OSCIIN OFFICIAL - SENSITIVE lnvestigatory Powers Commissioner lnvestigatory Powers Commissioner?s Of?ce PO Box London 29105 sw1v 12U 2:31th September 2013 4.1 4.2 IPCO INSPECTION - POLICE SCOTLAND Date of inspection 13"? to 21"t September 2013. Commissioner and date of visit You will visit the Force on a date to be advised. Inspectors Introduction Police Scotland was formally established on 1St April 2013 and is responsible for policing across the length and breadth of Scotland, covering some 28,153 square miles. The Force has 17,234 police of?cers, 4,923 police staff, and 550 Special Constables who work alongside their full time colleagues to deliver the policing service to the public of Scotland. The force remains the second largest Force in the UK after the Metropolitan Police Service. The senior management team has seen signi?cant change since the last inspection but it is hoped there will now follow a period of stability. The Chief Constable is Mr Iain Livingstone QPM, who was previously the Deputy Chief Constable and latterly temporary Chief Constable. Mr Livingstone was appointed to the substantive rank on the 27"h of August 2018. He is supported by a team of three Deputy Chief Constables. Deputy Chief Constable Fiona Taylor was appointed to the role in August 2018 and oversees the Professionalism portfolio for the Force. In addition DCC Taylor performs the role of Senior Authorising Of?cer (SAD) in the absence of Mr Livingstone. Deputy Chief Constable Will Kerr, OBE leads the Local Policing Portfolio and was appointed to the Force in September 2018. Deputy Chief Constable Johnny QPM has been in post since the last inspection and leads the Crime and Operational Support portfolio. DCC is also the Senior Responsible Of?cer for the Force for matters concerning the Regulation of investigatory Powers (Scotland) Act 2000 OFFICIAL - SENSITIVE 4.3 4.4 4.5 4.6 34.? 5.1 5.2 OFFICIAL - SENSITIVE The Chief Constable is further supported by ten Assistant Chief Constables [an increase from eight since the last inspection) and four Directors (an increase of one since the last inspection), each covering the areas of People 3: Development, ICT, Business Integration and Change). The force remains divided into three Territorial Control Areas: North, East and West, which cover thirteen Local Policing Divisions, each of which is led by a Local Police Commander. Each of these Divisions has response of?cers; community of?cers; local crime investigation; roads policing; public protection; and local intelligence. The Force has retained its six specialist divisions: Contact Command 8t Control; Custody; Criminal Justice; Safer Communities; Operational Support; and Specialist Crime Division The SCD houses the main business areas with which the IPCO inspection is concerned: Major Crime, Public Protection, Intelligence Support, Organised Crime and Counter Terrorism and Safer Communities. Detective Superintendents within the Public Protection and Crime roles provide additional support to local police commanders by managing resources and incidents connected to crime, intelligence and public protection within the divisions. The Senior Responsible Of?cer, DCC Johnny {Crime and Operational Support) was interviewed during the inspection in order to ascertain how he discharges these additional duties. ACC Steve Johnson, lead for Crime, was also spoken to at length concerning his role as A0 for "Relevant Sources?. This report should be addressed to The Chief Constable, Police Scotiand, Tullialian Castle, awarding, are, me 485? Inspection approach The purpose of the inspection was to examine policies, procedures and operations in respect of Part of the Police Act 1997, Part II of the Regulation of Investigatory Powers (Scotland) Act 2000 and Part of RIPA. The methodology was agreed viith the Force in advance following pre-inspection discussions between_ and the CAB Manager? - A significant amount of time during this inspection was focused on CHIS cases and a direct result of the recommendation made in last year?s report concerning the need for fuller risk assessments to be completed. In addition it was recognised that there was a complex nature to many of the CHIS cases undertaken by the Force. Meetings with of?cers took place at Gartcosh and at outlying locations. In addition, IPCO Chief lnspector,_, spent two days in Aberdeen, reviewing the CAB procedures, inspecting directed surveillance authorisations and CHIS cases as well as interviewing staff from these disciplines. The ?ndings from this visit and other visits to divisional units, which support these covert tactics, have been reported on within the report under the relevant headings of CHIS and directed surveillance. The main inspection team was also shadowed, for part of the week, by one recently appointed IPCO Inspector and a member of the staff charged with a review and potential development of inspection practices. On the third day of the inspection, Wednesday, a further ?ve Inspectors from IPCO, involved in the inspection of Communications Data, joined this inspection team in order to carry out a more holistic inspection of a major covert operation {Operation This operation has been progressing for a number of years and has more recently seen executive action take place, with a number of individuals already convicted for their criminal enterprises. A number of further investigative lines are still being pursued. It is without doubt that this operation was complex with OFFICIAL - SENSITIVE 6.1 6.2 7.1 OFFICIAL - SENSITIVE unique challenges faced by the investigation team who were supported through the development of a wide range of covert tactics. The inspection team received an in~depth brie?ng from the SIC) far the investigation who was able to answer questions posed bv the inspection team prior to the inspection of the associated covert authorisations. Feedback on the standard of the full range of authorisations examined and feedback on the inspection process was given and received at the end of the day. We would like to thank the SIG ?e and the CAB manager for their signi?cant efforts in planning this inspection day. Kev statistics In the period covering 5"1 September 201? to 13th September 2013 there have been I property interference authorisations I the last reporting period); one for intrusive surveillance with a further. authorisations for combined Propertv Interference and Intrusive Surveillance I in the last reporting period);I directed surveillance authorisations I last time]; and at the time of the inspection, there were. {compared toIl authorised CHIS, with. (down fromI} for Counter Terrorism. There have been I undercover operatives authorised. I Part RIPA (section 451 Notices} have been sought I successful conviction, the ?rst time this has occurred in Scotland, has been achieved for a case which was highlighted within the previous inspection period. During the course of the inspection, the foliowing records were viewed: a 17 directed surveillance authorisations Iproperty interference and intrusive surveillance authorisations (includingl urgent oral authorisations) I crime, Prison and Counter Terrorism CHIS records 0 'undercover operations Review of progress on recommendations in relation to directed When granting directed under the urgency provisions, Poiice Scotiand should ensure that gag: the Authorising Ojj?icer a_n_d the applicant make a record detailing the speci?c actions authorised in accordance with paragraph 3.26 and 5.10 of the Scottish Code of Practice for covert Discharged. A notable improvement was discovered, when documenting the activity authorised during the urgent oral process bv both the AD and the applicant and thus leaving no doubt as to the exact activity authorised as well as any parameters set therein. That said, further comment is contained later in this report with regards to the volume of content now contained within these records (see paragraph 12.4 below}. The improvement in the details documented during the urgent oral process is believed to be largely due to the training and education process put in place by of?cers from the Central Authorities Bureau It was noted that awareness training was delivered at a number of Continuous Professional Development (CPU) davs held for Senior Investigating Of?cers A05 and those involved in the investigation of dynamic, serious crimes such as kidnap and extortion. In addition the training and awareness programme has been embedded within initial training for SIOS, newlv appointed Sergeants and those training to act as gatekeepers. The Force training guides have been updated with a focus placed on the OFFICIAL - SENSITIVE 7.2 8.1 8.2 OFFICIAL - SENSITIVE need for applicants to understand exactly what has been authorised, as opposed to what they may have requested, and further-emphasis placed on those deploying the tactic to have sight of the authorisation thus complying with the vSutheriand requirements. in relation to CH6: Initial risk assessments should always provide a meaningful and bespoke summary of the individual CHIS, to enable the Authorising O??icer to make a reasoned judgement before authorisation, and the force should ensure that all Source Handling Units adopt a corporate approach to such content. With the introduction of the generic ongoing risk assessment, the force should determine a set period {in routine cases) at which there should be a meaningful and documented revisit of the risk assessment for any authorised Discharged. A thematic review of CHIS risk assessments was undertaken with best practice examples used to form a training delivery package. CPD events were held with those involved in CHIS authorisation and management. The emphasis was placed on delivery of a corporate approach with a similar standard of assessment conducted for each CHIS case. Additionally a 13 point risk assessment questionnaire has. been developed which should be completed by the CHIS handling team at the earliest opportunity and after intrusive engagement with the CHIS has taken place. It was also reported that once a risk is identi?ed, the advice and guidance now in place, is for the risk assessment to be updated with the A0 then having access to a newly developed "rolling log? which should make clear the continuing risks associated with the CHIS case. It was noted during the inspection of CHIS cases, particularly during the inspection of cases in Aberdeen, that there was a signi?cant reliance on the generic risk assessment. Whilst this is normal practice, with speci?c risks additionally highlighted, it was noted that the generic risk assessment is circa two years old. It_ may be bene?cial to' review the generic risk assessments used by the Force to ensure they continue to be relevant in what is an ever changing CHIS management environment. Review of the risks posed to CHIS and the management of same has been undertaken with a recent audit of the Counter Terrorism CHIS ?stable?. This included personal and intrusive oversight undertaken by ACC Johnson. It was reported that a further, similar review, will be conducted within the crime CHIS 'stable? in the near future. Policies and procedures The force?s covert capabilities have not changed materially over the past year but oversight arrangements have changed with the introduction of two newly appointed A05 to the cadre which numbers. in total. Additionally the CAB has seen some change due to the retirement of the CAB manager and the introduction of a number of new gatekeepers. The new CAB manager and some of the newly appointed staff have previous covert policing experience and continue to develop compliance with the Act through daily advice and guidance and an improved and extensive training delivery programme. - A brie?ng was provided by Detective Chief Superintendent -, head of the Specialist Crime Division and Intelligence Support, on the recent and proposed changes within the areas of CHIS (referred to by the Force as "Human Collections"), Covert Policing Support, Central Authorities Bureau (CAB), Authorisation and National Intelligence Assessment Unit. These changes can be summarised as follows: OFFICIAL - SENSITIVE OFFICIAL - SENSITIVE Human Collections Review - Changes in the CHIS operating model were identi?ed as required following an internal review of the legacy structures, in place since the formation of Police Scotland, and additionally following the judgement of the Court of Appeal regarding Allard Ors Chief Constable of Devon and Cornwall Constabulary. As a result a significant number of changes in CHIS handling and management structures will likely take place with a number of CHIS handling teams or Dedicated Saurce Units being formed into larger 'hubs?, working from single of?ces. Some of the identi?ed bene?ts are likely to be an improvement in delivery of CHIS intelligence across the organisation, consistency in CHIS handling and management, the provision of an equitable service across Police Scotland, and an improved ability to service the intelligence requirements of the Force. It is anticipated that the revised structures will be in place by ianuary 2019. Covert Policing Support Unit A signi?cant investment has been undertaken in the area of support for covert policing. This has included the development of staff, processes and procedures in order to support covert policing operations, the delivery of covert tactics, the administration of covert equipment purchases and wider covert support mechanisms in order to sustain and protect sensitive covert techniques and those of?cers delivering these. The unit was visited during the inspection. Further details are contained within paragraph 22.3. National Intelligence Assessment Unit The (NIAU) has continued to evolve and following a theme of developing a more authoritative view of intelligence across Police Scotland in order to Identify and assess the threats emerging within Scotland and beyond. The unit is staffed by officers and staff ?plucked' from a variety of key roles including management, financial crime investigation and those involved in the management of various intelligence products. The collective bene?t of the unit is the ability to identify threats and cross reference these with the identi?ed policing priorities, adopted by the Force. The unit was visited during the inspection and is reported upon at paragraph 15 ofthis report. Central Authorities Bureau Currently three CABs exist to service the Force by acting as professional applicants for higher level authorisations, RIPISIA gatekeepers, and to offer advice, training and guidance regarding matters relating to RIPISIA and the forthcoming investigatory Powers Act 2016 Act 2016}. The proposed changes are anticipated to take place in January 2019 and would see one single CAB, -, being strengthened but with the closure of the of?ces currently located at . It was reparted that the drivers for these changes include the availability of current operating systems required to deliver the implementation of the IP Act, a business need to increase CAB coverage across the working day and the potential to improve security requirements. Some of the potential bene?ts of the proposed changes have been identi?ed as business continuity, additional flexibility of staff to assist each other and the ability for CAB staff to increase upskilling opportunities for staff across the Force. That said, during the inspection of the CAB located in concern was voiced as to the potential affect closure of this of?ce would have on the quality of applications and authorisations post closure. Whilst the force structure and allocation of resources is beyond the scope of remit, it would be amiss not to highlight the impact this locally based CAB appears to have on the quality assurance process for directed surveillance, and in particular, the work of three dedicated source units running CHIS. This was clearly evidenced by the high standard of the records inspected and it was also evident during the visit through the constant stream of calls and visits to the CAB from applicants, managers and the authorising of?cer, that the experienced staff in this CAB ful?l more than just a process function and operate more akin to a covert advice help desk. It may well be these factors have already been taken into, consideration in the restructure arrangements but the observation is offered just in case it has not been previously highlighted. OFFICIAL - SENSITIVE 8.3 8.4 8.5 3.6 OFFICIAL - SENSITIVE The- IT system continues to be used for the authorisation and Central Record processes for all covert activities. Property interference and intrusive surveillance authorisations are still managed on paper for a ?nal signature and handwritten annotation by the SAO. It was reported during the last inspection that funding had been agreed to allow the IT systems to be upgraded. This included the introduction of a new module for the management of undercover cases. It was reported that in February 2018 a new upgrade for the IT systems, commonly referred to as -, was undertaken. A number of technical issues occurred during this process which has in turn led to a delay in the testing and further installation of additional modules, such as the undercover case management module. it is anticipated that the systems upgrade will take place within the near future and the undercover module, which is recognised as much needed, will be introduced within the next few weeks. It was reported that during the period when technical issues were occurring, Police Scotland was required to introduce its business continuity plan to ensure no issues of record deletion occurred for CHIS authorisations. Whilst no compliance matters were noted clue to the lack of progress in the updating of the IT systems, it was clearly evident during the inspection of areas such as the undercover policy logs that a confusing picture existed regarding the individual logs retained for each undercover operative. This in itself could lead to future compliance matters if not attended to The Force has recently announced that the number of Operational Security Advisors (OpSys) will be increased. At present one OpSy is in post. This of?cer has been exemplary in his development of new covert practices within the Force as well as undertaking a number of operational reviews post event and by providing advice and guidance during operational development phases. it is without doubt that the officer?s dedication to the development of strategic practices, which will bene?t the Force, was and continues to be required but it is hoped that the ?uplil?t?r of resources in what is now recognised as a critical role, will further assist the Force in the review of more tactical aspects of covert policing. Further details of the proposed OpSy structures are reported upon later in this report at paragraph 3.6. Senior Responsible Of?cer- The Senior Responsible Of?cer is DCC Johnny In order to maintain corporate grip of the covert activities in Police Scotland, DCC has developed a number of initiatives. First, the core purpose of the Covert Compliance Group, chaired by ACC Johnson, is scrutiny of compliance in relation to the full range of covert activities across the police force. This group provides the SRO with an effective mechanism to keep in touch with these activities and ensure compliance with Part of the Police Act 1997 and the Codes of Practice. DCC attends some meetings, receives the minutes of all and has regular meetings with ACE Johnson. Second, DCC has presided over a complete revamp of covert ?nances and backstopping. This has resulted in a state-of-the-art scheme which has been validated by the banks and is operationally secure. Third, the role of Operational Security Of?cer (OpSy) is being strengthened and expanded as alluded to previously. With these structures in place the SRO has a good appreciation of corporate risk and is in a position to check and challenge processes. Operational Security- It was reported in the 201? inspection that additional posts, to support the Detective Chief Inspect0r who had been appointed as the OpSy, had been approved. Whilst no substantive progress has been made in this regard, an even more elaborate 'Covert Governance and Compliance' structure has been approved. This will come under the strategic leadErship of the ACC {Crime} and be headed by a Detective Chief inspector {Head of Operational Risk). There will OFFICIAL - SENSITIVE 9.1 9.2 10 10.1 OFFICIAL - SENSITIVE be three OpSv of?cers each with a portfolio of responsibilities, comprising specialist support functionslunits. Each of these functions/units will have an appointed and trained Operational Security Liaison Of?cer (OSLO) who will give advice in situ and be the point of contact for their DpSv. in addition there will be two Detective Sergeants who will undertake inspections and reviews, predominantly of CHIS and surveillance. The above cited model is innovative, intrusive and comprehensive. It just needs implementing, rather than IPCO speaking about what is planned at our next inspection. That said, the sole current practitioner in this aspired to model has achieved much more than just setting out the model and agreeing a Role Description for the post of that has been adopted on a national basis [a real step forward for what has hitherto been a rather nebulous role among law enforcement agencies}. in addition the of?cer has carried out several important audits into covert support infrastructure. One such audit has led to the creation of the Covert Policing Support Unit. Related training We were provided with a comprehensive report on the Force investment into training its of?cers since the last inspection. The of?cers from the CAB of?ce have been instrumental in the development of training. It was reported that a total of-of?cers have been trained since. the last inspection. These of?cers originate from a wide range of policing backgrounds, such as ?rearms teams, intelligence departments and also those charged with the authorisation of covert tactics up to and including DCC Taylor, who performs the role of SAD in the absence of the Chief Constable. Following the last inSpection the Force A0 cadre received refresher training and the urgent oral authorisation process, subject of a previous recommendation, was the topic focused upon. The training delivered for authorisation of the urgent oral process and the standard of documentation required was emphasised in training sessions delivered to those investigating kidnap and extortion cases, those attending initial training as newly promoted sergeants, and induction courses. In addition to the training delivered to assist with the discharging of the previous recommendation, a number of other areas were identi?ed as needing further training and refresher inputs. These areas referred to are the development of the standard of undercover applications; development of force wide guidance on the use of the internet for investigation purposes; Technical Support presentations to the AD cadre and and CPD events at three locations across the Force where a variety of topics were discussed including the use of policy logs, review periods for authorisations and the standards expected when applying for directed surveillance authorisations. Additionallv a number of post operation reviews have been carried out to identifv learning points and to ascertain if there had been a proportionate use of covert tactics. The Force continues to invest heavilv in training within these covert policing areas which is seen as continuing good practice. The main CAB of?ce, led bv? has also continued to develop professional relationships with other Law Enforcement Agencies as part of the working group in respect of the IP Act. This has allowed the Force to be On the ?front foot? in terms ofthe training and education of its of?cers and also in terms-of putting in place the additional infrastructures deemed required. Signi?cant issues arising Brett ches/ rrOrs The details of three breaches reported to the lnvestigatorv Powers Commissioner during the east veer were provided to OFFICIAL - SENSITIVE 10.2 10.3 10.4 10.5 OFFICIAL - SENSITIVE In all of these noti?ed cases, the limits of the authorisation should have been identi?ed through a check of the authorisation prior to deployment. Each breach was avoidable had the of?cers ordering or conducting the surveillante checked that the necessary authorisations were in place. The IPC was satis?ed with the remedial action taken by the Force in each of the three breaches/errors reported. Con?dentiai information The force reported no case in which con?dential information has been obtained and we found none during our inspection sampling. - .applications have been made under Section 49 RIPA to access material during this inspection period. One previous application, made in 201?, has since seen the- successful prosecution within Scotland, for failure to disciose password access. We were invited to comment on a proposed pro forma to be used in relation to requests for passwords, Ple etc where a device is seized. This is against the background of potential applications under section 49 RIPA. We discussed the proposal with?, interim Head of Legal Services. Typically, a request for a password is made at or around the time when a device is seized. Where the person to whom the request is made refuses to disclose the password, an application may be made in terms of section 49 for an order requiring the person to disclose it. Where a person is in breach of such a requirement a prosecution may follow. The concern is that by the stage of the section as requirement the person may claim that heishe is no longer able to remember the password. The proposed pro forma records the making of the request at the time when it is made and contains the following statement: ?As you have refused to provide {key/password/PiN/biometrics] for the device/s being seized, Poiice Scatiand advises that you record these detaiis to compiy with anyr future iegisiative request that may be made.? It is ciear that the pro forma contains non-statutory advice which, it is hoped, might have evidential value in any subsequent trial. While the service of nonvstatutory documents by of?cers of Police Scotland is unusual, it is not entirely unknown. While noting the proposal, we came to the conclusion that it would be inappropriate for the representatives of IPCO to express a view about it. Whether to adopt this practice is a decision to be made by the Chief Constable with internal legal advice. - OFFICIAL - SENSITIVE DO 11 11.1 12 12.1 12.2 Ill. OFFICIAL - SENSITIVE Property interference and intrusive surveillance? We examined a number of authorisations granted by DCC Livingstone {as he then was) and DCC Rose Fitzpatrick. These were granted in the context of a range of criminal investigations including several into significant OCGs. It was noted in last year? 5 report that an OCG based in Scotland was ranked among the most, if not top, high riskfdamaging to the UK. In the past 12 months there have been successful prosecutions arising from this operation and the investigation continues. The standard of the higher level authorisations continues to be very high. Applications were generally well drafted with clearly focused necessity and proportionality cases. We noted that regular reviews were conducted and, where use of the cOvert measure was no longer necessary or appropriate, authorisations were cancelled. in a cross-border case we noted that there was a good audit trail of the actions taken by each of Police Scotland and the neighbouring force. Directed surveillance- inspected a selection of authorisations from a variety of Divisions and headquarters teams, ?nding that covert tactics had been applied to a broad range of investigations including drugs, organised crime, murder, prison corruption, registered sex offenders, ?rearms, child abuse, and infant death. The applications and authorisations had been compiled carefully, with due regard to the key issues of necessity and proportionality. intelligence cases were generally detailed {arguably capable of being less prolix at times} showing the recentness and grading of the material. Reviews were undertaken at an appropriate stage, depending on the activity and need for enhanced oversight, and it was good to see that all had been cancelled timeously. There were no systemic compliance failings. A number of positive observations could be made in individual cases, and similarly, points meriting attention. These are mentioned here to better inform supervisors and future training material: Whilst not -a statutory requirement, there had been some very pertinent entries by? -{the at the application and review stage of Operation? The cancellation statement in provided a neat summation of the various aspects an Authorising Of?cer should comment upon at cessation. involved surveillance on a very high pro?le sex offender who had been unexpectedly released from a trial that morning involving a very serious crime despite the pressure to maintain knowledge of his whereabouts and actions, this was completed as a routine, albeit speedy, authorisation instead of resorting to the urgent oral process, which re?ected the con?dence of of?cers and the processes in place to achieve this The proportionality arguments by the applicants in (at its first review stage) and m_ were lacking speci?city; in the latter case, all that was requested was some surveillance to house a suspect prior to arrest, yet the proportionality argument provided a blow by blow account of a historic case and the DNA evidence trail over ensuing years -this could have been a single background sentence. OFFICIAL - SENSITIVE 12.3 12.4 vi. OFFICIAL - SENSITIVE Collateral intrusion entries varied, and only occasionally was there a case that felt truly bespoke to the case in hand {see the application for_ for a good example, and which contrasted starkly with the subsequent necessity and proportionality arguments by the Authorising Officer). Whilst most cases appeared to justify the request for, and grant of, a range of tactics, or would quickly develop to need them, in some cases this appeared less likely and could have been more drawn. For example, in the cancellation suggested that the likely location of the wanted subject was known and enabled a very short period of surveillance before arrest {and thus the various other tactics were probably uncalled for at the outset); in it was dif?cult to see how surveillance beyond the Scottish border was justified. At reviews, the -form asks the applicant to state the activity to which the review relates. It would be better practice to summarise the activity authorised at each stage (where subjects have been removed or added at other reviews for example} rather than merely regurgitating the original authorisation wording until a revamp at the renewal stage; and the Force is encouraged to make use of Policy Logs or suitable contemporaneous records to make subtle changes instead of the full-blown reviews sometimes submitted. Urgent Oral Applications- Police Scotland has adopted the use of booklets when completing urgent oral authorisations. The booklets should be completed at the time of the authorisation by the Authorising Of?cer and supported by the submission of the applicant?s contemporaneous notes. A subsequent application is placed on -to enable the authorisation to be managed as it progresses. The booklets are designed to capture the Authorising Officer?s thoughts and considerations in a concise and contemporaneous manner in an effort to support what is an urgent process. With regard to those completed for directed surveillance, over half were inspected. The majority contained far too much information. Authorising Officers are generally writing far too much and while this is not a compliance issue, one does start to question whether the urgency process is the right one. There are a number of examples that support this observation. The authorisation for contains a full account of the intelligence case detailing fully the content of nine intelligence logs, making it incredibly long. The same authorisation contains unnecessary and repeated detail in what should be a simple and easy to understand list of activity OFFICIAL - SENSITIVE C3 13 13.1 13.2 13.3 13.4 13.5 13.6 OFFICIAL - SENSITIVE authorised. The authorisation for is another relevant example where the authorisation section has required extra pages. The authorisation for Operation is excellent and could he used as an example of good practice for others. There is also some helpful guidance contained within paragraphs 5.8 to 5.10 of the Current RIPISIA Surveillance and Property Interference Code of Practice. aus? Poiice Scotland uses the IT system for the management of covert human intelligence sources reporting on crime matters. The System is fully networked throughout the Force albeit that authorising officers, controllers and handlers can only view those CHIS in which they have a role. The CAB carries out corporate oversight and can view all CHIS cases. The Counter Terrorism (CT) cases are managed on a discrete _network. There is consideration being given to changing to the Security Service. IT system. The cadre o- authorising of?cers carry out this role in relation to CHIS on a geographical basis with some specialism in relation to Counter Terrorism and in prisons. The following units have responsibility for the handling and recruiting of CHIS: - Detective Chief Inspectors divide the' aforementioned units between them and have responsibility for the performance of those units, ensuring that intelligence product addresses the Force strategic intelligence requirements, local policing requirements and for ongoing liaison with customers and attendance at tasking meetings. performance indicators are produced in this regard. During the course of the inspection a number of SHU were visited, controllers and authorising of?cers were interviewed and. CHIS cases examined {crime and Crime CHIS Overall, the standard of authorisations was good. Records were comprehensive, Risk Assessments were thorough and dynamically maintained, there was good use made of the Policy Log facility to recent! management decisions. There was no evidence that rstatus drift? was being allowed to occur and timeliness of process was maintained. OFFICIAL - SENSITIVE 13.7 13.8 13.9 OFFICIAL - SENSITIVE Whilst there were no systemic failings or flaws the following points for improvement should be noted: Notwithstanding the Force?s substantial response to the previous recommendation in relation to Risk Assessments for CHIS, there were some isolated cases where this had not yet been fully implemented. We were made aware by some authorising of?cers that there was resistance among some handlers to the new Risk Assessment regime, in particular the introduction of the Vulnerability Assessment. Controllers should ensure that such resistance is eradicated to ensure that IPCO does not need to raise this as an issue in future inspections. The input from authorising of?cers demonstrated good consideration of the required key principles and a good awareness of case speci?c risks; however, while some set out their input in a clearly structured way with sections relating to necessity, proportionality, collateral intrusion and then the use and conduct authorised, with others this was not done and it was dif?cult to discern the relevant considerations in a unstructured and input. This is not a compliance issue but the former style is better practice. There was some evidence in CHIS cases? in_ and Division that tradecraftfsecurity f?ollowing meetings with CHIS was not fully considered and recorded on contact records. The inspection team fully accept that the authorising of?cer cadre has undergone major change in the past year with three of?cers having retired and further change is to happen in the next few months with the further loss of experience. Nevertheless, the incumbents must exercise robust governance of the CHIS cases for which they are responsible and the staff managing those cases. Some of the individual cases that are cited below gave some concern that this is not always happening. Whilst each has given cause for some concern, there is not a systemic or repeated failing, which would have resulted in a formal recommendation, but we feel that the Senior Responsible Of?cer should be aware ofthe facts that gave rise to our concern. The record is generally well maintained and applications reviews and authorisations contained all that is required. The later entries in the. record show reluctance on behalf of the CHIS to engage with handlers. .Once identi?ed by Inspectors the matter was raised directly with the authorising of?cer who con?rmed he had not been made aware of recent events and agreed that an immediate review was required. OFFICIAL - SENSITIVE I 13.10 13.11 13.12 13.13 13.14 I OFFICIAL - SENSITIVE authorising of?cer the ?rst review of the authorisation was undertaken by another authorising of?cer. It was established that the authorising of?cer for the CHIS case is the latter officer and that the initial use and conduct authorisation was only granted by the former clue to the latter being on leave at that time. I did not note anything within the associated CHIS documentation to state this, neither did I observe anything to indicate that a handover brief had taken place nor that the clear lines of authorisation required, in what is a high risk case, had been communicated to the handling team. Matters such as a change in authorising officer and a handover brief would be expected to have been documented, mostly likely within the CHIS policy log. ?-The initial authorisation for use and conduct was granted by an It was noted within the risk assessment for the CHIS that the list of. Vulnerability Assessment questions, developed by Police Scotland for the purposes of better assessing risk factors, had not been discussed with the CHIS. It could not be established from reading the associated documentation and in particular the CHIS policy logs, why this was the case and why the authorising of?cer had not been more intrusive into why these risk factors had not been assessed. Within contact note -it was noted that the CHIS had supplied intelligence which related to a potential serious crime being planned by a named individual. Recognising the sensitive nature of the reporting, a decision was made to sanitise the full intelligence report before disseminating this further. Whilst this is a recognised and required procedure, I noted that on this occasion the controller had decided what intelligence to disseminate and what not to disseminate. There was no indication that the authorising of?cer had been made aware of this nor was there anyr indication of when a review of the remainder of the intelligence would take place in order to ascertain when, if at all, the furtherintelligence could be disseminated. Whilst I recognise that the controller is responsible for the day to day management of the CHIS case, the authorising of?cer should ensure that they are sighted and included in any major CHIS management decisions. -- This CHIS was recruited as someone who could provide intelligence on cyber crime and in particular those who were carrying out cyber attacks. Authorisation was granted on. Within a short time of authorisation the CHIS was reporting that there mar be an attempt to hack the OFFICIAL - SENSITIVE OFFICIAL - SENSITIVE 13.15 In the previous inspection of Police Scotland I was asked to review this case as the authorising of?cer (who has now retired] had some concerns regarding it. In summary the CHIS was reporting on the main subjects of an investigation into the The Force was desirous to retain the CHIS coverage, as the sole reporting stream on the subjects, but had concerns regarding the role of the CHIS in the criminality. OFFICIAL - SENSITIVE 13.19 13.20 13.21 OFFICIAL - SENSITIVE 3. Ln 5- ?o 2 e: Targeting Unit), . There is good liaison and co-operation with the Scottish Prison Service and a nominated senior manager from SPS provides concurrence on cases and aiso provides a single point of contact facility for Police Scotland. i examined three CHIS cases of this particular category and have no concerns regarding how the cases are being managed by the Force. Authorising of?cers make clear at authorisation and renewal that should the CHIS be moved to another prison there should be a review conducted to address the risk to the CHIS, intelligence access in the new establishment, exit strategy etc. The onlyr points of note in relation to this particular category of CHIS are as follows: Association of Chief Police Of?cers in Scotland, Guidance on the Management of Covert Human Intelligence Sources (CHIS) Second Edition 2010 OFFICIAL - SENSITIVE 13.22 13.23 13.24 13.25 14 14.1 OFFICIAL - SENSITIVE Counter Terrorism There has been a review during the past year and in recent months the source handling capability has been centralised into a single SHU comprising a Previously there were- units, one in each geographical area of the Force, each comprising The and the bene?ts of having a are already being felt with some cases being subjected to more robust governance and handlers being given clear and consistent instructions regarding the management of cases. I examined several cases and found them to be well documented and being managed in a professional manner. Contact meetings were fully recorded and Risk Assessments were comprehensive and the newly agreed regime in this regard - following the recommendation of 2017 was being carried out. Good use of the Policy Log facility was made by the controller and Authorising Of?cer. The previously reported delay in obtaining concurrence from the Security Service has been overcome. The only adverse comment I have is in relation to one of the earlier authorisations granted by the newly appointed authorising of?cer? Whilst there was good consideration of the key issues of necessity, proporh'onality and collateral intrusion, there was a rather sweeping statement of the use and conduct along the lines that the CHIS was to report on ?matters relating to National Security?. Other authorisations granted more recently have had clearer parameters. Undercover Operations- Undercover operations authorised by Police Scotland continue to be managed by the Special Operations Unit which is part of the Specialist Crime Division The unit has strategic oversight and line management from a Detective Superintendent and Detective Chief Inspector who monitor the provision of resources and development of training and best practice but do not perform a role as de?ned under the legislation or Codes of Practice. OFFICIAL - SENSITIVE 16 14.2 14.3 14.41 14.5 OFFICIAL - SENSITIVE There are now in place- operationally and occupationally quali?ed Covert Operation Managers (COM-UCs) with_ Detective Sergeants having attended and passed the relevant course delivered by the College of Policing. The COM-UC role will be split between the two distinct disciplines performed by the unit: the management of physical deployments and the management of deployments by officers in an 'on-line? capacity. The area of on-line undercover activity is growing and a long term operation currently being undertaken by the Force experience in undercover policing and fully understand the need for clear lines of management to he in place to ensure that of?cers deployed [undercover of?cers and Cover Of?cers}, understand the line management in place at any given time. The establishment within the SOU was discussed at length during a visit to the undercover policing hub, at an offsite location. This discussion involved all staff on duty on the day of the visit and included officers trained as cover of?cers (CHIS handlers], those deployed as undercover of?cers (CHIS) in an online capability, and those trained to deploy physically as foundation or advanced of?cers. it was notable that there are currently? trained to deploy in an 'on-Iine? capacity. As alluded to, an inspection of a number of authorisations, reviews and the associated documentation for operations undertaken throughout the past year was undertaken. Applications to use undercover officers continue to be made by staff in the SOU before being passed to the COMMC, accompanied by the associated risk assessments. The A0 for the Force continues to be ACC Steve Johnson with the Chief Constable assuming the role once the operative reaches the renewal stage. ACC Johnson continues to support the SOU on a daily basis and continues with his intrusive and forward thinking approach as well as demonstrating ?grip? through his well formed authorisations and associated policy log entries. Additionally the Chief Constable shows similar 'grip? and intrusiveness. Both officers are supportive of this covert tactic and understand the value of it when dealing with serious crimes which affect the public of Scotland. Overall the standard of associated documentation was high. A number of observations were made and conveyed to the CUM-UCs which it is hoped will further strengthen the quality of the associated documentation. These observations relate to the inclusion, within the policy logs, of dates/times and details of discussions held with the Procurator Fiscal during the operational phases of undercover operations. By including these details within the relevant policy log a clearer picture emerges of discussions had and any potential legal issues which have emerged during the operational deployments. OFFICIAL - SENSITIVE 1 --..I 14.7 14.8 OFFICIAL - SENSITIVE In the case of discussions were held with the A0, ACC Johnson and the COM-UC, regarding the necessity of the authorisation. The operational detail is not suitable to be discussed within this report, but related to the delivery of an illegally purchased item to speci?ed and identi?ed premises. Detailed discussions were held with the cover of?cers and ?onsline? operatives for OFFICIAL - SENSITIVE 15 15.1 16 16.1 OFFICIAL - SENSITIVE National Intelligence Assessment Unit- The NIAU was created following a thematic inspection of intelligence processes and structures by Her Majesty?s Inspectorate of Constabulary in Scotland. The intention is that this would enable a more joined up and holistic use of intelligence assets and have a Unit that would have ECCESS to the full range of intelligence assets and their product. Staff from the unit have a variety of specialist experience/training including ?nancial investigations, internet investigations, CHIS handling, and analysis. The Unit sits within the Force Con?dential Unit. Intelligence Development Unit? The Intelligence Development Unit (IDU) has grown since the formation of Police Scotland and has bene?ted by having members from differing backgrounds and experience. In giving effective centralised support regarding high level criminality to the Specialist Crime Division, it is able, using small teams, to take on initial assessments and set up lifestyle surveillance. They work closely with the internal Internet Investigation Unit which gathers wide ranging open source social media information which is pulled together to produce effective and time saving brie?ngs. Further expertise is provided by the policy of having embedded of?cers originally from the NCA OFFICIAL - SENSITIVE 1 ND 1? 17.1 17.2 17.3 17.4 13 13.1 OFFICIAL - SENSITIVE but now also from HM RC who are abie to add considerably to the effective consideration of more wide ranging cross border investigations. Over the last year three major operations were successfully pursued involving drug distribution; a second drug group who were also involved with adulterantsr?- There is a helpful relationship with the CAB and Autho'rising Officers, and the proximity of other Units in the building was clearly of bene?t to all. Intelligence Unit? - This team undertakes similar work to the IIU {see paragraph 19.1) but in relation to counter errorism matters and usually at the behest of, and in accordance with, directed surveillance authorisations provided by the Security Service. Ft Sutherland is practised. Like the of?cers in the IIU, training and adherence to was clearly evident from the helpful discussions. Whilst there is internal oversight by the Detective Inspector of the work undertaken on line through open source or directed surveillance, the Unit would welcome external checks through Financial Investigation Unit- In addition to well proven techniques the Financial Investigation Unit (FIU) seeks to keep abreast more sophisticated methods of disguise and dispersion is constantly challenging. Many of the inquiries are necessarily cross-border and international, and require considerable experience, application and co-operation. powers have been successfully deployed with a typical example being a case of the flow of illicit monies The Unit has benefited from advice from the Authorising Of?cers and has a good relationship with the CAB. OFFICIAL - SENSITIVE 2 CD 19 19.1 19.2 19.3 20 20.1 20.2 20.3 OFFICIAL - SENSITIVE Internet Investigation Unit- This team undertakes open source research for other parts of the Force and will also manage any investigations for which a directed surveillance authorisation has been obtained in relation to social media. It comprises Jobs are allocated through the daily tasking meeting. - of its work relates to CSE cases, with referrals coming from CEOP. The of?cers are appropriately trained, and those who have an on line (Covert Internet Investigator) quali?cation tend to handle the directed Surveillance cases as they appreciate where the line is drawn between monitoring and potential engagement with another person. I discussed? and was reassured that the team does not slavishly begin work without considering the merits of the activity and whether it constitutes surveillance. I was also able to see the Access Database system the Detective manages, which records ?live? jobs and colour codes key dates, such as expiry, reviews and so on. This is coupled with a simple but effective record of activity undertaken such as sites visited, when, for how long, and what screenshots have been captured: a" nurns-navi? the ?Us recording systems struck me as a good example to adopt in preference to the somewhat paltry records seen elsewhere (paragraph 21.1). Anti Corruption nit We were provided with involving ACU investigations by the relevant Authorising Of?cer. We inspected the paperwork for each {property interference, intrusive surveillance and directed surveillance used) but due to the sensitivities will not provide further details in this report. Suffice to say, we found the records in good order, although the intelligence cases were far too prolix (?ve sides of intelligence in one) and in one case, a little more could have been said with regards collateral intrusion involving young children which was unavoidable, but nonetheless worthy of mention at reviews over and above the basic activity log entry reference. Any RIPISIA or Police Act authorisations will be managed through the usual channels on Charter using the CAB for quality assurance and the main Authorising Of?cer cadre, unless there are particular sensitivities [although a ghost entry will be made on the Central Record to ensure all activity is captured}. OFFICIAL - SENSITIVE 2 21 21.1 22 22.1 22.2 22.3 23 23.1 23.2 OFFICIAL - SENSITIVE Divisional inspections? In relation to compliance, discussions with the Head of Crime, Detective Superintendent? provided strong reassurance that the appropriate systems are in place. Professional discussions were held with a number of individuals and included applicants and intelligence managers. One ken,i issue related to the use and management of Open Sauna iiasaaran- It is appreciated that the Organisation is considering the purchase and implementation of supportive software which will ensure a more compliant process. Other Areasf nits visited Covert Support Unit- The inSpection visited a number of units across the organisation that support the delivery of Covert Policing including: The Covert Operations Unit The Specialist Support Unit The Technical Support Unit The Joint Operations Centre The Organised Crime and Counter Terrorism Unit- Covert Policing Support Unit Each visit focused on svstems and processes adopted across the organisation in relation to the deplovment and management of surveillance and any associated equipment and no issues of note were found. Technical Support Unit staff raised the issue of training and felt that awareness could be revisited across the unit; CAB staff who delivered training in 2016 have agreed to progress this at the earliest opportunity. Good practice identi?ed The continuing overall good quality of and Police Act documentation seen throughout the inspection. Achieved through the attention paid by the gatekeepers and the education, advice, guidance and training delivered by the CAB. The continued commitment by the force to training provision and the efforts in this regard. OFFICIAL - SENSITIVE 2 23.3 23.4 24 24.1 24.2 24.3 24.4 24.5 24.6 OFFICIAL - SENSITIVE The commitment to his responsibility as Authorising Officer for ?relevant sources" and the integrity of that process demonstrated by ACCJohnson. The development ,of covert processes, including the development of the Covert Policing Support Unit and the processes developed by the OpSy, which have attracted recognition of good practice. Conclusions Final feedback was provided he to the communications data inspection} and ?to the Chief Constable, DCC ACC Johnson and Detective Chief Superintendent Duncan Sloan. it was clear that the Chief Constable values the inspection and he seemed pleased to hear that his ethos of candid engagement, accompanied by a willingness to be the very best in terms of compliance, had been echoed throughout the week by all of his of?cers and staff. The Force continues to impress with its high levels of compliance which is undoubtedly down to the efforts of the senior management team, departmental heads and their officers? eagerness to "get it right?. This is a very positive report with the previous recommendations having been fully discharged and no further recommendations made during the 2013 inspection in relation to covert surveillance, property interference and CHIS. This is impressive, given the size of the Force and the wide range of covert operations undertaken throughout the year. This included the management of a particular covert operation, recognised as posing the highest of risks to law enforcement agencies and for which unique challenges were a daily occurrence. That said, there are a number of significant matters highlighted regarding speci?c CHIS cases which have caused the inspection team some concern and which it is hoped the Force will review and take the appropriate action to address. Additionally, whilst it is recognised that the Force has procured the- application for the gathering of empirical data to assist in the auditing of internet investigations, it is notable that there are currently disparate systems in place across the Force for auditing this activity. Ordinarily the lack of a robust audit system would attract a recommendation, but given the overall compliance procedures in place across the Force and its recognition that the current auditing process is flawed, it is felt that time should be afforded to the Force to put new processes in place. Our feedback sessions were well received and it is hoped that the matters highlighted to assist in further improving compliance, will be embraced and further strengthen what is a robust but supportive compliance regime. As always, the inspection team were genuinely welcomed by everyone we encountered and were assisted throughout the week by the CAB team. OFFICIAL - SENSITIVE 25 25.1 OFFICIAL - SENSITIVE Recommendations No recommendations are required as a remit of this inspection in relation to the management of property interference, surveillance or CHIS. OFFICIAL - SENSITIVE 24