Surveillance: Citizens and the State - Constitution Committee Contents

Supplementary letter from Vernon Coaker MP

  Following my oral evidence session on 19 November I undertook to write to you on a number of areas.


  The Committee asked for confirmation that allowing local authorities to access communications data under RIPA did not enable them to obtain more than they were previously able to via other means.

  I thought it would be helpful to make it absolutely clear that we were not seeking to expand the types of data that local authorities can request. Local authorities have a number of statutory enforcement functions, many of which are their sole responsibility. These include trading standards investigations, environmental health investigations, housing benefit and planning investigations, landlord/tenant harassment issues and tackling anti-social behaviour. The ability to access and disclose communications data is key to effective investigation and resolution, which in many cases may result in a prosecution.

  Under RIPA local authorities can request:

    —  Subscriber information. For example: who owns this phone? What is their address/do you have other contact information?

    —  Service use information. For example: itemised call records, information about the provision and use of forwarding/redirection services.

  However, they can only request this data for the purpose of prevention and detection of crime and prevention of disorder. Requests have to be properly authorised with consideration given to the necessity and proportionality of the request. Local authorities also fall within the RIPA oversight and inspection regime. This is provided by the Interception of Communications Commissioner and his staff.

  Under pre-RIPA arrangements local authorities could request the same information and potentially more if they could justify it, but did so through a variety of different routes which led to inconsistency and delay. There was also no independent oversight. The number of communications data requests from local authorities has declined since they were brought within RIPA.

  Perhaps it would also be helpful to clarify a couple of other general points which arose during the evidence session. Although on a number of occasions I made reference to internet service providers—requests for communications data can be made to any communications service providers.

  Secondly, there is a hierarchy within RIPA so that the more intrusive powers, such as the ability to seek an interception warrant, is limited to law enforcement and intelligence agencies and for more limited purposes—ie for national security and for the prevention and detection of serious crime.

  This approach also applies to communications data—for example whilst a number of public authorities, including local authorities, can access subscriber and service use data for the prevention and detection of crime and the prevention of disorder, access to the full range of communications data- including traffic data is restricted to a more limited number of public authorities. This latter group includes law enforcement and intelligence agencies, emergency services and some regulatory bodies such as the Information Commissioner's Office who have a demonstrated need for it.


  The Home Office conducts public attitude research four times a year at quarterly intervals and we publish the results annually in November. We survey 2,000 adults then weight the data to the profile of the population. We research across a range of Home Office issues; some questions remain constant and are tracked over time. However, we also allow for supplementary questions to be added informing us of public attitudes towards topical issues. Work is already underway to assess public attitudes towards the type of information and data used for crime fighting and public protection purposes. The results will be available in the New Year and I will write to update you.


  Turning to the question raised about linking matches on the National DNA Database (NDNAD) to convictions, it might be helpful if I first briefly set out how the database operates.

  The NDNAD contains DNA profiles derived from samples taken from known individuals (usually persons who have been arrested for a recordable offence though there are 32,000 profiles from volunteers who have consented in writing to the retention of their DNA profiles on the NDNAD). It also holds DNA profiles collected from crime scenes, for example, saliva, blood, skin cells, or semen which are believed to have been left at the scene by the offender.

  A "match" means that a profile taken from a crime scene sample matches DNA taken from an individual, giving the police a lead on the possible identity of the offender. The table below shows the number of matches arising from searching on the NDNAD. In some cases where there is a known suspect, his or her DNA may be directly compared and matched to the DNA crime scene sample in a forensic laboratory. In cases like these, there may not be a need to search the NDNAD. Such cases are not included in the figures below which therefore understate the contribution of DNA to investigating serious crime (a breakdown of the actual figures I quoted when giving evidence is not available but I hope that the following information illustrates the point).

  A match provides the police with an intelligence lead on the possible identity of the offender for further investigative follow up. A "detection" means that a crime with a DNA match has been cleared up by the police. Crimes with a DNA match often also result in further detections for other offences (known as "additional" DNA detections) as a result of further investigation linked to the original offence (in other words, the detection of one offence through a DNA match may also lead to other offences being solved eg because an offender on being presented with DNA evidence linking him to one offence confesses to other offences). On average, each crime detected with DNA results in a further 0.9 crimes being detected. In 2007-08 there were 15,420 additional detections, bringing the total of DNA related detections to 33,034.

Crimes where scene DNA profile matches any person profile
Detections of Crimes with DNA matches
Criminal Damage5,432 3,180
Domestic Burglary8,043 3,443
Drugs Offences1,000 321
Other Burglary7,211 3,886
Other Sex Offences163 64
Other Violent Offences1,766 849
Theft From Vehicle3,544 2,201
Theft of Vehicle (inc unauthorised taking) 4,2231,379
All Other Recorded Crime3,659 1,407
Total of 12 Crime Types37,376 17,614

  To put these figures in context, in 2007-08 there were 60,134 crimes where a fingerprint match was available, 24,799 detections with a fingerprint match, and 20,690 additional detections arising from a fingerprint match.

  Criminal investigation involves using leads to widen or focus the scope of an investigation and assemble different types of evidence which may be presented in a trial. If a conviction follows, it would only be possible to say that the conviction resulted from DNA by forming a view of the role of a DNA match in the investigation, and assessing the weight that DNA evidence had in relation to other types of evidence in the minds of the judge, jury or magistrates. These judgements would be difficult and subjective, so statistics are not collected on the number of convictions arising from DNA.


  Questions were also raised on the size of the NDNAD in comparison with DNA databases abroad. As at 30 September 2008, there were an estimated 4,632,000 individuals with records on the NDNAD submitted by all police forces, of which 4,356,000 were submitted by English and Welsh police forces. At mid-2007, the United Kingdom population was estimated at 60,975,000 (Source: Office for National Statistics). Comparing these two figures gives a figure of 7.6% of the UK population with a profile on the NDNAD. This figure does not take account of any increase in the UK population between mid-2007 and 30 September 2008 and is therefore likely to be a slight overstatement.

  The FBI website ( shows that the US National DNA Index (NDIS) contained over 6,297,000 profiles at September 2008, which is 2.06% of the estimated US population of 305,732,000 (

  In recent years the number on the US National DNA Index has increased much more rapidly than the number on the UK NDNAD, having risen to its present figure from 2.8 million profiles at the end of 2005. The legal position is complex because of the differences between states, but the federal DNA Fingerprint Act 2005 widened powers to take and retain DNA.

  There are three reasons why the UK has a larger proportion of its population on the DNA Database than other countries:

    —  the UK is a pioneer in DNA technology and has had a National DNA Database since 1995, before any other country;

    —  under the DNA Expansion Programme, £300 million was spent between 2000 and 2005 to ensure that the police took DNA from everyone they had the power to;

    —  police powers to take and retain DNA are generally wider in England and Wales than elsewhere. For example, legislation providing for the taking of DNA samples in some other countries permits the taking of DNA on arrest but only permits retention if the person is subsequently convicted. As a result, they have a smaller proportion of their population on their DNA database.


  On the question about the annual increase in the size of the database, the number of subject profiles (ie profiles taken from known individuals, not from crime scenes) added to the NDNAD for English and Welsh forces in each year is shown in the following table. The numbers cannot be added to give the total number of profiles on the NDNAD, as some profiles will have been removed throughout each year (for example, because of duplicates—see below).

  The number of subject profiles held on the database is not the same as the number of individuals with a profile on the database because on some occasions duplicate profiles for the same person are loaded onto the NDNAD. For example, because the person provided different names or different versions of their name on separate arrests, or because profiles are upgraded. At present 13.3% of profiles are estimated to be duplicates but this rate has changed during the history of the database.
YearSubject Profiles Added


  The Government's response to the Data Sharing Review was published on 24 November. The Government believes that although the current regulatory framework does not require sweeping changes, more must be done to ensure that the Information Commissioner's Office (ICO) has the powers and resources necessary to carry out its duties under the Data Protection Act 1998 (DPA). The tools available to the ICO must be flexible enough to meet a range of circumstances and encourage good practice, allowing it to take firm and assertive action when necessary. It proposed to legislate to enable the ICO to:

    (i) impose monetary penalties on data controllers for deliberate or reckless loss of data;

    (ii) inspect central Government Departments and public authorities compliance with the DPA without always requiring prior consent;

    (iii) require any person, where a warrant is being served, to provide information required to determine compliance with the DPA;

    (iv) impose a deadline and location for the provision of information necessary to assess compliance;

    (v) publish guidance on when organisations should notify the ICO breaches of the data protection principles; and

    (vi) publish a statutory data sharing Code of Practice to provide practical guidance on sharing personal data.

  The Government will seek to introduce relevant legislation in Parliament as soon as suitable legislative slot becomes available in the next Parliamentary session.

11 December 2008

previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2009