Home Office Statement (PDF)

RIPA provides the statutory framework which governs the interception of communications. There are a number of circumstances in which lawful interception may take place and these fall into two categories: warranted interception, which can only take place with the authority of the Secretary of State, and interception that may be lawful without a warrant.

The changes to ‘consent’ touch on interception that may be lawful without warrant. Communication service providers may lawfully intercept in accordance with section 3(3) of RIPA, for example to manage their networks, and under section 4(2) of RIPA and the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000.

Where businesses choose to carry out interception to provide value added services, which are at the discretion of service providers, section 3(1) of RIPA requires the consent of both the sender and the intended recipient of the intercepted communication.

Under Article 15a of the E-Privacy Directive penalties for breaches in this area should be ‘effective, proportionate and dissuasive’. The maximum penalty set out in the legislation that the government is bringing forward is now £50,000. The new sanction applies to acts of unlawful interception that fall short of those requiring the requisite intent under section 1 and effectively captures unintentional acts.

The statutory amendments will be supplemented by guidance provided by the Office of the Interception of Communications Commissioner [OICC]. The guidance will cover, amongst other things, the circumstances in which the Commissioner considers it appropriate to issue a monetary penalty notice, how the Commissioner will determine the amount of the penalty, when it would be appropriate to impose an enforcement obligation, and the mechanisms for the handling of complaints about unlawful interception under these Regulations.