The Divisional Court has (in R (McKenzie) v Director of the Serious Fraud Office [2016] EWHC 102 (Admin)) upheld the legality of the procedure set out in the Operational Handbook of the Serious Fraud Office (SFO) for dealing with material potentially subject to legal professional privilege (LPP) embedded in electronic devices that have been seized using statutory powers, or produced in response to a notice. In doing so, the Divisional Court has clarified the scope of the legal duty on law enforcement bodies for protecting LPP when processing seized material.

In the McKenzie case, the SFO had seized from the Claimant a number of electronic devices following his arrest at Heathrow Airport on suspicion on conspiracy to commit an offence contrary to section 1 of the Bribery Act 2010. Following the seizure, the Claimant asserted that each of the seized devices contained documents over which he was entitled to claim LPP. The SFO, in accordance with its Operational Handbook, proposed to separate the LPP material by agreeing search terms with the Claimant, which would then be applied to the documents by the SFO’s in-house information technology teams. The isolated material could then go to independent counsel for review.

In a claim for judicial review, the Claimant argued that the procedure involving the use of in-house IT staff was inconsistent with the terms of the Attorney General's Supplementary Guidelines on Digitally Stored Material (2011) and gave rise to a risk that the relevant SFO investigative team will “directly or indirectly, accidentally, inadvertently or otherwise” gain access to the LPP material. The Claimant argued that there was an obligation upon the SFO to engage an independent third party even at the stage of agreeing and applying the search terms. The Claimant relied, in particular, upon  the decisions of the House of Lords in Prince Jefri Bolkiah v KPMG [1999] 2 AC 222 and of the Divisional Court in R (Rawlinson and Hunter Trustees) v Central Criminal Court [2012] EWHC 2254 (Admin) to support the proposition that the involvement of in-house IT staff is necessarily unlawful.

The Divisional Court dismissed the claim. Burnett LJ, with whom Irwin J agreed, ruled that there was no obligation on the SFO to instruct an independent third party at the stage of agreeing and applying the search terms. The SFO’s procedure on the use of in-house IT teams was accordingly lawful.

The Divisional Court also developed the law in an important way. The “no real risk” test, as outlined in Bolkiah, was inapplicable. As stated by Burnett LJ (at [32]):

“The essential aim of the SFO's policy is to ensure that LPP material relevant to an inquiry is not read by anyone involved in the investigation. That aim is uncontroversial, laudable and correct. But it would be imposing too onerous a legal obligation on an investigating authority, in the context of the exercise of statutory powers of seizure and production, to require it to demonstrate that there could be no real risk of that happening. It is inappropriate to equate a public body exercising statutory powers in connection with suspected crime with a solicitor who proposes to act against his former client. The material is lawfully in the possession of that public body acting in the public interest in investigating and prosecuting crime”.

The scope of the legal duty on a law enforcement body was instead, as adumbrated by Burnett LJ (at [34]), as follows:

“In my judgment, a seizing authority has a duty to devise and operate a system to isolate potential LPP material from bulk material lawfully in its possession, which can reasonably be expected to ensure that such material will not be read by members of the investigative team before it has been reviewed by an independent lawyer to establish whether privilege exists. That approach to LPP material imports the necessary rigour required by the law for its protection in this context”.

The Divisional Court’s ruling in McKenzie has been interpreted as a “victory” for the SFO. In reality, the Divisional Court was simply upholding the SFO’s long-standing practice of using in-house I.T. teams to identify documents for independent external LPP review. Arguably, the ruling is likely to prove more significant in how other law enforcement bodies approach LPP reviews. The inappropriateness of adopting the “no real risk” test is an important legal development.