interception - department of communications - foi internal appeal

8/3/2019 Interception - Department of Communications - FOI Internal Appeal

1/14

Pp~ An Roinn Cumarsaide,

l~ Fuinnimh agus Acmhainni Nadu" rtha

~ Halie Atha Cliath 2.

Department of Communications,

Our Ref: FOI/2011/31/

November 2011

Mr T.J. Mclntyre

Di `tagllRiIreland Ltd,

Dear Mr Mclntyre,

I refer to your appeal of 17 October 2011 under the Freedom of Information Acts

1997 and 2003 for a review of the earlier decision of this Department datedSeptember 22 concerning Lawful Interception and Illegal Interception.

I am a more senior member of the staff of this Department than the person who made

the decision of 22 September 2011. As I understand the issues, you are appealing the

Departments decision on paragraphs 1, 2(a), (b) and (h) and 5 of your original request.

This review decision is an entirely new and separate decision on your request and is

explained below:

Paragraph 1: Records relating to Interception of Postal Packets and

Telecommunications Act 1993.

I have reviewed your information request. In the first instance I am of the opinion that

any papers relating to this request are pre 2001 and are therefore outside the scope of

your original request. Secondly any papers relating to the 1993 Act would be pre

April 1998; the provisions of the Freedom of Information Acts (as amended) are not

applicable to this request.

Paragraph 2 (a): Records relating to interception in the context of the preparation

or implementation of: the ePrivacy Directive (as adopted and

amended);

I have reviewed your information request. The ePrivacy Directive refers to Directive

2002/58/EC of the European Parliament and of the Council of 12 July 2002

concerning the processing of persona! data and the protection of privacy in the

electronic communications sector. This Directive was amended in 2009 by Directive

2009/ !36/EC (the Citizen's Rights Directive).

The only reference to interception in the ePrivacy Directive is in Article 5(1) of the

Directive and this particular Article was not amended by the Directive 2009/136/EC.

I have attached Article 5(1) of the EU Directive 2001/58/EC and a copy of the

Transposition Table for the Directive. These are the only files I could locate within

29-31 Adelaide Road, Dublin 2 Tel: +353 1 678 2000

29-31 B6thar Adelaide LoCaII: 1890 44 99 00

Daile Atha Cliath 2 Fax: +353 1 678 2449

Energy and Natural Resources

Dublin 2.


2/14

the Department in relation to your request. I have been unable to find any other

records that contain reference to interception.

Paragraph 2 (b): Records relating to interception in the context of the preparation

or implementation of: Statutory Instruments No 535 of 2003,

No 526 of 2008 and No 336 of 2011.

I have reviewed your information request. S.I. No 535 of 2003 transposes Directive

2002/58/EC as amended. In relation to the transposition of Article 5(1) of the

Directive, this' provls ion was deemed, in 2003, to already be transposed by section 98

of the Postal and Telecommunications Services Act 1983 as amended by the

Interception of Postal Packages and Telecommunications Messages (Regulations) Act

1993. There are no papers relating to this decision in the Department and therefore

refusal under Section 10 (1) (a) is appropriate in this regard.

S.I. No. 526 of 2008 was introduced in order to provide for appropriate penalties

under the telecommunications regulatory framework. This S.I. had no impact on thetransposition of Article 5(1) of the Directive. There are no papers relating to this

decision in the Department and therefore refusal under Section 10 (1) (a) is

appropriate in this regard.

S.I. No. 336 of 2011 was introduced to transpose the amendments introduced by

Directive 2009/136/EC. While Article 5(1) was not amended by Directive

2009/136/EC, it was decided for clarity that in addition to the requirements of Section

98 of the Postal and Telecommunications Services Act 1983 as amended by the

Interception of Postal Packages and Telecommunications Messages (Regulations) Act

1993, the text of Article 5(1) would be directly transposed in the new Regulations.

Accordingly, Regulation 5(1) and 5(2)(a) of S.I. No. 336 of 2011 directly transposethe requirements of Article 5(1).

This was a drafting decision and therefore no records exist in relation to this decision.

Therefore refusal under Section 10 (1) (a) is appropriate in this` regard.

Paragraph 2 (h): Records relating to interception in the context of the preparation

or implementation of: the Communications Regulation (Postal

Services) Bill 2011.

I have reviewed your information request. The Communications Regulation (Postal

Services) Act 2011 in relation to interception only extends the provisions of the 1983Act to all postal service providers in light of the liberalisation of the postal market

from 1 January 2011. The requested information contains records pertaining to the

deliberative process. In addition, I am mindful that the provision of such information

could be detrimental to the security of the state. In relation to other records which may

impact on the security or defence of the state, where the risk or damage may not be

obvious to those who work outside of the security area, I must take care to identify

what particular interests would be put at risk by disclosure. In arriving at my decision

I have consulted with those working in area of state security that are of the opinion

that no records should be released. Therefore, I am of the opinion that the request

should be refused under Section 20 (1), Section 23 (1) and Section 24(1) of the Act


3/14

Records (whether pre or post 2001) which relate to interception

in the context of directions issued by the Minister pursuant to

Section 110 of the Postal and Telecommunications Services Act

1983.

Paragraph 5:

I have reviewed your information request. Section 110 of the 1983 Act enables theMinister for Communications to issue directions requiring compliance with anything

that he may specify as necessary in the national interest. The interception regime

operates on the complimentary interaction of this provision and the 1993 Act under

which authons'ations may be issued by the Minister for Justice in response to an

application from the appropriate authorities, which are highly confidential. As

outlined above the release of such information may be deemed to be detrimental to the

security of the State. Accordingly, I am of the opinion that your request should be

refused under Section -23(1), Section 24 (1) and Section 26 (1) of the Act.

Right of Appeal:

You may appeal this decision by writing to the Information Commissioner at 18

Lower Leeson Street, Dublin 2. There is a fee of 150 for such appeals (or 50 if you

are a medical card holder), other than appeals against a decision to impose a fee. If

you wish to appeal, you must do so no later than 6 months from the date of this

notification. Should you write to the Information Commissioner making an appeal,

please refer to this letter.

s sincerely,

\,~-.

rek ByrrAssistant Prfncipal Officer

Communications Development Division


4/14

FOI 2011/31 -Papers

Article 5(1) of EU Directive 2002/58/EC of the European Parliament and of the

Council of 12 July 2002 concerning the processing of personal data and the

protection of privacy in the electronic communications sector (ePrivacy Directive).

Transposition Table for EU Directive 2002/58/EC

Section 98 of the Postal and Telecommunications Services Act 1983 (as amended

by the Act of 1993)

Regulation 5(3) of S.I. No. 535 of 2003.

Tab A

Tab B

Tab C

Tab D

Tab E Regulation 5 of S.I. No. 336 of 2011


5/14

31.7.2002 N Official Journal of the European Communities L 201|4 3

2. The provisions of this Directive particularise and comple-ment Directive 95|46|EC for the purposes mentioned in para-

graph 1. Moreover, they provide for protection of the legitimate

interests of subscribers who are legal persons.

3. This Directive shall not apply to activities which fall

outside the scope of the Treaty establishing the European

Community, such as those covered by Titles V and VI of theTreaty on European Union, and in any case to activities

concerning public security, defence, State security (including

the economic well-being of the State when the activities relate

to State security matters) and the activities of the State in areas

of criminal law.

Article 2

Definitions

Save as otherwise provided, the definitions in Directive 95|46|EC and in Directive 2002|21|EC of the European Parliament

and of the Council of 7 March 2002 on a common regulatory

framework for electronic communications networks andservices (Framework Directive) Cl)shall apply.

The following definitions shall also apply:

(a) user' means any natural person using a publicly available

electronic communications service, for private or businesspurposes, without necessarily having subscribed to this

service;

(b) `traffic data' means any data processed for the purpose of

the conveyance of a communication on an electronic

communications network or for the billing thereof;

(c) `location data' means any data processed in an electronic

communications network, indicating the geographic posi-

tion of the terminal equipment of a user of a publicly avail-

able electronic communications service;

Cd) communication' means any information exchanged or

conveyed between a finite number of parties by means of a

publicly available electronic communications service. This

does not include any information conveyed as part of a

broadcasting service to the public over an electronic

communications network except to the extent that the

infonnation can be related to the identifiable subscriber or

user receiving the information;

(e) `call' means a connection established by means of a publicly

available telephone service allowing two-way communica-

tion in real time;

(f) `consent' by a user or subscriber corresponds to the data

subject's consent in Directive 95|46|EC;

(g) `value added service' means any service which requires the

processing of traffic data or location data other than traffic

data beyond what is necessary for the transmission of a

communication or the billing thereof;

(h) electronic mail' means any text, voice, sound or image

message sent over a public communications network which

can be stored in the network or in the recipient's terminal

equipment until it is collected by the recipient.

Artic!e 3

Services concerned

1. This Directive shall apply to the processing of personal

data in connection with the provision of publicly available elec-

tronic communications services in public communications

networks in the Community.

2. Articles 8, 10 and I 1 shall apply to subscriber lines

connected to digital exchanges and, where technically possible

and if it docs not require a disproportionate economic effort, to

subscriber lines connected to analogue exchanges.

3. Cases where it would be technically impossxb.le or require

a disproportionate economic effort to fulfil the requirements ofArticles 8, 10 and 11 shall be notified to the Commission by

the Member States.

Article 4

Security

1. The provider of a publicly available electronic communi-

cations service must take appropriate technical and organisa-

tional measures to safeguard security of its services, if necessary

in conjunction with the provider of the public communications

network with respect to network security. Having regard to thestate of the art and the cost of their implementation, these

measures shall ensure a level of security appropriate to the risk

presented.

2. tn case of a particular risk of a breach of the security of

the network, the provider of a publicly available electroniccommunications service must inform the subscribers

concerning such risk and, where the risk lies outside the scope

of the measures to be taken by the service provider, of anypossible remedies, including an indication of the likely costs

involved.

Artic!e5

Confidentiality of the communications

1. Member States shall ensure the confidentiality of commu-

nications and the related traffic data by means of a publiccommunications network and publicly available electronic

communications services, through national legislation. In parti-

cular, they shall prohibit listening, tapping, storage or other

kinds of interception or surveillance of communications and

the related traffic data by persons other than users, without theconsent of the users concerned, except when legally authorised

to do so in accordance with Article 1 5(I). This paragraph shall

not prevent technical storage which is necessary for the convey-

ance of a communication without prejudice to the principle of

confidentiality.Ct} OJ L 108, 2 4. 4.200 2, p. 3 3.


6/14


7/14


8/14

C)-


9/14


10/14


11/14

Page 1 of I

Postal and Telecommunications Services Act,

1983

Prohibition on interception 98.-(I) A person who-of telecommunicationsmessages.

Ca) intercepts or attempts to intercept, or

(b) authorises, suffers or permits another person to intercept, or

(c) does anything that will enable him or another person to intercept,

telecommunications messages being transmitted by the company or who disclosesthe existence, substance or purport of any such message which has been intercepted

or uses for any purpose any information obtained from any such message shall be

guilty of an offence.

(2) Subsection (I) shall not apply to any person who is acting-

(a) (i) for the purpose of an investigation by a member of the Garda Siocha

of a suspected offence under section 13 of the Post Office(Amendment) Act 1951 (which refers to telecommunications

messages of an obscene, menacing or similar character) on the

complaint of a person claiming to have received such a message, or

(ii) in pursuance of a direction issued by the Minister under section 110 , or

(iii) under other lawful authority, or

(b) in the course of and to the extent required by his operating duties or dutiesfor or in connection with the installation or maintenance of a line,

apparatus or equipment for the transmission of telecommunications

messages by the company.

(3) (a) The company may, with the consent of the Minister, make regulations to

carry out the intentions of this section in so far as concerns members ofits staff.

(b) The Minister, after consultation with the company, may direct the

company to make regulations underparaaph (a) or to amend orrevoke regulations made under that paragraph and the company shall

comply with that direction.

(c) A person who contravenes any regulation under this subsection shall be


(4) (a) The Minister may make regulations prohibiting the provision oroperation of overhearing facilities in relation to any apparatus (including

private branch telephone exchanges) connected to the network of the

company otherwise than in accordance with such conditions as heconsiders to be reasonable and prescribes in the regulations.

(b) A person who contravenes any regulation under this subsection shall be


(5) In this section, "interception" means listening to, or recording by any means,

or acquiring the substance or purport of, any telecommunications message withoutthe agreement of the person on whose behalf that message is transmitted by the

company and of the person intended by him to receive that message.

Government of Ireland. Oireachtas Copyright Material is reproduced with the permission of the House of the

Oireachtas

Accessibility Statement | Privacy Statement Disclaimer

http://www.irishstatutebook.ie/1983/en/act/pub/0024/secOO98,html 02/11/2011


12/14

Interception of Postal Packets and Telecommunications Messages (Regulation) Act, 1... Page I of I

Interception of Postal Packets andTelecommunications Messages (Regulation)

Act, 1993

Amendment 13.-(1) The reference in subsection (2) of section 98 of the Act of 1983 to subsection (1) ofof Act of that section shall be deemed to include a reference to section 45 of the Telegraph Act, 1863, the

1983' second paragraph of section 11 of the Post Office (Protection) Act, 1884, and subsection (5)(inserted by subsection (3) of this section) of the said section 98.

(2) The following subsections are hereby inserted after subsection (2) of section 98 of the Actof 1983:

"(2A) A person employed by the company who discloses to any person anyinformation concerning the use made of telecommunications services provided for

any other person by the company shall be guilty of an offence unless the disclosureis made--

(a) at the request or with the consent of that other person,(b) for the prevention or detection of crime or for the purpose of any criminal

proceedings,

(c) in the interests of the security of the State,

( in pursuance of an order of a court,

(e) for the purpose of civil proceedings in any court, or

(/) to another person to whom he is required, in the course of his duty as such

employee, to make such disclosure.

(2B) A request by a member of the Garda Siocharla to a person employed by thecompany to make a disclosure in accordance with the provisions of subsection (2A)

shall be in writing and be signed by a member of the Garda Siochana not below therank of chief superintendent.

(2C) A request by an officer of the Defence Forces to a person employed by the

company to make a disclosure in accordance with the provisions of subsection (2A)shall be in writing and be signed by an officer of the Permanent Defence Force who

holds an army rank not below that of colonel."

(3) The following subsections are hereby substituted for subsection (5) of the said section

98:

"(5) A person who discloses the existence, substance or purport of atelecommunications message that was transmitted by the Minister before the vesting

day and intercepted or who uses for any purpose any information obtained from any

such message shall be guilty of an offence.

(6) In this section intercept' means listen to, or record by any means, in the

course of its transmission, a telecommunications message but does not include suchlistening or recording where either the person on whose behalf the message istransmitted or the person intended to receive the message has consented to the

listening or recording, and cognate words shall be construed accordingly.".

Government of Ireland. Oireachtas Copyright Material is reproduced with the permission of the House of the

OireachtasAccessibility Staten ent Privacy Stateme Disclaimer

http./'Iwww.irishstatutebook.ie/1993/en/act/pub/0010/secOOl3.html 02/ll/2011


13/14

S.I. No. 535/2003 European Communities (Electronic Communications Networks .,. Page 1 of 1

5. (1)Confidentiality ofcommunications

No person shall

use an electronic

communicationsnetwork to store

information or togain access to

informationstored in the

terminalequipment of a

subscriber or userunless -

(a)

(b)

the subscriber or user concerned is

provided with clear andcomprehensive information in

accordance with the Acts, which isprominently displayed and easily

accessible and which, withoutlimitation, includes the purpose of

the processing

the subscriber or user is offered the

right to refuse such processing by

the data controller.

(2) Paragraph 1 does not prevent anytechnical storage of or access to

information for the sole purpose of

carrying out or facilitating the

transmission of a communication over anelectronic communications network or

which is strictly necessary in order toprovlde an information society service

explicitly requested by the subscriber or

user.

Section 98 of the Act of 1983 does notapply to:

technical storage of communications and

the related traffic data which is necessaryfor the conveyance of a communication

without prejudice to the principle of

confidentiallty.

(3)

http://www.irishstatutebook.ie/2003/en/si/0535.html 02/11/2011


14/14

S.I. No. 336/2011 - European Communities (Electronic Comlnunications Networks ... Page I of 1

Con.fldentialit,y of

communications

5. (I) Without prejudice to section 98 of the Act of 1983 and section 2 of the Act of 1993and except where legally authorised under a provision adopted in accordance with Article

15(1) of the Directive on privacy and electronic communications, the listening, tapping,storage or other kinds of interception or surveillance of communications and the related

traffic data by persons other than users, without the consent of the users concerned, is

prohibited.

(2) Paragraph (1) does not-

(a) prevent the technical storage of communications and the related traffic data

which is necessary for the conveyance of a communication without prejudice to theprinciple of confidentiality, and

(b) affect any legally authorised recording of communications and the related traffic

data when carried out in the course of lawful business practice for the purpose of

providing evidence of a commercial transaction or of any other business

communication.

(3) A person shall not use an electronic communications network to store information, orto gain access to information already stored in the terminal equipment of a subscriber or

user, unless

(a) the subscriber or user has given his or her consent to that use, and

(b) the subscriber or user has been provided with clear and comprehensiveinformation in accordance with the Data Protection Acts which--

(i) is both prominently displayed and easily accessible, and

(ii) includes, without limitation, the purposes of the processing of the

information.

(4) For the purpose of paragraph (3), the methods of providing information and giving

consent should be as user-friendly as possible. Where it is technically possible and

effective, having regard to the relevant provisions of the Data Protection Acts, the user'sconsent to the storing of information or to gaining access to information already stored

may be given by the use of appropriate browser settings or other technological applicationby means of which the user can be considered to have given his or her consent.

(5) Paragraph (3) does not prevent any technical storage of, or access to, information forthe sole purpose of carrying out the transmission of a communication over an electronic

communications network or which is strictly necessary in order to provide an information

society service explicitly requested by the subscriber or user.

http://www.irishstatutebook.ie/2011/en/si/0336.html 02/l1/2011

interception - department of communications - foi internal appeal

Documents