Watchdog Finds UK Cops Snooped on Journalists' Sources Without Approval

UK police acquired data to identify or determine journalistic sources without seeking judicial approval four times in 2015, according to a report from an independent oversight body published on Thursday.

In March 2015, a change was made to the law requiring all UK law enforcement agencies to seek authorisation when applying for communications data to identify or determine a journalistic source. But since that time, the Interception of Communications Commissioner's Office (IOCCO) found four cases where no authorisation was sought.

"In some of these cases the conduct took place on the day after the Code of Practice came into force or shortly thereafter," the annual report, which scrutinises UK public bodies' interception and acquisition of communications data, reads.

IOCCO is a body responsible for oversight of the UK's interception powers, and is independent from the government and parliament. After IOCCO published a separate investigation into UK police forces' acquisition of communications data to unveil journalists' sources in February 2015, a provision to the Code of Practice was added, designed to protect the confidentiality of journalistic sources.

"In all but one of these cases the Commissioner determined that although the conduct was serious it was not wilful or reckless and it did not adversely affect any individual significantly," the report continues.

The case determined as reckless was Police Scotland's surveillance of a journalist investigating a botched murder case. In August, former police officer turned journalist Gerard Gallacher was awarded £10,000 in damages, after detectives collected the phone records of Gallacher and two police officers suspected of leaking information.

IOCCO notes in its new report that, "A lack of unity in the language of the Code of Practice creates opportunities for different interpretations. This could lead to circumstances where two applications facing exactly the same investigative issues adopt different approaches."

Breaches around journalistic sources make up a relatively small part of the overall errors identified by IOCCO during 2015. Other, more common examples include public authorities applying for data with the incorrect communications address or for the wrong time period.

According to the report, IOCCO investigated 23 serious errors during 2015, 14 of which were human mistakes and nine technical system errors. In all, 1,199 communications data errors were reported, IOCCO writes, an increase of 20 percent since 2014.

Want more Motherboard in your life? Then sign up for our daily newsletter.