New RIPA ammendment(s) probably coming in "autumn"

Nicholas Bohm nbohm at ernest.net
Mon, 29 Jul 2002 11:45:46 +0100 

At 19:03 28/07/2002 +0100, Roland Perry wrote:
>In message <20020728142325.7FB46C149@davros.tardis.ed.ac.uk>, James 
>Hammerton <james@tardis.ed.ac.uk> writes
>There's what the law says and there's what people can get away with
>>and the two are not the same. Firstly, the actual drafting (s 22(5) of
>>RIPA) is:
>>
>>"The designated person shall not grant an authorisation under
>>subsection (3) or give a notice under subsection (4) unless he
>>believes that obtaining the data in question by the conduct authorised
>>or required by the authorisation or notice is proportionate to what is
>>sought to be achieved by so obtaining the data."
>>
>>So it's not down to whether it is "proportionate" but whether the
>>official believes it to be so.
>
>Such is life. Is it hot today, or do I just believe it to be so? Every 
>judgement in law is made by a person, who needs to be persuaded to believe.

The subsection could have omitted the words in square brackets:

"The designated person shall not grant an authorisation under subsection 
(3) or give a notice under subsection (4) unless [he believes that] 
obtaining the data in question by the conduct authorised or required by the 
authorisation or notice is proportionate to what is sought to be achieved 
by so obtaining the data."

Obviously the person granting the authorisation would not do so without 
believing the condition was fulfilled, but that would then not by itself be 
enough to make the authorisation valid.  If its validity were subsequently 
challenged, it would have to be proved by the person seeking to uphold it 
that the conditions had been satisfied.  This would replace a subjective 
test with an objective one.

This approach presents a difficulty for a CSP presented with an order, 
since the CSP cannot know whether if challenged it would be upheld, a case 
much less likely to arise where the test is subjective (although it still 
could in a case where an authorisation was successfully challenged as 
having been issued in bad faith or without there being any reasonable 
grounds).  The answer would be to protect the CSP where it has acted in 
good faith in relying on an authorisation which it reasonably believed to 
be genuine.

The effect of a successful challenge would then be limited to preventing 
any use of the data unlawfully obtained, and (perhaps) some sanction on the 
wrongful authoriser.

I think we should in general argue for objective rather than subjective 
tests when dealing with proposed legislation.

Regards

Nicholas

Salkyns, Great Canfield,
Takeley, Bishop's Stortford CM22 6SX, UK

Phone   01279 871272    (+44 1279 871272)
Fax     01279 870215    (+44 1279 870215)
Mobile  07715 419728 (+44 7715 419728)

PGP RSA 1024 bit public key ID: 0x08340015.  Fingerprint:
9E 15 FB 2A 54 96 24 37  98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF.  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF