Surveillance court judges have today ruled that a police force’s use of spying powers on two former officers in a bid to find the source of information leaks to journalists was “unlawful”.
The Investigatory Powers Tribunal (IPT) judgment also said that two of the seven applications made under the Regulation of Investigatory Powers Act (RIPA) by Cleveland Police in 2012 “must be quashed”.
The panel of serving and former High Court judges added there had been “no consideration at all of the impact of Article 10 [of the European Convention on Human Rights on freedom of expression] by way of targeting the communications with journalists” in the RIPA applications.
The case against the force was brought by former Cleveland Police officers Mark Dias and Steve Matthews.
The pair argued police breached their right to privacy under Article 8 of the European Convention on Human Rights (ECHR) by covertly grabbing their phone records.
In one RIPA application, Cleveland Police accessed the phone records of Dias, Matthews, solicitor Alan Samuels, Northern Echo reporters Julia Breen and Graeme Hetherington and Daily Mirror journalist Jeremy Armstrong.
Armstrong’s mobile phone number was put next to the name of a third Echo reporter in what police have claimed was a “mistake” on the application, which they signed off themselves.
Following the Press Gazette Save Our Sources campaign of 2015, police applications to view telecoms made in order to identify a journalistic source must be signed off by a judge.
Cleveland Police told the IPT last month that it had applied to use surveillance powers following three successive leaks to the Echo made in April 2012.
These included information about an internal grievance report into the behaviour of a serving officer within the Professional Standards Unit, the existence of an interim equality report that concluded the force was “racist” and details about a murder inquiry that were kept from the press.
Judges heard how Cleveland Police had relied upon legal advice indicating that the leaking of information by officers could amount to the crime of misconduct in a public office and that this had been the basis for the RIPA applications.
But, in their ruling, the judges said that this direction came as “simply an email” offering “advice that the leak could amount to a criminal offence – either an offence under the [Data Protection Act] or misconduct in a public office”.
They added: “The reality is that there was no legal advice at all, upon which the [police] could rely, whether on the facts or otherwise, as to whether there was a case (with regard to either Dias or Matthews) by reference to misconduct in a public office or section 55 of the Data Protection Act, nor any analysis of the requirements of either offence.”
Under its use of RIPA powers, Cleveland Police looked at four months of call data and monitored the entire switchboard of the Echo between 2 and 4 April 2012. All six people targeted by police had their phone records monitored from 1 January to 1 May 2012.
The scale of the surveillance was said to be 35-times the size of that used in the “Plebgate” scandal that saw RIPA used to access the records of three Sun journalists.
In signing off two of the RIPA applications, superintendent McPhillips, who was the “Designated Person” within the force with the authority to do so at the time, confirmed the communications data grab was “necessary for the prevention and detection of crime”.
He said: “Public confidence in the police is hugely affected by cases such as this and the police have a strong public duty to identify those involved in the type of activity.
“I believe that the conduct involved in obtaining this communications data is proportionate to the objectives of the investigation in that it will assist the police in identifying the links between the officers and the named persons and any person(s) who can also be linked to this alleged criminal activity.
“I have balanced the extent of this level of intrusiveness with the interference of an unknown individual’s rights of respect for their private life against the benefit to the on-going police investigation.
“I believe that this is the most appropriate method that can be employed by the police at this time and the level of intrusiveness taking into consideration the offence timescales, both proportionate and justified.
“In making my determination whether to approve or reject this application, I have also given consideration to any collateral Intrusion that may occur.
“It is likely, through any application for communications data, that collateral intrusion may occur against innocent members of the community, friends and family but until the data is received this cannot be realistically assessed, which has to be balanced against the overall objectives of the police investigation.
“Nevertheless, I am satisfied, in this case, that where collateral intrusion does occur it can be effectively managed by the investigating officer (IO).”
On the scale of the surveillance undertaken, judges said: “There was no consideration of the taking of alternative steps either prior to or instead of the CDAs [Communications Data Application], and/or no evidence as to why, if they were considered, no such steps were taken or were of no avail.”
They said: “There would be no reason to believe, as might sometimes be the case in police investigations, that the making of any such further inquiries would lead to the disappearance or contamination of evidence, as the communications data would still remain available.
“There was no evidence before us as to whether any of these alternative or additional steps were considered or why, if they were considered, they were not concluded to be appropriate or were concluded to be unnecessary or impracticable,” they added.
“There was no consideration, on the evidence adduced before us, of the necessity for the duration or extent of the communications data, and no evidence of any weighing up of the benefit of obtaining such data against the clear interference with Articles 8 and 10 [of the ECHR].”
In summing up, the IPT judges said there was “no lawful basis” for obtaining the RIPA applications against Dias or Matthews against claims that either had committed a criminal offence.
They added: “Particularly in the absence of any legal advice at the time, but in the absence, even before us, of any arguable analysis of the offence of misconduct in public office or section 55 of the Data Protection Act based on the facts as known as at 17 May 2012, there was no case justifying the obtaining of communications data, and certainly not of this breadth.
“The understandable concern of [Cleveland Police] at three apparent leaks from members of the police force to the press in a short period could have led to serious consideration of disciplining the sources of those leaks, and indeed the admission by the first claimant of his discussion with the Northern Echo about the existence of the Interim Equality Report, confidential and sensitive as it was, plainly merited such consideration.
“But no such considerations justified the steps taken on 17 May 2012, particularly in the absence of any legal advice or legal analysis of the offences said to form a basis for the applications, and it is significant that [Cleveland Police] has unavailingly attempted to assert that there was such advice.
“This is particularly so where there was, contrary to what we would expect from a competent and properly trained DP [Designated Person], admittedly no consideration at all of the impact of Article 10 by way of targeting the communications with journalists, nor, it is clear, of legal and professional privilege in relation to the obvious involvement of a solicitor.
“Other steps could have been taken but were not even considered prior to any application for communications data being made.
“Had they been taken it might have become apparent that any application for communications data would be unjustified, or alternatively it might have provided some justification for the making of such application, although on any basis the duration and extent of the CDAs, and the involvement, without any consideration or legal advice, of journalists and a solicitor would have been most unlikely to be justified.”
They added: “The applications for and approvals of the obtaining of communications data by the first and second CDAs were therefore unlawful and must be quashed. As for the fourth, fifth and seventh CDAs, for the reasons set out… they too were unlawful.”
Journalists targeted by Cleveland Police have yet to take their case to the IPT, although they are understood to be considering their legal position.
At a press conference earlier this month, Cleveland Police chief Iain Spittal said he had apologised to those targeted and announced a major overhaul of the force’s Professional Standards Department.
The IPT judges said they would hear “submissions” from those involved in the case “as to remedies and the consequences of our findings”.
In a statement, Dias’s lawyer said of the judgement: “I am sure that this does not reveal the full extent of the abuse of police powers by the Cleveland hierarchy. It simply scratches at the surface at what must have been a typical abuse of their powers designed to wreck lives of staff whom they designated as troublesome without the slightest reason.”
The Daily Mirror also issued a statement, saying: “Cleveland Police’s unlawful use of terror laws to spy on reporters and attempt to gag them is a shocking abuse of power that undermines trust in the police to serve the public.
“These terror laws were introduced to keep the public safe – instead they were abused by a Police force desperate to uncover our reporter’s sources to prevent corrupt behaviour being exposed in the press.
“If we want to live in a democracy then the freedom of the press needs to be protected, not destroyed. The state has shown once again that given the means to stop the press from holding them to account it will abuse that power if it can.”
Email pged@pressgazette.co.uk to point out mistakes, provide story tips or send in a letter for publication on our "Letters Page" blog