Regulation of intelligence gathering

A range of statutory obligations regulate the acquisition, retention, examination and dissemination of private material by public authorities for intelligence purposes. These include:

•
Investigatory Powers Act 2016 (IPA 2016)
•
Regulation of Investigatory Powers Act 2000 (RIPA 2000)
•
Human Rights Act 1998 (HRA 1998)
•
Intelligence Services Act 1994 (ISA 1994)
•
Security Service Act 1989 (SSA 1989)
•
Computer Misuse Act 1990 (CMA 1990)
•
Wireless Telegraphy Act 2006 (WTA 2006)
•
Investigatory Powers (Interception by Businesses etc. for Monitoring and Record-keeping Purposes) Regulations 2018, SI 2018/356

The purpose of IPA 2016 is to set out 'the extent to which certain investigatory powers may be used to interfere with privacy'.

IPA 2016 does not provide a statutory definition of ‘investigatory powers’, and there is no such definition in previous legislation. For practical purposes, however, the term ‘investigatory powers’ is generally taken to be equivalent to ‘surveillance powers’, with particular emphasis on surveillance that is covert (ie unknown

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest Information Law News

ICO launches consultation on Distributed Ledger Technologies guidance

The Information Commissioner's Office (ICO) has launched a consultation seeking feedback on its draft guidance regarding Distributed Ledger Technologies. The consultation is structured as a survey covering organisational impact, views on the guidance and general comments. The consultation runs until 7 November 2025.

Information Law weekly highlights—28 August 2025

Welcome to this week’s edition of the Information Law weekly highlights: a hand-picked summary of news analysis, updates and new content related to laws governing the use and dissemination of information and personal data. Each week these highlights focus on developments in key topics such as data protection, ePrivacy, cybersecurity, breach of confidence, misuse of private information, and defamation.

ICO launches consultation on data protection complaint handling framework

The Information Commissioner's Office (ICO) has launched a consultation proposing changes to its data protection complaint handling processes. The consultation introduces a new assessment framework for determining which complaints warrant investigation. The changes respond to rising complaint volumes, which reached 42,881 in 2024/25, and align with new Data (Use and Access) Act requirements for organisations to maintain internal data protection complaint procedures. The framework aims to enable the ICO to focus resources on higher-risk cases while maintaining oversight of systemic issues. The consultation closes on 31 October 2025.

Police officers win application to revive GDPR breach claims (Farley v Paymaster)

Law360: A group of police officers can revive their group action over their annual pension statements being posted to the wrong address, as an appeals court found on 22 August 2025 that the error had breached their rights to privacy.

View Information Law by content type :

News