Investigatory Powers Commissioner's Office

(Redirected from Investigatory Powers Commissioner)
for the Northern Ireland role, see Investigatory Powers Commissioner for Northern Ireland

The Investigatory Powers Commissioner's Office (IPCO) is an independent oversight role created by the Investigatory Powers Act 2016, and replaces various other commissioner roles related to surveillance.

The first commissioner, Lord Justice Fulford, was appointed in March 2017[1]. The former Intelligence Services Commissioner, Sir John Goldring, formerly the Intelligence Services Commissioner, will take on a new role as Deputy Investigatory Powers Commissioner.

From September 2017[2], the commissioner takes over the roles of the Intelligence Services Commissioner, Interception of Communications Commissioner, and the Office of Surveillance Commissioners.

The IPC will lead a team of around 70. This will be made up of:
- 15 Judicial Commissioners, made up of current and retired High Court, Court of Appeal, and Supreme Court judges and their equivalents in Scotland and Northern Ireland. They will be responsible for applying judicial oversight of certain investigatory powers through the ‘double- lock’ process, and in overseeing inspections by official inspectors.
- 50 official staff including inspectors, technical and legal advisors, led by a Chief Executive.
- A technology advisory panel (TAP), made up of scientific and technical experts, who will advise the Judicial Commissioners on technically complex issues.
Sir Brian Leveson was appointed as the second Investigatory Powers Commissioner  in October 2019[3].

Office for Communications Data Authorisations

Draft regulations propose[4] that the IPC delegates the function of authorising communications data requests to a dedicated body, the Office for Communications Data Authorisations (OCDA).

IPCO Annual Reports


The first report from IPCO[5], published in January 2019, covers the activities of the organisations under its remit in 2017. Some of the oversight was started by legacy commissioners. The report is fairly comprehensive and in most cases did not raise big issues or concerns. Below are several points of notice or interest:

  • reporting of bulk interception as distinct from targeted interception is non-existent. this is the biggest gap in the report
  • there were errors in directed surveillance by MI5
  • GCHQ subcontracts property interference to private organisations and individuals
  • 108 applications to remove encryption in 2017, all but 2 granted
  • while directed surveillance has gone down considerably, interception warrants grew by over 17%, with two thirds for serious crime and most of the rst for national security
  • over 750,000 items of communications data were acquired in 2017, with a 50/50 split of subscriber and traffic data, and 3/4 relating to telephony
  • there were 15 ongoing bulk communications data "directions" in 2017, and that data was used in almost 10% of GCHQ's intelligence end reports
  • in general GCHQ sems to treat the same data from all their sources (BCD, intercept, BDS..), consistently with all the leaked docs about building convergence of systems and processes
  • in 2017 there were 24 serious errors, 19 of them human errors