Open navigation
Search
Search
All expertise
Explore our breadth of expertise.
International Desks
Helping you access overseas markets with support from our country and region-specific experts
Sectors View all
Practice Areas View all
Offices
Discover the scope of our presence in the jurisdiction.
Global Reach
Learn about our capabilities beyond borders.
CMS United Kingdom
All insights
Leverage our expert analysis, intelligence and thought leadership for your strategic advantage.
Personalised updates
Receive tailored insights and intelligence that apply directly to your business.
Topics in focus View all
Insights by type
CMS Spotlight: join our events and webinars!
CMS News
Stay up to date with our growth, evolution and our many successes.
CMS Press Office
Contact us
For all general enquiries.
About CMS
CMS Careers

Select your region

International Europe Africa Asia-Pacific The Americas Middle East
Legal Update

Access to communications data by public authorities

21 May 2003 United Kingdom 4 min read

We live in what has been described as an "information age" where the rapid development and wide availability of communications technology has resulted in an increase in the amount of data that is created, processed and stored about individuals. Given the explosion of data creation and processing, it is now even more important to ensure that the right balance is struck between an individual's right to privacy and the rights of a public authority to access information in order to perform its functions and to detect, investigate and prevent crime.

A public authority can obtain or disclose information to the extent that it has statutory or common law powers to do so and the regulation of such powers can be found in legislation such as the Regulation of Investigatory Powers Act 2000 ("RIPA"), the Human Rights Act 1998 and the Data Protection Act 1998.

RIPA makes provision for the lawful interception of communications, access to communications data, covert surveillance and access to protected electronic data. Chapter II of Part I of RIPA provides a statutory framework for public authorities to request communications data from any provider of communication services. Communications data includes information about a communication (for example, the sender and recipient of a communication), information about the use of a communications service (for example, itemised telephone records, details of the timing and duration of calls and records of postal services provided) and information about the subscriber of a communications service (for example, address and account information of subscribers) but it does not include the contents of a communication.

RIPA defines a list of authorities (primarily law enforcement and intelligence agencies) that Parliament agrees should have lawful access to communications data. In June 2002, secondary legislation was introduced into Parliament which allowed an increased number of public authorities access to communications data held by communication service providers. The introduction of the secondary legislation caused substantial criticism from the public and interested parties and was promptly withdrawn. In particular, the secondary legislation exposed communication service providers to complying with requests for information from a wide range of public authorities. The government has decided to consult widely before returning to Parliament with any new proposal for the legislation.

The government has proposed two main options for determining whether a public authority should be permitted access to communications data.

The restricted access and double lock option

The first option will allow a public authority access to communications data when there is a necessary and proportionate requirement. Public authorities could be restricted to accessing data for specific statutory purposes only and such purposes could be limited by allowing access only for purposes relating to the public authority's specific function. The restriction could also extend to the types of data that a public authority can access. The government has proposed restricting access by purpose and data type as discussed above together with additional safeguards (a double lock on access to data) of any one of the following methods:

  • Requiring written authorisation by a member of the judiciary
  • Prior approval by an independent third party where the third party could assess the consideration of necessity and proportionality and make a judgement whether or not the public authority should proceed with the required access
  • Requiring the police to make requests and conduct investigations on behalf of public authorities
  • A certification scheme for public authorities which would provide a positive public statement that each public authority was meeting required standards.

The short list option

The second option requires the creation of a short list which would restrict access to communications data to police bodies and other emergency services.

The public and interested parties will lobby to ensure that the Government strikes the right balance between the privacy of an individual and protecting the public from crime. Communication service providers will need to closely follow the implementation of any legislation resulting from the consultation process as such legislation will affect the range of public authorities that may request access to communications data from the service providers.

The Consultation Paper on access to communications data can be found at: http://www.homeoffice.gov.uk/ripa/part1/consult.htm.

The consultation period will close on 3rd June 2003.

More insights
Banking & Finance Financial Services Professionals Pension Professionals Financial Institutions Accountants & Actuaries Defendant Personal Injury Consumer Products Manufacturing Food & Drink Retail Energy & Climate Change Oil & Gas Power Projects Mining and Minerals Water Healthcare Healthcare, Social Care and Life Sciences Life Sciences & Healthcare Hospitality, Travel & Leisure Infrastructure & Projects Cyber Insurance Brokers Solicitors Surveyors Technology Reinsurance Warranty & Indemnity Liability Other Classes Fine Art, Specie and Jewellers' Block Trade Credit and Political Risk Practice Title Indemnity Aviation Construction & Energy Construction CAR/EAR Energy Property Directors’ & Officers’ Liability Marine Professional Negligence Construction PI Insurance Education Private Equity Real Estate Construction & Engineering TMT - Technology, Media & Telecommunications Communications Data Protection & Freedom of Information Media Technology

Explore more

Expert Guide International

CMS Expert Guide for taking security in England and Wales

25 min read
Publication United Kingdom

Security Action for Europe: legal architecture, implementation and private capital’s opening

23 Mar 2026 5 min read
Event United Kingdom

Cross-Border Financial Services 2026 webinar series

05 May 2026
Back to top Back to top
You will now find all Law-Now content on CMS.law
Explore more
Law-Now, RegZone, LEXplicite and Blogtt have moved to CMS.law. Law-Now has moved to CMS.law. RegZone has moved to CMS.law. LEXplicite has moved to CMS.law. Blogtt has moved to CMS.law.
Learn more Learn more Learn more Learn more
If you want to use third party tools, please enable personalisation cookies as part of your cookie preferences. You can change this setting at any time via the button below or in our Cookie Notice.