Data assurance

Data assurance refers to the process that ensures appropriate safeguards are in place for all data derived from the use of investigatory powers. Specific data assurance inspections commenced in 2019 after compliance issues were identified in MI5. This is an important area of work and has implications for all authorities we oversee.

Our methodology is flexible and takes a risk-based approach due to the scale of activity we oversee. To assist with our planning, the authorities subject to our oversight were separated into three groups:

Group 1: law enforcement agencies and the intelligence agencies

Group 2: wider public authorities grouped by available powers

Group 3: local authorities and those public authorities with similar powers

Group 1 comprises typically high-volume users of a wide range of powers, including those authorised under the Investigatory Powers Act, so investigating potential non-compliance at these organisations is a priority.

Group 3 are typically low-volume users and in many cases are not currently obtaining any data under their powers. It is right, therefore, that we take a proportionate approach to our investigations.

We will provide an update on this in our 2020 Annual Report, due to be published later this year.

Have a question?

Send us a message and we will get in touch as soon as possible

Get in touch

Follow us on Twitter to keep up to date with IPCO

Check our FAQs for answers to commonly asked questions

Read our FAQs