UK cops must justify using new mobile interception tech
Plods' purchase means they don't need telcos' help anymore
The Metropolitan Police Service (MPS) has bought technology that will allow it to intercept and shut off communications without the help of telecoms companies, according to media reports.
The MPS has acquired a surveillance system that enables data sent over a communications network to be intercepted within an area approximately 10km2 (6.2 square miles), allowing mobile phone users' movements to be tracked "in real time", the Guardian has reported. The system is mobile and can be operated wirelessly and could be used to shut off communications to devices, the newspaper said in its report.
The system was developed by Datong, the Guardian said. Datong is a company that creates systems that "provide the means for the military, law enforcement, security agencies and special forces to gather early intelligence in order to identify and anticipate threat and illegal activity before it can be deployed," according to Datong's website.
Police and other law enforcement bodies have the power to intercept communications under the Regulation of Investigatory Powers Act (RIPA) subject to approval by the Home Secretary.
Marc Dautlich, data protection law expert at Pinsent Masons, the law firm behind Out-Law.com, said that the police have to justify its use of surveillance technology in accordance with human rights laws.
Under the Human Rights Act, individuals are guaranteed the right to privacy surrounding their communications other than if a public authority, such as the police, believe it necessary to interfere with that right "in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others".
“What RIPA does is provide a statutory basis to intercept the content of communications and certain ‘traffic data’ associated with them, such as details of the sender and receiver and the time of the communication,” Dautlich said.
“The regime is underpinned by the Human Rights Act, under which individuals have the right to respect for their private and family life, their home and their correspondence (which includes things like phone calls).
"This is a qualified right, meaning that it must be weighed against competing interests, in this case of public safety, the prevention of disorder or crime and potentially also national security. Therefore, any time law enforcement bodies such as the police want to access such communication information proportionality needs to be considered. In a fast moving situation, such as the threat of public riots, assessing these trade offs can clearly be a complex activity, but the principles of proportionality and necessity are clear and must inform any planned use of interception or surveillance measures," Dautlich said.
Under RIPA, the Home Secretary has to assess whether the request to intercept communications is necessary and proportionate in order to protect the UK's national security interests, prevent and detect terrorism and serious crime or to safeguard the UK's economic well-being.
Under the Act, the Home Secretary must consider certain factors relating to the necessity and proportionality of any interception before authorising it, including "whether the information which it is thought necessary to obtain under the warrant could reasonably be obtained by other means".
The Act can be used by law enforcement agencies to force telecoms companies to hand over customers' details in order to tap phone, internet or email communications to protect the UK's national security interests, prevent and detect terrorism and serious crime or to safeguard the UK's economic well-being.
Telecoms companies have a duty under RIPA to hand over communications data it has or could obtain about customers when asked to do so by police unless "it is not reasonably practicable" to do so. The Home Secretary can ask the courts to issue an injunction "or any other appropriate relief" against telecoms firms that fail to comply with their duty under RIPA. The type of injunction that courts can issue is not defined by RIPA.
An exception within the UK's data protection laws also allows police to force organisations to hand over personal data belonging to customers if it is for the purposes of preventing or detecting crime. The laws also prevent organisations telling individuals that they have handed over their personal data if telling them would jeopardise the prevention or detection of crime.
The Data Protection Act sets out lawful grounds for organisations to process personal data, such as consent. It is also unlawful to process the data without having legitimate grounds for collecting and using it and using it in a way that causes unwarranted intrusion on their privacy and may adversely affect individuals.
Dautlich said that if the police determine it is necessary and proportionate to intercept communications on a public telecommunication system then, very broadly, the most pertinent way would be to obtain a warrant from the Home Secretary authorising them to do so.
The MPS said it would not comment on the "specific technology and tactics" it uses as part of its surveillance operations.
"The MPS may employ surveillance technology as part of our continuing efforts to ensure the safety of Londoners and detect criminality," the MPS said in a statement.
"It can be a vital and highly effective investigative tool. Although we do not discuss specific technology or tactics, we can re-assure those who live and work in London that any activity we undertake is in compliance with legislation and codes of practice," it said.
Copyright © 2011, OUT-LAW.com
OUT-LAW.COM is part of international law firm Pinsent Masons.
Sponsored: Network DDoS protection