First Previous (PART 6 Amendment of Other Acts) Next (PART 8 European Arrest Warrant)

2 2005

Criminal Justice (Terrorist Offences) Act 2005

PART 7

Communications Data

Interpretation of this Part.

61. —(1) In this Part—

“Act of 1993” means the Interception of Postal Packets and Telecommunications Messages (Regulation) Act 1993 ;

“aggregated data” means data that cannot be related to individual subscribers or users;

“data” means communications data;

“data retention request” means a request made under section 63 for the retention of traffic data or location data or both;

“designated judge” means the person designated under section 8 of the Act of 1993;

“Directive” means Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and protection of privacy in the electronic communications sector;

“disclosure request” means a request under section 64 for the disclosure of traffic data or location data retained in accordance with section 63 (5);

“Garda Commissioner” means the Commissioner of the Garda Síochána;

“processing” has the same meaning as in the Data Protection Acts 1988 and 2003;

“Referee” means the holder of the office of Complaints Referee under the Act of 1993;

“service provider” means a person who is engaged in the provision of a publicly available electronic communications service by means of fixed line or mobile telephones.

(2) A word or expression that is used but not defined in this Part and is defined in the Directive has the same meaning in this Part as in the Directive.

Application of this Part.

62. —This Part applies to data relating to communications transmitted by means of a fixed line or mobile telephone, but it does not apply to the content of such communications.

Retention of traffic and location data relating to communications by phone.

63. —(1) Subject to subsections (2) and (4), the Garda Commissioner may request a service provider to retain, for a period of 3 years, traffic data or location data or both for the purposes of—

(a) the prevention, detection, investigation or prosecution of crime (including but not limited to terrorist offences), or

(b) the safeguarding of the security of the State.

(2) The data retention request must be made in writing.

(3) Traffic data and location data that are in the possession of a service provider on the passing of this Act and that were retained by the service provider for the purposes specified in subsection (1) are deemed to have been the subject of a data retention request, but only if the 3 year retention period for the data has not elapsed before the passing of this Act.

(4) For the purposes of this Part, the 3 year retention period begins—

(a) in the case of traffic data or location data referred to in subsection (3), on the date before the passing of this Act on which the data were first processed by the service provider, or

(b) in the case of any other traffic data or location data, on the date on or after the passing of this Act on which the data were first so processed.

(5) Notwithstanding any other enactment or instrument, a service provider shall retain, for the purposes and the period specified in subsection (1), the data specified in a data retention request made to the provider.

(6) Nothing in this section shall be taken as requiring a service provider to retain aggregated data or data that have been made anonymous.

Access to data retained for law enforcement and security purposes.

64. —(1) Subject to subsection (7), a service provider shall not access data retained in accordance with section 63 (5), except—

(a) at the request and with the consent of the person to whom the data relate,

(b) for the purpose of complying with a disclosure request under subsection (2) or (3) of this section,

(c) in accordance with a court order,

(d) for the purpose of civil proceedings in any court, or

(e) as may be authorised by the Data Protection Commissioner.

(2) If a member of the Garda Síochána not below the rank of chief superintendent is satisfied that access to any data retained by a service provider in accordance with section 63 (5) is required for the purposes for which the data were retained, that member may request the service provider to disclose the data to the member.

(3) If an officer of the Permanent Defence Force not below the rank of colonel is satisfied that access to any data retained by a service provider in accordance with section 63 (5) is required for the purpose of safeguarding the security of the State, that officer may request the service provider to disclose the data to the officer.

(4) A disclosure request must be made in writing, but in cases of exceptional urgency the request may be made orally (whether by telephone or otherwise) by a person entitled under subsection (2) or (3) to make the request.

(5) A person who makes a disclosure request orally must confirm the request in writing to the service provider within 24 hours.

(6) A service provider shall comply with a disclosure request made to the service provider.

(7) Where all or part of the period specified in a data retention request coincides with the period during which any of the data specified in the request may, in accordance with law, be processed for purposes other than those specified in the request, this section does not prevent that data from being processed for those other purposes.

Complaints procedure.

65. —(1) A person who believes that data that relate to the person and that are in the possession of a service provider have been accessed following a disclosure request may apply to the Referee for an investigation into the matter.

(2) If an application is made under this section (other than one appearing to the Referee to be frivolous or vexatious), the Referee shall investigate—

(a) whether a disclosure request was made as alleged in the application, and

(b) if so, whether any provision of section 64 has been contravened in relation to the disclosure request.

(3) If, after investigating the matter, the Referee concludes that a provision of section 64 has been contravened in relation to the disclosure request, the Referee shall—

(a) notify the applicant in writing of that conclusion, and

(b) make a report of the Referee's findings to the Taoiseach.

(4) In addition, in the circumstances specified in subsection (3), the Referee may, if he or she thinks fit, by order do either or both of the following:

(a) direct the destruction of the relevant data and any copies of the data;

(b) make a recommendation for the payment to the applicant of such sum by way of compensation as may be specified in the order.

(5) If, after investigating the matter, the Referee concludes that no provision of section 64 has been contravened, the Referee shall notify the applicant in writing to that effect.

(6) A decision of the Referee under this section is final.

(7) For the purpose of an investigation under this section, the Referee is entitled to access to and has the power to inspect any official documents or records relating to the relevant application.

(8) Any person who was concerned in, or has information relevant to, the making of a disclosure request in respect of which an application is made under this section shall give the Referee, on his or her request, such information relating to the request as is in the person's possession.

Amendment of section 8 of Act of 1993.

66. —Section 8 of the Act of 1993 is amended by substituting the following subsections for subsection (1):

“(1) The President of the High Court shall from time to time after consulting with the Minister invite a person who is a judge of the High Court to undertake (while serving as such a judge) the duties specified in this section and section 67 of the Criminal Justice (Terrorist Offences) Act 2005 and, if the invitation is accepted, the Government shall designate the judge for the purposes of this Act and the Criminal Justice (Terrorist Offences) Act 2005.

(1A) Subsection (1) does not affect the functions of the Data Protection Commissioner under section 10 of the Data Protection Act 1988 .”.

Duties of designated judge in relation to this Part.

67. —(1) In addition to the duties assigned under section 8 of the Act of 1993, the designated judge shall—

(a) keep the operation of the provisions of this Part under review,

(b) ascertain whether the Garda Síochána and the Permanent Defence Force are complying with its provisions, and

(c) include, in the report to the Taoiseach under section 8(2) of the Act of 1993, such matters relating to this Part that the designated judge considers appropriate.

(2) For the purpose of carrying out the duties assigned under this section, the designated judge—

(a) has the power to investigate any case in which a disclosure request is made, and

(b) is entitled to access to and has the power to inspect any official documents or records relating to the request.

(3) Any person who was concerned in, or has information relevant to, the preparation or making of a disclosure request shall give the designated judge, on his or her request, such information relating to the request as is in the person's possession.

(4) The designated judge may, if he or she considers it desirable to do so, communicate with the Taoiseach or the Minister concerning disclosure requests and with the Data Protection Commissioner in connection with the Commissioner's functions under the Data Protection Acts 1988 and 2003.