Skip to main content
Internet Archive's 25th Anniversary Logo

Full text of "Cabinet"

See other formats




PEMBROKESHIRE COUNTY COUNCIL 


THE REGULATION OF INVESTIGATORY POWERS 
(RIPA) POLICY 


PEMBROKESHIRE COUNTY COUNCIL 





THE REGULATION OF INVESTIGATORY POWERS (RIPA) 


1.1 


1.2 


POLICY 


INTRODUCTION 


The Regulation of Investigatory Powers Act 2000 (the 2000 Act), the 
Investigatory Powers Act 2016 (the 2016 Act) and the Covert Surveillance 
and Property Interference and Covert Human Intelligence Sources Codes of 
Practice (the Codes), collectively referred to as RIPA, impact upon activities 
undertaken by the Council during the discharge of Council functions when 
Article 8 of the Human Rights Act 1998 - The Right to a Private Life, might 
be engaged covertly. This might typically be where officers undertake covert 
surveillance as part of their enforcement duties. The legislation and 
associated codes of practice in relation to RIPA provide a legal framework, 
with oversight of such activity internally within Pembrokeshire County 
Council (the Council) by virtue of the required policy, procedures and roles; 
and externally via the Investigatory Powers Commissioner’s Office (IPCO). 
Those Council officers who seek to conduct such activity must first obtain 
authorisation from an authorising officer named within this policy. The 
process of application and authorisation ensures that any interference with 
the right to respect for private and family life as set out in the Human Rights 
Act 1998, is lawful, necessary and proportionate. Also, that it is conducted in 
accordance and within the law referred to above. Examples of enforcement 
functions that may require covert surveillance include trading standards, 
licensing, environmental and animal health enforcement. In the Council, 
officers in animal health enforcement and trading standards use RIPA more 
than any other service. Judicial oversight, by way of approval of a Justice of 
the Peace, is required for RIPA authorisations. RIPA authorisation is 
required for covert surveillance involving a specific investigation likely to 
result in obtaining private information (otherwise than by way of an 
immediate response to events) for the prevention or detection of crime 
involving a criminal offence which is punishable by a term of 6 months 
imprisonment or more; or for age-related sale of alcohol and tobacco or 
nicotine inhaling offences. 


The Council is fully committed to complying with the Human Rights Act and 


1.3 


1.4 


1.5 


2 


2.2 


2.3 


2.4 


2.5 


RIPA. 


This Policy sets out the Council's approach to covert surveillance activities 
and the use of covert human intelligence sources (CHIS) falling within the 
RIPA framework, in order to ensure consistency, balance and fairness. It 
also makes it clear to the public that checks and balances apply to the 
Council's use of RIPA. 


IPCO has responsibility for oversight of compliance with RIPA by the 
Council and reports directly to the government in relation to nationwide use 
of RIPA. In order to fulfill this function, inspectors from IPCO conduct 
regular inspections of the Council. 


An annual report regarding the use or lack of use of RIPA powers within the 
Council will be made to the Elected Members of the Cabinet of the Council. 


DEFINITION OF KEY TERMS 


In order to understand the way that RIPA works, it is essential to understand 
the terms used in relation to RIPA, whether a particular proposed activity falls 
within the scope of RIPA and if any authorisation needs to be obtained, and if 
so, at what level. 


“Covert Surveillance" - RIPA is only concerned with surveillance when it 
takes place covertly. Surveillance is covert, if and only if, it is carried out ina 
manner calculated to ensure that any persons who are subject to the 
surveillance are unaware that it is or may be taking place. 


"Intrusive Surveillance” - Local Authorities are not permitted to carry out 
intrusive surveillance. Intrusive surveillance is covert surveillance that is 
carried out in relation to anything taking place on residential premises or in 
any private vehicle, and involves the presence of an individual on the 
premises or in the vehicle, or is carried out by means of a surveillance device. 


It should be noted that the Council is not permitted to authorise any 
interference with property. In any case where trespass is envisaged, officers 
should seek immediate advice from the Council’s Senior Responsible Officer 
(SRO) who is Claire Incledon, Head of Legal and Democratic Services. 


"Directed Surveillance" - Local Authorities can undertake directed 
surveillance. This is surveillance that is: 


° covert, but not intrusive surveillance; 

e conducted for the purposes of a specific investigation or operation; 

e likely to result in the obtaining of private information about a person 
(whether or not one specifically identified for the purpose of the 
investigation or operation); 

e conducted otherwise than by way of an immediate response to events or 
circumstances the nature of which is such that it would not be 

3 


2.6 


2.1 


2.8 


2.9 


reasonably practicable for an authorisation under Part Il of the 2000 Act 


to be sought. 


Directed surveillance should be necessary and proportionate to what it seeks 


to achieve. 


"Core functions" and “Ordinary functions”—‘core functions’ are the 
‘specific public functions', undertaken by a particular authority, in contrast 
to the ‘ordinary functions' which are those undertaken by all authorities 
(e.g. employment issues, contractual arrangements etc.)The disciplining of 
an employee is not a ‘core function’, although related criminal 
investigations may be. 


“Covert Human Intelligence Sources" (CHIS) -A person is a CHIS if they 
establish or maintain a personal or other relationship with a person for a 
covert purpose, they covertly use such a relationship to obtain information 
or to provide access to any information; or they covertly disclose 
information obtained by the use of such a relationship or as a consequence 
of the existence of such a relationship. A CHIS could be a member of the 
public or a Council officer and the relationship can be the suspect or any 
other person. An Authorising Officer, must be satisfied that the CHIS is 
necessary, that the conduct authorised is proportionate to what is sought to 
be achieved and that arrangements for the overall management and 
control of the authorised activity are in force (i.e. that a handler and 
controller will be appointed). 


"Overt Surveillance" - This covers all situations where surveillance is not 
covert. Overt surveillance does not require authorisation under RIPA 
because the individuals should reasonably be aware there is surveillance 
or monitoring being undertaken - e.g. by publicly displayed signs. 


"Surveillance" - This includes monitoring, observing or listening to 
persons, their movements, their conversations or their other activities or 
communications. It may be conducted with or without the assistance of a 
surveillance device and includes the recording of any information obtained. 


THE CODES 


The Home Office website contains the Codes issued pursuant to Section 
71 of the 2000 Act with the current versions of the Codes (dated August 
2018) reflecting changes introduced by the 2016 Act. The Codes are also 
available from the Council’s SRO for reference by any officer of the Council 
who is considering such activity, and likely to apply for, or authorise 
directed covert surveillance or the use of a CHIS. 


REVIEW AND APPROVAL 


This policy was reviewed and has been approved by elected members of 


the Council via Cabinet. It will be placed before elected members to review 
on an annual basis hereafter via Cabinet and will be retained by the SRO 
responsible for the policy. 


5 SENIOR RESPONSIBLE OFFICER (SRO) 


5.1 The Council’s SRO is responsible for the following matters: 
e oversight and ensuring compliance with the 2000 and 2016 Acts and with the 
Codes; 

° ensuring that processes and procedures are in place for the above and 
regularly checking these processes by a documented critique of areas that 
may engage RIPA, which is demonstrated by way of documented meeting 
notes retained; 

° ensuring that a regular regime of dip sampling internet activity by all Council 
staff is carried out and documented to ensure adequate processes are in 
place for the use of the internet on-behalf of the Council; 

° pro-active oversight of applications, authorisations, and records relating 
to RIPA 

° maintaining a central register and -record of all applications, 
authorisations, reviews, renewals and cancellations issued or refused; 

e the reporting of relevant errors to IPCO as soon as practicable and no later 
than 10 working days after identifying an error, with the report containing details 
of the cause of the error, material obtained, any untended collateral 
intrusion, any analysis or action taken, whether material has been 
destroyed or retained, a summary of steps taken to prevent recurrences 
and the implementation of processes to minimise repetition or errors. 
Examples of relevant errors include surveillance/CHIS without lawful 
authority or failure to adhere to safeguards within the Codes. 

e ensuring authorised officers are adequately trained and of an appropriate 
standard 

e ensuring the RIPA policy is fit for purpose 

° engagement with IPCO when they conduct their inspections, where 
applicable 

e oversight of the implementation and post-inspection action plans 
approved by IPCO. 


5.2 Claire Incledon, Head of Legal and Democratic Services and SRO, has been 
responsible for overseeing the use of RIPA within the Council for a number of 
years and has been involved in a number of inspections of the Authority's use 
of RIPA. 


5.3 In order to assist in the monitoring of the RIPA process within the Council, one 
of the Solicitors in the Legal and Democratic Services Division, Sally Martin, will 
have the responsibility of RIPA co-ordinator as part of her role and will be a point of 
contact for any Council officers requiring advice in that respect. 


6 COVERT SURVEILLANCE - AUTHORISATION AND DURATION 


All applications to conduct, renew or cancel directed covert surveillance or use 
of a CHIS must be made on one of the Council's forms used for that purpose. 
All such requests must be submitted to one of the designated Authorising 
Officers of the Council. All applications will be considered by an Authorising 
Officer. The Authorising Officer may, in writing, authorise the activity, refuse 
to authorise the activity, or authorise less of the activity requested that he/she 
believes is necessary and proportionate. Authorisation will only be granted by 
an Authorising Officer, where covert surveillance is considered to be 
necessary and proportionate. The power to grant, extend and cancel 
authorisations is limited to Authorising Officers only, in order to ensure 
oversight greater independence and consistency. 


The authorised activity is subject to judicial approval (by a Justice of the 
Peace) and all authorisations and renewals granted by the Authority, will not 
take effect unless approved by a Justice of the Peace. Activity authorised 
will not be commenced until judicial approval has been obtained. 


Authorisations for directed covert surveillance will cease to have effect (unless 
renewed or cancelled) at the end of a period of three months beginning with 
the time and date judicial approval has been obtained from a magistrate. 


Authorising Officers are responsible for ensuring that reviews of 
authorisations are carried out frequently, to review compliance with that 
activity authorised, and the continued necessity and proportionality of the 
activity. An Authorisation must be cancelled as soon as it is no longer 
necessary and proportionate or if for some reason the activity is not being 
undertaken. When cancelled, the Authorising Officer must ensure that a 
cancellation form is completed. 


"Cancellations" — Record the following:- 

(i) Date and times that surveillance took place; and attach and retain 
documentation in relation to the date and time of the order to cease 
the activity including the date on which such instruction was given. 

(ii) | Date and reason for cancellation. 


(iii) Confirmation that surveillance equipment has been removed. 


(iv) Details of the product obtained from the surveillance and whether or 
not the objectives were achieved. 


6.4 


"Emergency Situations" - Where judicial approval of an authorisation is to 


be sought urgently, the authorising officer should contact Claire Incledon, SRO and 
Head of Legal and Democratic Services, providing all relevant information with 
reference to the above with the addition of a brief outline of why the matter should be 
heard quickly, following which liaison with the Court Clerk to arrange an urgent 
appointment can be carried out. 


6.5 


6.6 


6.7 


7.1 


Note: - This procedure is to be used only in exceptional circumstances 
and a delay in internal procedure would not be deemed to be an 
exceptional circumstance. 


All original applications and authorisations, judicial approval forms, renewals, and 
cancellations, together with any applications not authorised, and associated 
notes/documents must be submitted to Claire Incledon (SRO). These records 
will be indexed and retained in one central record by the SRO who is 
responsible for the maintenance of such records. Copies of any of this 
documentation can be retained within any relevant department for inclusion in 
investigation reports, or management purposes, however the originals must be 
kept within the central record. These records will be retained for 5 years. 


Authorising officers for covert surveillance within the Council are: 


Richard Brown 
Jon Haswell 
James White 
Jonathan Griffiths 
Darren Mutter 


Particular care should be taken in cases where the subject of the investigation or 
operation might reasonably expect a high degree of privacy, or where confidential 
information is involved. Confidential information consists of communications subject 
to legal privilege, communications between a Member of Parliament and another 
person on constituency matters, confidential personal information, or confidential 
journalistic material. So, for example, extra care should be taken where, by 
undertaking surveillance of an individual it is likely that knowledge will be acquired 
of communications between a minister of religion and that individual relating to the 
latter’s spiritual welfare, or between a Member of Parliament and that individual 
where he or she is a constituent relating to constituency matters, or wherever 
matters of medical or journalistic confidentiality or legal privilege may be involved. If 
the use of directed surveillance is likely to lead to obtaining legally privileged or 
confidential information then this must be authorised by the Chief Executive or in 
absence the person acting as Chief Executive. 


COVERT HUMAN INTELLIGENCE SOURCES (CHIS) 


As outlined above, a person is a CHIS if they establish or maintain a personal 
or other relationship with a person for a covert purpose, they covertly use such 
a relationship to obtain information or to provide access to any information; or 
they covertly disclose information obtained by the use of such a relationship or 
as a consequence of the existence of such a relationship. A CHIS could be a 


7.2 


7.3 


7.4 


7.5 


7.6 


7.7 


member of the public or a Council officer and the relationship can be the 
suspect or any other person. 


A relationship is used covertly, and information is disclosed covertly if the other 
party of the relationship is unaware of the purpose of the relationship or the 
disclosure of information as a result of the relationship. Actions taken by an 
Officer in asking or encouraging someone to act as a CHIS would also fall 
within the term. 


An authorisation should be considered whenever the use or conduct of a 
CHIS is likely to engage an individual’s rights under Article 8 of the 
European Convention on Human Rights. 


A member of the public who offers information on another person voluntarily to 
the Council is not a CHIS. However, that person could become a CHIS if a 
Council Officer were to ask him/her to conduct or maintain a relationship to 
covertly obtain information to aid an investigation. 


If the use and conduct of a CHIS is being considered, urgent advice should 
be sought from the Head of Legal and Democratic Services and a written 
application (including risk assessment) be completed recording the points 
outlined in the Code in that regard. 


An Authorising Officer, must be satisfied that the CHIS is necessary 
pursuant to one of the criteria set out in the Code in that regard, that the 
conduct authorised is proportionate to what is sought to be achieved with 
reference tothe elements set out in the Code in that regard and that 
arrangements for the overall management and control of the authorised 
activity are in force (i.e. thata handler and controller will be appointed) and 
in compliance with relevant Articles of the European Convention on Human 
Rights. 


The Council then needs to obtain an order approving the grant or renewal of 
a written CHIS authorisation from a Justice of the Peace and any 
authorisations granted by an Authorising Officer of the Council will not take 
effect unless approved by a Justice of the Peace. If an authorisation is 
granted by an Authorising Officer of the Council, advice should also be 
sought from the Head of Legal and Democratic Services before making an 
application for judicial approval due to the risks and legal complexities 
involved. 


Subject to certain limited exceptions, a written authorisation will, unless 
renewed or cancelled, cease to have effect at the end of a period of 12 
months beginning with the day on which it took effect. 


The Authorising Officer, who grants an authorisation will stipulate the 
frequency of formal regular reviews to ensure that the use or conduct of the 
CHIS remains within the parameters of the authorisation. 


The Authorising Officer, who granted or renewed the authorisation must 


7.8 


7.9 


8.1 


9.1 


cancel it if they are satisfied that the use or conduct of the CHIS no longer 
satisfies the criteria for authorisation or that arrangements for the CHIS’ 
case no longer satisfy the relevant legislative requirements. 


In cases where, through the use or conduct of a CHIS it is likely that 
knowledge of legally privileged material or other confidential information will 
be acquired, the deployment of the CHIS is subject to a higher level of 
authorisation by the Chief Executive or in absence the person acting as 
Chief Executive. 


Confidential source records will be retained in accordance with the 
Regulation of Investigatory Powers (Source Records) Regulations 2000. 


MANAGEMENT OF CHIS 


A CHIS should always be allocated to a specified Council Officer as a 
“Handler” who will usually be of a position below that of the Authorising 
Officer. The Handler will have day to day responsibility for dealing with the 
CHIS on behalf of the Council, directing the day to day activities of the CHIS, 
recording the information supplied by the CHIS and monitoring the CHIS’ 
security and welfare. 


The “Controller” will normally be responsible for the management and 
supervision of the Handler and general oversight of the use of the CHIS. 


The Controller must always complete and retain details about the use of 
the CHIS. The records must be readily accessible to the Handler, the SRO 
and IPCO. 


A CHIS must never encourage another person to commit an offence. 


CHIS- SPECIAL CONSIDERATIONS 


A JUVENILES 

Special safeguards also apply to the use or conduct of a juveniles, that is 
those under 18 years old, as sources. On no occasion should the use or 
conduct of a CHIS under 16 years of age be authorised to give information 
against their parents/any person who has parental responsibility for them. 
Authorisations should not be granted unless the special provisions 
contained within the Regulation of Investigatory Powers (Juveniles) (Order) 
2000 (as amended) are satisfied. Only the Chief Executive or in absence a 
person acting as Chief Executive can authorise their use. The duration of 
such an authorisation is 4 months from the time of grant or renewal and the 
authorisation should be subject to at least monthly review. 


The Council must ensure that an appropriate adult is present at any 
meetings with a CHIS under 16 years of age. The appropriate adult should 
normally be the parent/guardian of the CHIS unless they are unavailable or 
there are specific reasons for excluding them. 


9.2 


10 


10.1 


B VULNERABLE INDIVIDUALS 


A vulnerable individual is a person who by reason of mental disorder or 
vulnerability, other disability, age or illness, is or may be unable to take care of 
themselves, or unable to protect themselves against significant harm or exploitation. 
Where it is known or suspected that an individual may be vulnerable, they should 
only be authorised to act as a CHIS in the most exceptional circumstances by the 
Chief Executive or in absence, the person acting as Chief Executive. 


OBTAINING JUDICIAL APPROVAL OF AUTHORISATIONS 


When making authorisations, Authorising Officers must be aware that each 
authorisation (or renewal of an authorisation) is subject to judicial approval. 


10.2Where an Authorising Officer has granted an authorisation for the use of 


10.3 


10.4 


11 


directed surveillance or a CHIS, judicial approval is required. The Authority is 
required to make an application, without giving notice, to the Magistrates’ 
Court. A Justice of the Peace will give approval of the grant or renewal, if at 
the date of the grant of the authorisation or the renewal, he/she is satisfied 
that the statutory tests have been met and the use is necessary and 
proportionate. 


If the Magistrate considers that the authorisation or renewal has not met the 
above, approval will be refused and the authorisation can be quashed 
although guidance provides for 2 business days for the Council to make 
representations before it is quashed. 


Any Authorising Officer who intends to approve an application for the use of 
directed surveillance or the use of a CHIS, must immediately inform the Head 
of Legal and Democratic Services of the details of the proposed authorisation. 
The Head of Legal and Democratic Services will then make the necessary 
arrangements for an application for an Order to approve the authorisation to 
be made to the Magistrates’ Court. 


ONLINE COVERT ACTIVITY 


The growth of the internet, and the extent of the information that is now 
available online, present new opportunities for public authorities to view or 
gather information which may assist them in preventing or detecting crime or 
carrying out other statutory functions. It is important that public authorities are 
able to make full and lawful use of this information for their statutory 
purposes. 


If the study of an individual’s online presence becomes persistent, or where 
material obtained from any check is to be extracted and recorded and may 
engage privacy considerations, RIPA authorisations may need to be 
considered. 


When online monitoring or investigation is conducted covertly for the purpose 
of a specific investigation or operation and is likely to result in the obtaining of 
private information about a person or group, an authorisation for directed 

surveillance should be considered as set out and referred to elsewhere in the 


policy. 


In deciding whether online surveillance should be regarded as covert, consideration 
should be given to the likelinood of the subject/s knowing that the 
surveillance may be taking place. Depending on the nature of the online 
platform, there may be a reduced expectation of privacy where information 
relating to a person or group of people is made openly available within the 
public domain, however in some circumstances privacy implications still apply 
if the intention when making such information available was not for it to be 
used for a covert purpose. This is regardless of whether a user has sought to 
protect such information by restricting access by activating privacy settings. 


In order to determine whether a directed surveillance authorisation should be 
sought for accessing information on a website as part of a covert 
investigation or operation, it is necessary to look at the intended purpose and 
scope of the online activity it is proposed to undertake. 


.11.3 Any member of a public authority, or a person acting on behalf of a public 
authority, who intends to engage with others online or who intends to conduct 
activity on the internet in such a way that they may interact with others, in 
circumstances where the other parties could not reasonably be expected to 
know their true identity or without disclosing his/her identity, should consider 
whether the activity requires a CHIS authorisation as outlined and referred to 
elsewhere in the policy as a CHIS authorisation may be needed. A directed 
surveillance authorisation should also be considered, unless the acquisition 
of information is/will be covered by the terms of an applicable CHIS 
authorisation. 


Where someone, such as an employee or member of the public, is tasked by a 
public authority to use an internet profile to establish or maintain a relationship 
with a subject of interest for a covert purpose, or otherwise undertakes such 
activity on behalf of the public authority, in order to obtain or provide access to 
information, a CHIS authorisation is likely to be required. 


When engaging in conduct as a CHIS, a member of a public authority should not 
adopt the identity of a person known, or likely to be Known, to the subject of 
interest or users of the site without authorisation. 


12 TRAINING 


It is required that training of those involved in the RIPA process be conducted 


11 


13 


14 


on a regular basis. 


SURVEILLANCE EQUIPMENT 


A schedule of covert surveillance equipment retained by the Council has 
been prepared which includes details of the team responsible for the 
storage, administration and use of this equipment. A copy of the schedule 
will be retained by the SRO and within the Public Protection Division. 


SAFEGUARDS 


Information/material obtained by means of covert surveillance or through the 
use or conduct of a CHIS should be handled in compliance with relevant legal 
frameworks as referred to in the ‘Safeguards (including privileged or 
confidential information)’ sections of the Codes.