CATT and T, R (on the applications of) v Commissioner of Police of the Metropolis

Factual and Procedural Background

These conjoined appeals concern two separate challenges to the police practice of retaining personal data on searchable databases:

• Respondent 1 is an elderly political demonstrator whose attendance at public protests was recorded between 2005 and 2011 and stored within a national “Domestic Extremism” database. He has never been convicted of any offence arising from those events.
• Respondent 2 received a “Prevention of Harassment” letter after an isolated verbal altercation with a neighbour in 2010. The letter and an associated incident log were stored on the Metropolitan Police electronic records system.

Both individuals accepted that initial recording of the incidents was lawful, but contended that subsequent retention violated Article 8 of the European Convention on Human Rights (ECHR). Their applications failed at first instance, succeeded on appeal, and were ultimately heard together before the Supreme Court on the present appeals by the Appellant Police Commissioner.

Legal Issues Presented

1. Does the systematic retention of non-intrusively obtained, publicly sourced personal data engage the “private life” protected by Article 8(1) ECHR?
2. If Article 8 is engaged, is the retention:
1. “In accordance with the law” for the purposes of Article 8(2)?
2. Proportionate to the legitimate aims of public safety and the prevention or detection of crime?
3. Do the differing factual contexts of Respondent 1 and Respondent 2 require separate proportionality analyses?

Arguments of the Parties

Appellant’s Arguments

• The Data Protection Act 1998 (DPA), the statutory Code of Practice on the Management of Police Information and associated guidance together provide a clear, enforceable legal regime; retention is therefore “in accordance with the law.”
• Retention is necessary for legitimate policing purposes: risk assessment, investigation of crime, understanding protest-group tactics and cross-referencing potential patterns of harassment.
• The information is neither intimate nor sensitive; periodic review and strict non-disclosure safeguards render the interference with privacy minimal and proportionate.

Respondents’ Arguments

• Article 8 is engaged because systematic storage—even of public-domain facts—interferes with personal autonomy.
• The regulatory framework is too discretionary and unpredictable, permitting arbitrary retention contrary to the “in accordance with law” requirement.
• Retention is disproportionate: Respondent 1 is a peaceful protestor of advanced age posing no threat, while Respondent 2’s single minor incident could not justify seven- or twelve-year storage periods.

Table of Precedents Cited

Court's Reasoning and Analysis

Engagement of Article 8. The Court confirmed that systematic storage of information, even if gathered publicly and without intrusion, triggers Article 8 protection.

Legality. The Data Protection Act 1998, the statutory Code of Practice and detailed guidance collectively supply accessible, foreseeable rules with enforceable safeguards—satisfying the “in accordance with law” criterion. Discretion within that framework is limited, reviewable by the Information Commissioner and the courts, and thus not arbitrary.

Proportionality – Respondent 1. The retained data comprised only dates, locations and the fact of attendance at demonstrations. No sensitive biometrics or covert material were involved. Retention served three policing purposes: (i) risk assessment for future protests, (ii) investigation of offences that do occur, and (iii) mapping leadership, organisation and cross-links among extremist groups. The Court emphasised that intelligence value often emerges only retrospectively and that removing every non-suspect’s name would severely diminish database utility. Periodic reviews, deletion of the respondent’s photograph and large-scale weeding following an Inspectorate report evidenced functioning safeguards. The interference was therefore minimal and justified.

Proportionality – Respondent 2. The warning letter legitimately aimed to forestall a potential “course of conduct” under the Protection from Harassment Act 1997 and to evidence prior notice. However, retaining the letter for seven years and the incident log for twelve would rarely be defensible for a single, minor allegation. In practice, the police deleted both after two-and-a-half years once no further incidents arose. The Court held that this actual retention period, coupled with demonstrated policy flexibility, fell within proportional bounds.

Dissenting View. Judge Toulson would have struck down retention relating to Respondent 1 as disproportionate, stressing the absence of any personal wrongdoing and the citizen’s right not to be catalogued indefinitely for lawful protest. The majority disagreed, finding adequate policing justification.

Holding and Implications

HOLDING: APPEALS ALLOWED; BOTH CLAIMS DISMISSED.

For Respondent 1, the Court reinstated the first-instance decision, validating continued retention of protest-attendance data. For Respondent 2, while criticising the template harassment letter, the Court found actual retention duration lawful.

Implications. The judgment confirms that:

• Police may systematically retain non-intrusive, public-domain personal data where robust statutory and administrative safeguards exist.
• Proportionality analysis is context-specific; minor incidents do not justify lengthy, inflexible retention, but actual practice—not stated maximums—determines legality.
• Challenges to retention should ordinarily proceed through Data Protection Act mechanisms before resorting to judicial review.

The decision does not create new precedent on disclosure regimes but clarifies acceptable parameters for data retention in law-enforcement databases.