Supplementary letter from Vernon Coaker
Following my oral evidence session on 19 November
I undertook to write to you on a number of areas.
The Committee asked for confirmation that allowing
local authorities to access communications data under RIPA did
not enable them to obtain more than they were previously able
to via other means.
I thought it would be helpful to make it absolutely
clear that we were not seeking to expand the types of data that
local authorities can request. Local authorities have a number
of statutory enforcement functions, many of which are their sole
responsibility. These include trading standards investigations,
environmental health investigations, housing benefit and planning
investigations, landlord/tenant harassment issues and tackling
anti-social behaviour. The ability to access and disclose communications
data is key to effective investigation and resolution, which in
many cases may result in a prosecution.
Under RIPA local authorities can request:
Subscriber information. For example:
who owns this phone? What is their address/do you have other contact
Service use information. For example:
itemised call records, information about the provision and use
of forwarding/redirection services.
However, they can only request this data for
the purpose of prevention and detection of crime and prevention
of disorder. Requests have to be properly authorised with consideration
given to the necessity and proportionality of the request. Local
authorities also fall within the RIPA oversight and inspection
regime. This is provided by the Interception of Communications
Commissioner and his staff.
Under pre-RIPA arrangements local authorities
could request the same information and potentially more if they
could justify it, but did so through a variety of different routes
which led to inconsistency and delay. There was also no independent
oversight. The number of communications data requests from local
authorities has declined since they were brought within RIPA.
Perhaps it would also be helpful to clarify
a couple of other general points which arose during the evidence
session. Although on a number of occasions I made reference to
internet service providersrequests for communications data
can be made to any communications service providers.
Secondly, there is a hierarchy within RIPA so
that the more intrusive powers, such as the ability to seek an
interception warrant, is limited to law enforcement and intelligence
agencies and for more limited purposesie for national security
and for the prevention and detection of serious crime.
This approach also applies to communications
datafor example whilst a number of public authorities,
including local authorities, can access subscriber and service
use data for the prevention and detection of crime and the prevention
of disorder, access to the full range of communications data-
including traffic data is restricted to a more limited number
of public authorities. This latter group includes law enforcement
and intelligence agencies, emergency services and some regulatory
bodies such as the Information Commissioner's Office who have
a demonstrated need for it.
The Home Office conducts public attitude research
four times a year at quarterly intervals and we publish the results
annually in November. We survey 2,000 adults then weight the data
to the profile of the population. We research across a range of
Home Office issues; some questions remain constant and are tracked
over time. However, we also allow for supplementary questions
to be added informing us of public attitudes towards topical issues.
Work is already underway to assess public attitudes towards the
type of information and data used for crime fighting and public
protection purposes. The results will be available in the New
Year and I will write to update you.
Turning to the question raised about linking
matches on the National DNA Database (NDNAD) to convictions, it
might be helpful if I first briefly set out how the database operates.
The NDNAD contains DNA profiles derived from
samples taken from known individuals (usually persons who have
been arrested for a recordable offence though there are 32,000
profiles from volunteers who have consented in writing to the
retention of their DNA profiles on the NDNAD). It also holds DNA
profiles collected from crime scenes, for example, saliva, blood,
skin cells, or semen which are believed to have been left at the
scene by the offender.
A "match" means that a profile taken
from a crime scene sample matches DNA taken from an individual,
giving the police a lead on the possible identity of the offender.
The table below shows the number of matches arising from searching
on the NDNAD. In some cases where there is a known suspect, his
or her DNA may be directly compared and matched to the DNA crime
scene sample in a forensic laboratory. In cases like these, there
may not be a need to search the NDNAD. Such cases are not included
in the figures below which therefore understate the contribution
of DNA to investigating serious crime (a breakdown of the actual
figures I quoted when giving evidence is not available but I hope
that the following information illustrates the point).
A match provides the police with an intelligence
lead on the possible identity of the offender for further investigative
follow up. A "detection" means that a crime with a DNA
match has been cleared up by the police. Crimes with a DNA match
often also result in further detections for other offences (known
as "additional" DNA detections) as a result of further
investigation linked to the original offence (in other words,
the detection of one offence through a DNA match may also lead
to other offences being solved eg because an offender on being
presented with DNA evidence linking him to one offence confesses
to other offences). On average, each crime detected with DNA results
in a further 0.9 crimes being detected. In 2007-08 there were
15,420 additional detections, bringing the total of DNA related
detections to 33,034.
|Crimes where scene DNA profile matches any person profile
Detections of Crimes with DNA matches
| Criminal Damage||5,432
|Other Sex Offences||163
|Other Violent Offences||1,766
|Theft From Vehicle||3,544
|Theft of Vehicle (inc unauthorised taking)
|All Other Recorded Crime||3,659
|Total of 12 Crime Types||37,376
To put these figures in context, in 2007-08 there were 60,134
crimes where a fingerprint match was available, 24,799 detections
with a fingerprint match, and 20,690 additional detections arising
from a fingerprint match.
Criminal investigation involves using leads to widen or focus
the scope of an investigation and assemble different types of
evidence which may be presented in a trial. If a conviction follows,
it would only be possible to say that the conviction resulted
from DNA by forming a view of the role of a DNA match in the investigation,
and assessing the weight that DNA evidence had in relation to
other types of evidence in the minds of the judge, jury or magistrates.
These judgements would be difficult and subjective, so statistics
are not collected on the number of convictions arising from DNA.
Questions were also raised on the size of the NDNAD in comparison
with DNA databases abroad. As at 30 September 2008, there were
an estimated 4,632,000 individuals with records on the NDNAD submitted
by all police forces, of which 4,356,000 were submitted by English
and Welsh police forces. At mid-2007, the United Kingdom population
was estimated at 60,975,000 (Source: Office for National
Statistics). Comparing these two figures gives a figure of 7.6%
of the UK population with a profile on the NDNAD. This figure
does not take account of any increase in the UK population between
mid-2007 and 30 September 2008 and is therefore likely to be a
The FBI website (http://www.fbi.gov/hq/lab/codis/clickmap.htm)
shows that the US National DNA Index (NDIS) contained over 6,297,000
profiles at September 2008, which is 2.06% of the estimated US
population of 305,732,000 (http://www.census.gov/main/www/popclock.html).
In recent years the number on the US National DNA Index has
increased much more rapidly than the number on the UK NDNAD, having
risen to its present figure from 2.8 million profiles at the end
of 2005. The legal position is complex because of the differences
between states, but the federal DNA Fingerprint Act 2005 widened
powers to take and retain DNA.
There are three reasons why the UK has a larger proportion
of its population on the DNA Database than other countries:
the UK is a pioneer in DNA technology and has
had a National DNA Database since 1995, before any other country;
under the DNA Expansion Programme, £300 million
was spent between 2000 and 2005 to ensure that the police took
DNA from everyone they had the power to;
police powers to take and retain DNA are generally
wider in England and Wales than elsewhere. For example, legislation
providing for the taking of DNA samples in some other countries
permits the taking of DNA on arrest but only permits retention
if the person is subsequently convicted. As a result, they have
a smaller proportion of their population on their DNA database.
NDNAD EACH YEAR
On the question about the annual increase in the size of
the database, the number of subject profiles (ie profiles taken
from known individuals, not from crime scenes) added to the NDNAD
for English and Welsh forces in each year is shown in the following
table. The numbers cannot be added to give the total number of
profiles on the NDNAD, as some profiles will have been removed
throughout each year (for example, because of duplicatessee
The number of subject profiles held on the database is not
the same as the number of individuals with a profile on the database
because on some occasions duplicate profiles for the same person
are loaded onto the NDNAD. For example, because the person provided
different names or different versions of their name on separate
arrests, or because profiles are upgraded. At present 13.3% of
profiles are estimated to be duplicates but this rate has changed
during the history of the database.
| Year||Subject Profiles Added
The Government's response to the Data Sharing Review was
published on 24 November. The Government believes that although
the current regulatory framework does not require sweeping changes,
more must be done to ensure that the Information Commissioner's
Office (ICO) has the powers and resources necessary to carry out
its duties under the Data Protection Act 1998 (DPA). The tools
available to the ICO must be flexible enough to meet a range of
circumstances and encourage good practice, allowing it to take
firm and assertive action when necessary. It proposed to legislate
to enable the ICO to:
(i) impose monetary penalties on data controllers for deliberate
or reckless loss of data;
(ii) inspect central Government Departments and public authorities
compliance with the DPA without always requiring prior consent;
(iii) require any person, where a warrant is being served,
to provide information required to determine compliance with the
(iv) impose a deadline and location for the provision of information
necessary to assess compliance;
(v) publish guidance on when organisations should notify the
ICO breaches of the data protection principles; and
(vi) publish a statutory data sharing Code of Practice to
provide practical guidance on sharing personal data.
The Government will seek to introduce relevant legislation
in Parliament as soon as suitable legislative slot becomes available
in the next Parliamentary session.
11 December 2008