Rights of passage

Even though we live in New Labour's 'enlightened times', there are still many security companies out there with little or no existent procedures in place to monitor those tasked with managing the process of internal investigations. Very often, there are no procedures aimed at CCTV control room personnel when it comes to camera use that may infringe on the privacy of the public, or on employee rights. A far-from-ideal scenario.

That said, let's not be alarmist about this. Nor should we seek to influence a knee-jerk reaction to the problem.

Security managers would do well to bear in mind, though, that it's surely only a matter of time before the corporate bodies that employ them – and the various security sectors – are fully scrutinised under the terms of the new Human Rights Act. An Act designed to prevent abuses of power, at the same time promoting justice, fairness, respect and equality.

Charting the latest legislation
The overriding message is that plans should be made now. Plans aimed at training current and future managers, investigators and employees within the security sector to ensure they are fully aware of the terms of the new legislation. All managers must be ready to deal in a professional manner with those decisions that will surely be made by UK courts. Why, though, should they be concerned with the Act? During the course of 2000 notable amendments were made to several pieces of existing legislation (for instance the Data Protection Act, revised last March). Meantime, several new pieces of legislation appeared.

Aside from the Human Rights Act itself (brought into force on 2 October 2000), there's also the Regulations on Investigatory Powers Act (RIPA) 2000 (enforced on 24 September) and the DTI's Lawful Business Practice Regulations (made law on 24 October as a deliberate extension to the Investigatory Powers Act for business monitoring of telephone calls and employee-related e-mails).

The $64 000 question is: can managers in the security industry honestly say that they have prepared for the after-effects of such legislation? Discussions that I have conducted with numerous Human Resources and Loss Prevention Departments (both concerned with the security function, of course) suggest not.

While they may be aware of two pieces of current legislation – the Human Rights Act and Data Protection Act – it appears that they're not conversant with the detail contained within the Acts, and with the penalties they may incur should those responsible for investigating offenders be caught out – through sheer ignorance – for breaching either Act.

The general attitude among the security industry at large appears to be that UK courts will apply some form of decision-making based on existing legislation and 'case precedent' – thus little or nothing will change. There may well be an argument for this line of thinking, but it's old fashioned and rather short-sighted.

Should such an approach remain the norm within our industry we will surely suffer the consequences of ignorance. In due course, the courts will either have to get into line with those in Strasbourg when it comes to interpreting Human Rights issues, or abide by case precedent.

It's also apparent that certain factions within the security industry have lost sight of the fact that a given individual may still appeal to the Court of Human Rights in Strasbourg should he or she not agree to any decision duly conferred by a UK court.

The Police and Criminal Evidence Act
Police, HM Customs and Excise, Post Office and Department of Trade and Industry investigations are aware of the implications relating to the Human Rights, RIPA and Data Protection Acts, and have been amending their procedures and codes of practice accordingly.

Clearly, these public bodies are not waiting for case precedent to be set, but they are of the firm opinion that they'll be ready for any complaints that may be brought against them. Ultimately, they're taking the bull by the horns and being proactive, not reactionary.

In addition, by implementing the terms and conditions of the Police and Criminal Evidence Act, they are giving those interviewed on suspected offences their 'human right' to a fair hearing and trial. That said, these organisations still believe that further reviews of their procedures may be warranted if they're to get everything totally right.

Without doubt, the Human Rights Act is now the most radical and potentially explosive piece of legislation to be enforced since the Police and Criminal Evidence Act. If the same views are adopted today as those espoused in 1984 (when only selected individuals took notice after the case involving R v Thwaites and Brown under Section 67(9) and Section 78), then the security industry will surely suffer. Corporate concerns and their security managers should not wait until cases are brought to the courts – and precedents duly set – before they react.

The Human Rights Act is without doubt the most radical and potentially explosive piece of legislation to be enforced since the Police and Criminal Evidence Act came into being in 1984

Preparing a plan of action
Only recently, the senior security manager at one of the major retail groups rang me for a copy of my notes on control room procedures relating to both the Human Rights Act and the Data Protection Act.

Having been made aware of the relevant legislation, this particular manager has still failed to react for the benefit and protection of his own organisation. Why, I ask myself, has he not prepared a plan to implement procedures within the company's own security policy. One wonders how many managers out there are in a similar position? My argument for the above assertions relates directly to the third reading/discussion paper prior to the implementation of the Human Rights Act 1998 (paragraphs 10 and 69). This clearly states that the Government fully intends to legislate the private security industry as soon as it's practicable to do so. In the Government's own words: "It intends to develop practical proposals to protect the rights and safety of the general public." Confirmation of the Government's desires have now surfaced, of course, with the unveiling of the Private Security Industry Bill in last December's Queen's Speech ('Fitting the Bill', SMT, January 2000, pp13-14).

The Home Office is now drafting a consultation document containing details of how the new legislation may be enforced. All well and good, but it's still questionable how many practitioners in the security sector are aware of the discussion paper and paragraphs 10 and 69 of the Human Rights Act.

A 'secondary' police force
Would it be correct to foresee – in the statement contained within paragraph 69 – an element of the Human Rights Act that may affect the private security industry once this legislation is enforced? Could it not also be argued, then, that we would all be in the realms of a 'secondary police force'? Would there not be a requirement to comply with all of the relevant legislation mentioned here? Barristers and solicitors will no doubt scrutinise every procedure implemented by the corporate and security industry manager/investigator so as to provide their client(s) with a defence that an unlawful arrest has taken place or, in the case of interviews and confessions, that these had taken place 'under duress'. Perhaps the 'legal beagles' might also try to suggest that their client had not been given the courtesy of a fair hearing.

Security managers should also take note of implications of recourse when it comes to the use of CCTV surveillance (for both overt and covert operations) that may breach the terms and conditions of the Data Protection Act (given that a breach of this Act could fall within an individual's right to privacy, which may now be an offence under Article 8).

Already, there has been a dispute relating to the DTI's Lawful Business Practice Regulations (based on the RIPA) as to whether this is a breach of an individual's right of privacy under the terms of the Human Rights Act. The Trades Union Congress is looking into this very issue at the moment.

As reported in the Daily Mail last November, the industrial tribunal case for unfair dismissal brought by Rupert Beverley and David Pennington against their employer – the Holset Engineering Company – centred on whether or not the company had breached workers' rights when investigating the alleged misuse of the company e-mail facilities.

The tribunal concluded that Holset was entitled to protect company assets from abuse. Not only that, it also asserted that Holset had acted within the legal boundaries set by the RIPA, and the DTI's own Lawful Business Practice Regulations, having demonstrated clear and concise policies and procedures.

At the end of the day, we now have a precedent in case law for industrial tribunal cases just a short couple of months after the enactment of the RIPA and the Lawful Business Practice Regulations.

It's more than likely that those areas impacting on investigators employed by corporate bodies and those within the private security industry (including managers) will include: interviewing, arrest, the surveillance of employees, employee screening and private surveillance operations.

Ensuring successful outcomes
Cases are already being brought against public bodies under the aegis of the Human Rights Act and, with this in mind, the security industry must heed the warning signs – and prepare accordingly. As was the case with the Police and Criminal Evidence Act back in 1984, case precedent will be set through trial and the terms laid down in the Human Rights Act will inevitably spill over into the private sector.

The sooner this message seeps through to the security industry the better. It's only through the preparation and implementation of appropriate procedures that security managers and those responsible for investigating offenders will be more confident of their actions and decision-making skills.

Site and installation managers should therefore put together a simplified package of briefing and training notes, affording the appropriate personnel the knowledge of relevant legislation and their obligations for compliance. Be proactive, not reactive.