Privacy regulator to get more money to monitor emergency law

Lock symbol on keyboardThinkstock
The ICO is responsible for monitoring data collection and storage
By Dave Lee
Technology reporter, BBC News

The Information Commissioner's Office (ICO) is to receive more funding so it can monitor the implications of the controversial new "emergency" data law.

The Data Retention and Investigatory Powers Act (Drip) was rushed through Parliament in three days.

It requires communications companies to store customer data for 12 months.

Information Commissioner Christopher Graham would receive money to cover "extra duties imposed on him by the regulations", the Home Office said.

"We have held discussions with the Information Commissioner's Office, and ministers made clear during the passage of the legislation that extra funding would be provided."

However, a spokesman said the exact figure the ICO would receive had not been set in stone. The BBC understands the figure is likely to be hundreds of thousands of pounds.

In its annual report, published earlier this month, the ICO stated its case for more resources and a sustainable funding source.

'Credibility'

Mr Graham said he had held "tough talks" with the Home Office to gain the extra resources needed.

"We've insisted we must be given the money to do the job," he told BBC Radio 5 live's Wake Up To Money programme.

"If you're monitoring a certain number of companies, then that only has credibility if the regulator has the manpower to do that."

He added that his office had learnt of the law just "a few days" before it had been announced to the public.

The government has said that the data law did not add any new powers, and was vital as part of efforts to fight crime and terrorism.

Getty Images/BBC
Tom Watson and David Davis criticised the government's timetable for passing the legislation

Two backbench MPs - Tom Watson and David Davis - are seeking a judicial review into the law's passing, challenging whether the law is compatible with human rights law.

The law requires communications providers - such as internet and mobile networks - to keep records of customer activity, including the time, length and recipients of phone calls.

In the context of Drip, the ICO is responsible for ensuring data collection and retention does not go beyond the scope of the law.

"We were having pretty tough talks with the Home Office about how much that would cost," Mr Graham said.

"In 2015-16, I would expect to be able to recruit another team of auditors specifically for this purpose."

Follow Dave Lee on Twitter @DaveLeeBBC

More on this story