Is UK online surveillance out of control?
The publication of two contrasting reports into separate legislation raises serious questions over the extent to which police surveillance activity is out of control, which allegations of police complicity in the News of the World phone hacking scandal only worsen.
UK law enforcement agencies made more than 1500 requests a day for communications data, mostly to know who owns a mobile phone, the interception of communications commissioner reveals in his latest annual report.
A separate investigation by a Big Brother Watch, a civil liberties group, has found that in the past three years, more than 900 police officers and staff were disciplined for breaches of the Data Protection Act (DPA).
Police and other security agencies put in 552,550 requests under the Regulation of Investigatory Powers Act (RIPA) 2000 during 2010. Of these, 65% were to find out who owned a mobile phone. This was up about 5% on 2009, Sir Paul Kennedy, the commissioner, said.
He could not say why exactly the trend was rising, but suggested police were more aware of the investigatory communications tools and their usefulness.
Some 26% of enquiries related to subscribers’ use of communications services, he said.
Kennedy reported a drop from 661 to 640 in the number of errors recorded. Errors were mostly due to the transposition of numbers or dates in watch requests, he said.
Kennedy said 90% of the 40 police forces his office inspected has a good or satisfactory record of compliance with Ripa.
He said random checks of CSP (communications service provider) disclosures found all had followed the correct process. “It is most reassuring that so far (his audit) has not exposed any instances of abuse or unlawful acquisition of communications data,” he said.
Big Brother Watch reported today that between 2007 and 2010
- 243 police officers and staff received criminal convictions for breaching the DPA
- 98 police officers and staff were sacked for breaching the DPA
- 904 police officers and staff were subjected to internal disciplinary procedures for breaching the DPA.