WESTMINSTER CRIME AND DISORDER REDUCTION PARTNERSHIP
PROTOCOL AND PROCEDURE FOR THE EXCHANGE OF INFORMATION, AS AGREED BETWEEN:
WESTMINSTER CITY COUNCIL
CITY OF WESTMINSTER POLICE (MPS)
WESTMINSTER PROBATION SERVICE
WESTMINSTER PRIMARY HEALTH CARE TRUST
LONDON FIRE & EMERGENCY PLANNING AUTHORITY
METROPOLITAN POLICE AUTHORITY
Appendix 1 illustrates the bodies required to participate, required to co-operate and invited to participate in this Protocol, as part of the Crime and Disorder Reduction Partnership Strategy, in accordance with the Crime and Disorder Act 1998.
CONTENTS
SECTION
/ DESCRIPTION / PAGE1. / Introduction / 3
2. /
General Rules and Key Responsibilities
/ 53. / The Legal Framework to be used in conjunction with Crime & Disorder Act 1998 / 7
4. /
Uses of Shared Information
/ 105. / Sources of Information / 11
6. / Exchange and Dissemination of Information / 16
7. /
Auditing and Evaluation
/ 198. /
Communications Strategy
/ 199. / Signatories / 20
Appendix 1 - Glossary of terms for information / 21
Appendix 2 - Parties to the Protocol
/ 22Appendix 3 - Youth Offending Team/ Citywest Homes / 24
Appendix 4 - List of Information Types / 25
Appendix 5 – Information Request pro forma / 27
Appendix 6 – Flow Chart for information sharing / 28
Appendix 7 – Information Audit pro forma / 29
Appendix 8 - List of Designated Officers
1. INTRODUCTION
1.1 The Crime and Disorder Act 1998 is the primary legislative tool, common to all crime reduction protocols. It does not, however, override existing legal safeguards that govern the use of personal information.
1.2 The scope of this Protocol is to clarify as far as possible, under which circumstances information can be exchanged. The intention is to achieve a single, joint approach to the exchange of information, which would be a highly efficient mechanism for reducing crime and disorder.
1.3 The purposes of this Protocol are:
i) To facilitate the exchange of information pursuant to the power contained in section 115 of the Crime and Disorder Act 1998 (the Act).
ii) To assist the information sharing process in accordance with Section 5 and 6 of the Act.
iii) To clarify the responsibilities placed on various bodies to share information for the purpose of preventing or detecting crime
Section 115 of the Act
1.4 Section 115 enables any person to disclose information to a relevant authority, or to a person acting on behalf of such an authority, where disclosure is necessary or expedient for the purposes of any of the provisions of that Act. Those Relevant Authorities are also known as the Statutory Partners.
1.5 For the purposes of this Protocol, the Relevant Authorities are:
· Westminster City Council
· The Chief Officer, Westminster City Police
· Metropolitan Police Authority
· London Probation Service
· Westminster Primary Care Trust
· Metropolitan Police Authority
1.6 This provision does not place any person under an obligation to disclose information; it merely provides that person with a power that they may not otherwise have to disclose information where necessary for a particular purpose.
1.7 Nor does this provision entirely override existing legal safeguards that govern disclosure of personal information such as the Data Protection Act 1998, the Human Rights Act 1998 and the common law duty of confidence.
Sections 5 and 6 of the Act
1.8 The overall aim of sections 5 and 6 is to ensure that the Responsible Authorities (Chief Officer of Police, Local Authority and Fire Authority):
· are aware of the nature of crime and disorder in their area;
· are able to identify the methods of developing and implementing effective action to help reduce that crime and disorder; and
· formulate and publish a Crime and Disorder Reduction Strategy setting out the findings of the crime and disorder audit (which is necessitated under the Crime and Disorder Act) and putting this strategy into practice
1.9 These provisions make it clear that the duty to tackle crime and disorder locally rests jointly between the Police and Local Authorities. However, section 5 provides the ability for partnerships to be inclusive of the full range of agencies and individuals in their area, some of whom have to participate in the Crime and Disorder Reduction Strategy and others who can be invited to participate, and it is recommended that effective relationships are built and continually developed (see Appendix 1).
Other considerations to information sharing
1.10 Section 17 of the Act places a general duty on the police and local authority to exercise their various functions with due regard to the likely effect of those functions on, and the need to do all that they reasonably can, to prevent crime and disorder in their area.
1.11 The provisions of the Data Protection Act are helpful in cases where the exchange of processed or readily retrievable information between different agencies – whether or not they are Relevant Authorities for the purposes of Section 115 of the Act. Whereas it may often be appropriate to provide only generic or non-personal information to such an agency, there may be occasions where it is necessary to disclose personal information in the interests of preventing crime.
1.12 By signing this Protocol, the parties declare their commitment to the procedures it sets out and agree to comply with all legal requirements when sharing information.
1.13 Any party may withdraw from this Protocol upon giving written notice to the other signatories. Information, which is no longer relevant, must be destroyed or returned. The partner must continue to comply with the terms of this Protocol in respect of any information that the partner has obtained through being a signatory.
2. GENERAL RULES AND KEY RESPONSIBILITIES
2.1 Parties to this Protocol:
i) Recognise the importance of sharing information with each other in line with the aims of the Crime and Disorder Act 1998 for the purpose of reducing crime and disorder.
ii) Undertake to co-operate fully with each other within the parameters of the Data Protection Act 1998, the Human Rights Act 1998 and the Crime and Disorder Act 1998.
iii) Undertake, where possible and appropriate, to pass on information within a time limit of [to be agreed] days where information is requested in the correct manner (see Appendix 5 & 6); variations to the time limit may occur depending on the nature of the information being requested, the volume of requests and operational needs.
iv) Agree that all processing of personal data remains the responsibility of the Data Controller as defined by the Data Protection Act 1998. However, each party has nominated a Designated Officer with responsibility for approving the submission of requests and conversely considering/authorising disclosures of information requested by other partners.
v) Will not use any information they receive for any purpose other than that set out in this Protocol nor will they share that information with any other party without the disclosing parties written permission.
vi) Will have notified the Information Commissioner in accordance with the Data Protection Act 1998 and will ensure that its registration is up to date.
2.2 Each party undertakes to ensure that it complies with all relevant legislation, this Protocol, and its own internal policies relating to disclosure. Parties are recommended to seek their own legal advice, where necessary.
2.3 Each party will ensure that the data it holds are as accurate and up to date as possible.
2.4 All information received is only to be used for the purposes which are clearly expressed in the agreement.
2.5 The agreement outlines the format in which requests for information are made and by whom (see Section 6).
2.6 Requests and exchanges of information are to be carefully logged and relevant procedures should be in place to provide an audit trail (see Section 7).
2.7 The procedures for individuals to exercise their legal right of access to and copies of personal data held about them, are understood and will be complied with (Freedom of Information Act 2000, see Section 3)
2.8 The procedures for dealing with problems when things go wrong are briefly outlined and will be adhered to if the situation arises (see Section 6).
2.9 The Agreement will be reviewed and updated on a regular basis to take into consideration new signatories and changes in legislation.
3. THE LEGAL FRAMEWORK TO BE USED IN CONJUNCTION WITH THE CRIME AND DISORDER ACT 1998
Data Protection Act 1998
3.1 The Data Protection Act (DPA) regulates the processing and handling of personal data that has been lawfully obtained and which are held in structured manual (paper) files or electronic/IT based systems.
3.2 Personal data means data from which a living individual may be identified, either from those data alone or together with other information either held by the Data Controller or which is likely to come into the possession of the Data Controller.
3.3 The definition of "processing" under the DPA is wide enough to encompass anything that one does to information including its collection, storage, disclosure and ultimate destruction.
3.4 The DPA also provides for a framework of notification by Data Controllers with the Information Commissioner, an independent supervisory authority (previously known as the Data Protection Registrar)
3.5 Personal data must be processed in accordance with the Data Protection Principles as set out in the DPA, which state that personal data must be:
1) fairly and lawfully processed;
2) must not be further processed in a manner incompatible with the purposes for which they were obtained;
3) adequate, relevant and not excessive;
4) accurate;
5) must not be kept longer than necessary;
6) processed in accordance with the data subject’s rights
7) secure; and
8) not transferred to countries without adequate protection
3.6 The first and second data protection principles contain and require the compliance with significant conditions. On each occasion that personal data are processed, the Data Controller must, as a requisite of fair and lawful processing, have legitimate grounds for doing so in accordance with Schedule 2 of the DPA, or if the processing involves sensitive personal data, Schedule 3 of the DPA.
3.7 However, there are certain exemptions under the DPA when some of these data protection principles do not apply to processing of personal data. One such exemption to the non-disclosure rules allows for disclosure of personal data where the purpose is the prevention or detection of crime.
3.8 These exemptions allow information sharing between non-statutory partners, such as Registered Social Landlords and the British Transport Police (who are able to apply for Anti-Social Behaviour Orders (ASBO’s) under Section 1 of the Crime and Disorder Act 1998 but who are not listed as Relevant Authorities under section 115 of that Act) with other agencies who may have relevant personal information, such as the Police, to support such an application. (See Appendix 2)
Human Rights Act 1998
3.9 The European Convention on Human Rights is now enshrined within UK law by way of the Human Rights Act 1998. This Act places a duty on all public authorities to have regard to the Convention when exercising any of its functions.
3.10 With regard to information sharing the predominant article to be considered is Article 8 which states that every individual has a right to respect for his private and family live. However this is a qualified right which means it can be interfered with provided such interference is necessary on one of the specified grounds (see 3.10) and is proportionate (see 3.11)
3.11 Article 8(2) stipulates that there shall be no interference by a public authority with the right to privacy except where it is both in accordance with the law and necessary:
· in the interests of national security
· public safety
· economic well being of the country
· the prevention of crime and disorder
· the protection of health or morals
· the protection of the rights or freedoms of others
3.12 The general rule of proportionality will also need to be applied. Basically, any interference of rights must be justified and a fair balance must be achieved between the protection of an individual’s rights with the general interests of society and the aims of what is being sought to be achieved by that interference.
Freedom of Information Act 2000
3.13 This Act will give a general right of public access to all types of 'recorded' information held by public authorities, sets out exemptions from that general right, and places a number of obligations on public authorities and disclosure may be required if a lawful request is made. The public right of access is expected to come into force in 2005.
Regulation of Investigatory Powers Act 2000 (RIPA)
3.14 This is a legislative measure to govern the use of a number of investigative tools, including covert surveillance and the use of covert human intelligence sources.
3.15 Covert surveillance, by its very nature, will interfere with an individual's right to respect for his private life. Therefore, RIPA provides an authorisation process that must be completed before such surveillance can be carried out, which will ensure that the interference with that individual's rights can be justified and to ensure there are no breaches of the Human Rights Act.
3.16 The Authorising Officer has to be satisfied that the surveillance is both necessary and proportionate.
3.17 RIPA covers three types of surveillance:
· Directed Surveillance - covert but not intrusive and undertaken for the purposes of a specific operation or investigation and in such a manner that it is likely to result in obtaining personal information. This can be authorised and undertaken by Local Authorities and other public bodies. Example: use of covert surveillance cameras on a housing estate to ascertain the individuals causing anti-social behaviour.
· Intrusive Surveillance - this is surveillance which is carried out in relation to anything taking place on residential premises or in a private vehicle and involves the presence of an individual on the premises or is carried out by means of a surveillance device. This type of surveillance cannot be authorised by any body other than the Secretary of State/Police/Customs and will therefore not be available for use by a local authority.