The FSA will not be able to intercept telephone calls, letters or e-mails - these powers remain reserved for authorities such as the police and intelligence services. The FSA will, however, be able to use RIPA powers to obtain details of a subscriber behind a telephone number or when and to whom calls or e-mails were sent by particular subscribers.
The effect of including the FSA in the new Order is to bring it and other public authorities within the RIPA regime, which includes a process for the authorisation of the use of such powers, access to a Tribunal for anyone affected by them, and administrative arrangements for independent oversight by an external body. The FSA already has rigorous procedures to ensure that individual privacy rights are respected and that it only obtains communications data where it is necessary and proportionate to do so - these procedures will now be supervised within the same statutory framework that applies to other authorities.
Andrew Procter, Director of Enforcement at the FSA, said: "Communications data, such as telephone billing information and Internet protocol addresses, are often a vital element of our investigations into serious offences like insider dealing, making misleading statements or conducting unauthorised business. Those offences are increasingly being committed by telephone or through the Internet. Although the FSA has been able to obtain communications data using its investigative powers under the Financial Services and Markets Act 2000, we welcome our inclusion as an authority under Chapter II of RIPA. This means that the FSA's access to communications data will be subject to the same framework of regulation and statutory oversight as other public authorities obtaining this sensitive kind of information. In our view, this is an important means of ensuring that an appropriate balance is struck between the protection of privacy and our statutory objective to reduce crime in the financial services sector."
The Order was laid before Parliament on 11 September 2003.
Background
- The RIPA is intended to ensure that the surveillance and certain other investigative activities of government departments and public authorities are compliant with the privacy requirements of the European Convention on Human Rights.
- RIPA is divided into 4 main parts:
- Part I: Interception of communications (Chapter I covers Interception of the content of communications; Chapter II covers Acquisition and disclosure of "communications data")
- Part II: Surveillance and covert human intelligence sources;
- Part III: Encryption;
- Part IV: Oversight and complaints;
- Part I Chapter II will come into force at the same time as the Order giving the FSA and other authorities powers under RIPA.
- The addition of further authorities to the list of "relevant public authorities" in Chapter II attracted considerable media attention last summer and, as a result, was the subject of a public consultation exercise by the Government that concluded on 3 June 2003.
- Chapter II provides a permissive authorisation regime for obtaining "communications data". Communications data does not contain any content, but is information about the circumstances in which a communication has been sent. The provisions of Chapter II apply equally to postal, telephone and Internet services.
- RIPA defines three types of communications data: subscriber information - e.g. names and addresses of people to whom services are provided; service use information - e.g. itemised telephone billing records; and traffic data - e.g. information identifying the precise location from which a communication has been made.
- Subscriber data is the type of communications data obtained most frequently by the FSA and has been particularly important when we are seeking to establish whether investment business has been conducted without the FSA's authorisation. For example, the FSA often comes across web-sites promoting regulated activities or bogus high yield investment schemes masquerading as regulated activities. The FSA will need to identify the person posting the site and this can often only be done by obtaining subscriber data, such as registration details, from the web host. Alternatively, there may be a telephone number listed on the site and the FSA will contact the relevant telephone service provider to identify the person who holds that number. The FSA makes over 100 such requests for subscriber data each year.
- Service use data is the type of communications data most commonly sought by the FSA in support of insider dealing investigations. For example, on occasion the FSA has noticed that large quantities of a particular stock have been traded shortly before a public announcement affecting the price of the stock (e.g. an impending take-over). Itemised telephone billing records have helped show whether the people who traded had contact with possible sources of information at critical times and might prove to be crucial evidence in a prosecution. In the course of the last year access to this type of data has been authorised on 12 occasions.
- Traffic data is obtained by the FSA least frequently but can be highly valuable for its investigations into insider dealing or the making of misleading statements. For example, on a number of occasions the FSA has become aware of entries posted on Internet-based investment bulletin boards suggesting that a particular stock is likely to rise in value and encouraging readers to invest. In instances where the information in the posting is not true, this may be a misleading statement made in an attempt to manipulate the price of the stock. In order to help identify who made the statement, the FSA will need to obtain from the bulletin board operator the Internet Protocol address for the e-mail posting the entry. We anticipate obtaining traffic no more than 10 times a year.
- The FSA regulates the financial services industry and has four objectives under the Financial Services and Markets Act 2000: maintaining market confidence; promoting public understanding of the financial system; securing the appropriate degree of protection of consumers; and fighting financial crime.
- The FSA aims to maintain efficient, orderly and clean financial markets and help retail consumers achieve a fair deal.