I am interested at present in what control processes are being employed to match suspect terrorist names to financial records Who are the official bodies in the UK responsible for instigating investigations into terrorism and what is the empowering / enabling legislation? Some appointment of officials appears to exist via SI under RIPA 2000 but do other bodies exist appointed by other legislation or are such investigations co-ordinated through a single body such as NCIS in England. I am trying to research the first steps in controls which need to identify and authenticate the bodies claiming a right to require data matching by orgnisations. (Given the statutory obligations on controllers to apply appropriate security on personal data). There are any number of DPA issues around this subject area but wish to concentrate initial enquiries on identification of the enabling legislation in England / Scotland / Wales and NI. In addition anyone with any knowledge on whether the national assemblies have the powers to produce individual legislation in this area? (RIPA appears to have Scottish orders with additional similar SI's for England and Wales appointing Official investigatory bodies). All feeback appreciated Thanks David Wyatt ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - www.jiscmail.ac.uk/user-manual/summary-user-commands.htm (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^