asked Her Majesty's Government:
Which law enforcement agency, department or other statutory body has responsibility for investigating and prosecuting possible criminal breaches of (a) the Data Protection Act 1998, (b) the Regulation of Investigatory Powers Act 2000, and (c) the Computer Misuse Act 1990.
(a) Investigation of breaches of RIPA would be investigated by the police or other relevant law enforcement agency; any subsequent prosecution would be taken forward by the CPS or other relevant prosecuting agency.
(b) The Information Commissioner is an independent body created by statute with responsibilities for investigating complaints made to him under the Data Protection Act 1998. Proceedings for offences in England and Wales can be instituted by the commissioner or by or with the consent of the Director of Public Prosecutions. In Northern Ireland, offences would be instituted by the commissioner or by or with the Director of Public Prosecutions for Northern Ireland. In Scotland, potential breaches investigated by the commissioner are prosecuted by the procurator fiscal.
(c) Under normal circumstances, the police would investigate any breaches of the Computer Misuse Act, and any subsequent prosecution would be handled by the Crown Prosecution Service. The CPS has a number of high tech crime prosecutors who are trained to prosecute offences contrary to the Computer Misuse Act.