On 3 May 2002 I wrote to Adrian Corbett of BWB regarding the disclosure of information by Paul Janik (aka Stone) on the newsgroups, consisting of my name, address and home phone number, with the intention (motivated by MI5) of scaring me into ceasing my internet complaints. I had made a formal complaint to the Security Services Tribunal, who passed my details on to MI5, and only 5 days after receiving my details, MI5 published them on the internet through their associate Paul Janik. I asked Corbett whether there was anything in the legal sphere which could be done to correct the matter. This request was not specifically directed at the Information Tribunal or Commissioner.
On 7 May 2002 I attempted to make an appeal to the Information Tribunal on the grounds that my data represented no national security risk, as follows.
Following a Subject Access Request to MI5 under the Data Protection Act 1998, I wish to make an appeal to the Information Tribunal, on the grounds that the data sought does not fall within the scope of the Certificate signed by the Home Secretary on 10 December 2001.
Please would you advise me how the process of making an appeal is conducted, what information I should supply to you, and the likely duration of the process. I am also making a request for assessment to the Information Commissioner under section 42 of the Act.
In response to my appeal, Roger Hartley, Secretary to the Tribunal, sent two letters on 10 May 2002, one to me, the other addressed to Andy Tester (perhaps a pseudonym) of the Intelligence and Security Liaison Unit at the Home Office, as follows.
In his letters Mr Hartley assumes I am appealing under s28(4) as a challenge to the Certificate, whereas in fact I am trying not to challenge the certificate but MI5's use of it in my case. Thus he says in his letter to me "the Tribunal does not have the powers ... to disclose data if processed", whereas under s28(6) it does have those powers. The Respondent (the Home Secretary) is given 42 days to reply.
I wrote back to Mr Hartley on 22 May 2002, making clear I wished to appeal under s28(6) of the DPA.
Thank you for your letter of 10 May. You state;
"The Tribunal does not have the powers to review the decision on your subject access request made by the data controller at the security service.... it can only quash the certificate". Reading sections 8(6) and 28(7) of DPA98, which you send me a copy of, I believe you may be incorrect in the above statement. 28(6) and 28(7) state;
(6) Where in any proceedings under or by virtue of this Act it is claimed by a data controller that a certificate under subsection (2) which identifies the personal data to which it applies by means of a general description applies to any personal data, any other party to the proceedings may appeal to the Tribunal on the ground that the certificate does not apply to the personal data in question and, subject to any determination under subsection (7), the certificate shall be conclusively presumed to so apply.
(7) On any appeal under subsection (6), the Tribunal may determine that the certificate does not so apply.
My understanding of the above is that if MI5's data controller wishes to claim an exclusion in my case on the basis of National Security, then I am allowed to appeal to the Tribunal on the basis that my case does not fall under the aegis of national security.
That is the basis for my appeal to the Information Tribunal. My understanding of the Certificate signed 10 December 2001 by the Home Secretary is that exemption is provided for genuine cases of National Security; and I do not dispute MI5's exemption in genuine cases. However, I do not believe my case presents any genuine national security aspect; indeed any such claim would be risible.
Additionally another person has sent me MI5's response to his subject access request, in which MI5 clearly state "It is also possible to appeal on the ground that the data that is sought does not fall within the scope of the certificate" (copy attached, highlighted). Their (surprisingly candid) statement appears to refer to 28(6) / 28(7). They made no such statement in their (later) response to my SAR, for reasons unknown.
I therefore wish my appeal to the Tribunal to be under section 28(6) / 28(7) of the Data Protection Act 1998. I look forward to your confirmation or denial of my understanding of these sections of the legislation.
I enclosed a copy of a letter from MI5 to Luke which he had forwarded to me, and in which they said "It is also possible to appeal on the ground that the data that is sought does not fall within the scope of the certificate." They did not say that in the letter they sent me.
Mr Hartley replied a week later.
He mistakes Luke's response for MI5's response to my SAR, in which they had indeed confirmed that they held personal data about me.
Adrian Corbett of BWB replied to my earlier letter on 12 June 2002. He said a court would not accept a link between MI5 properly acquiring my data and passing it to Paul Janik for dissemination on the internet because the evidence was circumstantial, and not strong enough to win a case. He also advised against complaining to the Investigatory Powers Tribunal because "No complaints to the IPT or its predecessor have ever been upheld."
The Home Secretary responded as if I had made a 28(4) appeal and in August 2002 Mr Hartley wrote again to all appellants, as follows.
The Home Secretary quotes the Certificate he issued 10 December 2001, and described my assertion that my data does not fall within the scope of "national security" as a challenge to the NCND policy. He annexes the Certificate and Reasons which mention the Investigatory Powers Tribunal, which of course has never found in favour of an appellant.
Mr Hartley makes clear that the next step is for the Tribunal to give Directions, and that is what happened with a hearing almost a year later. He also states that a substantive oral hearing is usually required. He mentions the issues of evidence and witnesses.
My next letter dated 2 Sept 2002 was again to Adrian Corbett of BWB, stating I did not wish to complain to IPT. Instead I wished to complain to the Information Tribunal under s28(6) but they had taken my appeal as one under s28(4). Because in MI5's disclosure to my SAR appendix 1 they say "24/4/97 SS replied to Tribunal" it follows they had identified some data and a 28(6) appeal was possible. I asked Corbett to pass the matter over a lawyer in his firm specialising in civil liberties.
I faxed Roger Hartley on 3 Sept 2002 stating that I was in the process of obtaining a solicitor's advice regarding my appeal, and that I wished my appeal to be under s28(6), due to MI5 confirming that data exists but refusing to disclose it. I also spoke to Mr Hartley on the phone on the same day, and he told me there were currently nine other appellants.
Hartley wrote to me on 5 Sept 2002 in response to my fax.
He mistakes Luke's letter from MI5 (from which I deleted Luke's name and address) for my letter from MI5.
Adrian Corbett of BWB emailed me on 20 Sept 2002 that he was passing my case to Lawrie Simanowitz, a specialist in Data Protection and Civil Liberties matters. He said there appeared to be no immediate deadlines in relation to the Information Tribunal.
Simanowitz emailed me on 3 Oct 2002, to an incorrect email address, as follows.
Dear Mr Szocik,
Adrian Corbett has passed to me the papers you sent him with regard to your subject access request and subsequent appeal to the information tribunal. I have only just had the opportunity to look through the papers and at first glance it looks like an interesting case which I would be happy to take on . I would very much like to be involved in a successful challenge to the highly restrictive security notice issued subsequent to the Baker case.
I estimate that an initial read through and assessment of the papers you have sent will take up to two hours (costing up to £300 + VAT). After that I should be in a position to advise you of the best way forward, which may involve us instructing counsel. However, before that I would suggest as an urgent first stage we should request from the Information Tribunal Secretariat an extension of time to allow us to consider whether we wish to amend the appeal notice, deliver supplementary grounds, or proceed the directions stage.
Please let me know whether you would like me to make such a request and proceed on the basis described above. If you would like me to to do so it would also be helpful if you could let me know:
1. Whether you have received any further notices or information subsequent to the Information Tribunal Secretariat's notice of August 2002
2. If you have any information about the prior appeal against the security service certificate which is referred to in the Information Tribunal Secretariat's letter of 10th May 2002.
3. Whether there were more than six pages of the Respondent's notice to the Information Tribunal. The copy you sent to us appears to stop on page six at paragraph 16. It also appears to be undated.
I look forward to hearing from you,
Simanowitz also appears to think that I intended to appeal against the Certificate, which I did not.
The next letter from the Information Tribunal was dated 18 October 2002.
I answered her letter a few days later.
|Return to Main Page||The author may be reached by feedback|