Part 3Authorisations for obtaining communications data

Targeted authorisations for obtaining data

62Restrictions in relation to internet connection records

1

A designated senior officer of a local authority may not grant an authorisation for the purpose of obtaining data which is, or can only be obtained by processing, an internet connection record.

2

A designated senior officer of a relevant public authority which is not a local authority may not grant an authorisation for the purpose of obtaining data which is, or can only be obtained by processing, an internet connection record unless condition A, B or C is met.

3

Condition A is that the designated senior officer considers that it is necessary, for a purpose falling within section 61(7), to obtain the data to identify which person or apparatus is using an internet service where—

a

the service and time of use are already known, but

b

the identity of the person or apparatus using the service is not known.

4

Condition B is that—

a

the purpose for which the data is to be obtained falls within section 61(7) but is not the purpose falling within section 61(7)(b) of preventing or detecting crime, and

b

the designated senior officer considers that it is necessary to obtain the data to identify—

i

which internet communications service is being used, and when and how it is being used, by a person or apparatus whose identity is already known,

ii

where or when a person or apparatus whose identity is already known is obtaining access to, or running, a computer file or computer program which wholly or mainly involves making available, or acquiring, material whose possession is a crime, or

iii

which internet service is being used, and when and how it is being used, by a person or apparatus whose identity is already known.

5

Condition C is that—

a

the purpose for which the data is to be obtained is the purpose falling within section 61(7)(b) of preventing or detecting crime,

b

the crime to be prevented or detected is serious crime or other relevant crime, and

c

the designated senior officer considers that it is necessary to obtain the data to identify—

i

which internet communications service is being used, and when and how it is being used, by a person or apparatus whose identity is already known,

ii

where or when a person or apparatus whose identity is already known is obtaining access to, or running, a computer file or computer program which wholly or mainly involves making available, or acquiring, material whose possession is a crime, or

iii

which internet service is being used, and when and how it is being used, by a person or apparatus whose identity is already known.

6

In subsection (5) “other relevant crime” means crime which is not serious crime but where the offence, or one of the offences, which is or would be constituted by the conduct concerned is—

a

an offence for which an individual who has reached the age of 18 (or, in relation to Scotland or Northern Ireland, 21) is capable of being sentenced to imprisonment for a term of 12 months or more (disregarding any enactment prohibiting or restricting the imprisonment of individuals who have no previous convictions), or

b

an offence—

i

by a person who is not an individual, or

ii

which involves, as an integral part of it, the sending of a communication or a breach of a person's privacy.

7

In this Act “internet connection record” means communications data which—

a

may be used to identify, or assist in identifying, a telecommunications service to which a communication is transmitted by means of a telecommunication system for the purpose of obtaining access to, or running, a computer file or computer program, and

b

comprises data generated or processed by a telecommunications operator in the process of supplying the telecommunications service to the sender of the communication (whether or not a person).