The Interception of Communications Commissioner's Office has issued a report which claims that multiple mistakes were made by security services in 2015 with intercepted communications data, which led to 17 wrongful arrests.
Sir Stanley Burnton, the Interception of Communications Commissioner, described a 20 percent rise in errors made by security services since the previous year. .
The report claims that a range of errors were committed, including “over-collection and unauthorised selection or examination of material to the interception of the wrong communications identifier or failure to cancel an interception”.
The report says 145 public authorities had access to confidential data in 2015. Overall, 761,702 items of communications data were acquired by the security services in 2015. The report details how 1,119 errors were made by security services and their use of the data.
The items include personally identifiable information such as mobile or landline numbers, email addresses or bank or credit card details. A request for incoming and outgoing call data on a particular mobile phone over 30 days is counted as one item of data.
The report says the serious errors led to 17 cases in which people who were unconnected to a police investigation were either arrested or had their property searched that had nothing to do with the inquiry.
The watchdog found 23 cases involving serious errors, including nine “technical system errors” that led to 2,036 “erroneous disclosures”. The remaining 14 serious cases were the result of human error.
The Prime Minister, Theresa May, said in a written statement to the House of Commons, “Both reports contain details of the recommendations that the commissioners have made to continue to improve the way that these powers are used. The public authorities who have received these recommendations will be giving careful consideration to them and how to further improve their processes.”
Harmit Kambo, campaigns director at Privacy International told SCMagazineUK.com: “Overall we thought it's a good report, and IOCCO do good work in bringing these sorts of issues to light. Unfortunately we're still seeing major errors in the misuse of communications data and this can lead to serious and devastating consequences."
"Our personal data is incredibly sensitive, and it's worrying how much the police and security services downplay the significance of the personal sensitivity of our communications data, when as we can see in the report, an IP address can used to wrongly arrest a person in relation to a serious crime.”
Kambo went on to explain: “To make wrongful arrests based on this kind of data is very serious, and we should always hold our public bodies accountable. This is not something which we should just accept. We would like to see these kind of errors reduced, as it's not acceptable for innocent people to be accused of crimes that they are not in anyway involved in, just because a piece of data implicates them in some way.”
“Unfortunately, the Investigatory Powers Bill fails to provide better safeguarding, oversight and authorisation so we are concerned that serious errors will either not be prevented in the first place, or not picked up when they do occur, or individuals and agencies won't be held properly accountable for their actions.”