Communications data bill published
Vital powers to help catch criminals, save lives and protect children were today outlined in the communications data bill.
Communications data is information generated about a communication. It includes the time and duration of a communication, the number or email address of the originator and recipient and sometimes the location of the device from which the communication was made. Communications data is distinct from communications content.
The legislation will require communications service providers, when requested to do so, to retain and store communications records which they may not retain at present for their own business reasons.
Communications data is already used by the police and is vital for day-to-day police work and in particular the investigation of all forms of serious crime, including terrorism and child abuse. This legislation will ensure that, as communications technology changes, the police will maintain access to this data in future. But access to data will continue to be permitted only in the context of a specific investigation of operation.
Four key bodies will be allowed to apply for access to data under new rules in the bill - the police, the serious organised crime agency(SOCA)/national crime agency (NCA), the intelligence agencies and Her Majesty’s revenue and customs.
Hundreds of public bodies - including local authorities - currently have access to communications data, but will not be covered by the new laws unless parliament agrees their use is vital to tackling crime and protecting the public.
The bill will ensure law enforcement agencies maintain the ability to tackle crime and terrorism as criminals use modern technology and new ways of communicating to plan and commit crime. Without action by government crimes enabled by email and the internet will increasingly go undetected and unpunished.
There has been a huge increase in the use of new technology and the volume of data on UK networks in recent years. There are now more than 80 million mobile phone subscriptions in the UK. Over a quarter of UK adults are smart-phone users, with 60 per cent buying their phone in the last year. Data volumes transferred over mobile networks increased by 67 per cent in 2010.
Publishing the bill today home secretary Theresa May said:
‘Communications data saves lives. It is a vital tool for the police to catch criminals and to protect children.
‘If we stand by as technology changes we will leave police officers fighting crime with one hand tied behind their backs.
Checking communication records, not content, is a crucial part of day-to-day policing and the fingerprinting of the modern age - we are determined to ensure its continued availability in cracking down on crime.
‘New legislation will help ensure police can stay a step ahead of the criminals. But it will not:
- enable unfettered access by the police to data about everyone’s communications ;
- provide the police and others with powers to intercept and read your emails, phone calls or check your contacts lists;
- create a single government database containing your emails and phone calls to which the police and agencies can get unlimited and unregulated access;
- weaken current safeguards or checks in place to protect communications data;
- allow local authorities greater powers.
The new proposals will see communications data taken out of the regulation of investigatory powers act (RIPA) and the creation of a new regulatory framework.
Access to the vast majority of communications data is currently conducted through RIPA, but there are a multitude of other powers public bodies can use - including acts governing environmental protection, pensions and financial services.
The new bill will replace the dozens of currently available powers with a single piece of legislation, all under the auspices of the interception of communications commissioner.
The legislation will also ensure there is a level playing field for communication service providers (CSPs). They will be reimbursed for any costs of complying with legislation. Obligations will not be placed on every CSP and will only be imposed after detailed discussion and ministerial sign-off.
CSPs will be able to appeal to a technical advisory board under dispute procedures if they feel requests made of them are unnecessarily onerous.
Association of chief police officers (ACPO) crime head Jon Murphy chief constable of Merseyside Police said:
‘Communications data is vital to law enforcement. It is an essential and irreplaceable tool for protecting the public, keeping people safe from harm and, ultimately, saving lives.
‘It provides investigative breakthroughs to the most serious of crimes, including child abuse, murder, rape, kidnapping, cyber crime and terrorism offences.’
CEOP chief executive Peter Davies said:
‘We protect and safeguard children and pursue offenders who cause such serious harm. Without communications data and intelligence, we would not be able to act as fast as we need to and, in many instances, we would not be in a position to act at all.’
SOCA director general Trevor Pearce said:
‘Any significant reduction in the capability of law enforcement agencies to acquire and exploit intercept intelligence and evidential communications data would lead to more unsolved murders, more firearms on our streets, more successful robberies, more unresolved kidnaps, more harm from the use of class A drugs, more illegal immigration and more unsolved serious crime overall.
‘This would mean SOCA, the metropolitan police service and other agencies relying more heavily on more expensive, more risky and potentially more intrusive techniques to locate and apprehend offenders.’
Notes to editors
1. For more details, contact the home office on 020 7035 3535.
2. A simple Q&A on our proposals and two high-profile case studies are included in two annexes below. Both can be used in full or part in your publication.
ANNEX A
Q&A
What is communications data?
Communications data is the information about a communication. It includes the time and duration of a communication, the number or email address of the originator and recipient and sometimes the location of the device from which the communication was made.
Communications data does not include the content of any communication - the text of an email or a conversation on a telephone. It is information about a communication - not the communication itself.
Why is it important?
Communications data is used by the police and the security agencies in the investigation of all types of crime, including terrorism. It enables the police to build a picture of the activities, contacts and whereabouts of a person who is under investigation. It can be used as evidence in court.
How do the police get access to it?
Communications data is held by the communications industry. The police and others can access communications data if they can demonstrate that access is necessary and proportionate. Access is on a case by case basis and is subject to independent oversight. The police can get access to communications data only where it is connected to a specific investigation or operation.
What is changing?
Communications technology and communication services are changing fast. Broadly, more communications are now taking place on the internet using a very wide range of communications services provided by the industry in this country and overseas.
Why is legislation needed?
New communications technologies are generating communications data in different ways and communications data is no longer always retained by communications service providers. This has a direct impact on the investigation of crime in this country and on our ability to prosecute criminals and terrorists. Given the pace of technological change, this problem will grow.
Legislation is needed to ensure that communications data continues to be available to the police and others in the future as it has in the past. This legislation will replace the communications data provisions of RIPA.
Without action by the government there is a growing risk that crimes enabled by email and the internet will go undetected and unpunished.
How will the provisions be scrutinised?
A joint committee of members of the house of commons and house of lords will conduct pre-legislative scrutiny of the bill. The intelligence and security committee (ISC) will conduct an inquiry in parallel. The ISC is the only independent parliamentary body which is able to consider secret material and is therefore the appropriate body to take evidence and report on these matters. Following scrutiny we will introduce the bill in parliament in due course.
Won’t these proposals simply force criminals to use services which are harder to investigate?
Criminals and terrorists will always seek to hide their activities and hinder investigations by law enforcement authorities.
The proposed legislation will provide the flexibility to help maintain investigative capabilities in the face of changes in technology and criminal behaviour. Our approach will be intelligence-led - if we assess that criminals are using particular services or techniques to try to hide their activities, we will adapt our approach to counter them.
What are the main elements of the bill?
- The bill will enable the home secretary to require communications service providers (CSP) to retain data where they would not otherwise retain it for business reasons.
- The bill will enable this data to be provided to public authorities efficiently and with the minimum possible impact on individuals’ privacy.
- The bill will extend safeguards (see below).
- The bill will replace existing communications data provisions in RIPA.
What safeguards are you proposing?
- Access to communications data will continue to be strictly controlled and will only be able to be obtained for a specific purpose (e.g. for the purpose of preventing or detecting crime, in the interests of national security or for the purposes of preventing death or injury in the case of an emergency) and by those public authorities authorised to do so.
- Following the protection of freedoms act, local authorities will now be required to secure judicial approval before obtaining communications data or using any part 2 RIPA technique. The local authority provisions in the protection of freedoms act will come into force in the autumn.
- The interception of communications commissioner will continue to provide independent oversight of the acquisition of communications data by public authorities. The role of the commissioner will also be extended to oversee the new powers, including the collection of communications data by communications service providers. This will include oversight of testing, regular auditing and inspections.
- New legislation will make explicit that all communications data retained by CSPs will be destroyed after the 12-month retention period, unless required for legal proceedings.
- Industry will be required to ensure that data retained is protected against accidental or unlawful destruction, accidental loss and unauthorised access or disclosure.
- The legislation will provide for the information commissioner to keep under review the security and integrity of the communications data retained e.g. against accidental loss, unlawful destruction, unlawful retention and unauthorised disclosure, consistent with the data protection act. There is also provision for the information commissioner to keep under review the specific requirement to destroy data when its retention is no longer lawfully authorised (e.g. at the end of a retention period specified under the new provisions).
- If a communications service provider is concerned about the requirements placed upon them, they can ask an independent government / industry body, The technical advisory board, to consider the impact of these obligations. The technical advisory board would then advise the secretary of state on whether the obligations should be maintained, modified or removed.
- The role of the independent investigatory powers tribunal, made up of senior judicial figures, will be extended to cover the new provisions ensuring that individuals have a proper avenue of complaint and independent investigation if they think the powers have been used unlawfully.
ANNEX B
CASE STUDY - OPERATION RETRIEVER
Over the course of 2010, three crown court trials heard how a gang systematically groomed and abused dozens of girls - some as young as 12. The girls were invited to parties in Derby and fed drugs and alcohol before being subjected to multiple rapes. Some of them were trafficked between different houses where their horrific ordeal was repeated.
At the conclusion of the three trials, nine men had been jailed for a catalogue of more than 30 serious crimes, including raping children and false imprisonment.
Some of the gang members had used mobile phones to photograph and video them abusing the girls.
Derbyshire police were able to save 27 young female victims from the catalogue of abuse they were subjected to by the gang. The oldest was just 18, the youngest was 12.
Communications data investigations were vital in identifying and smashing the gang and then in securing convictions in court.
In addition to discovering sickening photographs and videos of the abuse being carried out, police were also able to show:
- the association of gang members with each other;
- association of victims to the gang members;
- attribution of handsets to gang members and victims;
- text messages between the gang members and their victims;
- text messages indicating drug-taking at parties.
The evidence was crucial in court in securing the convictions.
Summing up the importance of access to communications data in the investigation, Derbyshire police assistant chief constable Steve Cotterill said:
‘Child sexual exploitation is a horrendous crime. It is often an invisible crime, with victims not directly reporting offences to the police.
‘This policing operation was proactive and utilised a range of covert tactics and communications data to both dismantle the organised crime group and effectively safeguard many children’
CASE STUDY - OPERATION SPAN
Last month, nine men were sentenced to a total of 77 years in jail for a horrific catalogue of rape and sexual violence.
They too groomed dozens of young girls with alcohol and drugs before repeatedly raping them and sharing them around the gang. One girl was raped by as many as 20 men in one night.
Greater Manchester police have identified 47 victims, but it is feared there could be many more.
The men targeted vulnerable youngsters in Rochdale and their level of organisation was such that they even recruited one of their victims to maintain a ready supply of new girls for them to abuse.
They often created fictional ‘caring relationships’ with the girls, giving them food and free taxi rides before fully introducing them to the horrific abuse they would face later.
Communications data was again crucial in jailing the gang and safeguarding the children they targeted.
Police were able to use mobile phone data to prove direct contact between the gang and their victims, by both calls and texts.
Not only did the evidence support testimonies given in court by the seven child victims, but it was also largely uncontested by the defence, giving a crucial plank in the prosecution.