Request Filter

The "Request Filter" is a proposal by the Home Office for selection and creation of communications data query results from large sets of personal data. In other words, a data analytics product, or even a search engine.[1]

General

Only specified communications data defined in an authorisation will be processed by the request filter. The specified data must be necessary and proportionate for the operational requirement set out in the authorisation and can only operate on limited sets of authorised data using specified processing patterns. The request filter will only retain communications data temporarily whilst the data is being processed. Once processing is complete the data will be deleted.[2]

11.3 The request filter is available to all public authorities to assist in obtaining the communications data that they are permitted to use, subject to individual authorisations. It will support complex communications data investigations where multiple sets of data need to be correlated. The filter will assist public authorities by:

• providing a mechanism for pulling fragmented communications data together and providing a more complete analysis. With the increasing use of a wider range of online communications services and communications networks, the communications data required to answer operational questions is becoming more fragmented;
• reducing analytic burden on public authorities and getting an operational answer in the shortest possible time to facilitate the timely recovery of evidence, eliminate individuals without further more intrusive activity, and identify witnesses while events remain fresh in their memories; and
• managing proportionality and collateral intrusion. A public authority will only be provided with the data that directly answers its question, as opposed to all the data originally required to conduct the analysis.[3]

Analytics examples

11.7 The request filter may be identified as part of the approach to managing collateral intrusion in an authorisation. The request filter will only disclose records that match specified criteria to the SPoC and applicant. In making such a case, the authorisation should consider the likely effectiveness of the specified criteria in achieving the expected reduction in records. For example a large number of people are likely to be in both Brighton Station at 07.30 on a Monday and London Victoria at 09.00 the following Thursday.[4]

Acquisition of data

11.12 The SPoC is responsible for monitoring the request filter progress and managing compliance with the relevant authorisation.

11.13 The request is sent to the filter which in turn identifies the relevant telecommunications operators or postal operators for the request and requires them to disclose the authorised communications data only to the request filter. They will not be aware of the detail of the processing to be undertaken.

11.14 Depending on the nature of the communications data and processing, the request filter may require decisions to be made by the SPoC during the processing.

For example if there is a delay with one of the data sources it may be desirable for operational purposes to make use of intermediate results once a certain amount of data has been received. In this situation, the authorised processing must be allowed to complete so that the full set of results is obtained. Where there is any doubt regarding the compliance with an authorisation of activity to be undertaken by the request filter, the SPoC may be approached for confirmation.[5]

References