Tag: article 8

DNA Database – The Age of Innocence

Posted on | by Anya Proops KC

The Government has today proposed new rules for the retention of DNA profiles and fingerprints on the police national DNA database.  The proposals, which are made in the context of a public consultation process (‘Keeping the Right People on the DNA Database’), come in the wake of the Marper judgment (4 December 2008). In Marper, the ECtHR held that a blanket policy under which fingerprints, cellular samples  and DNA profiles were indefinitely retained by the police constituted a disproportionate and, hence, unlawful interference with Article 8 rights to privacy. The new proposed rules aim to circumvent the problems posed by having a blanket indefinite retention policy by varying the length of time that data can be retained depending in the innocence of the suspect and the severity of the crime in respect of which they were arrested. Thus, the DNA profiles and fingerprints of individuals who are arrested but not convicted in respect of minor offences will be destroyed after a period of six years; individuals who are arrested but not convicted for more serious violent and sexual offences and terrorism-related offences will have to wait twelve years for their DNA profiles and fingerprints to be destroyed; individuals who are convicted of an imprisonable offence will have their DNA profiles and fingerprints retained indefinitely. The proposals have received a rebarbative response from civil liberties campaigners, many of whom had expected the Government to destroy some 850,000 DNA profiles, fingerprints and samples in response to the Marper judgment. Of course, the question has to be posed whether it can ever be a proportionate interference with privacy rights to retain data in respect of individuals whose guilt was never established in respect of the offence for which they were arrested and who must, in the circumstances, be deemed innocent. The Government’s answer to this question appears to be that the interference is justified because: (a) criminology research suggests that, over time, the retained data can be used to convict those ostensibly innocent individuals of subsequent crimes; and (b) accordingly, retention of the data will constitute a vital weapon in the fight against crime. The presumption underlying this answer appears to be that, in a statistically significant number of cases, individuals who appear to be innocent in respect of one crime are in fact destined to go on to commit crimes in the future, such that it is legitimate for their data to be retained for a relatively substantial period of time (either six or twelve years). Whilst the more nuanced approach to the retention of DNA profiles may be relatively well placed to survive a legal challenge in the domestic courts (see further the House of Lords judgment in Marper [2004] UKHL 39, [2004] 1 WLR 2196), it remains to be seen whether the ECtHR would regard that approach as falling within the four corners of the justification defence under Article 8(2).

Super Database – Not so Super After All

Posted on | by Anya Proops KC

The Home Secretary has this week announced that proposals to create a State run super database, which would track everyone’s use of email, internet and text messages, have been scrapped. The announcement is hardly surprising. It was always going to be difficult to persuade the public that such a database could be kept secure, particularly in light of recent high profile controversies about large scale losses of electronic personal data by government agencies. Moreover, allowing the State to develop such a vast single repository of electronic communications data was always going to raise questions as to whether the resulting interference with private rights was proportionate and was otherwise consistent with the State’s obligations under the Data Protection Act 1998. The Government has now issued a consultation paper on new plans to allow telecommunications companies to retain the communications data for a period of 12 months. See further the Home Secretary’s Ministerial Statement.

Rethinking RIPA

Posted on | by Anya Proops KC

On 17 April 2009, the Home Office launched a consultation on plans to stop investigatory powers being used under the Regulation of Investigatory Powers Act (RIPA) for trivial purposes. It seeks views on questions including: which public authorities should be able to authorise key investigatory techniques, for example, the use of communications data or covert surveillance in public places under RIPA; the purposes for which these investigatory techniques should be used; the option of raising the rank of the local authority employee authorising the use of investigatory techniques to senior executive; and whether elected councillors should play a role in the authorisation. The consultation follows on from a spate of public outcrys about the use of surveillance powers by public authorities, including not least the use of covert cameras by local authorities to watch how residents use their rubbish bins and the use of covert surveillance techniques to track a family which the local authority suspected may be living outside the local school catchment area. The issue of how the investigatory powers available under RIPA should be used is particularly current in view of the recent controversy over techniques used by the police to photograph protesters, many of whom it is argued are merely peaceful demonstrators.

Google’s Streetview – ICO Responds

Posted on | by Anya Proops KC

The launch of Google’s Streetview service in March 2009 sparked considerable debate within the British media. Privacy campaigners criticised the intrusive nature of the service, which enables internet users to access 360 degree views of people, homes, cars and streets in 25 of Britain’s cities. It would appear that the Information Commissioner has now had his say on the matter. According to an article published in yesterday’s Observer newspaper, the Information Commissioner rejected a complaint brought by Privacy International which challenged the legality of the service. Notably, the Observer reports that the Commissioner dismissed the suggestion put forward by Privacy International that consent should have been sought from individuals whose image was captured in the pictures shown by Streetview. He apparently compared the Streetview service with images of individuals broadcast during televised football matches, where similarly consent would not be sought. Of course, Streetview is not the only part of Google’s operations which have given rise to privacy concerns. Not least in recent weeks, concerns have been raised about another Google innovation, which enables advertisers to target adverts on individual Google users by relying on  site-visit profiles developed by Google. The so-called behavioural targeting system enables Google to build up a profile of the internet sites visited by a particular user when using the Google search engine. The profile is then used as a basis for indicating what advertising the user may be interested in. Concerns expressed about the new system have included that individuals are not asked whether they wish to receive targeted advertising and, further, that the right to opt out of the system is not adequately advertised to users.

Guardian article on Streetview:

https://www.guardian.co.uk/technology/2009/apr/12/google-street-view-privacy

Channel 4 report on Behavioural Targetting System

https://www.channel4.com/news/articles/science_technology/how+google+adverts+got+personal/3076122

The Age of Internet Surveillance

Posted on | by Anya Proops KC

With effect from today, all UK internet service providers (“ISP”) will be required to retain data relating to every email which is sent and every online telephone call which is made using their services. The data, which must be stored by ISPs for 12 months, will not include the content of the email or the call. It will however include the date, time, duration and routing of the online communication as well as information as to the internet subscriber or user. The obligation to retain this data is imposed under the Data Retention (EC Directive) Regulations 2009 (“the Regulations”). The regulations were enacted in order to bring into effect the provisions of the Data Retention EU Directive 2006/24/EC. The Directive was itself enacted in response to concerns that a lack of consistency of approach to data collection across Europe, particularly in the field of internet communications, was hampering the fight against crime, including international terrorism. The effect of the Regulations, which come into force today, is that the data retention principles which already apply to telecoms providers under the Data Retention (EC Directive) Regulations 2007 will now also apply to internet providers. As well as retaining the communications data, the internet service provider must afford access to particular data where they are required to do so by law (regulation 7). They must also abide by certain principles relating to the protection and security of the data (regulation 6).

A suitable case for recruitment

Posted on | by Timothy Pitt-Payne KC

 Information law overlaps with employment law in two main ways, in relation to employment vetting and employment monitoring. Broadly speaking vetting is about the enquiries that an employer can make before recruitment, and monitoring is about checking on the performance and behavior of existing employees.

 
The legal framework for employment vetting is changing radically, as the Safeguarding Vulnerable Groups Act 2006 is brought into force. The Act implements the Bichard Report, which followed an inquiry into the notorious 2002 Soham murders. It establishes a new vetting and barring scheme for those working with children or vulnerable adults, to be operated by a statutory body called the Independent Safeguarding Authority (ISA).

 
With effect from 20th January 2009, the ISA was given responsibility for decision-making under the 3 existing employment barring lists: the education list, (popularly known as “List 99”), the PoCA list (for those working with children) and the PoVa list (for those working with vulnerable adults). As from 12th October 2009 these 3 lists will be replaced by two new lists introduced by section 2 of the 2006 Act and maintained by the ISA –  the children’s barred list and the adults’ barred list.  Employers, social services and professional regulators will have a duty to share information with the ISA. From July 2010, new entrants to roles working with vulnerable groups and those switching jobs within the sector will be able to register with the ISA, and employers will be able to check registration status online. The legal requirement for new entrants and those moving jobs to register with the ISA, and for employers to check on their status, will come into force by November 2010. The intention is to bring the whole of the existing workforce into the scheme by 2015.

 
I will be delivering a paper about employment vetting at the Local Government Group conference on 29th April, and the paper will be available on 11KBW’s website after the conference.  For consideration of whether the existing PoVA list is compatible with articles 6 and 8 of the European Convention on Human Rights, see R (ota Wright) v Secretary of State [2009] UKHL 3.  For the timetable for implementing the 2006 Act, see here and here.