Statutory guidance

Protection of Freedoms Act 2012: revised guidance on the making or renewing of national security determinations allowing the retention of biometric data (accessible version)

Published 13 August 2020

Chapter 1 - Introduction

Definitions

In this guidance:

• “1984 Act” or “PACE” means the Police and Criminal Evidence Act 1984
• “1989 Order” or “PACE(NI)” means the Police and Criminal Evidence (Northern Ireland) Order 1989
• “1989 Act” or “SSA” means the Security Service Act 1989
• “1995 Act” or “CP(S)A” means the Criminal Procedure (Scotland) Act 1995
• “CJPOA” means the Criminal Justice and Public Order Act 1994
• “1994 Act” or “ISA” means the Intelligence Services Act 1994
• “2000 Act” or “TA2000” means the Terrorism Act 2000
• “2001 Act” or “ICCA” means the International Criminal Court Act 2001
• “2008 Act” or “CTA” means the Counter-Terrorism Act 2008
• “2010 Act” or “CSA” means the Crime and Security Act 2010
• “2011 Act” or “TPIMA” means the Terrorism Prevention and Investigation Measures Act 2011
• “2012 Act” or “the Act” means the Protection of Freedoms Act 2012
• “2013 Act” or “CJA(NI)” means the Criminal Justice Act (Northern Ireland) 2013 and
• “2019 Act” means the Counter-Terrorism and Border Security Act 2019

Terms in italics are defined in the Glossary at the end of this guidance.

Statutory Guidance

Introduction

1. This guidance is to provide direction to any police force in England and Wales, the Police Service of Scotland, the Police Service of Northern Ireland and to any other law enforcement authority about the making or renewing of a national security determination (“NSD”) allowing the retention and use of biometric material for national security purposes.

2. This guidance is issued pursuant to section 22 of the 2012 Act, which places the Secretary of State under a duty to issue guidance about making or renewing an NSD under the provisions specified at section 20(2)(a) of the 2012 Act. It replaces guidance previously issued in June 2013 and has been updated to reflect amendments made to the provisions specified at section 20(2)(a) of the 2012 Act by Schedule 2 to the Counter-Terrorism and Border Security Act 2019.

3. This guidance is publicly available and, in particular, should be readily accessible to members of any police force or law enforcement authority seeking to extend the permissible period of retention, for national security purposes, of DNA profiles or fingerprints which they have lawfully taken under any power.

4. This guidance is admissible as evidence in criminal and civil proceedings. If any provision of this guidance appears relevant to any court or tribunal considering any such proceedings, it may take that into account. In addition, the Commissioner for the Retention and Use of Biometric Material (“the Biometrics Commissioner”)^{[footnote 1]} may take the provisions of this guidance into account when exercising his or her review functions under the 2012 Act.

5. A law enforcement authority may be required to justify the retention, destruction or use of material held pursuant to an NSD and reference may be made to this guidance where that is appropriate.

Material to which this guidance applies

6. Part 1, Chapter 1 of the 2012 Act provides for the making or renewing of NSDs for biometric material acquired under certain specified legislation in England and Wales, Scotland and Northern Ireland. The relevant legislation is specified at section 20(2)(a) of the 2012 Act, as amended by Schedule 2 to the 2019 Act, and is also set out at Chapter 2 of this guidance.

Extent

7. This guidance extends to the entire United Kingdom.

Purpose of guidance

8. The purpose of this guidance is to:

• set out the basic principles that underpin the powers of a chief officer of a police force in England or Wales, the chief constable of the Police Service of Scotland, the chief constable of the Police Service of Northern Ireland, and any other responsible officer of a law enforcement authority other than a police force to make or renew an NSD extending the retention of biometric data

• set out the test that must be met to lawfully exercise the power to make or renew an NSD

• promote the fundamental principles to be observed by those empowered to make or renew an NSD under provisions specified at section 20(2)(a) of the 2012 Act, and to ensure the effectiveness of the use of those powers to retain biometric material for national security purposes

• ensure that any interference with the right to respect for private and family life (Article 8 of the European Convention on Human Rights^{[footnote 2]} (ECHR) of persons to whom the data belongs is necessary, proportionate and in accordance with the law

• ensure that a chief officer, chief constable or other responsible officer empowered to make or renew an NSD can justify the use of such powers to the Biometrics Commissioner or in court

Application of this guidance

9. Powers to retain biometric data for national security purposes must be exercised fairly and responsibly.

10. Chief officers, chief constables or other responsible officers who make or renew an NSD must apply the relevant statutory requirements, and in doing so must have regard to this guidance.

Basis for lawful retention of biometric material

11. The legislative background for the taking, retention and destruction of fingerprints, footwear impressions, DNA samples and DNA profiles is complex. Powers to obtain such biometric material are contained in a number of different Acts of Parliament. The rules around its retention and deletion were inserted into those statutes by the 2012 Act, and were subsequently amended by the 2019 Act.

The Protection of Freedoms Act 2012

12. The 2012 Act in England and Wales, and in Northern Ireland the Criminal Justice Act (Northern Ireland) 2013, provided for a new framework to regulate the retention, destruction and use of biometric data obtained in accordance with defined statutory regimes by the police and (where applicable) other specified law enforcement authorities. This followed the 2008 S and Marper v UK judgment, in which the European Court of Human Rights found that the “blanket and indiscriminate” retention of DNA from non-convicted individuals (as was permitted under the then legislation) violated Article 8 of the European Convention on Human Rights (the right to privacy).

13. The key characteristic of the framework introduced by the 2012 Act is that it does not permit the indefinite retention of biometric material unless the person from whom it was taken is, or has been, convicted of an offence. Where material is retained in the absence of a conviction, in certain specified circumstances, it may only be held for a specified period (in most cases three years) and must then be destroyed unless further retention is authorised under one of a small number of powers.

14. As part of these changes, the 2012 Act introduced the extended retention of biometric material on national security grounds through the making of NSDs, subject to the safeguard of independent oversight by the Biometrics Commissioner. As well as introducing NSD powers into the law applicable in England and Wales (as well as UK- wide counter-terrorism law), the 2012 Act provided NSD retention powers in all jurisdictions by amending the law applicable in Scotland (the Criminal Procedure (Scotland) Act 1995) and in Northern Ireland, making specific provision for material taken under the Police and Criminal Evidence (Northern Ireland) Order 1989.

The Counter-Terrorism and Border Security Act 2019

15. In June 2017, following the London Bridge terrorist attack (the third of five attacks in the UK in 2017), the then Prime Minister announced that the Government would review its counter-terrorism strategy “to make sure the police and security services have all the powers they need”. Following this review, the then Counter-Terrorism and Border Security Bill was introduced to Parliament in June 2018, gaining Royal Assent on 12 February 2019.

16. The 2019 Act amends the framework for making NSDs that was inserted into a range of other enactments by the 2012 Act, specifically to:

• increase from two to five years the maximum length of an NSD
• allow any chief officer of a police force in England and Wales to make an NSD in respect of material taken by any police force in England and Wales (previously only “the responsible chief officer”, that is a chief officer of the force which took the material, could make an NSD in relation to that material)^{[footnote 3]}
• allow multiple sets of fingerprints relating to the same individual to be retained under a single NSD (previously a new NSD, with a different expiry date, would have to be made in order to authorise the retention of any further sets of fingerprints taken from an individual whose fingerprints were already retained under an existing NSD)

17. The 2019 Act also introduced an automatic retention period of three years in a case where a person without a previous conviction is arrested under PACE on suspicion of a qualifying terrorism offence, to mirror the existing provision where a suspected terrorist is arrested under the Terrorism Act 2000 (“TACT”)

18. The 2019 Act also introduces, at Schedule 3, new powers for ports officers to stop, question, search and detain a person at a port or the Northern Ireland border area, for the purpose of determining whether the person appears to be a person who is, or has been, engaged in hostile activity. This is modelled on the existing counter-terrorism powers at Schedule 7 to TACT, and similarly to those powers, Schedule 3 to the 2019 Act provides for a chief officer to make an NSD authorising the retention of fingerprints and DNA profiles derived from samples taken under Schedule 3 (which must otherwise be deleted after six months)

19. This revised guidance is being published to reflect the changes made by the 2019 Act.

Chapter 2 - The making of national security determinations

Powers to make national security determinations

Scope

20. This guidance concerns the exercise of powers that permit the making or renewing of NSDs by a chief officer of a police force in England and Wales, the chief constable of the Police Service of Scotland, the chief constable of the Police Service of Northern Ireland, and any other responsible officer other than a chief officer of a police force who is empowered to make or renew NSDs. Those powers are:

• section 63M of the Police and Criminal Evidence Act 1984 (section 63D material retained for purposes of national security) as amended by the 2019 Act
• paragraph 20E of Schedule 8 to the Terrorism Act 2000 (paragraph 20A material retained for purposes of national security) as amended by the 2019 Act
• section 18B of the Counter-Terrorism Act 2008 (section 18 material retained for purposes of national security) as amended by the 2019 Act
• paragraph 11 of Schedule 6 to the Terrorism Prevention and Investigation Measures Act 2011 (paragraph 6 material retained for purposes of national security) as amended by the 2019 Act
• section 18G of the Criminal Procedure (Scotland) Act 1995 (certain material retained for purposes of national security) as amended by the 2019 Act
• paragraph 7 of Schedule 1 to the Protection of Freedoms Act 2012 (material subject to the Police and Criminal Evidence (Northern Ireland) Order 1989 retained for purposes of national security) as amended by the Criminal Justice Act (Northern Ireland) 2013 and the 2019 Act
• paragraph 46 of Schedule 3 to the Counter-Terrorism and Border Security Act 2019 (paragraph 43 material retained for the purposes of national security)

21. The powers referred to above allow NSDs to be made authorising the retention of DNA profiles and fingerprints for an additional period of up to five years if this is necessary and proportionate for the purpose of national security. NSDs may be renewed to authorise ongoing retention of the material beyond the initial period, if this legal test continues to be met. Responsibility for making an NSD rests with chief officers, chief constables or other responsible officers.

22. All NSDs must be referred within 28 days for review by the Biometrics Commissioner, who has the power to order destruction of the material if he or she is not satisfied that its retention is necessary and proportionate for the purpose of national security (unless the material is otherwise capable of being lawfully retained).

23. There are various other powers set out in legislation which permit the retention of DNA profiles and fingerprints, either indefinitely or for specified periods, by the police and other law enforcement authorities. Only in the absence of one of those other grounds, where the biometric data is not otherwise capable of being lawfully retained, does an NSD need to be made by a chief officer, chief constable or other responsible officer.

Northern Ireland

24. At the time of this guidance being published, paragraph 7 of Schedule 1 of the Protection of Freedoms Act 2012 Act has yet to be brought into operation. Consequently, the Police Service of Northern Ireland does not have the ability to make NSDs for material taken under the Police and Criminal Evidence (Northern Ireland) Order 1989. Commencement of paragraph 7 of Schedule 1 is subject to the commencement of new Articles 63B to 63R of the 1989 Order (as inserted by Schedule 2 of the Criminal Justice Act (Northern Ireland) 2013).

Chapter 3 - Requirements

National Security - Approach

25. The UK’s approach to national security recognises that it is a necessarily flexible concept, which must be capable of evolving over time to take account of the changing threats faced. Accordingly, it is not a term defined anywhere in legislation where it appears (although non-exhaustive indications in some pieces of legislation^{[footnote 4]} give broad examples of what the term may ‘in particular’ include).

26. This guidance is not to be taken as affecting the legally understood meaning of national security in any way.

27. Information on the UK’s approach to national security can be found on the relevant pages of the GOV.UK website at https://www.gov.uk/government/topics/national-.

A national security determination

28. Where an NSD is made this exempts the relevant police force or law enforcement authority from the requirement to destroy the biometric material in accordance with the destruction provisions in the relevant legislation^{[footnote 5]}. It permits the extended retention of material only for as long as a relevant NSD has effect in relation to that material. Although the maximum permitted length of an NSD is five years, chief officers, chief Constables and other responsible officers should make an NSD with a shorter length if they consider that an extended retention period of five years would not be necessary and proportionate in all the circumstances of the particular case.

The test to apply

29. The chief officer, chief constable or other responsible officer considering an NSD should have regard to the right to privacy of the individual to whom the material belongs, in particular under Article 8 of the ECHR. Making an NSD under any of the statutory provisions listed in section 20(2)(a) of the 2012 Act will only ensure that the retention of that biometric material is a justifiable interference with an individual’s Article 8 rights where the retention is both necessary and proportionate.

Necessity

30. In order to make an NSD under any of the statutory provisions listed in section 20(2)(a) of the 2012 Act, as amended by the 2019 Act, the chief officer, chief constable or other responsible officer must have reasonable grounds to believe that an NSD is necessary in the circumstances of the particular case for the purposes of national security. In this context an NSD may be necessary, for example, if the subject poses a sufficient threat to national security to justify retention of their biometric data, in order to assist the police in identifying if they are involved in activity which threatens national security or in investigating such activity.

31. The chief officer, chief constable or other responsible officer must carefully consider all relevant evidence in order to assess whether there are reasonable grounds for believing that retention is necessary for the purpose of national security. In doing so, they may wish to consider any or all of the following non-exhaustive categories of information:

a) police intelligence

b) arrest history

c) information provided by others concerned in the safeguarding of national security

d) international intelligence

e) any other information considered relevant by the chief officer, chief constable or other responsible officer

32. The chief officer, chief constable or other responsible officer should also take into account factors including but not limited to the nature and scale of the threat to national security if the material is not retained (for example the risk that engagement by the subject in terrorism-related activity may go undetected) and the potential benefit that would derive from the extended retention of the biometric material in question.

Proportionality

33. The effect of the Human Rights Act 1998 is that other legislation, including the legislation referred to above under which an NSD may be made, must be interpreted and operated in a way that is compatible with the European Convention on Human Rights. Therefore, in order to make an NSD, the retention of information must be proportionate to the aim sought to be achieved, as well as being necessary for the purpose of national security. This will involve balancing the extent and impact of the interference with the rights of the individual to whom the material belongs to respect for their private and family life (Article 8 ECHR), against the need to retain such material for the purpose of national security (i.e. the need for retention for intelligence, investigative or operational purposes related to national security).

34. Accordingly, the chief officer, chief constable or other responsible officer should give careful consideration to any adverse impact which retention of the material might have on the individuals concerned – bearing in mind any particular circumstances. If they are of the view that an NSD of five years would not be proportionate in all the circumstances, they should consider whether a shorter duration might be more proportionate.

35. Any decision to retain biometric material for national security purposes is unlikely to be proportionate where the impact of the interference with the right to privacy upon the individual to whom the material belongs appears to exceed the need to retain the material for national security purposes. It is therefore essential that the chief officer, chief constable or other responsible officer keeps a written record of the reasons for the decision, by reference to the evidence of necessity and of any adverse impact caused to the individual.

Making a national security determination

36. An NSD must be made in writing by the chief officer, chief constable or other responsible officer. An NSD has effect for a maximum of five years beginning with the date on which it is made, and may be made for a shorter duration if the full five years is not considered to be necessary and proportionate.

37. At the end of this period the NSD may be renewed subject to the necessity and proportionality tests described above continuing to be met.

38. An NSD may only be made by a chief officer, chief constable or other responsible officer and only where the test for making an NSD has been met.

39. The nominated deputy of a chief officer or chief constable may, during any period when the chief officer or chief constable is unable to exercise the functions, exercise the powers in respect of making or renewing an NSD. A nominated deputy should be of at least the rank of assistant chief constable or commander.

40. The Biometrics Commissioner should be informed whenever an NSD is made or renewed by a nominated deputy of a chief officer or chief constable that this is the case.

Preparing an application to a chief officer, chief constable or other responsible officer

41. Where an officer considers that it is necessary and proportionate to retain material for the purposes of national security, rather than destroy it in accordance with the relevant destruction obligation, they should prepare an application to make or renew an NSD and submit it for consideration to a chief officer, chief constable or other responsible officer as soon as is reasonably practicable. They should set out all factors potentially relevant to the making or renewing of an NSD, and their reasoned recommendation that the chief officer, chief constable or other responsible officer make or renew an NSD in the case at issue.

42. An officer should include their analysis of all relevant information. The application should set out all relevant factors and considerations including any which may undermine the case for making or renewing an NSD.

43. The police and other law enforcement authorities may retain DNA profiles and fingerprints taken from those persons arrested but not convicted of non-terrorist related offences until the conclusion of the investigation into that offence, or of any proceedings relating to that offence. In these circumstances the material may be further retained for a reasonable period where this is for the purpose of either conducting a speculative search against existing holdings of biometric material, or of considering or preparing an application for an NSD (in the case of an NSD application a reasonable period will be the minimum necessary to consider or prepare the application, and should not exceed six months).

44. In the case of biometric material collected under section 18 of the Criminal Procedure (Scotland) Act 1995, the relevant physical data, sample or information derived from a sample shall be destroyed as soon as possible following a decision not to institute criminal proceedings or on the conclusion of such proceedings otherwise than with a conviction or an order under section 246(3) of that Act.

Submission of an application to a chief officer, chief constable or other responsible officer

45. An officer making an application for an NSD to a chief Officer, chief constable or other responsible officer should do so within a reasonable period before the expiry of the applicable statutory retention period, in order to allow the chief officer, chief constable or other responsible officer sufficient time to give the application full and proper consideration.

46. A chief officer, chief constable or other responsible officer should consider any application made to them and should make a decision on whether to make or renew an NSD before the expiry of the applicable statutory retention period. This decision should be recorded in writing. The chief officer, chief constable or other responsible officer may, before making their decision, request such additional information or clarification as they consider appropriate. If an NSD is made then it must be recorded in writing.

Independent oversight by the Biometrics Commissioner

The Biometrics Commissioner’s responsibilities

47. The Biometrics Commissioner is appointed by the Secretary of State to provide independent oversight of, amongst other things, the exercise of powers to make or renew NSDs, and to review the uses to which biometric material subject to an NSD is put. Specifically, under sections 20(2)(a) and (b) of the 2012 Act, the Biometrics Commissioner must keep under review:

• every NSD made or renewed
• the uses to which material retained pursuant to an NSD is put

48. Section 20(4) and (5) of the 2012 Act provide that where the Biometrics Commissioner concludes that it is not necessary and proportionate for material retained pursuant to an NSD to be so retained, the Commissioner may order the destruction of the material at issue, provided that it may not otherwise be lawfully retained.

Notifying the Biometrics Commissioner

49. Section 20(3) of the 2012 Act requires that a chief officer, chief constable or other responsible officer making or renewing an NSD must notify the Biometrics Commissioner of any NSD made or renewed within 28 calendar days of it being made or renewed.

50. This NSD notification must include a copy of the written NSD and the reasons for making or renewing it. The NSD notification should be in writing, appropriately protectively marked and transmitted in accordance with applicable security procedures to the Biometrics Commissioner.

51. When considering an NSD notification submitted by a chief officer, chief constable or other responsible officer, the Biometrics Commissioner may seek further information or clarification from the chief officer, chief constable or other responsible officer. Every person who makes or renews a NSD is under a duty (as a result of section 20(3)(b) of the 2012 Act) to disclose or provide to the Biometrics Commissioner any documents or information which the Commissioner may require for the purpose of carrying out their functions to review the making or renewing of NSDs, and the uses to which material retained pursuant to an NSD is put. The chief officer, chief constable or other responsible officer must therefore provide the Biometrics Commissioner with all documents and information that the Commissioner requires to carry out their oversight function.

52. Compliance with this duty will likely include the provision of all documentation which was considered by the chief officer, chief constable or other responsible officer in making or renewing an NSD. In disclosing or providing documents and information to the Commissioner, the person making or renewing the NSD should ensure that the Biometrics Commissioner’s request to do so and any response is centrally recorded (see Chapter 4 – Keeping of records).

53. Where the Biometrics Commissioner does not agree that retention of material covered by an NSD made or renewed by a chief Officer, chief constable or other responsible officer is necessary and proportionate, the chief officer, chief constable or other responsible officer will be informed.

54. Every person who makes or renews an NSD under provisions set out in section 20(2)(a) of the 2012 Act must comply with an order by the Biometrics Commissioner to destroy material retained pursuant to an NSD in accordance with instructions set out by the Biometrics Commissioner.

55. The relevant chief officer, chief constable or other responsible officer should confirm in writing to the Biometrics Commissioner that destruction has occurred.

Cancelling a national security determination

Requirement to consult

58. A chief officer, chief constable or other responsible officer should, before making a decision to cancel an NSD and destroy material retained pursuant to it, consult relevant law enforcement authorities where appropriate.

Renewing a national security determination

59. An NSD which will otherwise expire may be renewed by a chief officer, chief constable or other responsible officer if they consider it necessary and proportionate to do so. Renewed NSDs must be notified to the Biometrics Commissioner in the same way as new ones, and the same requirement applies for the Biometrics Commissioner to review every renewed NSD.

The test to apply

60. The test for renewing an NSD is the same as it is for making a new NSD.

61. An NSD may only be renewed where there is information, or the existence of circumstances, which lead the chief officer, chief constable or other responsible officer to believe that the exercise of those powers at that time is both necessary for the purposes of national security and proportionate. This may involve an assessment of any or all of the matters, and the categories of information, set out in paragraphs 30 to 34 above.

62. A renewed NSD may be based on the same or substantially the same intelligence or information used to make the original determination. The absence of new information at the time of renewal does not preclude renewal, however a chief officer, chief constable or other responsible officer considering a renewal should satisfy themselves that the information they have been provided with is the most up to date available.

63. A renewed NSD has effect for a maximum of five years beginning with the date on which it is made. An NSD may be renewed for a shorter period if the chief officer, chief constable or other responsible officer considers that appropriate.

64. Given the enduring nature of some national security threats, it may be necessary and proportionate to renew an NSD on multiple occasions. There is no limit to the number of times that an NSD may be renewed, but each time it is renewed it must be necessary and proportionate to renew. In some circumstances the argument for necessity may diminish over time in the absence of new information to suggest that the subject poses an ongoing risk, however this will not necessarily be the case.

65. A chief officer, chief constable or other responsible officer should, before making a decision not to renew an NSD, consult any relevant law enforcement.

Notification of renewal of an NSD to the Commissioner

66. The Biometrics Commissioner must be notified of the renewal of an NSD by a chief officer, chief constable or other responsible officer within 28 calendar days of an NSD being renewed. This notification of renewal should include the reasons for the renewal and must be in writing, be appropriately protectively marked and transmitted in accordance with applicable security procedures to the Biometrics Commissioner.

Chapter 4 - Keeping of records

Recording requirements

67. A centrally retrievable record of every NSD made or renewed (including a copy of the NSD notification submitted to the Biometrics Commissioner) should be established and maintained by each police force or other law enforcement authority. A progress log should also be established and maintained by each police force or other law enforcement authority. This progress log should be regularly updated whenever an NSD is made, renewed or cancelled.

68. The log should record:

• the date on which the chief officer, chief constable (or their nominated deputy) or other responsible officer made the NSD, his or her name, organisation and rank
• the date on which the NSD notification informing the Biometrics Commissioner of the making of an NSD was sent
• the date on which confirmation of receipt of the NSD notification by the Biometrics Commissioner was received
• the outcome of the Biometrics Commissioner’s consideration of the NSD (’the decision’)
• the date on which any destruction of material held pursuant to an NSD occurred (and whether destruction was by order of the Biometrics Commissioner)
• the date on which an NSD was cancelled by a chief officer, chief constable or other responsible officer
• the same information as regards any subsequent renewal of an NSD

Reporting requirements

69. In order to contribute to the effective oversight of the operation of the powers for retention on national security grounds, each police force and law enforcement authority empowered to make or renew an NSD should record, and supply on request to the Home Office or the Biometrics Commissioner for every 12 month period from the date of commencement (the reporting period) the following statistical information:

• the number of applications to make an NSD made to a chief officer, chief constable or other responsible officer that were rejected during the reporting period
• the number of cases where an application for an NSD was considered but not taken forward
• the number of NSDs made during the reporting period
• the number of NSDs renewed during the reporting period
• the number of NSDs overturned by the Biometrics Commissioner during the reporting period
• the number of orders for destruction received from the Biometrics Commissioner during the reporting period
• the number of NSDs that have expired during the reporting period
• the number of NSDs that have been cancelled before the end of the permitted retention period during the reporting period
• the uses to which material retained pursuant to an NSD has been put during the reporting period

Information management

70. Information processed by police forces and other law enforcement authorities for the purposes of making or renewing an NSD must be done in accordance with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). Information that is held by the law enforcement authority should be handled in accordance with the relevant published guidance on the management of police information.^{[footnote 6]}

71. Any and all classified information should be managed in accordance with applicable security procedures as set out in the HMG Security Policy Framework.^{[footnote 7]} This means, in particular, that it must be stored and transmitted securely. Authorisation for the use of any classified information owned or supplied by a third party or parties, where it is intended to be used to support the making or renewing of an NSD, must be obtained from the originating third party or parties.

72. Chief officers, chief constables and other responsible officers should ensure that access to the centrally retrievable record and progress log by the Biometrics Commissioner is granted as and when requested.

Chapter 5 - Glossary

Police force

A police force - meaning:

• the Metropolitan Police Service
• a police force maintained under section 2 of the Police Act 1996 (police forces in England and Wales outside London)
• the City of London Police Force
• the Police Service of Scotland
• the Police Service of Northern Ireland
• the Police Service of Northern Ireland Reserve
• the Ministry of Defence Police
• the Royal Navy Police
• the Royal Military Police
• the Royal Air Force Police
• the British Transport Police

Law enforcement authority

A police force (as defined above), the National Crime Agency, the Commissioners for Her Majesty’s Revenue and Customs or any other authority with relevant powers to make or renew an NSD under legislation specified at paragraph 20 of this guidance.

Biometric material

DNA sample - any material that has come from a human body and consists of or includes human cells.

DNA profile - any information derived from a DNA sample.

Fingerprints - a record (in any form and produced by any method) of the skin pattern and other physical characteristics or features of a person’s fingers or either of a person’s palms.

National security determination (NSD)

A determination made by a chief officer, chief constable or other responsible officer (of a law enforcement authority) to extend the retention of biometric material on national security grounds.

Responsible officer

A person within a law enforcement authority who is entitled to authorise the retention of biometric material for national security purposes. This includes:

• the chief officer of a police force in England and Wales
• the Chief Constable of the Police Service of Scotland
• the Chief Constable of the Police Service of Northern Ireland
• the Chief Constable of the Ministry of Defence Police - the provost marshal for the Royal Navy, Royal Military or Royal Air Force police force
• the Chief Constable of the British Transport Police
• the Director General of the National Crime Agency
• the commissioners for Her Majesty’s Revenue and Customs

NSD application

A written application to a chief officer, chief constable or other responsible officer requesting that they make or renew a national security determination.

NSD notification

A written NSD notification from a responsible chief officer, chief constable or other responsible officer that is sent to the Biometrics Commissioner for review.

Secretary of State

Any Secretary of State (in practice this will generally be the Home Secretary)

1. The Scottish Biometrics Commissioner Act 2020 creates a new office of the Scottish Biometrics Commissioner who will have functions in relation to the use of biometric data by specified police bodies in Scotland. It should be noted that the Scottish Biometrics Commissioner will not have functions in relation to national security determinations and any matters pertaining to such determinations will remain within the remit of the Commissioner for the Retention and Use of Biometric Material. ↩

2. http://www.echr.coe.int/Documents/Convention_ENG.pdf ↩

3. NSDs may only be made in respect of material obtained under the powers referred to in section 18G(1) of the Scotland Act 1995, or in relation to material to which Article 64 of the NI Order 1989 applies, by, respectively, the chief constables of the Police Service of Scotland and the Police Service of Northern Ireland. ↩

4. See the Security Service Act 1989 and Intelligence Services Act 1994. ↩

5. The 2012 Act in England and Wales, the 1995 Act in Scotland and the 1989 Order in Northern Ireland. ↩

6. https://www.app.college.police.uk/app-content/information-management/management-of-police- ↩

7. https://www.gov.uk/government/publications/security-policy-framework ↩