THE UK surveillance watchdog has confirmed that Police Scotland breached the rules on spying on journalists’ sources on multiple occasions.

The Interception of Communications Commissioner’s Office (IOCCO) ruled that the single force's five breaches, which affect four individuals, were "reckless".

Since March, police forces across the UK have required judicial approval before using the Regulation of Investigatory Powers Act (RIPA) to identify the source of a journalist’s information.

The reform was pushed through by MPs after it was revealed that officers had used the surveillance legislation to spy on the media on dozens of occasions.

The practice was deemed to be a breach of a journalist's human rights and the March change was specifically implemented to protect the public interest in the confidentiality of journalistic sources.

However, the IOCCO disclosed in July that two unnamed forces had breached the new rules on judicial approval.

The Herald: Neil Richardson (left) has applied for the Chief Constable vacancy

Picture: DCC Neil Richardson (left) has responsibility for the Counter Corruption Unit

One case related to a police force acquiring communications data – which can be details of texts, phone records and emails – in relation to a suspected source and a middleman for a newspaper story.

The Sunday Herald revealed Police Scotland's Counter Corruption Unit was one of the two culprits, but the Scottish Government and the force declined to comment.

Deputy chief constable Neil Richardson, who is on a shortlist of three candidates to replace Sir Stephen House, has overall responsibility for the CCU.

IOCCO Commissioner Sir Stanley Burnton said: “I concluded that there had been contraventions of the Code in respect of 5 applications for communications data submitted by Police Scotland relating to one investigation. 

“It is evident from these applications that Police Scotland sought communications data in order to determine either a journalist’s source or the communications of those suspected to have been acting as intermediaries between a journalist and a suspected source.” 

Scottish Liberal Democrat justice spokeswoman Alison McInnes said: “It is not just reckless, it is outrageous that police officers thought they were above the law and simply reinforces the need for a wider inquiry into the workings of Police Scotland.

“By intruding on confidential exchanges without judicial approval they risk destroying the public’s trust in a body that should be focusing on protecting our communities.

“This is the worst kind of cover-up because one of journalists’ key roles is to hold people, public bodies and governments to account.

“I will be pressing for the Justice Committee to summon the Justice Secretary and Chief Constable to account for their actions.”

Police Scotland ACC Ruaraidh Nicolson, who has overseen the response to the IOCCO inspection, said: 

“Police Scotland can confirm that it did not adhere to the new guidelines covering access to communications data during a recent investigation into alleged serious breaches of information security.

“An inspection by the Interception of Communications Commissioner’s Office (IOCCO) in June 2015 found that five applications for data, which were all directly connected to one investigation into the alleged unauthorised release of sensitive police information in early April 2015, were not in accordance with the terms of the new Code of Practice covering the acquisition of communications data which came into effect on 25 March 2015. 

"We also acknowledge the deficiencies in the applications themselves, which have been highlighted by IOCCO."

Justice Secretary Michael Matheson said: "Any breach of the Code of Practice in this area is unacceptable and I expect Police Scotland to comply fully with any recommendations made by IOCCO. A free press is the cornerstone of a healthy democracy and we are committed to protecting the privacy of all law-abiding members of the public, including journalists.

“It is important to recognise that, since these breaches were discovered in July 2015, Police Scotland has been working on a robust action plan to ensure there have been no repeat of these incidents, and that it cannot happen again. However, it is clear Police Scotland’s actions in accessing communications data have fallen short of the standards expected and I welcome today’s announcement by the Scottish Police Authority that they have asked HMICS to review the robustness of procedures around Police Scotland’s counter corruption practices.”