Shedding light on the DWP Part 1 - We read the UK welfare agency’s 995-page guide on conducting surveillance and here are the scariest bits

In May 2019, the UK Department for Work and Pensions (DWP) – the department in charge of welfare – published their two-part staff guide on conducting fraud investigations. Privacy International went through the 995 pages to understand how those investigations happen and how the DWP is surveilling benefits claimants suspected of fraud.

Anyone who has flipped through a tabloid will have seen articles exposing the so-called “benefits-cheats,” people who allegedly trick the benefits systems for their own profit and spend lavish holidays off-the-back of tax-payers. In our work “The ‘Undeserving Poor:’ A framework for researching and challenging aspects of social benefits systems that surveil, control, and punish people” we challenge this narrative, which we believe contributes to legitimising an environment where populations – and those in vulnerable situations in particular – are kept under control and constant surveillance by the state under the pretence of detecting fraud.

But how do those investigations take place and how do they end up in the hands of tabloid journalists? This is what the staff guide partly answers by detailing the procedures involved for each step of the investigation process. In this post we highlight these practices and how they help us to understand how benefits systems are turning into systems of surveillance.

Yes, the DWP has the capacity to surveil you. And your neighbours. And your loved ones.

As detailed in the guide, surveillance by the DWP is regulated by the Regulation of Investigatory Powers Act (RIPA). RIPA gives certain public bodies the right – under limited circumstances – to conduct surveillance activities. While the UK has recently passed new sweeping and dangerous surveillance powers in the form of the Investigatory Powers Act, some powers are still regulated by RIPA.

On page 81 of part two of the guide, surveillance is explained as follows: “Surveillance can take many forms which can involve monitoring, listening or following an individual or a group either with or without a technical device and can be overt or covert.”  

What surveillance powers does the DWP have?

When it comes to surveillance, the DWP is only authorised to conduct “directed surveillance”.

“While RIPA contains a number of powers, the Department for Work and Pensions (DWP) are only authorised to conduct directed surveillance (under Part II RIPA) but are not authorised to conduct any of the other activities set out in RIPA, that is conduct intrusive surveillance; access communications data, or to conduct Covert Human Intelligence.”

In order to carry out directed surveillance, the DWP has designated “surveillance teams.”

So, what is “directed surveillance”?

RIPA defines surveillance as directed if the following are true: “

• it is covert, but not intrusive surveillance;
•  it is conducted for the purposes of a specific investigation or operation; and
•  it is likely to result in the obtaining of private information about a person, whether or not specifically identified for the purposes of the investigation or operation”

The DWP sums it up as: “Thus, the planned covert surveillance of a specific person, where not intrusive, would constitute directed surveillance if such surveillance is likely to result in the obtaining of private information about that, or any other person. Surveillance can be physical or electronic e.g. the monitoring of open source material.”

To put it in layman’s terms, the DWP is entitled to surveil you in order to obtain information without directly interacting with you – and they have a range of information-gathering methods and sources at their disposal. Buckle up…

How “obtaining evidence” actually happens

“Most common methods of obtaining surveillance”

Directed surveillance is not the only way for the DWP to obtain evidence. The DWP has a series of methods for doing so that all raise risks for the protection of the right to privacy and a potential threat to the dignity of benefits claimants.

On page 305 of part one of the guide, they list their “most common methods of obtaining evidence” as follows: “

• gathering documents, claim papers, handwriting, departmental system prints
• interviewing witnesses and obtaining witness statements
•  interviewing under caution
•  conducting authorised surveillance
•  forensic analysis
•  conducting identification procedures
•  intelligence gathering”

Below we provide a more detailed explanation of the methods that we found particularly important for the public to be aware.

Mobile phone examination and computer analysis

Forensic analysis includes mobile phone examination and computer analysis. On the topic of mobile phones, the guide states:

“Mobile phones and tablets are able to store a large amount of information, such as:

• address books, lists of names and numbers
• call logs, dialled, missed, received
• Short Message Service (SMS) text messages
• e-mail messages
• web browser data
• media, images, video, audio
• location data
• deleted messages.

Note: This list is not exhaustive. Retrievable information can either be stored on the SIM card, internal memory card or on the device itself”

Approaching third parties and justifying interferences with the right to one’s private and family life

DWP officers are encouraged to approach third parties. On page 316 of part of one, the guide reads: “The Criminal Procedures and Investigation Act (CPIA) Code Of Practice (COP) makes it clear that to establish the facts about an offence you can question any person, whether suspected or not, who you think might have useful information. If a person, including a third party, has useful information you should ask for it.”

The guide contains some instructions as to how DWP officers should go about approaching third parties. These instructions include being clear that they are from the DWP if they are questioned, remembering that the person they are investigating may be innocent, not revealing the source of the suspicion, remembering that the third party may be involved in the fraud, amongst others.

In its chapter on Third Party Information, the guide also quotes Article 8 of the European Convention on Human Rights, i.e. the right to respect for one’s private and family life. The right is quoted on page 316 and immediately followed by an explanation on the specific circumstances in which the DWP may legitimately interfere with it.

“If DWP are to interfere with this Convention right it must be proven that all other avenues to obtain the evidence have been explored. However, in a case, which consists of various circumstantial evidence, it may only be possible to bolster the evidence to the criminal standard by providing evidence from third parties. Additional justification may be on the grounds that it would prevent or detect a crime.”

Covert Human Intelligence Sources: it’s complicated

A Covert Human Intelligence Source (CHIS) is defined by the DWP as “a human source that gathers and covertly shares information and carry out relationships with the intention of passing on information to us, unbeknown to the other party to the relationship.” [Part one, page 205]

The guide is clear “The Department for Work and Pensions (DWP) is not included in the list of authorities that can obtain authorisations for CHIS under RIPA [Regulation of Investigatory Powers Act] 2000.” Yet, the guide goes on to state “As a result, the DWP and its investigators cannot use a CHIS and cannot deal with a CHIS other than that covered in this guidance.”  [Part one, page 205]

It is the “cannot deal with a CHIS other than that covered in this guidance” that is interesting, because, helpfully, the guide contains no less than eight pages describing when a person becomes a CHIS, the duty of care to be exercised when using CHIS, including how to use information obtained from CHIS and how to manage relationships with CHIS.

There doesn’t seem to be a hard limit on the amount or granularity of information that can be obtained from a CHIS. Even when a CHIS insists on supplying information that the DWP has presumably deemed unnecessary, the guide allows for the DWP to continue to explore ways to make use of it. Indeed, the guide says that when a CHIS has been identified and “discouraged from supplying information but they persist in trying to provide more information, advice should be sought from Central Authorisation Bureau who will direct whether the further information can be used.”  

Physical surveillance

In some cases, the DWP chooses to physically surveil people. They are expected to record in details the purpose of their surveillance mission and their observations.

In part two of the guide [page 77], staff are encouraged to use a mnemonic to remember the type of information they are meant to record:
“The use of the mnemonic ADVOKATE may assist when recording details of static observations in the official notebook.
Amount of time observations carried out
Distance from person observed
Visibility
Obstructions to sight
Known or seen before
Any reason to remember
Time between observations and recording for example, reasons for delays in recording
Errors or discrepancies for example, differences from description given.”

The surveillance team can gather photo and video evidence.

CCTV footage

CCTV footage can be obtained by the DWP without requiring any RIPA authorisation. The guide explains in part two, page 259 that “Where the proposed surveillance is overt, for example, use of Closed Circuit Television (CCTV), and it is considered that no private information will be obtained, a RIPA authorisation is not required. However as Central Surveillance Team Tasking Managers will develop good working relations with CCTV control room operators all approaches for CCTV information should be requested via the central teams.”

Open Source Intelligence

The DWP encourages its employees to rely on open source intelligence (OSINT) to collect information. OSINT is exemplified  by the DWP in part two [page 80] as the use of: “Online open sources such as social media, internet, chat rooms/forums and websites [which] can be an important source of information in combatting benefit fraud.”

The DWP acknowledge the problematic implications with relying on social media to obtain information [part two, page 80]. “While carrying out open source research, officers need to be cautious of it involving the systematic surveillance of an individual and obtaining of private information relating to a person’s private or family life.”

The following advice is given: “If officers consider that there is a need to view material over a protracted period of time to accumulate private information or monitor the individuals activities, i.e. anything thing more than twice, then they should be considering an authorisation under Regulation of Investigatory Powers Act 2000 (RIPA), as repeat viewing may constitute directed surveillance. There is a professional responsibility for individuals to ask themselves why they want to look at the material, and what they will do with the information. Single use open source will generally not amount to directed surveillance but expectation of privacy still needs to be considered.” [part two, page 80].

There is a subsection on “operational considerations” when conducting OSINT, however it is heavily redacted.

What information is the DWP after?

 Objectives of surveillance

On page 260 of part 2, the DWP defines the objectives of surveillance as:

• obtaining detailed information about a subject’s activities
• checking on the reliability of information received
• obtaining information to use later in an interview
• getting a picture of a subject’s movements or work pattern
• obtaining evidence for use in court
• establishing a subject’s whereabouts or domicile

Disability

One of the objectives of the DWP is to assess whether someone who is claiming disability benefits is in fact disabled. They describe their mission as such: “The most important aspect of an investigation into disability benefits is understanding exactly what the customer has declared they can and cannot do, and gathering evidence which either proves or disproves their statement.” And surveillance plays a role in fulfilling that mission: “Surveillance should be used to obtain evidence of a person’s physical capability and in some cases their mental capability too.” [Part one, page 276]

The sub-section on Authorised Surveillance in the section on Awards of Disability Living Allowance, Personal Independence Payment, Attendance Allowance and Carer’s Allowance mentions that: “For Personal Independence Payment (PIP) there is a psychological distress component to consider.” The guide does not describe how that component should be taken into consideration.

That very section contains a list of what surveillance evidence can establish. However, that list has been redacted. Privacy International is currently working on accessing that list and the grounds on which it is has been redacted.

Living arrangement

Single? In a relationship? Living as a married couple? The DWP will want to check on your relationship status and who actually lives with you if it impacts the benefits you receive. Helpfully, the DWP reminds its employees that “Living together as a married couple (LTMAC) is not, in itself, an offence.”

The guide then proceeds to list all the relationships that could be seen as problematic (e.g. an undeclared marriage, “fictitious desertion”, etc.). The immediately following section on gathering intelligence on those living arrangements is heavily redacted. It is both unclear what type of evidence DWP staff are allowed to gather and how they can gather it. The guide does however state on page 604 of part one:  “If the persons live in a property with a number of other people, for example, house of multiple occupation (HMO), or in a block of flats where individual entrances cannot be seen, surveillance activity may not be appropriate.