Liberty v Security Service [2023] UKIPTrib 1 (30 January 2023)


BAILII is celebrating 24 years of free online access to the law! Would you consider making a contribution?

No donation is too small. If every visitor before 31 December gives just £1, it will have a significant impact on BAILII's ability to continue providing free access to the law.
Thank you very much for your support!



BAILII [Home] [Databases] [World Law] [Multidatabase Search] [Help] [Feedback]

United Kingdom Investigatory Powers Tribunal


You are here: BAILII >> Databases >> United Kingdom Investigatory Powers Tribunal >> Liberty v Security Service [2023] UKIPTrib 1 (30 January 2023)
URL: http://www.bailii.org/uk/cases/UKIPTrib/2023/1.html
Cite as: [2023] UKIPTrib 1

[New search] [Printable PDF version] [Help]



Neutral Citation Number: (20231 UKIPTribl

IPT/20/01/CH

IN THE INVESTIGATORY POWERS TRIBUNAL

30th JANUARY 2023


Before:

LORD JUSTICE EDIS MRS JUSTICE LIEVEN MR CHARLES FLINT KC

BETWEEN:

Claimants

Respondents

TOM DE LA MARE KC, BEN JAFFEY KC, DANIEL CASHMAN, DAVID HEATON and GAYATRI SARATHY (instructed by Megan Goulding, Solicitor, Liberty and Bhatt Murphy) for the Claimants

SIR JAMES EADIE KC, JULIAN MILFORD KC, RICHARD O’BRIEN, ANDREW BYASS, NATASHA BARNES and JOHN BETHELL (instructed by Government Legal Department) appeared on behalf of the Respondents.

MR J. GLASSON KC and MISS S. HANNETT KC appeared as Counsel to the Tribunal

Hearing Dates 25-29 July 2022

OPEN JUDGMENT

The Issues

IPT should order data be destroyed?

The Statutes and Guidance

Regulation of Investigatory Powers Act 2000

la) the number of persons to whom any of the material of data is disclosed or otherwise made available,

is limited to the minimum that is necessary for the authorised purposes.

and "copied" shall be construed accordingly."

"Intercepted material, and all copies, extracts, and summaries which can be identified as the product of an interception, must be securely destroyed as soon as it is no longer needed for any of the authorised purposes. If such material is retained, it should be reviewed at appropriate intervals to confirm that the justification for its retention is still valid under section 15(3) of the Act."

"7.8. Intercepted material, and all copies, extracts and summaries which can be identified as the product of an interception, must be marked for deletion and securely destroyed as soon as possible once it is no longer needed for any of the authorised purposes. If such intercepted material is retained, it should be reviewed at appropriate intervals to confirm that the justification for its retention is still valid under section 15(3) of RIPA.

all retention periods should be implemented by a process of automated deletion, which is triggered once the maximum retention period has been reached for the data at issue"

"Any person who exercises the powers in RIPA Part 1 Chapter 1 must report to the Commissioner any action that is believed to be contrary to the provisions of RIPA or any inadequate discharge of section 15 safeguards. He or she must also comply with any request made by the Commissioner to provide any such information as the Commissioner requires for the purpose of enabling him or her to discharge his or her functions."

Investigatory Powers Act 2016

la) whether what is sought to be achieved by the warrant, authorisation or notice could reasonably be achieved by other less intrusive means,

"(9) In this section "relevant error" means an error-

fa) by a public authority in complying with any requirements which are imposed on it by virtue of this Act or any other enactment and which are subject to review by a Judicial Commissioner, and

and the Investigatory Powers Commissioner must keep under review the definition of "relevant error".

"All material intercepted under the authority of an interception warrant and any secondary data must be handled in accordance with safeguards which the Secretary of State has approved in line with the duty imposed on him or her by the Act. These safeguards are made available to the Investigatory Powers Commissioner, and they must meet the requirements of section 53 for Part 2 warrants and section 150 for bulk interception warrants. Breaches of these safeguards must be reported to the Investigatory Powers Commissioner in a fashion agreed with him or her. The intercepting authorities must keep their internal safeguards under periodic review to ensure that they remain up-to-date and effective. During the course of such periodic reviews, the intercepting authorities must consider whether more of their internal arrangements might safely and usefully be put into the public domain."

purposes of the Act as deleting the data in such a way as to make access to the data impossible. If material obtained under a warrant is obtained other than for the purposes of destruction, it should be reviewed at appropriate intervals to confirm that the justification for its retention, is still valid under section 53(3) or, in the case of a bulk warrant, section 150(3) of the Act.

there has been a failure to adhere to the additional safeguards set out at sections 26 to 29 of the Act

there has been a failure to adhere to the restrictions on use or disclosure of material imposed by sections 53 to 55 and sections 150 to 154 of the Act.

retention of material obtained under a warrant when it is no longer necessary for the authorised purposes;

Powers Commissioner. Where the full facts of the error cannot be ascertained within that time, an initial notification must be sent within an estimated timescale for the error being reported in full and an explanation of the steps being undertaken to establish the full facts of the error.

"5.29. In this chapter, reference to an 'application' for a warrant includes the application form and draft warrant (including the draft instrument and any draft schedules). An application for a targeted interception warrant, a copy of which must be retained by the applicant, should contain the following information:

Facts - Breach of statutory obligations by MI5

"MI5 was aware, as the contemporaneous documentation makes clear, of a very high risk that it was in breach of its statutory obligations from May 2016 onwards ... MI5 was aware of the possibility of compliance failures in the TE, including in relation to RRD (Retention, Review, Destruction), from late 2015...

In the period 2016 - 2018 MI5 took substantial steps to mitigate wider compliance risks of which it was aware."

"could, and should, have been aware that it was failing to comply in respect of RRD over Authorised Data in the relevant areas of its IT estate, triggering a requirement to notify the oversight body in 2016, almost 3 years before it did so.

The Respondents also accept that any knowledge derived from MI5 documents may be treated as within the knowledge of MI5 as a whole.

"The first major compliance issue with the TE had first been identified in 2014 [REDACTED]. Subsequent internal reviews identified three major causes:

(it)     A failure to apply review, retention and disposal policy to the repository

of data on the [TE];

(Hi) A failure to understand what data was held on the [TE].

The reviews framed (ii) and (Hi) as risks relating to [REDACTED], but not in terms of MI5's compliance with its statutory obligations."

2010-2013

"(the) need to ensure that relevant information is available for compliance purposes, so that we can - with a high degree of confidence ~ recover information relevant to a disclosure exercise (and thus minimise the risk of compliance failure occurring)."

It noted that

"Current priorities are to reduce the risks of intelligence failure and compliance failure to acceptable levels, by ensuring that users can - with a high degree of confidence - retrieve information relevant to investigations and disclosure exercises where necessary. Simultaneously we need to increase confidence that information is being appropriately handled and adequately protected...".

"7.35. It is inevitable that some mistakes will be made, especially considering the fact the Security Service is dealing with large volumes of communications data requests in complex investigations and that there is a degree of automation in the process. It is important to make the point that their error rate is still very low in comparison with the number of requests which are processed for communications data. I am satisfied with the measures that the Security Service have put in place to rectify these issues and these should prevent further recurrence of such errors. It is clear to me that the Security Service is committed to achieving the best possible level of compliance with the Act and Code of Practice."

2013 Enquiry from the Interception of Communications Commissioner

MIS appears to have [multiple systems] which retain intercepted material for various retention periods and there seems to be illogicality about the retention, storage and destruction of intercepted material....

and recognises that there are some difficulties with regard to compliance with the section 15 safeguards particularly around retention periods and deletion of intercept material.

"MI5 have [compliance problemsj where they are retaining material for too long and deletion is not always effected. MIS's IT systems, especially post-7/7 have focused on [reducing the risk of] intelligence failure, and as MI5 recognise, the legal compliance of their IT systems has not fully kept pace. MI5's major IT reform programme, the Information Management Transformation Programme (IMTP) is seeking to rectify this."

2014 - 2015

"The document identifies a risk of incorrect or partial disclosure in legal proceedings. There are issues with data in MI5 that include a failure to link some data to a searchable record, and that the record, retain and delete policy is inconsistent and is not applied to much of MIS's data, in that a vast amount of data is kept that is not needed. The document identifies that a disclosure search may not look into all areas. As such MI5 could not expect the search mechanism to find such data. The document proposes that MIS explores agreeing a process whereby retained data is held in one place with an agreed format for how the search process examines that single pot".

There was a subsequent minute dated 13 October 2015 which referred to the information which had been identified in 2014 in relation to legal proceedings. The possibility of information risk in legal proceedings had not been eliminated but reasonable steps had been taken. It was proposed to focus on processes going forward, while the remaining legacy risk was assumed to be diminishing.

2016 - 2019

"We are required to report failures to comply with Codes of Practice requirements to IPCO (see para 16 for more detail). Our knowledge regarding compliance risks is not complete, however we know enough to be able to articulate the issues discovered. Failure to report in a timely fashion, would, if discovered by IPCO or by the Investigatory Powers Tribunal, be considered a significant breach of trust and is likely to lead to public censure, damage to reputation and calls to curb our powers. We therefore recommend reporting to IPCO ASAP in the manner recommended in this paper."

"I apologise if you consider that we should have briefed you on these matters earlier. The truth is that we did not sufficiently understand the issues ourselves under the (Executive Board) discussions in late 2018 and our understanding is still developing. However, we considered the issues were of sufficient importance to brief you at this stage."

IPCO inspections, reports and decisions

professional privilege (LPP material) from its systems, but was [REDACTED]"; and

This decision was focused on the TE. It covered not only the RRD aspects of Handling Arrangements, but also safeguards including access to warranted material, and data subject to LPP.

"MI5 has devoted substantial resources both to the programme of work to fix the compliance problems identified and to service this intensive inspection regime. I am confident that MI5's remediation work has secured compliance with the standards required. I have been impressed by MI5's reaction to our criticisms, in particular the speed, focus and dedication with which they acted to rectify the situation."

Summary of findings - MI5 failings

Facts - oversight by the Home Office

"MIS's corporate risk register flags that it is currently carrying a risk that MI5 is not compliant with the relevant legislation with regards to information handling. MI5 has currently classified this as a red risk (meaning that there is [REDACTED]). This is a relatively long standing risk for MI5 and in response it has created a new (department) that will lead on a whole range of measures including staff training, file reviews and new IT processes in order to improve legislative compliance".

"MI5's corporate risk register continues to flag a red ('very high') risk that MI5 is found to be not compliant with its statutory obligations, particularly relating to information handling, leading to substantial legal/reputational damage. This means that there is [REDACTED]. This is a relatively long standing risk for MI5 and in response it has created a new [REDACTED] that will lead on a range of [department] measures including staff training, file reviews and new IT processes in order to improve legislative compliance. We met [REDACTED] colleagues to discuss their work to [staff in the new department] manage this risk. It seems clear that MI5 takes this risk seriously and is seeking to address it comprehensively; it aims to reduce the risk to next category (orange - high) by the third quarter of2017-2018."

"MI5 had not briefed the Investigatory Powers Commissioner about the red risk on compliance in its corporate risk register. However, this red risk had moved to

amber in QI 2018/19 - one quarter earlier than anticipated - and MIS assessed that it was no longer necessary to brief the Investigatory Powers Commissioner on this risk."

"This was a complex and multi faceted problem... MI5 acknowledged the need to understand both risks and costs before (acting). However, the Management Board conversation at 02 centred around whether there may be options for accepting more risk in this area...

DG OSCT asked whether there is anything in this space which keeps DDG/DGS "up at night" ...DDG indicated that there is not- while there are some significant risks, these are all being managed appropriately. MIS are confident there is no requirement to brief the Home Secretary at this stage."

"It is assessed there are legal compliance risks that are RED which could lead to successful IPT challenges, loss of confidence of ministers/JCs and consequently restrictions in warrants or reputational damage."

"systems are not handling data in accordance with our legal obligations - there is a lack of RRD and dear processes to manage the lifecycle of data held in the TE".

"The lack of consistent [REDACTED] means that MI5 is unable to provide robust assurances to its oversight bodies that data held in TE cannot be accessed unlawfully. The risk is that the IC may be unwilling to authorise further warrants until this is rectified or correct to IPC, especially for [REDACTED].

Effective review, retention and deletion (RRD) has not been implemented across all (areas in the TE) potentially including warranted material, and therefore there is a risk that elements of it are non-compliant. There is a risk that lack of effective RRD policy could lead to successful IPT challenges, loss of confidence of ministers/JCs and consequently restrictions in warrants and reputational damage."

"MIS has been aware of the potential [REDACTED] risks relating to the [TE]for a number of years, and has been working to address those risks. However, it was only late last year that the true nature and scale of the risks we were facing -and in particular the compliance risks - crystallised at Board level... [Tjhere should be no sense that we treat compliance with anything less than the greatest priority and it is a matter of profound regret that these issues were not identified and fully addressed sooner".

"One of the areas that the review will clearly need to focus on is why IPCO were not notified sooner. We are currently conducting a review of our own knowledge on this issue and have checked the minutes of our quarterly review meetings with MI5. These risks were not raised proactively by MI5. In June 2018 OSCT asked MI5 about ...where the risk of MI5 not complying with their statutory obligations was rated "red". This led to a general discussion around MI5's programme of work to ensure it complied with the IP Act. The scale of the issue ... and associated risks were not made apparent during this discussion. It was recorded as an action in the minutes of the meeting that MIS would brief the IPC on the risks around IP Act compliance. When OSCT asked what progress had been made in briefing the IPC in the next meeting we were informed that the rating of the risk had been downgraded to 'amber* and that MI5 no longer felt that it was necessary to brief the IPC.

Prior to the commencement of various provisions in the IPA there was a process by which relevant parties formally wrote to the Home Office to confirm their readiness for commencement. Letters were received from M15 on 17 May 2018 in relation to interception and equipment interference, including bulk data and 9 July 2018 in relation to the commencement of the bulk communications data and bulk personal data set provisions. Both letters were clear that MI5 would be

ready to "operate in full compliance with" the relevant provisions of the IPA. Whilst these letters set out a number of assumptions or caveats surrounding that confirmation no mention was made of a risk of non-compliance with the safeguards,"

In a separate Annex C, the Home Office listed the QPR meetings since January 2018 and stated that the issues had not been raised proactively by MI5 in any of the QPR meetings; the issue was raised in low levels of detail in the 'risk register' section. The discussion in the Q4 meting in June 2018 was in very general terms and did not capture the extent of the problem faced in relation to compliance.

"I very much regret that we had not fully appreciated the significance of the issues in the [TEJ. With the understanding we have now developed, off the back of much detailed work, I clearly wish MIS had moved more quickly to bottom out some of the risks in play, and that we had brought our developing understanding to your attention and that of the Investigatory Powers Commissioner at an earlier stage.......it is a bitter pill now to realise that in the

case of the [TE], we have been slow to appreciate properly some of the risks manifesting within that complex environment."

"risks on the risk register were related to potential problems rather than current issues, therefore in the context of compliance risk it was a concern that they may not be compliant, not that they were currently non-compliant."

So he stated the "specific link between the compliance risk and the TE compliance issue was not established". Mr Hirsch repeats the point in his second witness statement that the compliance risk was considered to be about "the prospect of future failure rather than the existence of a failure at that time".

Notwithstanding that the red risk was stated to mean there was a very high likelihood of it happening:

"MI5 and the Home Office viewed this as a current risk and potential issue if left unaddressed but it was not an issue at that time,., this identifies the possibility of failure but it is not presenting it as current (in that moment) issue ... this demonstrates that the risk was not considered to be a materialised issue at this time and therefore our response to it was tempered accordingly."

The compliance risk was "along term challenge that was being tackled by MI5 which the IP A would partially address".

"The note did not elaborate on what specific element of the relevant legislation MI5 considered it might not be found to be compliant with. We had no additional information beyond this as to which specific element of information handling the risk related to. ... MI5's expected trajectory was for the risk to downgrade from red to amber in

"I asked the Deputy Director responsible for compliance to provide greater insight into their IT infrastructure, I wanted to ensure the Home Office had oversight of the impact of the issue. I was particularly concerned with trying to understand which data sets were impacted by ... and therefore sought to understand which data was stored on which environment. We subsequently provided an information note to the Home Secretary and Security Minister on this issue..."

At paragraph 56 he says that he did not fully understand the underlying data architecture, but MI5 had agreed to conduct a more in-depth discussion of the TE programme to help him understand it. However, that discussion did not take place. He did not identify the compliance issue as relating to TE but as an issue with the legacy IT systems generally.

"We met [department colleagues] to discuss their work to manage this risk. It seems clear that MI5 takes this risk seriously and is seeking to address is comprehensively."

In Mr Hirsch's opinion "When the totality of the content of the document (i.e. paragraph 8 of the QPR dated 24 March 2017) is considered, and bearing in mind also the detailed meeting with MI5 in February 2017, it is clear that we had made sufficient inquiries on behalf of the Home Secretary and were confident that MI5 were managing the risk appropriately."

"We are currently conducting a review of our own knowledge on this issue and have checked the minutes of our quarterly review meetings with MI5. These risks were not raised proactively by MI5. In June 2018 OSCT asked MI5 about... where the risk of MI5 not complying with their statutory obligations was rated "red". This led to a general discussion around MI5's programme of work to ensure it complied with the IP Act. The scale of the issue with [TE]... and associated risks were not made apparent during this discussion."

"... the issue was not raised proactively by MI5 at any of the meetings and only low levels of detail were provided in the risk register for Q4, it was queried and then followed up on the next two meetings when MIS said they were still considering whether and how to raise this with the IPC"

"129. The framework characterizes all issues in terms of risk. This approach at least suggests that the risk can either be accepted or mitigated. Thus, an activity that plainly breaches the CSIS Act is characterized as a "high legal risk": one that, when viewed from an operational perspective may be balanced against the benefits of the operation and accepted where the benefits are viewed as being significant. This is exactly what occurred. However, an activity that breaches the CSIS Act is not like any other risk. It is an activity that on its face is illegal and if undertaken would also be contrary to the Service's foundational commitment to collect intelligence within the bounds of the law.

The error in the approach of the Home Office was to accept the references to serious risks in the QPR as not having any consequences for MIS's compliance with its statutory obligations. Statements in the form of risk factors could not be relied upon as excusing any actual compliance breaches.

Facts - the scope of the failings beyond TE and beyond RRD

Facts - the BPD/BCD Claim and the duty of candour

BPD

BCD

Submissions on the Issues of Law

Unlawfulness of warrants

"If a warrant is lawfully to be approved, the Secretary of State must be satisfied that the product will be appropriately safeguarded; otherwise the application for the warrant cannot be granted."

longstanding non-compliance risks, it was irrational of the SoS to fail to make enquiries as to the scale and nature of the non-compliance.

Full and frank disclosure

"31. It is important that the Secretary of State has all relevant matters drawn to his or her attention when considering applications. In accordance with the Codes of Practice, all reasonable efforts will be made to take account of information which militates against the grant of the application, which includes material which weakens the case for the warrant, authorisation or notice. Where such material is identified by the applicant, it will be provided to both the Secretary of State and Judicial Commissioners in the application, where appropriate.

"106(iv). However, that is not the full extent of the applicant's duty. When applications are made without notice - particularly those that involve the potentially serious infringement of the liberty and rights of the subject, inherent in the grant and execution of a warrant to search and seize - there is a duty of candour. There must be a full and accurate disclosure to the court, including disclosure of anything that might militate against the grant (Energy Financing Team Limited v The Director of the Serious Fraud Office [2005] EWHC 1626 (Admin) ("Energy Financing"); see also, to the same effect, Golfrate at [27] per

Lord Thomas). In Golfrate (at [24]), Lord Thomas quoted with approval from [191] of the judgment of Hughes U (as he then was) in In re Stanford International Bank Limited [2010] EWHC Civ 137 ("Stanford") (at [191]), a case concerning a restraint order in support of confiscation proceedings under section 42-47 of POCA, that full paragraph reading as follows:

"... [It] is essential that the duty of candour laid upon any applicant for an order without notice is fully understood and complied with. It is not limited to an obligation not to misrepresent. It consists in a duty to consider what any other interested person would, if present, wish to adduce by way of fact, or to say in answer to the application, and to place that material before the judge. That duty applies to an applicant fora restraint order under POCA in exactly the same way as to any other applicant for an order without notice..."

Those comments apply equally to the duty of an applicant for a search warrant. That obligation was described by the President in Tchenguiz (at [88]) as "a very heavy duty ... to ensure that what is put before the [court] is clear and comprehensive so that the [court] can rely on it and form [its] judgment on the basis of a presentation in which [it] has complete trust and confidence as to its accuracy and completeness". The duty extends to all known information that may be material to the court's decision, i.e. that might affect the court's decision. In a case involving complex financial matters, that presentation requires particular skill and experience (Tchenguiz at [88]). Legal advice should be sought at an appropriate level in every case of financial complexity (Golfrate at [28]).

"If and to the extent that it is not well-known and understood by police officers seeking orders such as those sought in this case, it is time that the message was brought home clearly to applicants...".

"It is also relevant that the statutory procedure under section 8 is subject to a number of protections, expressed or inherent in the statutory language and in the current rules summarised in para 25 above. It only applies when a

magistrate is on reasonable grounds satisfied by a constable that an indictable offence has been committed. A constable, when seeking ex parte to satisfy the magistrate that the requirements of section 8 are met, owes a duty of candour, meaning that the information on which he or she relies must constitute a fair and balanced presentation of the circumstances on the basis of which a warrant is sought: compare for example In re Stanford International Bank Ltd [2010] EWCA Civ 137; [2011] Ch 33, esp at paras 82-83 and 88, per Morritt C and para 191, per Hughes U"

Human Rights Act 1998

Individual breach under Articles 6 and 8

Challenge to the effectiveness of the I PA

The Court proceeded on assumed facts that were, if anything, more favourable to the Claimants than the facts now disclosed. Further, the facts show that the I PC is an effective regulator with the power and ability to address issues that arise. As soon as it was notified of the issues with TE in 2019, the IPC moved swiftly and effectively to address them.

EU Law

Conclusions

The scope of the “similar fact' claim in respect of systemic failings

"any failure by MI5 to have adequate safeguards ...from at latest 2010, whether or not the failure had been identified in the notification to the IPCr, whether or not it relates to TE or TE2".

The basis for requiring further disclosure is put as follows:

"It is clear that all similar fact breaches are required to be disclosed for candour reasons as they amount to systemic failures. Proper compliance with the duty of candour in these proceedings requires disclosure of non-compliance beyond TE and Areas 1 and 2 of TE2, not least because each and every further material failing of safeguards that went unreported to either the Home Secretary or IPCO (or its predecessors) is further proof to the Claimants' allegation that the IPA

and RIPA safeguards were failing systematically, or were "paper restraints" with little practical impact or controlling effect".

"While there is more to be done, the broader changes that MIS has made to strengthen its legal compliance risk management processes, instill a culture of individual accountability for legal compliance risk and ensure that compliance is built in to new products should give Ministers greater confidence that new risks will be identified early and addressed promptly"

That judgment by Mary Calam does not support the Claimants' case that there might be continuing systemic compliance failures after 2019 which were not capable of being addressed by MIS and reviewed by the I PC.

"other "similar fact" failings, in TE and Areas 1 and 2 of TE2 and across MIS's systems, including RRD, access, copying or LPP breaches or other breaches of obligations which materially bear on the adequacy of the systemic IPA and RIPA safeguards (e.g. breaches of MI5's own sharing rules or "action on" principles) that are fully documented and which have either been reported to IPCO (or its predecessors) or considered for such".

This would require a very extensive disclosure exercise, on a speculative basis.

Relief - the section 31 (2A) issue

The High Court -

if it appears to the court to be highly likely that the outcome for the applicant would not have been substantially different if the conduct complained of had not occurred".

"67. Exercise of the Tribunal's jurisdiction.

(Hi) any communications sent by or to him, or intended for him, or

"Miss Knight submits that SIAC is not the High Court. Her submission is obviously correct; but it does not follow that$31(2A) has no application to applications of this kind determined by SIAC. SIAC is obliged by s2D(3) of the SIAC Act 1997 to,

"apply the principles which would be applied in judicial review proceedings."

S31(2A) sets out a principle which the High Court must apply in judicial review proceedings, not just a practice which it may or should follow. When it appears

to the High Court to be highly likely that the outcome for an applicant would not have been substantially different it must refuse to grant relief Parliament is free to establish or alter rules of principle to be applied by the High Court in judicial review proceedings. Now that it has done so, the requirements in s31(2A) is a principle which must be applied by the High Court in judicial review proceedings. SI AC is required by s2D(3) of the SI AC Act 1997 to apply the same principle."

"60. We do not accept that section 31(2Aj applies to this Commission. On its face it applies only to the High Court. If Parliament had wished to apply it, or something like it, to the Commission it could have done do expressly. We note that is precisely what Parliament has done in the case of the Upper Tribunal when it considers an application for judicial review.

"... subsections (2A) and (2B0 of section 31 of the Senior Courts Act 1981 apply to the Upper Tribunal when deciding whether to grant relief under subsection (1) above as they apply to the High Court when deciding whether to grant relief on an application for judicial review."

"(2) Application of section 31(2A) of the Senior Courts Act 1981

The High Court -

if it appears to the court to be highly likely that the outcome for the applicant would not have been substantially different if the conduct complained of had not occurred".

noted that in other cases (e.g., in the case of the Upper Tribunal) express legislative changes had been made to render section 31(2A) of the Senior Courts Act 1981 applicable. The CM A helpfully referred us to dicta in three Court of Appeal decisions, but these, too, relate to different statutory provisions and also point in different directions. The most that we derive from the case law is that it is significant that in some cases Parliament has expressly extended the ambit of section 31 (2A) to non-High Court proceedings, which we take as an indicator (but no more than that) that section 31(2A) does not apply without some explicit legislative indicator. But we do not consider this point to be of great moment: at the end of the day, this Is a question of statutory construction.

If remedies on a successful judicial review were to be determined strictly according to "the ... principles as would be applied by a court on on application for judicial review", section 120(5) would be redundant. The presence of an express discretion regarding remedy ("may") strongly suggests a discretion informed by the jurisprudence of the United Kingdom, but which is the Tribunal's own.

Relief - discretionary


BAILII: Copyright Policy | Disclaimers | Privacy Policy | Feedback | Donate to BAILII
URL: http://www.bailii.org/uk/cases/UKIPTrib/2023/1.html