Code of Practice on Covert Surveillance

1.0 Introduction

The Council enforces the law in a number of areas. As part of this enforcement there will be occasions where surveillance of individuals or property is necessary to ensure that the law is being complied with. When the Council does decide to undertake surveillance, it is important that it remains within the law which is contained in the Regulation of Investigatory Powers Act 2000 (“the Act”) as amended by the Protection of Freedoms Act 2012 and the Investigatory Powers Act 2016. 

The GOV website provides an overview of the Act and procedures: 

Surveillance and counter-terrorism

The Act sets out certain criteria that the Council has to comply with before it undertakes surveillance and those are also reflected in the Office of Surveillance Commissioners' Procedures and Guidance (“the Guidance”) in relation to covert surveillance by public authorities which is available on the Investigatory Powers Commissioner’s website.

Office of Surveillance Commissioners procedures and guidance (PDF)

The Home Office have published a Code of Practice on Covert Surveillance and Property Interference which is available on its website.

Covert Surveillance and Property Interference Revised Code of Practice (PDF)

The Home Office has also issued guidance on the judicial approval process for the Regulation of Investigatory Powers (RIPA) Act 2000 and the crime threshold for directed surveillance. This is available on the Home Office website.

Home Office guidance to local authorities in England and Wales on the judicial approval process for RIPA and the crime threshold for directed surveillance

Officers will need to familiarise themselves with the contents of the Guidance and the Code. 

The Investigatory Powers Commissioner’s Office now has responsibility for oversight of investigatory powers from the Office of Surveillance Commissioners. 

Investigatory Powers Commissioner’s Office

The Council will comply with the Code when carrying out directed surveillance and officers should be aware of its provisions. Failure to observe the provisions of the Act may result in the protection of the Act not being available. This may mean that the evidence gathered:

• is not admissible in court proceedings.  
• is a breach of an individual's human rights

This policy sets out how Colchester Borough Council (including Colchester Borough Homes) will comply with the Act, the Code and the Guidance. It also clarifies the circumstances in which officers will be able to use covert surveillance and the internal requirements that will need to be observed when conducting that surveillance. 

The Policy Statement should be read in conjunction with the Council's Data Protection Policy. 

The Policy Statement will be made available for inspection at Council offices. 

Any officer considering an application under the Act should first seek the advice of the Senior Responsible Officer in Legal Services. 

2.0 What does the Act and the Code cover? 

The Act and the Code cover covert surveillance, which is defined in the Act as being surveillance which “is carried out in manner calculated to ensure that the persons subject to the surveillance are unaware that it is or may be taking place”.  

2.1 Directed surveillance 

Local authorities can only use a form of covert surveillance called “directed surveillance”. This is defined in the Act as where the surveillance is covert but not intrusive and is undertaken: 

• for the purposes of a specific investigation or operation 
• in such a manner as is likely to result in the obtaining of private information about a person (whether or not specifically identified for the purposes of the investigation) and 
• otherwise than by way of an immediate response to events or circumstances, the nature of which is such that it would not be reasonably practicable for an authorisation under the Act to be sought

“Private Information” in relation to a person includes any information relating to their private or family life. 

Surveillance is not covert if notification has been sent to the intended subject of the surveillance. For example, in a noise nuisance case a letter notifying a subject that the noise will be monitored by officers visiting will make the surveillance overt. However, as a matter of good practice, surveillance should be considered covert if the notification to the subject is over 3 months old. All communications of this nature should be sent by Registered Post or delivered by hand. 

2.2 General observations 

General observations by officers in the course of their duties are not covered by the Act.

Directed surveillance will not include surveillance that is undertaken as an immediate response to events or circumstances which, by their nature could not have been foreseen. This will include situations where officers are out in the normal course of their duties and happen to witness an activity, for example a housing officer visiting tenants and witnessing anti-social behaviour by an individual. In other words, where there is no systematic surveillance. 

If there is any doubt as to whether a RIPA authorisation is required, you must seek advice from the Council’s Legal Services. 

2.3 Intrusive surveillance 

 “Intrusive Surveillance” is surveillance that is: 

• carried out in relation to anything taking place on any residential premises or in any private vehicle; and 
• involves the presence of an individual on the premises or in the vehicle or is carried out by means of a surveillance device

Intrusive Surveillance cannot be authorised by local authority officers and all officers are strictly prohibited from engaging in Intrusive Surveillance. 

2.3 Covert Human Intelligence Sources 

The Council is also permitted to use Covert Human Intelligence Sources under the Act. A Covert Human Intelligence Source is someone who establishes or maintains a personal or other relationship for the covert purpose of helping the covert use of the relationship to obtain information. However, at the current time the Council does not consider this necessary and will not use Covert Human Intelligence Sources. 

All officers are strictly prohibited from using Covert Human Intelligence Sources. 

Unlike directed surveillance, which relates specifically to private information, authorisations for the use or conduct of a Covert Human Intelligence Source do not relate specifically to private information, but to the covert manipulation of a relationship to gain any information. European Court of Human Rights case law makes it clear that Article 8 of the European Convention on Human Rights includes the right to establish and develop relationships. Accordingly, any manipulation of a relationship by a public authority (e.g. one party having a covert purpose on behalf of a public authority) is likely to engage Article 8, regardless of whether or not the public authority intends to acquire private information. 

Not all human source activity will meet the definition of a Covert Human Intelligence Source. For example, a source may be a public volunteer who discloses information out of professional or statutory duty, or has been tasked to obtain information other than by way of a relationship. 

Certain individuals will be required to provide information to public authorities or designated bodies out of professional or statutory duty. For example, employees within organisations regulated by the money laundering provisions of the Proceeds of Crime Act 2002 will be required to comply with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 and report suspicious transactions. Similarly, financial officials, accountants or company administrators may have a duty to provide information that they have obtained by virtue of their position to the Serious Fraud Office. 

Any such regulatory or professional disclosures should not result in these individuals meeting the definition of a Covert Human Intelligence Source, as the business or professional relationships from which the information derives will not have been established or maintained for the covert purpose of disclosing such information. 

Individuals or members of organisations (e.g. travel agents, housing associations and taxi companies) who, because of their work or role have access to personal information, may voluntarily provide information to the police on a repeated basis and need to be managed 

appropriately. Public authorities must keep such human sources under constant review to ensure that they are managed with an appropriate level of sensitivity and confidentiality, and to establish whether, at any given stage, they could be regarded as a Covert Human Intelligence Source. 

Any officer concerned must seek urgent advice from the Senior Responsible Officer. 

3.0 Areas of operation 

The Council has examined its functions and considers that the following areas may use directed surveillance from time to time. The following is not meant to be an exhaustive list but covers areas where directed surveillance may be necessary in the course of the Council’s business.  

• Neighbour nuisance and anti-social behaviour 
• Protection of Council property 
• Licensing enforcement 
• Fraud against the Council(including benefit fraud) 
• Misuse of Council property, facilities and services 
• Enforcement of the planning regime 
• Environmental monitoring and control 
• Food Safety enforcement. 
• CCTV, but more on this later (see 8.2). 

However this is subject to the crime threshold referred to at 5.0 below. 

4.0 Authorisation and authoring officers 

If directed surveillance is proposed to be carried out then authorisation must be sought. Under the Regulation of Investigatory Powers (Directed Surveillance and Covert Human Intelligence Sources) Order 2003 as amended by the Regulation of Investigatory Powers (Directed Surveillance and Covert Human Intelligence Sources) Order 2010 and the Regulation of Investigatory Powers (Directed Surveillance and Covert Human Intelligence Sources) (Amendment) Order 2015, the Council considers that the following officers can authorise directed surveillance (“Authorising Officer”): 

• Chief Executive
• Chief Operating Officer
• Executive Director; and Strategic Director

Any case involving Confidential Information must be authorised by the Chief Executive. 

An Authorising Officer when being requested to authorise directed surveillance must be satisfied that the request is necessary and meets the criteria set down in the Act, the Code and the Guidance. An Authorising Officer must not authorise directed surveillance connected with an investigation in which they are directly involved. 

Any application to extend or cancel surveillance must also be approved by an Authorising Officer. 

Once any application is approved by the Authorising Officer it must be referred to Legal Services who will make an application for approval by a Magistrate. 

No directed surveillance may be undertaken by the Council without the prior approval of a Magistrate. 

5.0 Crime threshold 

The Guidance states that the Council: 

• can only grant an authorisation under RIPA for the use of directed surveillance where it is investigating criminal offences which attract a maximum custodial sentence of six months or more or criminal offences relating to the underage sale of alcohol or tobacco.  
• cannot authorise directed surveillance for the purpose of preventing disorder unless this involves a criminal offence(s) punishable (whether on summary conviction or indictment) by a maximum term of at least 6 months' imprisonment.  
• can authorise use of directed surveillance in more serious cases as long as the other tests are met – ie that it is necessary and proportionate and where prior approval from a Magistrate has been granted. Examples of cases where the offence being investigated attracts a maximum custodial sentence of six months or more could include more serious criminal damage, dangerous waste dumping and serious or serial benefit fraud.  
• can authorise the use of directed surveillance for the purpose of preventing or detecting specified criminal offences relating to the underage sale of alcohol and tobacco where the necessity and proportionality test is met and prior approval from a Magistrate has been granted.  
• cannot authorise the use of directed surveillance under RIPA to investigate disorder that does not involve criminal offences or to investigate low-level offences which include, for example, littering, dog control and fly-posting

6.0 Grounds for granting an authorisation 

An authorisation for directed surveillance may only be granted if the Authorising Officer believes that authorisation is necessary: 

• for the purposes of preventing or detecting crime or of preventing disorder and it meets the crime threshold mentioned in 5.0 above. 

AND the Authorising Officer must also be satisfied and believe that the surveillance is proportionate to what it seeks to achieve. 

The Code advises that following elements of proportionality should be fully considered: 

• balancing the size and scope of the proposed activity against the gravity and extent of the perceived mischief; 
• explaining how and why the methods to be adopted will cause the least possible intrusion on the target and others; 
• that the activity is an appropriate use of the legislation and the only reasonable way, having considered all others, of obtaining the necessary result; and 
• providing evidence of other methods considered and why they were not implemented. 

Covert surveillance will only be used for one of the legitimate purposes where sufficient evidence exists to justify the surveillance and the surveillance is the least intrusive method of meeting that purpose. The surveillance itself must be a proportionate response to the issue it is seeking to address. Consideration should be given to alternative methods of resolving the situation or obtaining the evidence sought and this should be documented. 

Particular attention should be paid to the effect of the surveillance on the privacy of other persons ("collateral intrusion"). Measures should be taken to avoid or minimise intrusion. Any collateral intrusion should be taken into account when an Authorising Officer is assessing proportionality. 

7.0 Procedure for authorisations, cancellations and renewals 

7.1 Authorisations 

An authorisation must be granted by those persons authorised at 4 above. No other person is permitted to authorise directed surveillance. 

Authorisations must be in writing on the form attached. 

Authorisation cannot be given to operations after they have commenced. Failure to obtain correct authorisation may mean that evidence is not admissible in legal proceedings and may breach a subject's human rights. 

The authorisation form must be kept on the relevant case papers and held securely. A copy of the authorisation must be passed to Legal Services to be held on a central file and monitored for consistency of approach of Authorising Officers and validity. 

An authorisation period begins on the date and time the authorisation is approved by a magistrate and will cease to have effect (unless renewed) at the end of a period of three months beginning with the day on which it took effect.  

7.2 Magistrates’ Approval 

Once an authorisation form has been completed Legal Services will: 

• contact the Magistrates’ Court to arrange for a hearing 
• supply the court with a partially completed judicial application/order form  
• supply the court with a copy of the authorisation and any supporting documents setting out the Council’s case 
• the hearing will be in private and be heard by a single Justice of the Peace 

The Justice of the Peace may decide to either: 

• approve the grant (or renewal) of an authorisation; or 
• refuse to approve the grant (or renewal) of an authorisation 

It is preferable for the Authorising Officer also to attend the hearing to give the Bench assistance if necessary. 

7.3 Review 

Officers should, as a matter of good practice, review authorisations on a regular basis during the course of that surveillance to ensure that the authorisation still meets the criteria. If it does not, the authorisation should be cancelled using the procedure described below. A review form is attached. Officers in charge of investigations will be required to keep a record of these reviews and will submit a record of that review (normally by email) to the Monitoring Officer to be held centrally. 

7.4 Renewals 

A renewal of an authorisation can be made shortly before it expires and must be done on the form attached. The original should be kept on the case file and a copy passed to the Monitoring Officer for retention centrally. When considering whether to grant a renewal of an authorisation the Authorising Officer will consider the same factors outlined at 5 above. All renewals must be subject of an application to the Magistrates’ Court in line with the procedure at 7.2 above. 

7.5 Cancellations 

The Authorising Officer who last granted or renewed the authorisation must cancel it if s/he is satisfied that the directed surveillance no longer meets the criteria for authorisation. A cancellation should be made on the form attached. The original should be retained on the case file and a copy passed to Legal Services for retention centrally. 

Authorisations, renewals and cancellations are subject to monitoring on an annual basis by the Monitoring Officer as to validity under the Act and the Code. 

7.6 Audit 

At the end of each calendar year each of the Authorising Officers referred to at 4 must provide the Monitoring Officer with a list of all directed surveillance authorised by them throughout that year or provide written and signed confirmation that no such surveillance has been authorised by them    

8.0 Miscellaneous points

8.1 Material obtained from covert surveillance ("product") 

Material produced as a result of covert surveillance will be secured and transported securely. Where the product obtained is to be used in criminal proceedings the Council must comply with the provisions of the Police and Criminal Evidence Act 1984. In all other cases the treatment of product must follow Council's guidelines on access, retention and storage as set out in the Data Protection Policy. 

8.2 CCTV 

The Act and the Code will not usually apply to use of an overt CCTV system because the public are aware that the system is in use. However there are circumstances where the system is used for the purposes of a specific operation or investigation and in these circumstances an authorisation will be required. If the police assume operational control of the system an authorisation complying with their own procedures must be supplied to the Council. Further information in respect of these procedures can be found in the Council's CCTV Code of Practice, which has been produced in conjunction with Essex Police. 

9.0 Social media

With the increasing use of social media there is a significant amount of information on an individual’s social networking pages. This information might be relevant to an investigation being undertaken by the Council. However, unguided research into the sites of suspects could fall within the remit of RIPA and therefore require authorisation prior to it being undertaken. You should therefore seek advice from Legal Services prior to undertaking any investigation using social networking sites.  

Where privacy settings are available but not applied the data available on Social Networking Sites may be considered ‘open source’ and an authorisation is not usually required. However, privacy implications may still apply even if the subject has not applied privacy settings (section 3.13 of the Code). 

Repeat viewing of ‘open source’ sites, however, may constitute directed surveillance on a case by case basis and this should be borne in mind e.g. if someone is being monitored through, for example, their Facebook profile for a period of time and a record of the information is kept for later analysis, this is likely to require a RIPA authorisation for directed surveillance. 

To avoid the potential for inadvertent or inappropriate use of social network sites in investigative and enforcement roles, Officers should be mindful of any relevant guidance and the Council’s separate Use of Social Media in Investigations Policy and Procedure attached at Annex 1 of this Policy. 

10.0 Training

The Council will ensure that the Officers who are authorising directed surveillance are appropriately trained.  

All Authorising Officers and those routinely engaged in directed surveillance have been provided with this guidance, have access to the Code and the standard forms. 

This Code of Practice and the standard forms are available in electronic format on the Council’s intranet, COLIN. 

11.0 General best practice

The following guidelines are considered as best working practices by all public authorities with regard to all applications for authorisations covered by the Code: 

• applications should avoid any repetition of information; 
• information contained in applications should be limited to that 

required by the relevant legislation; 

• an application should not require the sanction of any person in the Council other than the Authorising Officer; 
• where it is foreseen that other agencies will be involved in carrying out the surveillance, these agencies should be detailed in the application; 
• authorisations should not generally be sought for activities already authorised following an application by the same or a different public authority. 

12.0 Senior responsible officer

The Council’s nominated Senior Responsible Officer in accordance with the Code is Andrew Weavers, Monitoring Officer who will be responsible for: 

• the integrity of the process in place within the Council to authorise directed surveillance 
• compliance with Part II of the Act, the Code and the Guidance 
• engagement with the Investigatory Powers Commissioner’s Office and inspectors when they conduct their inspections, and where necessary, overseeing the implementation of any post inspection action plans recommended or approved by a Commissioner 
• assurance that all authorising officers are of an appropriate standard in light of any recommendations in the inspection reports prepared by the Investigatory Powers Commissioner’s Office 
• supervising the maintenance of records

13.0 Communications data

Before considering submitting an application for the acquisition of communications data, all officers must first refer the matter to the Senior Responsible Officer. 

Communications Data is the ‘who’, ‘when’ and ‘where’ of a communication, but not the ‘what’ (i.e. the content of what was said or written).  Local Authorities are not permitted to intercept the content of any person’s communications. 

Part 3 of the Investigatory Powers Act 2016 (IPA) replaced part 1 chapter 2 of the Act in relation to the acquisition of communications data and puts local authorities on the same standing as the police and law enforcement agencies. Previously local authorities have been limited to obtaining subscriber details (known now as “entity” data) such as the registered user of a telephone number or email address. Under the IPA, local authorities can now also obtain details of in and out call data, and cell site location. This information identifies who a criminal suspect is in communication with and whereabouts the suspect was when they made or received a call, or the location from which they were using an Internet service. This additional data is defined as “events” data. 

A new threshold for which communications data “events” data can be sought has been introduced under the IPA as “applicable crime”. Defined in section 86(2A) of the IPA this means: an offence for which an adult is capable of being sentenced to one year or more in prison; any offence involving violence, resulting in substantial financial gain or involving conduct by a large group of persons in pursuit of a common goal; any offence committed by a body corporate; any offence which involves the sending of a communication or a breach of privacy; or an offence which involves, as an integral part of it, or the sending of a communication or breach of a person’s privacy.  

Further guidance can be found in paragraphs 3.3 to 3.13 of the Communications Data Code of Practice published on the Home Office website:  

Communications Data Code of Practice (PDF)

The IPA has also removed the necessity for local authorities to seek the endorsement of a Justice of the Peace when seeking to acquire communications data. All such applications must now be processed through the National Anti-Fraud Network (“NAFN”) and will be considered for approval by the independent Office of Communication Data Authorisation (“OCDA”). The transfer of applications between local authorities, NAFN and OCDA is all conducted electronically and will therefore reduce what can be a protracted process of securing an appearance before a Magistrate or District Judge (see local authority procedures set out in paragraphs 8.1 to 8.7 of the Communications Data Code of Practice). 

14.0 Complaints

The Act, the Code and the Guidance are subject to monitoring by the Investigatory Powers Commissioner’s Office. Any complaints regarding use of surveillance powers should be dealt with initially through the Council’s Complaints and Compliments Procedure. If this does not result in a satisfactory outcome for the complainant then they should be referred to: 

The Investigatory Powers Tribunal
PO Box 33220
London SW1V 9QZ

Telephone: 0207 035 3711 
www.ipt-uk.com

15.0  Queries about this Code of Practice

Any queries regarding this Code of Practice should be referred to the Monitoring Officer, Andrew Weavers on 01206 282213 or by email at andrew.weavers@colchester.gov.uk