The retention of, and ability to access, communications data is an essential tool for intelligence and law enforcement agencies. The Government is committed to ensuring that our investigatory powers legislation is compliant with EU law.
The Government gave careful consideration to judgments by the European Court of Justice and the domestic Courts, implementing changes to UK law to ensure our communications data regime was compliant, while still ensuring our intelligence and law enforcement agencies have the powers they need to solve crimes, catch child sexual offenders and protect the public.
After consulting widely on our proposed changes and following scrutiny by both Houses of Parliament, the Government passed the Data Retention and Acquisition Regulations in October 2018 which introduced a serious crime threshold for acquiring events communications data.
In deciding on the definition of serious crime in the context of communications data, the Government fully considered the intrusiveness of the power.
This approach is consistent with EU case law, which states that the offence must be serious to justify a serious level of intrusion involved in accessing communications data. The Government’s approach reflects this level of intrusion. Events data is more intrusive than entity data and therefore a higher threshold must apply, but it is not as intrusive as interception powers, which can only be acquired if the definition of seriousness set out at section 263 of the Investigatory Powers Act is met.
The approach taken by the Regulations seeks to reflect the fact the level of intrusion will vary depending on the data sought and the circumstances of the case while also establishing a clear bar below which the acquisition of the more intrusive communications data is prohibited.