the provisions of RIPA do not apply to CCTV systems unless they are being used for a pre-planned surveillance operation.[90] While the DPA regulates the handling, storage and processing of information obtained via CCTV, it does not place any restrictions on where such cameras can be installed in public or under what circumstances. Provided that they comply with the relevant planning restrictions, public authorities such as local councils are free to install CCTV systems in town centres and other public places (such as residential estates) without prior approval from central government or the permission of residents. Furthermore, as the DPA only governs how information that has been recorded and stored is dealt with, in principle it does not apply to situations where cameras are used for observation only and where no recording is made. As a consequence, local authorities and the police are in principle free to use CCTV cameras for general, unrecorded surveillance.[91]

214.  Both Liberty and JUSTICE expressed serious concerns about the fact that CCTV remains largely unregulated. Noting that the DPA was not intended to provide a comprehensive framework for CCTV regulation, Liberty argued that new data protection legislation was needed to reflect changes in the technology of visual surveillance and to regulate better the use of cameras. (pp 105-08) Liberty also drew attention to a statement released by the Council of Europe in March 2007, which suggested that strong regulation was necessary if human rights were to be protected from overly intrusive CCTV surveillance:

    "Video surveillance of public areas by public authorities or law enforcement agencies can constitute an undeniable threat to fundamental rights such as the right to privacy … and [to the individual's] right to benefit from specific protection regarding personal data collected by such surveillance … it is recommended that specific regulations should be enacted at both international and national level in order to cover the specific issue of video surveillance by public authorities of public areas as a limitation of the right to privacy." (p 106) [92]

215.  JUSTICE also pointed to the inadequacy of the existing legislative regime, and suggested that it is a mistake to suppose that existing privacy safeguards—such as the DPA or RIPA—are capable of providing effective protection. (pp 111-12)

216.  We received a number of suggestions as to how the existing regulatory structure could be reformed and CCTV better controlled. According to Dr Andrew Adams of the School of Systems Engineering, University of Reading, the principal regulator for CCTV should be the OSC, whose "role and resources should be expanded to provide licensing for public space CCTV schemes, guidelines on their deployment and operation and audit of the adherence to these guidelines." If video footage were processed in such a way as to transform it into personal data, the OSC should work closely with the ICO to ensure adherence to the data protection principles laid down in the DPA. (p 382)

217.  The RAE suggested that in order to address an imbalance of power between the citizen and the state as regards the use of CCTV, an element of "reciprocity" should be introduced. This, they argued, could be achieved by allowing the public access to detailed information about the positioning of cameras, and the launch of a website "containing maps which indicate the locations of cameras, and sample images from cameras demonstrating their range. This would allow individuals and communities to raise complaints should they feel that particular cameras are unnecessary or excessively intrusive." (p 434)

218.  Vernon Coaker told us that "the Government agrees with the recommendation in the National CCTV Strategy, that there should be a national body for the governance and use of CCTV in this country, and we will be looking to establish one. I cannot give a timeframe for that". (Q 1069) On the question of statutory regulation, he added that "it is not something that we would necessarily dismiss but in the first instance we want to establish the national body and see how that works with respect to voluntary regulation, keeping in our back pocket the need, if necessary, to do more." (Q 1069)

219.  We recommend that the Government should propose a statutory regime for the use of CCTV by both the public and private sectors, introduce codes of practice that are legally binding on all CCTV schemes and establish a system of complaints and remedies. This system should be overseen by the Office of Surveillance Commissioners in conjunction with the Information Commissioner's Office.


62   See, for example, the decision in Campbell v Mirror Group Newspapers [2004] UKHL 22. Back

63   Warren, S. and Brandeis, L. (1890), "The Right to Privacy", Harvard Law Review, 4(1), pp 193-220. Back

64   Report of the Committee on Privacy and Related Matters (Chairman David Calcutt QC), Cm 1102, 1990, p 7. Back

65   Lord Steyn, "Democracy, the Rule of Law and the Role of Judges", Attlee Foundation Lecture, 11 April 2006. Back

66   See also Chapter 7.  Back

67   According to section 5(3) of the Act, the Secretary of State can issue a warrant only if the surveillance proposed is necessary: (a) in the interests of national security; (b) for the purpose of preventing or detecting serious crime; (c) for the purpose of safeguarding the economic well-being of the United Kingdom; or (d) for the purpose, in circumstances appearing to the Secretary of State to be equivalent to those in which he would issue a warrant by virtue of paragraph (b), of giving effect to the provisions of any international mutual assistance agreement. http://www.opsi.gov.uk/acts/acts2000/ukpga_20000023_en_1  Back

68   See http://cryptome.org/clarke-rip-lie.pdf Back

69   ibid. Back

70   Statutory Instrument 2003 No. 3172 The Regulation of Investigatory Powers (Communications Data) Order 2003; and Statutory Instrument 2003 No. 3171 The Regulation of Investigatory Powers (Directed Surveillance and Covert Human Intelligence Sources) Order 2003.  Back

71   Home Office, Access to Communications Data-Respecting Privacy and Protecting the Public from Crime, March 2003. Back

72   HL Deb 13 Nov 2003 cols 1521-62 and 1573-1604, and House of Commons Third Standing Committee on Delegated Legislation on 4 Nov 2003 (cols 3-38).  Back

73   Jacqui Smith MP, Speech to the Intellect Trade Association, 16 December 2008. Back

74   A recordable offence is any offence for which the police are able to keep records of convictions and offenders on the Police National Computer. Back

75   Police and Criminal Evidence Act 1984; Criminal Justice and Public Order Act 1994; Criminal Evidence (Amendment) Act 1997; Criminal Justice and Police Act 2001; Criminal Justice Act 2003; and Serious Organised Crime and Police Act 2005. Back

76   The Forensic Use of Bioinformation: Ethical Issues, op. cit., para 1.22. Back

77   ibid., Executive Summary, p xxiv, para 47. See p 52, Box 4.3 for comparisons of Member States' practices.  Back

78   ibid., p 52, Box 4.3. Back

79   Gordon Brown MP, Speech on Security and Liberty, 17 June 2008. Back

80   The Forensic Use of Bioinformation: Ethical Issues, op. cit., Executive Summary, p iii, paras 3, 5. Back

81   Overlooked, op. cit., p 67. Back

82   National Policing Improvement Agency, Annual Report 2006-07, p 6. Back

83   The Forensic Use of Bioinformation: Ethical Issues, op. cit., Executive Summary, p. xiii, para 3. Back

84   Jacqui Smith MP, Speech to the Intellect Trade Association, op. citBack

85   Appendix 4, para 60. Back

86   For the text of the judgment see http://www.bailii.org/eu/cases/ECHR/2008/1581.html Back

87   Jacqui Smith MP, Speech to the Intellect Trade Association, op. cit. Back

88   1st Annual Report of the Ethics Group: National DNA Database, op. cit., paras 5.2-5.20. Back

89   A Surveillance Society?, op. cit., para 285. Back

90   Home Office, Covert Surveillance-Code of Practice, 2002.  Back

91   The use of CCTV cameras by private organisations-such as banks and retailers-is typically assumed to be authorised under section 3 of the Criminal Law Act 1967 on the grounds that it constitutes a reasonable means to prevent crime. Back

92   European Commission for Democracy Through Law (Venice Commission), Opinion on Video Surveillance in Public Places by Public Authorities and the Protection of Human Rights, March 2007, paras 79, 81, http://www.venice.coe.int/docs/2007/CDL-AD(2007)014-e.asp  Back


 
previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2009