Where do unregulated private investigators go from here? asks Tony Imossi, pictured, secretary of the Association of British Investigators (ABI).
For ease of reference, I will use the terms private investigator (PI) and investigation, but it is well established that it is not what you call yourself, but your activities that matters. As a service provider, private investigation plays an important role in many parts of society, including legal, corporate, and personal cases. The private investigation sector in the UK has never been licensed in its 200-year history, allowing individuals to operate without accountability, if they so choose to remain outside any voluntary regulatory regime, such as the Association of British Investigators. Concerns have long been expressed about the possible risks connected with unregulated private investigators, prompting discussions about the industry’s future. This article examines the existing position and suggests possible next steps.
Current state of unregulated PIs:
Unregulated private investigators may work without any training, or uniform standards. ‘Private Investigator’ is an unprotected term that can be used by anyone who decides to build a business model around what they perceive to be a service under that category, regardless of whether that view is based on fiction or something nefarious. This lack of monitoring has generated worries about the possibility of unethical practises, invasion of privacy, and inadequate personal data protection. Instances of malfeasance and unlawful activity have emphasised the importance of accountability within the sector.
Regulation requests:
There has been a growing consensus among industry professional bodies, advocacy groups, and policy-makers in recent years that the private investigation sector should be regulated. The fundamental goal of regulation, in my opinion, should be to ensure that those working in this industry conform to certain norms of professionalism, ethics, and accountability. Proponents claim that regulation would help to improve the profession’s reputation while also protecting the interests of both clients and the wider public. But what exactly do they mean by ‘regulation’ in this context? Is it necessary for regulation to be mandatory? Wouldn’t a voluntary regulatory framework driven by market forces be sufficient and beneficial for everyone involved?
Potential regulatory actions:
Unfortunately, many stakeholders have been fixated on the idea that regulation can only mean statutory licensing, as if this will solve all of the sector’s problems. An alternative approach should be considered to fix the current gaps. I list a few expectations:
1) Registration: Putting in place a system that requires private investigators to meet certain criteria, such as background checks, financial probity, good practice, experience, qualifications, and reputation.
2) Code of practice: creating a detailed code of practice for private investigators that outlines ethical standards, client confidentiality, and best practices. Something similar to the BSI’s BS102000:2018 code of practice.
3) Training and qualifications: requiring private investigators to participate in standardised training programmes to improve their abilities and expertise in areas such as data protection, surveillance techniques, and legal procedures. The common ground is of course the privacy law; and checking competency on this area would be fair, reasonable, and achievable.
4) Complaints and disciplinary processes: establishing a regulating body to address complaints against private investigators and to impose disciplinary penalties in cases of misconduct or violations of professional standards, would be ideal but is difficult to administer. The ABI boasts a robust regime in the enforcement of its code of ethics and professional standards but admittedly, too many private investigators shy away from such scrutiny. However, focussing on data protection compliance is policing what is the law and of particular relevance to the sector’s activities.
5) Data protection and privacy laws: The UK already has strong privacy regulations in place, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. These regulations control the gathering, use, and storage of personal data, which is the gold standard in private investigation. Using current laws to regulate private investigators and their handling of personal information would give a solid foundation.
Difficulties of regulating the industry:
Implementing any regulation in the private investigation industry will not be easy. One of the most difficult challenges is establishing the right regulatory organisation to regulate the profession. The Private Security Industry Act 2001 created the Security Industry Authority (SIA), but I’m not so sure the SIA would have the resources or expertise to cope with the challenge. A quasi-government voluntary scheme, driven by market forces, and independently monitored by an accredited body, I am confident will be what is needed. The ABI is working with the information Commissioner’s Office (ICO) in the development of a UK GDPR code of conduct (under Article 40 of the UK GDPR), which I suggest will meet the five expectation points above.
How to balance privacy and investigative needs:
Regulation should strike a balance between preserving individuals’ privacy rights and allowing for necessary investigation actions. It is critical to ensure that any regulatory measures do not unreasonably impede private investigators’ capacity to conduct necessary and authorised investigations. Clear rules on what constitutes permitted practises, especially in the context of monitoring and data collecting, would be critical. An industry-led scheme, such as the proposed code of conduct, allows for industry expertise to be used, promotes self-regulation and accountability, encourages stakeholder participation and collaboration, stimulates innovation and best practices, and enhances public trust and confidence.
Participation of industry stakeholders:
The proposed code of conduct was developed by active involvement with industry stakeholders, led by private investigators, professional groups, and related organisations. Their involvement helped develop this potential regulation that addresses the profession’s specific requirements and concerns while protecting the public interest.
Law enforcement:
Regulated private investigators can provide vital assistance to law enforcement. Establishing procedures for collaboration between private investigators and law enforcement could improve investigation efficacy and provide a platform for offering law enforcement information and expertise.
Public education and awareness:
Regulation should be backed by public awareness campaigns emphasising the need of engaging regulated (by code membership) private investigators. Educating the public about the risks of hiring unregulated investigators and the advantages of hiring professionals who adhere to the ethical norms enforced in the code scheme would encourage informed decision-making.
Evaluation and monitoring:
Once the code of conduct is in place, methods for continual monitoring and assessment will be established. Regular evaluations of the regulatory framework’s efficacy can reveal opportunities for improvement and ensure that the intended regulatory goals are realised.
Best practices from around the world:
Looking at regulatory frameworks in various nations will quickly show that a unique and inventive approach is required for the global private investigation business. The ABI-proposed UK GDPR code of conduct has gained support and input from the global investigative community through the IKD association (www.i-k-d.com). The code when approved by the ICO has potential to be adopted with minor adjustment in most jurisdictions.
Using the privacy law to govern through a voluntary scheme: using privacy laws to govern unregulated private investigators through a voluntary system is an intriguing solution that should be accessible shortly if the ABI’s proposed code of conduct is approved by the ICO.
Consider the following points:
1) Voluntary scheme: the ABI-proposed code of conduct encourages private investigators to adhere to particular privacy standards and practises. Private investigators would voluntarily agree to comply with privacy law within the guidelines provided in the code, showing their commitment to preserving individuals’ privacy rights. The industry and other stakeholders have already been contacted, and the proposed code is well on its way.
2) Compliance and verification: mechanisms for evaluating compliance will be required to ensure the success of the voluntary programme. This will entail frequent audits or assessments done by an independent third party, a monitoring organisation approved by the ICO for that purpose, to ensure that private investigator code members are complying to the agreed-upon standards.
3) Incentives and benefits: offering incentives for private investigators to join the voluntary scheme would boost their participation. These incentives may include being recognised as compliant investigators, having access to resources, and receiving preferential treatment while working with clients or law enforcement organisations, for example.
4) Public awareness and transparency: it is critical to educate the public about the voluntary system and its benefits. Transparency initiatives, such as the establishment of a public registry of participating private investigators, will assist individuals in making informed decisions when employing an investigator.
5) Engagement with regulatory bodies: the voluntary system will involve engagement with current regulatory bodies such as the ICO, the Solicitors Regulation Authority, and the Financial Conduct Authority. This alliance would give credibility and competence to the private investigation industry’s enforcement of privacy legislation.
6) Continuous improvement: provisions for continual review and improvement would be included in the voluntary programme. Regular reviews and feedback loops can aid in identifying areas for improvement and ensuring that the scheme continues to protect privacy rights.
7) Constraints and considerations: it is crucial to recognise that a voluntary scheme may have enforcement and participation constraints. Some private investigators may choose not to participate, resulting in a more fragmented regulatory landscape. Furthermore, voluntary compliance may not effectively address concerns about unethical practises or illegal activity inside the sector that will continue to exist outside of the code.
Conclusion:
Regulating the private investigation sector in the UK would provide the industry with much-needed oversight, ethical standards, and responsibility, advancing it towards the status of a profession. It is a difficult undertaking that necessitates careful evaluation of the difficulties involved while also ensuring that legitimate investigative actions are not hampered unduly.
Using privacy rules as the foundation for a voluntary mechanism to hold unregulated private investigators accountable is a possible strategy. It makes use of existing legal frameworks to foster compliance and transparency. However, due to the constraints and potential obstacles involved with voluntary schemes, the proposed system will require active support from regulatory agencies in order to succeed.
About the author: Tony Imossi is the current secretariat for the Association of British Investigators, and ABI lead in the application to the ICO for approval of the proposed ABI UK GDPR code of conduct.
