The case involved Suffolk police and ISP ntl. Ntl had received notification from police that they were applying for access to all information relating to a particular e-mail address over a 10-day period, stored in the company’s electronic retrieval systems.
The notification warned ntl, which maintained a server for ISP Virgin, that it should not “conceal, destroy, alter or dispose of” the material involved, except with judicial or police permission.
The company’s systems automatically destroy e-mails shortly after they have been accessed by the recipient. The only way to keep the information sought would be to intercept e-mails. Ntl argued that compliance with the notice would infringe the Regulation of Investigatory Powers Act of 2000 (RIPA) and applied to the Crown Court for permission to delete or dispose the electronic data in question.
The court rejected the application, saying that the interception and retention of the e-mails was lawful. This is because the police notified ntl that they were applying for a special production order under the 1984 Police and Criminal Evidence Act (PACE). Therefore, ntl had implicit “lawful authority” to intercept and retain the e-mails.
The High Court decision said: “If [ntl] was not in a position to take that action without committing an offence, it would mean that the [PACE provisions] would be almost totally worthless.”
Fiona Caskey, an information and technology lawyer with Masons, the firm behind OUT-LAW.COM, said:
“This further illustrates the trend towards erosion of privacy, allowing as it does implicit powers to override explicit provisions which make it an offence to intercept communications. It creates further uncertainty for organisations in interpreting RIPA, which has been widely criticised in the two years since it came into force.
“It is not hard to see how similar arguments might be run in relation to the Data Protection Act, under which a statutory power provides lawful grounds for processing personal data. It has generally been assumed to date that organisations would require an explicit statutory power to be able to rely on this ground for lawful processing."