Shedding light on the DWP Part 1 - We read the UK welfare agency’s 995-page guide on conducting surveillance and here are the scariest bits

In 2019, the UK Department for Work and Pensions published their two-part staff guide on conducting fraud investigations. Privacy International went through the 995 pages to understand how those investigations happen and how the DWP is surveilling benefits claimants suspected of fraud.

Key findings
  • The DWP is conducting physical surveillance of benefits claimants
  • Private companies (including airlines, PayPal, supermarkets, bingo clubs and others) can be called upon to hand over data on benefits claimants to them
  • The DWP works with tabloids to build a narrative that they clamp down on so-called "benefits cheats"
Long Read

In May 2019, the UK Department for Work and Pensions (DWP) – the department in charge of welfare – published their two-part staff guide on conducting fraud investigations. Privacy International went through the 995 pages to understand how those investigations happen and how the DWP is surveilling benefits claimants suspected of fraud.

Anyone who has flipped through a tabloid will have seen articles exposing the so-called “benefits-cheats,” people who allegedly trick the benefits systems for their own profit and spend lavish holidays off-the-back of tax-payers. In our work “The ‘Undeserving Poor:’ A framework for researching and challenging aspects of social benefits systems that surveil, control, and punish people” we challenge this narrative, which we believe contributes to legitimising an environment where populations – and those in vulnerable situations in particular – are kept under control and constant surveillance by the state under the pretence of detecting fraud.

But how do those investigations take place and how do they end up in the hands of tabloid journalists? This is what the staff guide partly answers by detailing the procedures involved for each step of the investigation process. In this post we highlight these practices and how they help us to understand how benefits systems are turning into systems of surveillance.

Yes, the DWP has the capacity to surveil you. And your neighbours. And your loved ones.

As detailed in the guide, surveillance by the DWP is regulated by the Regulation of Investigatory Powers Act (RIPA). RIPA gives certain public bodies the right – under limited circumstances – to conduct surveillance activities. While the UK has recently passed new sweeping and dangerous surveillance powers in the form of the Investigatory Powers Act, some powers are still regulated by RIPA.

On page 81 of part two of the guide, surveillance is explained as follows: “Surveillance can take many forms which can involve monitoring, listening or following an individual or a group either with or without a technical device and can be overt or covert.”  

What surveillance powers does the DWP have?

When it comes to surveillance, the DWP is only authorised to conduct “directed surveillance”.

“While RIPA contains a number of powers, the Department for Work and Pensions (DWP) are only authorised to conduct directed surveillance (under Part II RIPA) but are not authorised to conduct any of the other activities set out in RIPA, that is conduct intrusive surveillance; access communications data, or to conduct Covert Human Intelligence.”

In order to carry out directed surveillance, the DWP has designated “surveillance teams.”

So, what is “directed surveillance”?

RIPA defines surveillance as directed if the following are true: “

  • it is covert, but not intrusive surveillance;
  •  it is conducted for the purposes of a specific investigation or operation; and
  •  it is likely to result in the obtaining of private information about a person, whether or not specifically identified for the purposes of the investigation or operation”

The DWP sums it up as: “Thus, the planned covert surveillance of a specific person, where not intrusive, would constitute directed surveillance if such surveillance is likely to result in the obtaining of private information about that, or any other person. Surveillance can be physical or electronic e.g. the monitoring of open source material.”

To put it in layman’s terms, the DWP is entitled to surveil you in order to obtain information without directly interacting with you – and they have a range of information-gathering methods and sources at their disposal. Buckle up…

How “obtaining evidence” actually happens

“Most common methods of obtaining surveillance”

Directed surveillance is not the only way for the DWP to obtain evidence. The DWP has a series of methods for doing so that all raise risks for the protection of the right to privacy and a potential threat to the dignity of benefits claimants.

On page 305 of part one of the guide, they list their “most common methods of obtaining evidence” as follows: “

  • gathering documents, claim papers, handwriting, departmental system prints
  • interviewing witnesses and obtaining witness statements
  •  interviewing under caution
  •  conducting authorised surveillance
  •  forensic analysis
  •  conducting identification procedures
  •  intelligence gathering”

Below we provide a more detailed explanation of the methods that we found particularly important for the public to be aware.

Mobile phone examination and computer analysis

Forensic analysis includes mobile phone examination and computer analysis. On the topic of mobile phones, the guide states:

“Mobile phones and tablets are able to store a large amount of information, such as:

  • address books, lists of names and numbers
  • call logs, dialled, missed, received
  • Short Message Service (SMS) text messages
  • e-mail messages
  • web browser data
  • media, images, video, audio
  • location data
  • deleted messages.

Note: This list is not exhaustive. Retrievable information can either be stored on the SIM card, internal memory card or on the device itself”

Approaching third parties and justifying interferences with the right to one’s private and family life

DWP officers are encouraged to approach third parties. On page 316 of part of one, the guide reads: “The Criminal Procedures and Investigation Act (CPIA) Code Of Practice (COP) makes it clear that to establish the facts about an offence you can question any person, whether suspected or not, who you think might have useful information. If a person, including a third party, has useful information you should ask for it.”

The guide contains some instructions as to how DWP officers should go about approaching third parties. These instructions include being clear that they are from the DWP if they are questioned, remembering that the person they are investigating may be innocent, not revealing the source of the suspicion, remembering that the third party may be involved in the fraud, amongst others.

In its chapter on Third Party Information, the guide also quotes Article 8 of the European Convention on Human Rights, i.e. the right to respect for one’s private and family life. The right is quoted on page 316 and immediately followed by an explanation on the specific circumstances in which the DWP may legitimately interfere with it.

“If DWP are to interfere with this Convention right it must be proven that all other avenues to obtain the evidence have been explored. However, in a case, which consists of various circumstantial evidence, it may only be possible to bolster the evidence to the criminal standard by providing evidence from third parties. Additional justification may be on the grounds that it would prevent or detect a crime.”

Covert Human Intelligence Sources: it’s complicated

A Covert Human Intelligence Source (CHIS) is defined by the DWP as “a human source that gathers and covertly shares information and carry out relationships with the intention of passing on information to us, unbeknown to the other party to the relationship.” [Part one, page 205]

The guide is clear “The Department for Work and Pensions (DWP) is not included in the list of authorities that can obtain authorisations for CHIS under RIPA [Regulation of Investigatory Powers Act] 2000.” Yet, the guide goes on to state “As a result, the DWP and its investigators cannot use a CHIS and cannot deal with a CHIS other than that covered in this guidance.”  [Part one, page 205]

It is the “cannot deal with a CHIS other than that covered in this guidance” that is interesting, because, helpfully, the guide contains no less than eight pages describing when a person becomes a CHIS, the duty of care to be exercised when using CHIS, including how to use information obtained from CHIS and how to manage relationships with CHIS.

There doesn’t seem to be a hard limit on the amount or granularity of information that can be obtained from a CHIS. Even when a CHIS insists on supplying information that the DWP has presumably deemed unnecessary, the guide allows for the DWP to continue to explore ways to make use of it. Indeed, the guide says that when a CHIS has been identified and “discouraged from supplying information but they persist in trying to provide more information, advice should be sought from Central Authorisation Bureau who will direct whether the further information can be used.”  

Physical surveillance

In some cases, the DWP chooses to physically surveil people. They are expected to record in details the purpose of their surveillance mission and their observations.

In part two of the guide [page 77], staff are encouraged to use a mnemonic to remember the type of information they are meant to record:
“The use of the mnemonic ADVOKATE may assist when recording details of static observations in the official notebook.
Amount of time observations carried out
Distance from person observed
Obstructions to sight
Known or seen before
Any reason to remember
Time between observations and recording for example, reasons for delays in recording
Errors or discrepancies for example, differences from description given.”

The surveillance team can gather photo and video evidence.

CCTV footage


CCTV footage can be obtained by the DWP without requiring any RIPA authorisation. The guide explains in part two, page 259 that “Where the proposed surveillance is overt, for example, use of Closed Circuit Television (CCTV), and it is considered that no private information will be obtained, a RIPA authorisation is not required. However as Central Surveillance Team Tasking Managers will develop good working relations with CCTV control room operators all approaches for CCTV information should be requested via the central teams.”

Open Source Intelligence

The DWP encourages its employees to rely on open source intelligence (OSINT) to collect information. OSINT is exemplified  by the DWP in part two [page 80] as the use of: “Online open sources such as social media, internet, chat rooms/forums and websites [which] can be an important source of information in combatting benefit fraud.”

The DWP acknowledge the problematic implications with relying on social media to obtain information [part two, page 80]. “While carrying out open source research, officers need to be cautious of it involving the systematic surveillance of an individual and obtaining of private information relating to a person’s private or family life.”

The following advice is given: “If officers consider that there is a need to view material over a protracted period of time to accumulate private information or monitor the individuals activities, i.e. anything thing more than twice, then they should be considering an authorisation under Regulation of Investigatory Powers Act 2000 (RIPA), as repeat viewing may constitute directed surveillance. There is a professional responsibility for individuals to ask themselves why they want to look at the material, and what they will do with the information. Single use open source will generally not amount to directed surveillance but expectation of privacy still needs to be considered.” [part two, page 80].

There is a subsection on “operational considerations” when conducting OSINT, however it is heavily redacted.

What information is the DWP after?

 Objectives of surveillance

On page 260 of part 2, the DWP defines the objectives of surveillance as:

  • obtaining detailed information about a subject’s activities
  • checking on the reliability of information received
  • obtaining information to use later in an interview
  • getting a picture of a subject’s movements or work pattern
  • obtaining evidence for use in court
  • establishing a subject’s whereabouts or domicile


One of the objectives of the DWP is to assess whether someone who is claiming disability benefits is in fact disabled. They describe their mission as such: “The most important aspect of an investigation into disability benefits is understanding exactly what the customer has declared they can and cannot do, and gathering evidence which either proves or disproves their statement.” And surveillance plays a role in fulfilling that mission: “Surveillance should be used to obtain evidence of a person’s physical capability and in some cases their mental capability too.” [Part one, page 276]

The sub-section on Authorised Surveillance in the section on Awards of Disability Living Allowance, Personal Independence Payment, Attendance Allowance and Carer’s Allowance mentions that: “For Personal Independence Payment (PIP) there is a psychological distress component to consider.” The guide does not describe how that component should be taken into consideration.

That very section contains a list of what surveillance evidence can establish. However, that list has been redacted. Privacy International is currently working on accessing that list and the grounds on which it is has been redacted.

Living arrangement

Single? In a relationship? Living as a married couple? The DWP will want to check on your relationship status and who actually lives with you if it impacts the benefits you receive. Helpfully, the DWP reminds its employees that “Living together as a married couple (LTMAC) is not, in itself, an offence.”

The guide then proceeds to list all the relationships that could be seen as problematic (e.g. an undeclared marriage, “fictitious desertion”, etc.). The immediately following section on gathering intelligence on those living arrangements is heavily redacted. It is both unclear what type of evidence DWP staff are allowed to gather and how they can gather it. The guide does however state on page 604 of part one:  “If the persons live in a property with a number of other people, for example, house of multiple occupation (HMO), or in a block of flats where individual entrances cannot be seen, surveillance activity may not be appropriate.


Surveillance alone may suggest residence but it does not prove that a Living Together As a Married Couple (LTAMC) situation exists. However, together with other information, surveillance may suggest a LTAMC situation.”

Employers can be suspects too

The DWP contains a section on investigating employers who may be encouraging or assisting a potential fraudster. The sections on approaching employer investigations and general investigative procedures are heavily redacted. Page 286 of part one reads that surveillance can be conducted and it is noted that “the investigators must carry out a sufficient amount of surveillance, over a suitable period to enable them to establish a pattern of work for the claimant.”

Collaborating with private companies  

From airlines to bingo clubs and telcos – a wide range of companies to rely on

In their effort to obtain information about individuals, the DWP work with private companies - some of which may be your service providers. These companies are obliged to hand over information to the DWP under the Social Security Fraud Act 2001 if, in the DWP’s view, there are reasonable grounds to believe that you are or could be involved in a benefits-related offence. Those companies include:

  • banks (including credit unions),
  • credit providers,
  • insurers,
  • credit reference agencies,
  • money transfer companies,
  • water and sewerage undertaker or authority,
  • gas and electricity providers,
  • telecommunications services,
  • educational establishment or institutions,
  • The Student Loans Company.

However, there are other companies the DWP relies on to obtain information. In fact, the guide [part one, page 477] contains a table called “Who does what?” listing companies and public bodies they can request information from, the legal basis that they can rely on to do so, and the type of data they will hand over. This table include – among many others:

  • Airlines, which can hand over names of passengers and dates of travel (EasyJet is listed separately, as it falls under the “abroad fraud desk”. They can hand over passenger and booking information)
  • Bingo clubs, which can hand over membership details
  • The BBC, which can hand over TV licence holder name, method of payment and date of expiry
  • Sky, which can hand over Sky Broadband and Sky Talk subscriber details
  • Estate agents, who can hand over owner details, purchaser details, price, dates, method of payment and lettings
  • Golf clubs, gyms, leisure facilities and sports club, which can hand over membership details and activities undertaken
  • Harbour masters, who can hand over details about boat-ownership, boat-movements, dates and berthing fees
  • Legal Aid Board, which can hand over details of Legal Aid claims.
  • National Health Service Counter Fraud, which can hand over GP registration and checks of medical cards
  • National Health Service Trusts, which can hand over next of kin details and declared addresses
  • National Health Service Trusts & Hospitals, which can hand over details of admission and discharge and registration documents
  • Universities and Colleges Admissions Services, which can hand over university details and college placements


PayPal is singled out by the DWP as a company that is willing “to provide information in response to a standard Data Protection Act letter.” Even though PayPal is based in the US, the DWP states that PayPall will nonetheless hand over the information to the DWP as long as the DWP mentions the information is requested for law enforcement purposes.

Credit reference agencies

The DWP relies on credit reference agencies for its investigations. Although the guide warns employees that most of the information held by credit reference agencies will be pertaining to potential debts – while benefits fraud should be focusing on assets –, they nevertheless offer services for the DWP to exploit.

A lot of the services and options offered by companies like CIFAS, the Council of Mortgage Lendersclosed user group, LOCATE, Gone Away Information Network closed user group and FraudScan checks are heavily redacted in the guide, and make it impossible to assess what type of information the DWP can obtain from them.

However, a little more is known about Experian and Equifax, which the DWP describes as the two main credit reference agencies in the UK. While the extent of the information available to the DWP is also redacted, it is clear from the information available that Equifax provides them with a search engine that allows them to search individuals and find individuals living at a certain address, even without having a full address. They also offer the DWP access to the “Insight closed user group” and their service ID Plus but all details under those services have been redacted.

Similarly, Experian also offers a search function that allows the DWP to obtain data on individuals as highlighted on page 460 of part one.

Working with the media

Ever wondered how stories about so-called “benefits cheats” end up in the media? The guide gives you (part of) the answer on page 560 of part one:

“DWP aims to achieve as much media coverage as possible for prosecutions brought by the department in order to ensure that the coverage brings maximum deterrent effect. Such media coverage helps to spread the message that benefit fraudsters will be caught and prosecuted before the criminal courts.”

The guide then offers a link to a separate guide called “Publicising Investigation Outcomes,” which does not appear to be available to the public.

Unanswered questions

Despite the incredible amount of details that can be found in this two-part guide on investigating benefits fraud, some questions remained however unanswered. As we have highlighted throughout this piece some of the most sensitive information about the nature of the data that could be collected and how it could be used have been removed. We are currently working on trying to obtain such information or at least challenging the grounds for refusing to disclose it.

More importantly, what remains a key question is how specific cases are singled out and investigated. In other words, what triggers an investigation? We know that the DWP relies on a hotline, the National Benefit Fraud Hotline, that encourages people to inform on individuals, whom they suspect might be committing fraud. But what else does the DWP rely on? In the age of artificial intelligence and automated decision-making used for distributing welfare – a trend noted by the UN special rapporteur on Extreme Poverty during his visit to the UK – should we assume there is an element of automation in detecting cases of alleged fraud?  Those are questions Privacy International hopes to find answers to.

Challenging the narrative

The fraud investigation guide reveals some insights into how the department in charge of allocating benefits and pensions has been turned into a surveillance machine, where people are employed to spy on others, where deals are struck with companies and the media to track down individuals and expose their lives in the papers. This comes at a huge cost. In order to justify it to the taxpayers, governments have to promote a narrative that “benefits cheats” are a real threat to our society. This narrative has long been challenged by academics and researchers, as we highlighted in our previous work. We think the real threat to society is this very system where governments can track benefits claimants – people who are often in very vulnerable situations – in the streets, at the gym, at their bingo club or as they travel. We think it is time to challenge the dominant narrative about what the real threats to our society: arbitrary, invasive and opaque surveillance and data exploitation.