THE PSNI is facing its first legal challenge since the Information Commissioner's Office (ICO) revealed "significant concerns" over its handling of data being accessed from mobile phones.
The case centres on a man suspected of carrying out a paramilitary-style attack, arrested under Section 41 of the Terrorism Act 2000.
During a 15-minute police interview the man was told the arrest was on the basis of "intelligence".
Officers searched his home and car and seized three mobile phones.
A form CCC67 - requiring him to reveal the device access credentials - was produced, but the man refused to provide his PIN number, citing concerns over how the PSNI would deal with the data on his phone and that of his then nine-year-old daughter - which was also seized.
In the ICO's report issued earlier this month, investigators highlighted how the service "was unable to offer any documentation containing privacy information it routinely provides to people whose devices it had taken for examination".
It said, while officers showed the CCC67 form to the investigation team, "this does not fulfil any of the requirements required by the DPA (Data Protection Act) 2018".
Judicial Review proceedings lodged by the man's legal team on November 4 2020 were stayed until publication of the ICO report.
The data watchdog has found a raft of compliance failures by the service - including that officers are not giving clear consideration to whether the processing of information from mobile phones has a "lawful basis".
The ICO warned "a reasonable line of enquiry" is not always "justification for an extraction request" and questioned "whether the PSNI has adequate protections in place to safeguard privacy".
The man's solicitor Michael Brentnall told The Irish News the review is now proceeding and he has "serious concerns over the PSNI's approach to obtaining data from our client's phone".
"It was unclear as to what data the PSNI proposed to obtain from the phones, and how it will be obtained, retained and who will have access to it."
He said his client was told if he didn't provide the PIN "there may be damage caused to the phone during triage".
"We are challenging the failure of the PSNI to provide an appropriate code of practice to govern the extraction of mobile phone data by the PSNI, and furthermore we are challenging the lawfulness of the methodology of the extraction in line with the Data Protection Act 2018."
Mr Brentnall said it was "notable" their concerns "were echoed by the Information Commissioner", adding "the Human Rights Commission (NIHRC) have contacted our office and are considering intervening on the matter".
A spokesman for NIHRC said it "is aware of this case but are not involved in it".
"We are interested in the wider issues the case raises which we consider important."
Assistant Chief Constable Jonathan Roberts has previously described mobile phone data extraction as "a complex area of policing... that is a challenge for police across the UK".
He said the PSNI is close to finalising a plan to address all the issues raised.
