Policy and Operational Procedures for the Lawful and Effective Use of Covert Techniques within the Sovereign Base Areas Cyprus (PDF)

Summary

This document details the policy and procedures for lawful and effective covert techniques within the Sovereign Base Areas Cyprus. It includes a table of document details and a table of contents.

Full Transcript

**Policy and Operational Procedures for the Lawful and**

**Effective Use of Covert Techniques within the Sovereign**

**Base Areas Cyprus.**

**TABLE OF DOCUMENT DETAILS**

+-----------------------------------+-----------------------------------+
| Title | Policy and Operational Procedures |
| | for the Lawful and |
| | |
| | Effective Use of Covert |
| | Techniques within the Sovereign |
| | |
| | Base Areas Cyprus. |
+===================================+===================================+
| Reference No | S.O INT 2 |
+-----------------------------------+-----------------------------------+
| Relevant Department | Crime & Intel Steering Group |
+-----------------------------------+-----------------------------------+
| Ownership | Chief Supt. D. Purvis |
+-----------------------------------+-----------------------------------+
| Document Author | DI 187 V. Varnava |
+-----------------------------------+-----------------------------------+
| Approved by | Deputy Chief Constable |
+-----------------------------------+-----------------------------------+
| Approval Date | Jun 20 |
+-----------------------------------+-----------------------------------+
| Implementation Date | Jun 20 |
+-----------------------------------+-----------------------------------+
| To be Reviewed Date | Jun 23 |
+-----------------------------------+-----------------------------------+
| Last Revised Date | 21/10/2019 |
+-----------------------------------+-----------------------------------+
| Quality Assured by | Policy Department HQ |
+-----------------------------------+-----------------------------------+
| Protective Marking | Not Protectively marked |
+-----------------------------------+-----------------------------------+
| Linked to other | NO |
| | |
| Standing Order | |
+-----------------------------------+-----------------------------------+
| Relevant Legislation | |
+-----------------------------------+-----------------------------------+
| Pages (including this page) | Twenty-eight (28) |
+-----------------------------------+-----------------------------------+

**TABLE OF CONTENTS**

**I[ntroduction](#s1)** [**Page 4**](#s1) [**Section 1**](#s1)
--------------------------------------------------------------------------------------------------------------------- -------------------------------------------- ------------------------
[**Guidance and Minimum Standards**](#s2) [**Page 5**](#s2) [**Section 2**](#s2)
[**Access to and use of Guidance**](#s3) **[Page 5-6](#s3)[on page 5]** [**Section 3**](#s3)
[**Oversight and inspection**](#s4) [**Page 6**](#s4) [**Section 4**](#s4)
[**Information Management**](#s5) [**Page 7**](#s5) [**Section 5**](#s5)
[**Primary Information Source Register (PISR)**](#s6) [**Page 7**](#s6) [**Section 6**](#s6)
[**Intelligence Source Register (ISR)**](#s7) [**Page 7**](#s7) [**Section 7**](#s7)
[**Status Drift**](#s8) [**Page 8**](#s8) [**Section 8**](#s8)
[**The Use of Community Leaders as sources of information**](#s9) [**Page 9**](#s9) [**Section 9**](#s9)
[**Persons in custody**](#s10) [**Page 9**](#s10) [**Section 10**](#s10)
[**Intelligence Approaches within ongoing operations**](#s11) [**Page 10**](#s11) [**Section 11**](#s11)
[**Tasking and Coordination**](#s12) [**Page 10-11**](#s12) [**Section 12**](#s12)
[**Covert Structures and Assets**](#s13) [**Page 11**](#s13) [**Section 13**](#s13)
[**Application and Authorisation**](#s14) [**Page 11**](#s14) [**Section 14**](#s14)
[**Operational Personnel**](#s15) [**Page 11**](#s15) [**Section 15**](#s15)
[**CHIS**](#s16) [**Page 12**](#s16) [**Section 16**](#s16)
[**Using the internet to gather intelligence and evidence**](#s17) **[Page 13]** [**Section 17**](#s17)
[**What is Open Source Research?**](#s18) **[Page 13]** [**Section 18**](#s18)
[**When there is a need for an authorisation**](#s19) [**Page 13**](#s19) [**Section 19**](#s19)
[**Is it unlawful for any OIU Officer to set up and use a social networking account with a false identity?**](#s20) [**Page 13**](#s20) [**Section 20**](#s20)
[**Equipment and Vehicles**](#s21) [**Page 14**](#s21) [**Section 21**](#s21)
[**Vehicles**](#s22) [**Page 15**](#s22) [**Section 22**](#s22)
[**Information Technology**](#s23) [**Page 15**](#s23) [**Section 23**](#s23)
[**Physical and Operational Security**](#s24) [**Page 15**](#s24) [**Section 24**](#s24)
[**Vetting**](#s25) [**Page 15**](#s25) [**Section 25**](#s25)
[**Office Security**](#s26) [**Page 16**](#s26) [**Section 26**](#s26)
[**Personal Security**](#s27) [**Page 17**](#s27) [**Section 27**](#s27)
[**Road Traffic Collisions (RTCs) involving OIU vehicles**](#s28) [**Page 17**](#s28) [**Section 28**](#s28)
[**Mobile telephones**](#s29) [**Page 17**](#s29) [**Section 29**](#s29)
[**Pseudonyms and false identities**](#s30) [**Page 18**](#s30) [**Section 30**](#s30)
[**Payment of rewards**](#s31) [**Page 18**](#s31) [**Section 31**](#s31)
[**Application and Authorisation**](#s32) [**Page 19**](#s32) [**Section 32**](#s32)
[**Covert Surveillance Process**](#s33) **[Page 20]** [**Section 33**](#s33)
[**Entry onto Land Process**](#s34) [**Page 21**](#s34) [**Section 34**](#s34)
[**Urgent Authorisation**](#s35) **[Page 21]** [**Section 35**](#s35)
[**Reviews, Renewals and Cancellations**](#s36) [**Page 22**](#s36) [**Section 36**](#s36)
[**Renewals**](#s37) [**Page 22**](#s37) [**Section 37**](#s37)
[**Cancellations**](#s38) [**Page 22**](#s38) [**Section 38**](#s38)
[**CHIS Process**](#s39) **[Page 24]** [**Section 39**](#s39)
[**CHIS Authorisations, Reviews, Renewals & Cancellations**](#s40) [**Page 25**](#s40) [**Section 40**](#s40)
[**Reviews**](#s41) [**Page 25**](#s41) [**Section 41**](#s41)
[**Renewals**](#s42) [**Page 25**](#s42) [**Section 42**](#s42)
[**Cancellations**](#s43) [**Page 25**](#s43) [**Section 43**](#s43)
[**Other CHIS Management records**](#s44) [**Page 26**](#s44) [**Section 44**](#s44)
[**Security of Information transferred by CD**](#s45) [**Page 26**](#s45) [**Section 45**](#s45)
[**Recording Information**](#s46) [**Page 26**](#s46) [**Section 46**](#s46)
[**Inter- Agency Protocols**](#s47) [**Page 27**](#s47) [**Section 47**](#s47)
[**De-confliction process**](#s48) **[Page 28]** [**Section 48**](#s48)

1. []{#s1.anchor}**Introduction**

1. The use of covert policing techniques is a key tool in the
investigation of a wide range of crimes and offences relating to
public order.

The very nature of covert policing often impacts on an
individual's rights to respect for a private and family life or
may interfere with their peaceful possession of property.

2. Where the police wish to use covert policing techniques in the
investigation of crime or for a specific operation and there is
a likelihood of interfering with such rights, the covert
policing activity must be necessary, proportional, properly
authorised and regulated.

3. The Regulation of Investigatory Powers Ordinance 2012 (RIPO)
regulates the police use of Covert Surveillance, Covert Entry
onto Land, interference with property and the use and conduct of
Covert Human Intelligence Sources. It does not allow the use of
intrusive surveillance techniques or interception with
communications.

4. To ensure the lawful and effective use of covert techniques,
only those officers who have received specialist training in
their use will be able to operate, manage or authorise covert
policing operations.

5. This document defines specific policy and procedures relating to
the SBA Police, when using and managing covert techniques as
regulated by RIPO and the associated Codes of Practice on Covert
Surveillance and Entry onto Land and the Code of Practice on
Covert Human Intelligence Sources.

6. It does not seek to repeat practice and standards already
published in guidance documents but seeks to define policy and
practice which is specific to the SBA or which derogates from
those minimum standards.

2. []{#s2.anchor}**Guidance and Minimum Standards**

1. In order to achieve standardisation and to maintain the high
levels of professionalism and security required when deploying
and managing covert techniques, the SBA Police and Customs and
Immigration, will comply, **where applicable**, with the
guidance and minimum standards defined in the following UK ACPO
restricted documents and any subsequent revisions.

- **ACPO (2006) Guidance on The National Intelligence Model.**

- **ACPO (2010) Guidance on The Management of Police Information.**

- **ACPO (2008) (Revised) Guidance on The Lawful and Effective Use of
Covert Techniques -- The Legal Framework and Covert Operational
Management.**

- **ACPO (2009) Guidance on The Lawful and Effective Use of Covert
Techniques -- Local Volume Crime and Disorder.**

- **ACPO (2010) (Revised) Guidance on The Management of Covert Human
Intelligence Sources (CHIS).**

- **ACPO (2010) Guidance on The Use and Management of Specialist
Surveillance Techniques -- Section 7 Surveillance Logs and
Records.**

- **ACPO (2018) Guidance on The Management of Covert Human
Intelligence Sources (CHIS) - Revised Code of Practice.**

- **ACPO (2018) Guidance on The Use of Covert Surveillance and
Property Interference - Revised Code of Practice.**

3. []{#s3.anchor}**Access to and use of Guidance.**

1. In addition to copies of RIPO and accompanying Codes being
available at Force HQ and WSBA and ESBA Divisions, the above
OFFICIAL SENSITIVE Guidance documents will also be held by the
Central Authorities Bureau Force HQ (CAB) and the Divisional
Operational Intelligence Units (OIUs). No persons other than
those officers appointed to the CAB, OIUs or who are appointed
Authorising Officers for the purpose of RIPO, will be allowed
access to these documents, without the express permission of the
Chief Constable or Deputy.

2. The contents of the documents will not be disclosed outside of
law enforcement agencies.

3. Prosecuting agencies who wish to have sight of the guidance
documents for judicial proceedings, will agree processes with
the Chief Constable or Deputy that will protect sensitive
content, such as techniques, methodology and technical
capability, through Public Interest Immunity proceedings (PII).

4. []{#s4.anchor}**Oversight and Inspection**

1. **Senior Responsible Officer**

2. RIPO stipulates that a person of ACPO rank be appointed as the
Senior Responsible Officer (SRO), for the maintenance of
standards, compliance with the Ordinance and the setting of
strategies and policies. For the SBAs, this role will be carried
out by the Chief Constable or Deputy Chief Constable SBA Police.
The SRO must be aware of his role and responsibilities and have
a regular process in place to carry it out. The SRO will appoint
an officer of Superintendent rank, whose responsibility will be
to chair a standing Covert Policing Working Group (CPWG),
consisting of relevant practitioners from OIUs, CAB and force
IT. This group will examine and make recommendations to the SRO
on such matters as, covert policing strategies, covert
equipment, IT, policy changes, training and staff development,
resources and funding.

3. **Internal Inspection**

1. A general internal inspection of the processes, procedures
and operational application of RIPO, will be conducted on an
annual basis. Thematic inspections of specific operational
areas, for example CHIS, can be conducted at any time as
authorised by the CC / DCC.

2. Such inspections will be carried out by the Professional
Standards Unit, in conjunction with CAB and under the
direction of the Deputy Chief Constable.

4. **External Inspection**

3. External inspection will be carried out by the Investigatory
Powers Commissioners (IPCO), as defined in RIPO, at time
scales agreed with the CC / DCC. IPCO replace IPC.
(Investigatory Powers Commissioners Office)

4. Additional external inspection may be conducted by Her
Majesty's Inspector of Constabulary (HMIC) during their
normal inspection process.

5. []{#s5.anchor}**Information Management**

5. **Effective use of the 5x5x5 process**

6. All information received by the SBA Police, that has not been
recorded on other force systems, such as incident records or
custody records, will be submitted using the recognised 5x5x5
process.

7. With the exception of registered CHIS, and unless the source of
the information is unknown, for example an anonymous telephone
call, the true identity of the source will initially be
recorded. Effective use of the 5x5x5 (which will change to the
3x5x2 process) information reports should include its
requirement in each and every application as it is the
intelligence value that the SAO / AO relies on for each decision
making. Referred in the extant OSC Procedures and Guidance
document.

6. []{#s6.anchor}***Primary Information Source Register (PISR)***

8. All information received by way of a 5x5x5 report will be
recorded and retained in a Primary Information Source Register
(PISR), held by the relevant OIU. It is then the responsibility
of the OIU Inspector to conduct a risk assessment based on all
the facts, including the true identity of the source, the nature
of the information and its intelligence value, before further
dissemination and action. OIU Inspectors and CAB will have
quarterly meetings to compare records in order to ensure a more
corporate approach and to identify persons who may be giving
information to both Divisions (source de-confliction).

7. []{#s7.anchor}***Intelligence Source Register (ISR)***

9. Where an initial 5x5x5 report is deemed to be of intelligence
value, it will be recorded in an Intelligence Source Register
(ISR), given a unique reference number, which will cross refer
to the PISR. The 5x5x5 will then be appropriately sanitised,
including where necessary, the removal of the source's true
identity, prior to any further dissemination or action. Any
further reference to the source of the information will then be
by the ISR unique reference number only. Information received
through the use of covert techniques, will be sanitised from the
outset and recorded using the ISR process. The primary
information source record for such information will be the force
Covert Surveillance or Source Management System.

8. []{#s8.anchor}***Status Drift***

10. The OIU Inspector will continually monitor sources of
information to satisfy himself or herself that such sources
should not be considered for assessment as a CHIS.

11. Where the same source has given information on three or more
occasions, the OIU Inspector will speak to the reporting officer
to again ensure that source's status has not 'drifted' into a
role that should be considered for CHIS authorisation.

12. All police officers not employed in the OIU have a mandatory
requirement to notify the OIU Inspector of any human source of
information who repeatedly passes information or who is believed
to be acting in the capacity of a CHIS.

[definition of CHIS];

13. OIU staff with day to day responsibility for managing CHIS, are
referred to as Source Handlers. Handlers are reminded that CHIS or
other persons providing intelligence do not belong to individual
employees. They are assets utilised by the OIU for the benefit of
the SBA Police. Oversight and management of CHIS activity is the
responsibility of the OIU Inspector, also known as the Controller.
He or she has the discretion to direct officers to pass over access
to a source of information or change the handler(s) of a CHIS, where
operationally required.

14. Only where the above course of action has been undertaken, can the
force seek to effectively protect the identity of sources that are
at risk or other covert methodology, through PII, during judicial
proceedings.

9. []{#s9.anchor}***The Use of Community Leaders as sources of
information***

15. There are a number of individuals, who due to their position in
the community (Mayors, Community leaders etc) are able to
provide information regarding issues that make impact on public
order or crime. These individuals normally engage with the
Deputy Divisional Commanders.

16. There are a number of individuals, who due to their position in
the community (Mayors, Community leaders etc) are able to
provide information regarding issues that may impact on public
order or crime. These individuals are sources of information and
regularly engage with the Deputy Divisional Commanders and
Divisional community units. In the majority of cases these
individuals will not be classed as CHIS as a "relationship has
not been developed for a covert purpose" Many of these "sources"
merely volunteer or provide information that is within their
personal knowledge without being induced, asked or tasked by a
police officer. This means that the source is not a CHIS for the
purposes of RIPO. However the status of these individuals should
be kept under regular review by the controller to establish at
any given stage whether they should be authorised as a CHIS
(I.e. tasked or induced to seek out information by way of
establishing or maintain a relationship for the purpose of
obtaining, providing access to, or disclosing information)

17. They will be handled by the Deputy Divisional Commanders. These
officers will be required to maintain a full record of meetings,
tasking and information given. Appropriate information will be
submitted using a sanitised 5x5x5 report.

18. This way the contact among the source and the handler remains at
high levels indicating the significance of the process.

19. A thorough and detailed Risk Assessment should be contacted and
reviewed regularly thus minimizing the risk and maximizing their
safety in accordance with the duty of care owed to the CHIS.

10. []{#s10.anchor}**Persons in custody**

20. Persons in custody can be a rich source of information;
especially those in custody for a series of crimes, serious
crime, Divisional Intelligence Requirement (DIR) crime or
otherwise identified as being of interest. All investigating
officers should seek to ascertain if any such individual is
willing to provide information that is not related to the
offence for which they are in custody or suspected of
committing. If a person is in custody expresses a willingness to
provide information, the investigator will immediately inform
the OIU Inspector. Handlers looking to conduct intelligence
approaches / intelligence interviews within the custody suite
must be aware of the inherent risk this tactic poses. The
potential of compromise to the handlers and the individual being
spoken to is considered high. No handler will conduct such an
approach without consultation with and approval by the
Controller. Handlers must consider alternative tactical options
to facilitate an approach to a potential source before a custody
visit will be sanctioned. The exposure of handlers in this
process should be recorded in each risk assessment they compose
accordingly. The OIU manager should monitor the process of
handler's exposure to possible risks and possible consequences
of these risks. OIU Manager carries the overall responsibility
and corporate risks in relation to the exposure of handlers to
risk. If such contact is approved and contacted, then relevant
cell intervention form should be completed. The form should be
then forwarded to the Controller (OIU Inspector) for review and
further direction. In the event that such person is registered
as CHIS then the form will be included in the application file.
If not, then the form will be kept at the respective Divisional
OIU.

11. []{#s11.anchor}**Intelligence Approaches within ongoing
operations**

21. It is anticipated that through analysis of network charts and
other analytical products potential sources may be identified
who feature in on-going proactive investigations. The OIU will
not orchestrate an approach to such an individual without prior
consultation with the Controller, who will often liaise directly
with the SIO of the said operation. This will ensure OIU
activity does not have a detrimental impact on the operation and
all the risks are considered and documented. OIU handlers will
then be tasked to devise and implement a tradecraft plan to
facilitate the recruitment of the source. The investigative SIO
will not be made aware of the progress of the recruitment
process.

12. []{#s12.anchor}**Tasking and Coordination**

22. OIU Inspectors will participate in quarterly meetings with DSMT
for the purpose of reviewing the tasking procedure; ensure
effective profiling and tasking according to NIM model and to
discuss quality control and effectiveness.

23. All use of covert surveillance or entry onto land, except in the
case of urgency, will be approved through recognised Tasking and
Co-ordination (T&CG) processes. At no time however, will the use
of covert surveillance or the existence of a CHIS be mentioned
in a general T&CG meeting.

24. Where consideration has been given to the use of covert
surveillance, a separate meeting will be held, with only those
persons who need to know being present. This will normally only
include the Divisional Commander or Deputy, the OIU Inspector or
Deputy and the investigating officer or operational plan owner.

25. CHIS tasking will be carried out by the OIU, based on the use
and conduct authorisation given by the force Senior Authorising
Officer (SAO), the CC/DCC.

13. []{#s13.anchor}**Covert Structures and Assets.**

26. Where practicable and feasible, the standards for covert
structures and assets, such as physical and personal security;
personnel and training; welfare and vetting; information
technology and the use of dedicated roles, will comply with the
minimum standards defined in the relevant guidance documents. It
is recognised however, that due to the specific and unique
policing situation in the SBA, it may be necessary to derogate
from some of those standards.

14. []{#s14.anchor}**Application and Authorisation**

27. The application and authorisation of all covert techniques will
be overseen by the CAB, on behalf of the CC / DCC. In addition,
the CC / DCC, will be responsible for authorising all
applications for entry onto land and CHIS. The full role of the
SAO and CAB is defined in the relevant Codes of Practice and
appropriate guidance manuals.

28. All covert operations will be conducted through the divisional
OIUs. OIU Inspectors will be responsible for advising on the
appropriate technique to be used and for the management of local
surveillance and CHIS records and operational security.
Divisional Commanders or their Deputies, should not be directly
involved in the covert operations taking place within their
respective division.

15. []{#s15.anchor}**Operational Personnel**

29. ***Covert Surveillance and Entry onto Land***

30. Only those officers who have undergone a specialist surveillance
training programme should be used to carry out a covert
surveillance or entry onto land role. These officers have been
specifically trained in covert surveillance techniques,
including visual imagery, the maintenance of surveillance
management records and log keeping. Where operational necessity
dictates, it may be possible for an untrained officer to work
alongside a trained individual, for example an observation post.
This should be the exception rather than a regular occurrence.

31. For longer term surveillance deployment, Divisional Commanders
should seek to provide resources from those officers trained in
surveillance techniques, who are not employed in the OIU. This
will not only enable OIU to conduct effective surveillance
operations, but it will also help to reduce 'skills fade' and
maintain levels of competency of those trained resources not
employed in OIU.

32. It is also vitally important that unless totally unavoidable,
OIU officers should not be used on high visibility overt
deployments such as public order incidents, uniform patrol or
public events. If no other option is available, then OIU
Inspectors should carry out a risk assessment in the relevant
Divisional risk register (Annex 1).

16. []{#s16.anchor}***CHIS***

33. Only those officers who have undergone a specialist CHIS
training programme, will be permitted to handle or control
authorised CHIS.

34. The OIU Inspector or his deputy will be the CHIS Controller. All
CHIS handling will be conducted by trained officers who are
permanent staff in the OIU.

35. As the SBA has insufficient resources to form a dedicated source
unit, it has been necessary to implement a 'multi-functional
role' approach to Intelligence and CHIS handling in the OIUs.
This obviously requires careful management to ensure that
officers are not carrying out intelligence field roles and CHIS
handling on the same operation. OIU officers who engaged in
handling a CHIS, should not be deployed in any other role in the
matter under investigation or likely to be linked with the
investigation. The multifunction use of the handlers should be
part of each risk assessment and relevant detailed information
should be given in the particular risk assessment to this
respect. This should be carefully managed by the OIU Inspector.

36. Divisional Commanders should seek to provide trained resources
from other units where the OIU has insufficient staff available
to effectively manage CHIS or where handlers with specific
skills are required, for example due to gender or ethnicity.

17. []{#s17.anchor}**Using the internet to gather intelligence and
evidence**

37. The Internet can provide a wide range of useful information to
intelligence and investigating officers.

38. Offenders may be using electronic auction sites (e.g., eBay) to
sell stolen goods, or may be using social networking sites to
communicate about planned offences.

18. []{#s18.anchor}**What is Open Source Research?**

39. Open source research is the collection, evaluation and analysis
of material from online sources available to the public, whether
on payment or otherwise, to use as intelligence or evidence
within a criminal investigation.

19. []{#s19.anchor}**When there is a need for an authorisation**

40. If open source material is re-visited with some regularity,
usually to build a profile, covert surveillance authorisation
for the investigation will be required.

41. If privacy controls are in operation and are breached covertly
(for example by the use of an officer who does not disclose his
identity as such or uses a false identity) then at least
directed surveillance authorisation for the investigation will
be required.

42. If a relationship is established between the investigator and
the operator/owner of the site a CHIS authorisation for the
investigator will be required

20. []{#s20.anchor}**Is it unlawful for any OIU Officer to set up and
use a social networking account with a false identity?**

43. It is not unlawful to set up a false identity however it is not
advisable to do so for a covert purpose without authorisation as
using photographs of other persons without their permission to
support the false identity interfere with other laws.

44. **[Best practice and guidance to field officers to avoid the
inappropriate use of social network sites in investigations and
operations;]**

- Do not create a false identity in order to 'be friend' with
individuals on social networks without an authorisation under RIPO;

- When viewing an individual's public profile on a social network, do
so only to the minimum degree necessary and proportionate in order
to obtain evidence to support or refute an investigation;

- Repeated viewing of open profiles on social networks to gather
evidence or to monitor an individual's status, must only take place
under a RIPO authorisation;

- The authorised False Personas / Pseudonyms should be recorded on a
central record kept by CAB for deconfliction purposes.

45. Be aware that it may not be possible to verify the accuracy of
information on social networks and if such information is to be
used as evidence, take reasonable steps to ensure its validity.

21. []{#s21.anchor}**Equipment and Vehicles**

46. ***Technical surveillance equipment***

47. All technical surveillance equipment will be held by the
respective OIU and operated by officers who have undergone
specific training in its deployment and use. A member of the OIU
will be appointed as Technical Field Intelligence Officer (TFIO)
and will be responsible for all Technical Surveillance equipment
including registration, monitoring of use, maintenance of
records, monitoring repair and service schedules and inhouse
training.

48. Technical equipment capable of being used for 'Directed
Surveillance' will be centrally managed by the Clothing and
Supply Officer of the SBA Police and a record will be kept by
this officer to this respect. This record and the Technical
Equipment Issuing Registers will be inspected regularly in order
to ensure correct usage.

22. []{#s22.anchor}***Vehicles***

49. The SBA has limited capability for covert vehicles. Regular
rotation of unmarked vehicles between Divisions, access to SBA
fleet vehicles and the use of temporary on loan vehicles should
be considered in order to provide the best possible operational
capability.

23. []{#s23.anchor}**Information Technology**

50. All applications and authorisations for Covert Surveillance and
Entry onto Land, will be made through SBAPS Application, known
as the Covert Surveillance System (CSS). The CAB will be
responsible for oversight of all force application and
authorisation processes, while each Divisional OIU will maintain
and monitor its own records. Application, authorisations and
management records for CHIS will be carried out on standalone
secure computers held by each Divisional OIU and CAB. All
records containing the true identity of a CHIS will be stored
and kept at a secure location under the responsibility of CAB.
The Source Management System (SMS) will be controlled and
managed under strict security principles.

24. []{#s24.anchor}**Physical and Operational Security**

51. ***Security Protocols***

52. The objective of security measures introduced within the OIU is
to prevent the unauthorised access to, or disclosure of,
sensitive information held within the unit. "Sensitive
information" is any information that, if compromised, could
place at risk the safety of any individual, and/or lead to the
compromise of any Police or other law enforcement operation.

53. The overriding principle under which sensitive information
should be handled will be on the principal of "NEED TO KNOW".
This is based on the premise that the fewer individuals granted
access to a piece of sensitive information, the less likely that
a compromise will occur, and the easier to trace any
unauthorised disclosure

25. []{#s25.anchor}***Vetting***

54. All staff engaged on covert operations will be cleared to a
minimum 'Security Clearance' (SC) level.

55. Vetting clearance will be reviewed annually. However, any change
in personal circumstances which may affect clearance, for
example changes of marital status; criminal convictions;
disciplinary findings; association with persons involved in
crime; matters which could make an individual susceptible to
pressure or improper influence to disclose information or
financial difficulties, should be brought to the attention of an
OIU supervisor or the Force Professional Standards Unit.

26. []{#s26.anchor}***Office Security***

56. Recognised minimum standards for office security have been
adopted where possible, however it is recognised that this must
be achieved within the confines of the current estate and office
layout.

57. WSBA OIU occupies two offices on the ground floor of Akrotiri
Police Station. The access corridors are shared with all other
police staff at WSBA. OIU staff must be aware of the potential
for non-security vetted, non-police personnel being present in
the immediate vicinity of their working environment. Doors must
be kept closed when the office is unattended and only OIU staff
will have access to the combination numbers for the locks. A
multi-combination security cabinet is situated in the OIU
Inspectors office for the storage of covertly obtained material,
sensitive documentation and CHIS records.

58. ESBA OIU occupies a single level building, which is separate to
the main police station at Dhekelia. This building is shared
with the Tasking and Coordination Unit, which comes under the
supervision of the OIU Inspector. The OIU have two offices and a
small annex. Both internal offices will be fitted with digital
door locks and a further digital lock will be fitted to the
external access door. Doors must be kept closed when the office
is unattended and only OIU staff will have access to the
combination numbers for the locks. A multi-combination security
cabinet for storage of covertly obtained material and CHIS
records, will be situated in the OIU Inspectors office.

59. CAB is situated in a secure environment at SBA HQ. Again, the
door to the CAB office will be accessed by digital lock and a
multi-combination security cabinet for storage of covertly
obtained material and CHIS records will be used.

60. The CAB and OIUs will operate a 'clear desk policy' at the end
of each working day or when the office is to be left unattended
for any lengthy period.

27. []{#s27.anchor}***Personal Security***

61. Officers are responsible for the safety of themselves and their
colleagues whilst conducting meetings with sources. Each meeting
must be risk assessed prior to its commencement.

62. Personal Protective Equipment (PPE) will be available in the
OIU. Each officer will have access to the equipment, so that if
the risk dictates, it can be carried in their vehicle during
source meetings. The use of PPE is at the discretion of the
individual handler and is dependent on the source's risk
assessment and the cover story being employed.

28. []{#s28.anchor}***Road Traffic Collisions (RTCs) involving OIU
vehicles***

63. In the event that an OIU vehicle conveying a source is involved
in a road traffic collision, the objective of the handlers will
be to protect the identity of the source. For minor collisions,
this might be achieved by one of the handlers escorting the
source away from the scene. For more serious collisions, the
option to remove the source from the scene might not be possible
in which case a cover story will be provided for the source\'s
presence in the vehicle.

64. Should a police vehicle collision occur when a source is
onboard, the handlers will contact the Controller immediately.

65. All collisions involving OIU vehicles must be investigated as
per Force Policy. Should the investigating officer consider it
necessary to interview the source, the Controller must be
informed. The Controller will then request approval from the
SAO.

29. []{#s29.anchor}***Mobile telephones***

66. Each OIU will be equipped with two prepaid mobile telephones and
a stock of prepaid SIM cards, with different numbers. Source
Handlers will be issued with one of these telephones in order to
carry out their role with a CHIS. All CHIS will be provided with
a number from one of these telephones. Officers will not issue a
source with their own mobile numbers due to the fact that this
practice may expose the handlers and their families to possible
dangers.

67. The OIU Sergeant will be responsible for maintaining records of
issue, details of numbers used and any other use of the
telephones.

68. Under no circumstances will positive police action be instigated
upon information being received by a handler via a text message.
Text messages will only be treated as a prompt for the handler
to contact the source. Only when the intelligence is obtained
verbally from the source can it be risk assessed and
consideration be given for dissemination.

69. Officers will not use their own mobile or land line phone at
home to contact a source in any circumstance.

30. []{#s30.anchor}***Pseudonyms and false identities***

70. Officers engaged in covert operations, particularly those
handling sources, will not routinely use pseudonyms or false
identities or documents, save that which is necessary to
maintain a cover story. The use of any pseudonym or false
identity or document by the field officers should be centrally
managed and be on a central record that can be inspected on a
regular basis by CAB in order to ensure the correct usage. All
officers who are to be engaged in covert operations have been
trained in the use of cover stories.

A five-digit pin number will replace the collar number of operatives in
all logs used during directed surveillance. That will minimize the risk
of exposing any of the operatives in the event of any of such logs goes
public or seeing by unauthorised personnel.

31. []{#s31.anchor}***Payment of rewards***

71. The SBA will adopt the recognised Source Rewards process and
payment matrix. This matrix will be adapted to suit the range of
crimes committed within the SBA and rewards will reflect the
economic value of these crimes.

72. With the exception of incentive payments, the OIU Inspector will
be present and supervise all payments of rewards to CHIS.

73. Incentive payments, which should be limited to 10 euro, without
prior approval, will be notified to the Controller at the
earliest opportunity.

32. []{#s32.anchor}**Application and Authorisation**

74. RIPO and the Codes of Practice define specific roles for the
application and authorisation of covert techniques. Additional
management and oversight roles have been identified through
effective practice.

75. All applications and authorisations for Directed Surveillance
and Entry onto Land will be made using the force CSS Application
on SBAPS. All applications will be made by OIU staff or other
personnel who have received specialist RIPO training.

76. Applications and authorisations for CHIS will be made using the
SMS system and a manual transfer of CD and hard copy records.
Only officers in the OIU who have received specialist CHIS
training will make such applications.

33. []{#s33.anchor}**Covert Surveillance Process**

34. **Entry onto Land Process**

35. []{#s35.anchor}**Urgent Authorisation**

77. Authorisation for Covert Surveillance, Entry onto Land and CHIS
can be given in circumstances which amount to urgency.

78. Urgency criteria must not be applied as a matter of convenience
and should only be used where life is at risk or delay would
cause serious detriment to an investigation.

79. Urgent authorisations can be given orally by a LAO or SAO, as
applicable or in writing by their Deputy during their temporary
unavailability. Such authorisations last for 72 hours.

80. In practice, where urgent authorisation is required, applicants
must seek to obtain oral authorisation from either Divisional
Commander at WSBA or ESBA, prior to obtaining written urgent
authorisation from a Deputy.

81. Where urgent oral authorisation is required, the following
action will be taken.

- The Applicant will record the time and date that they spoke to the
Authorising Officer.

- The Applicant and Authorising Officer will record the intelligence
case and information provided and the grounds on which the
authorisation is to be given.

- The Applicant and Authorising Officer will record the time and date
the authorisation is given and the time and date the authorisation
ceases.

- The Applicant will commence the appropriate record on CSS or SMS.

- At the end of 72 hours the application will be cancelled or if there
are grounds to continue, the application will be renewed
accordingly.

36. []{#s36.anchor}***Reviews, Renewals and Cancellations***

82. ***Reviews***

83. The Authorising officer can delegate reviews to another officer.
In practise however, in the SBA, circumstances dictate
otherwise, the Authorising officer will conduct all reviews,
using the appropriate section in SBAPs CSS application. The
Authorising Officer cannot delegate all or part of his/her
responsibilities to another officer. A deputy should only be
used in the absence of the Authorising Officer and the reasons
for absence should be stated.

37. []{#s37.anchor}***Renewals***

84. All renewals will be treated as if they were a new application
and the above processes will be followed, using the appropriate
renewal section in CSS Application.

38. []{#s38.anchor}***Cancellations***

85. Authorisations must be cancelled as soon as the requirement for
covert surveillance or entry onto land has ceased. Cancellation
will be recorded on CSS using the appropriate cancellation
section. CAB will be responsible for the product management and
he/she will deal with this in accordance with the destruction of
official records standing order (SO A9) in the force at the
time.

39. []{#s39.anchor}**CHIS Process**

40. []{#s40.anchor}**CHIS Authorisations, Reviews, Renewals and
Cancellations**

86. ***Authorisations***

87. The CHIS process diagram describes in full the authorisation
process. It must be noted however that where a person meets all
of the criteria to be regarded as a CHIS, but declines to sign
terms and Conditions of conduct, this does not prevent them
being authorised as a CHIS, providing the risk assessment
reflects this issue and the Force's Authorising Officer (FAO) is
content to tolerate the risk and give authorisation.

41. []{#s41.anchor}***Reviews***

88. The Authorising officer can delegate reviews of CHIS to another
officer. In the SBA, the Controller will conduct the reviews,
using the appropriate review form on CSS. The SAO must be
notified of any significant changes to circumstances or risk
that may affect the original authorisation. On review all
existing records for the CHIS in question, will be copied to CD
and transferred by secure courier to CAB, in order to update the
central registry. The Authorising Officer cannot delegate all or
part of his/her responsibilities to another officer. Therefore,
a deputy should only be used in the absence of the Authorising
Officer for the reviews of CHIS and the reasons for absence
should be stated.

42. []{#s42.anchor}***Renewals***

89. All renewals will be treated as if they were a new application
and the above process will be repeated.

43. []{#s43.anchor}***Cancellations***

90. Authorisations must be cancelled as soon as it is decided that
use and conduct of the CHIS is no longer required. A
cancellation form will be recorded on SMS and submitted to CAB
for action by the SAO and central registry.

44. []{#s44.anchor}**Other CHIS Management records**

91. All other CHIS management records will be maintained by the OIU
on the local SMS and where necessary submitted in hard copy
format to CAB for authorisation by the SAO.

Applications for, and records of rewards and benefits.

92. CAB will be responsible for updating all central records.

45. []{#s45.anchor}***Security of information transferred by CD.***

93. CDs containing CHIS information will be transferred from the
Division to HQ. When information is transferred by CD and all
records on the OIU SMS and CAB Central Registry have been
appropriately updated, the CD will be destroyed.

94. Divisional OIUs and CAB will be responsible for maintaining a
record of CDs issued, received and destroyed.

46. []{#s46.anchor}**Recording Information**

95. All information obtained through the use of covert techniques
will be treated as sensitive and recorded, disseminated or used
in one of the following ways:

96. CHIS contact sheet recorded on SMS and retained by OIU.
Subsequent dissemination intelligence, if appropriate by way of
a sanitised 5x5x5;

97. Surveillance logs retained by the OIU and subsequent
dissemination of intelligence by way of a sanitised 5x5x5;

98. Surveillance Management Records (SMR) retained by OIU;

99. Sensitive policy files retained by OIU; and

100. Other briefing notes and contemporaneous notes of CHIS
meetings, etc retained by OIU.

101. Such records may be revealed to the prosecution by way of
sensitive schedules, however PII processes should be sought to
protect the identity of CHIS, observation post locations,
methodology used and technical assets.

102. Requirements under R v Johnson, relating to the use of
observation posts will be recorded in the SMR or Sensitive
Policy file.

103. In order to maintain the integrity of such operations, the OIU
Inspector will fulfil the requirements for the second visit to
the property owner as stated in this case, instead of a Chief
Inspector.

47. []{#s47.anchor}**Inter-Agency Protocols**

104. Memorandums of understanding will be drawn up and agreed
between the SBA Police, Customs and Immigration and the
Military, who are governed by similar UK legislation, as to the
inter-agency management of CHIS and sharing of information
obtained through covert means.

105. The Republic of Cyprus Police does not have legislation
relating to the use of covert techniques and therefore existing
arrangements for information sharing will remain. It should
always be borne in mind that the duty of care to protect any
person assisting the SBA from unnecessary disclosure is
paramount.

48. []{#s48.anchor}**De-confliction process**

106. A de-confliction process has been put in place in order to
avoid duplication of effort or potential compromise of an
operation.

107. De-confliction requests will be made by the Divisional OIU to
the CAB and it will be the CABs responsibility to ensure that
either the CC or DCC are provided with the relevant details
enabling them to make the de-confliction request at the earliest
opportunity. The CAB will notify the Division of the outcome.

- **For all CHIS authorisations**, the SBAP Chief Constable or Deputy
will telephone DSA and provide the subject's name, date of birth and
intended date of authorisation before authorisation is given.

- DSA will then check to ensure that the subject is not currently
registered as a CHIS by any other organisation operating within
BFC/SBAA.

- If the check is negative, DSA should be able to inform the CC either
immediately or shortly after. If the check is positive i.e suspect
is currently registered to another organisation, DSA will request a
conference as soon as possible with the Chief Constable or the
Deputy Chief Constable and/or any other interested parties as
appropriate to decide the way forward.

- DSA will record on a spreadsheet all CHIS authorisations and
deauthorisations contacted by SBAP which will be available for
inspection if required by the Surveillance Commissioners.

- **For all Covert Surveillance (CS) authorisations**, the SBAP Chief
Constable or Deputy will telephone DSA and provide details of the
venue of the intended CS operation before authorisation is given.

- DSA will then check to ensure that the venue is not subject to any
other surveillance operation being contacted by any other
organisation operating within BFC/SBAA.

- If the check is negative DSA should be able to inform the CC shortly
after the request has been made. If the check is positive i.e
reveals that the intended venue is the subject of another operation,
DSA will request a conference as soon as possible with the Chief
Constable or the Deputy Chief Constable and/or any other interested
parties as appropriate to decide the way forward.

- DSA will record on a spreadsheet all applications for CS contacted
by SBAP which will be available for inspection if required by the
Surveillance Commissioners.

108. Clearly the use of CHIS and Covered Surveillance operations are
new to us in the SBAP and will take some getting used to by all
concerned. The protocols described above are designed to assist
in that process. If however, practice reveals a better way of
operating, the protocols will be evolved accordingly to ensure
the most effective and efficient use of all BFC/SBAA resources.