top stories

Issued by the Department of Trade and Industry

The Association of Chartered Certified Accountants (ACCA) welcomes the opportunity to comment on the above draft regulations.

ACCA is a professional accountancy body whose members act in a wide range of professional capacities, including as accountants, auditors, general managers, company secretaries, financial advisers and insolvency practitioners. Our responses to the questions posed in the consultation paper are set out below:

Q1. Do you agree with the scope of the Regulations?

Yes.

Q2. Do you agree that firms should gain the consent of callers before making interceptions for purposes such as quality control?

We do not believe that interception for the purposes listed could be regarded as 'necessary' action. We agree, therefore, that any interception on these grounds should be the subject of consent.

Q4. Do you agree with the Government's approach to drafting the Regulations?

We agree that the Regulations should seek to encapsulate the conditions in which interception may take place in a way that allows for incremental technological change.

Q5 Do you consider that industry guidelines should be developed?

Yes.

Q 6 Do you consider that the Regulations take sufficient account of the need to protect confidentiality?

We note that article 14(1) of the Telecoms Data Protection Directive authorises interception only where this is 'necessary' in order to, inter alia, detect unauthorised use of a telecommunications system. This suggests that interception should only be permitted if the required objective cannot be achieved by alternative means. As the draft regulations stand interception, at least in the five specified circumstances, is authorised provided that the interceptor has reason to believe that all communicating parties are aware of the possible interception. We would query whether, in principle, interception without consent should be allowed where the interception is not absolutely 'necessary'. In the case of detection of unauthorised use by staff (para 3(1)(a)(iii)), it is already technologically possible to identify non-business use of telephones, e-mail and the internet by means of software which enables employers to log details of communicating parties, the length of calls and web sites visited, and in a way which does not involve monitoring of the actual contents of individual communications. The monitoring of all communications in order to protect against external 'hackers' would not, we suggest, be sufficient reason to intercept all communications on the system without parties' consent.

We are concerned that too broad an exemption from the basic statutory restriction on interception could lead to conflicts with article 8(2) of the Convention on Human Rights, under which interference with the right of individuals to respect in relation to their private correspondence is restricted to where 'it is necessary ... in a democratic society ... for the prevention of disorder and crime ... and for the protection of the freedoms of others'. We understand that, up till now, employers wishing to protect themselves from complaints from staff have had to ensure that i) their surveillance is related to a legitimate concern to protect one of the above interests and ii) their action is proportionate to the perceived threat.

Most employers currently agree to allow a modest degree of personal use of the firm's telecom system. Where a firm adopts such a policy, a decision to intercept would be difficult to justify as being 'necessary' as far as it applied to the firm's employees, although it would be straightforward for firms to secure their employees' consent as a condition of private use. As regards external contacts, it is conceivable that, where callers are put on notice that their oral or written correspondence may be intercepted by the firm, they will not continue with their communication. This would have the unwanted effect of deterring individuals who have perfectly legitimate business with the firm but who wish to speak or correspond free from surveillance.

We consider, therefore, that a general authorisation for employers to intercept on the ground of 'unauthorised use' without consent would be excessive on privacy grounds.

As regards the provision authorising interception without consent for the purpose of establishing the existence of facts etc (para 3(1)(a)(iv)), we accept its potential for assisting in the preparation and audit of accounting information. It should be borne in mind, however, that during the course of business negotiations, parties are liable to make statements that they do not necessarily intend to amount to contractual commitments. Creating a situation where all statements in these circumstances may be recorded in evidential terms could prove counter-productive unless there were provision for parties to object to interception.

Q7 & 8 Cost implications

The cost implications of the draft Regulations will depend on the extent to how businesses react to the new provisions. Each firm will have to assess whether it is worth its financial while to implement the procedures covered by draft reg 3. Since any such decision will rest with the firm concerned, we would agree that the external cost burden would not necessarily be significant.

Back to top