The draft RIP (Maintenance of Interception Capability) Order of
2002 only applies to those who “intend” to provide a public
telecommunications service – including mobile phone operators and
ISPs – to more than 10,000 persons in the UK. It also applies to
postal services.
A notable exclusion from the draft Order is any business that
provides "a public telecommunications service in relation to the
provision of banking, insurance, investment or other financial
services."
The Secretary of State has the power to give any service
provider caught by the Order a notice requiring it to maintain an
interception capability. The service provider then has a period of
28 days in which to seek help from the Technical Advisory Board, a
body provided for by the RIP Act but yet to be established.
Another draft Order, the RIP (Communications Data: Additional
Public Authorities) Order of 2002, also published this month,
controversially extended the list of bodies that have authority to
access the personal information that flows through ISPs and telcos.
If passed, local councils, the NHS and even the Post Office will
have authority to obtain interception warrants.
Under the Maintenance of Interception Capability rules, when a
service provider is informed that the interception of an individual
or business has been “appropriately authorised,” it has just one
working day in which to begin interceptions of all communications
and related communications data authorised by the interception
warrant and “to ensure their simultaneous (i.e. in near real time)
transmission to a hand-over point within the service provider’s
network as agreed with the person on whose application the
interception warrant was issued.”
Among other obligations, the service provide must ensure:
- “filtering to provide only the traffic data associated with the
warranted telecommunications identifier, where reasonable”;
- that its system can cope with the simultaneous interception of
the communications of up to 1 in every 10,000 users;
- that the reliability of its interception capability is at least
equal to the reliability of its main service provision; and
- "that the intercept capability may be audited so that it is
possible to confirm that the intercepted communications and related
communications data are from, or intended for the interception
subject, or originate from or are intended for transmission to, the
premises named in the interception warrant.”
See:
Disclaimer: We hope you find OUT-LAW’s content useful. It’s prepared by the lawyers at Pinsent Masons. Please remember, though, that it’s intended as general information only. It’s not legal advice. If that’s what you’re seeking, please
contact us. See also: our
full disclaimer
