Met Police Surveillance: 700k Data Requests Expose Digital Border

May 20, 2026 - 12:30
Updated: 19 days ago
0 4
Metropolitan Police metadata request statistics illustrating digital surveillance trends

A Freedom of Information analysis reveals that the Metropolitan Police requested communications metadata from major tech companies and mobile providers over 700,000 times in 2025. The data highlights a massive spike in surveillance targeting LycaMobile users, potential immigration enforcement implications, and the acquisition of metadata from privacy-focused services like Proton Mail, sparking debate on digital borders and civil liberties.

What is the scale of Metropolitan Police data collection?

A recent Freedom of Information request has shed light on the extensive surveillance capabilities of London’s largest law enforcement agency. The figures obtained indicate that the Metropolitan Police asked technology companies to provide access to private communications metadata over 700,000 times in the calendar year 2025 alone. This volume represents a significant operational capacity for monitoring digital footprints across everyday platforms.

These statistics are not merely abstract numbers; they expose the monitoring of common services such as takeaway delivery applications and ride-sharing networks. Furthermore, the data reveals a massive surge in the force's surveillance of users on LycaMobile, a low-cost mobile virtual network operator (MVNO). The acquisition of metadata from encrypted messaging services designed to offer privacy adds another layer of complexity to this landscape.

Communications data, often referred to as CD, is distinct from message content. It does not include the text or audio of conversations but rather the metadata surrounding them. For Proton’s privacy-focused mail service, this could encompass account payment details and IP addresses in certain instances. The sheer volume of these requests underscores the depth of digital tracking employed by modern policing units.

Why do discrepancies with tech providers matter?

The reported figures have sparked immediate pushback from several technology firms regarding their accuracy. Since 2024, the Met claims to have obtained communications data from Proton Mail users 139 times. While Proton did not dispute these specific numbers, a spokesperson clarified that the company does not transmit data directly to foreign law enforcement agencies.

Proton emphasized that it operates under a strict legal framework where all requests must go through Swiss authorities. The company maintains an established practice of refusing requests that do not meet its legal and human rights requirements. This stance highlights the tension between global privacy standards and international law enforcement demands.

The situation becomes more contentious regarding ProtonVPN. The Met’s data suggests it acquired results from this service, but the non-profit describes this as highly dubious and inconsistent with technical reality. They assert that because they do not log user activity, there is no data to provide. This contradiction raises questions about how police forces compile their surveillance statistics.

Similarly, the Met claims to have acquired data from the encrypted messenger Signal once since 2024. However, this contradicts records held by Signal, which states it has not shared any user data in response to legal requests originating from the United Kingdom. If such data were shared, it would likely be limited to phone numbers and account creation dates.

How does the Office for Communications Data Authorizations function?

The Metropolitan Police argues that all companies have a legal obligation to cooperate with officials under the powers of the Office for Communications Data Authorizations (OCDA). The OCDA is now part of the Investigatory Powers Commissioner’s Office (IPCO), which monitors public authorities and law enforcement agencies.

However, Dr. Bernard Keenan, a law lecturer at University College London, notes that there is some ambiguity in these authorizations. Communications data is often viewed as a less severe intrusion than intercepting message content. Consequently, the decision to authorize such requests is delegated to designated senior officers within police forces.

This delegation allows police to operate operationally with a degree of autonomy regarding metadata acquisition. While ordinary law enforcement agencies typically need judge approval for more intrusive measures, intelligence and security services are exempt from this requirement. This structural difference in oversight creates varying levels of scrutiny depending on the type of data sought.

How does surveillance impact journalists and sensitive professionals?

The IPCO annual report for 2024 revealed that communications data authorizations affected lawyers 219 times and journalists on 157 occasions. A caveat in the report noted that most applications relating to these sensitive professions were submitted because the individuals had been victims of crimes.

Despite this justification, there remains a risk that contacts such as a journalist’s sources could be disclosed through metadata analysis. The report also highlighted that 106 warrant applications were issued specifically to identify journalists’ sources under separate powers that could include communications content itself.

There is no requirement to inform sensitive professionals they have been targeted in this way. Tim Dawson, a freelance organizer at the National Union of Journalists, stated that while UK legislation lays down clear guardrails, these protections are not sufficiently robust and are sometimes ignored.

Dawson pointed to the cases of Barry McCaffrey and Trevor Birney as evidence of unlawful surveillance. These journalists were spied on by the Met and Police Service Northern Ireland to identify sources for a documentary about paramilitary killings during the Troubles. The court eventually ruled that these searches were unlawful, highlighting the potential for abuse.

What is the significance of the LycaMobile data surge?

In 2025, the number of requests sent by the Met to MVNO LycaMobile increased by almost five hundred percent year-on-year. The figure rose from 15,702 to 93,527, a drastic spike that was totally absent for other British network providers such as Vodafone, O2, Three, and Lebara.

LycaMobile focuses on cheap overseas calling, making it likely used by foreign nationals. Concerns have been raised that this data could be used for a crackdown on immigration. Fizza Qureshi, chief executive of the Migrants’ Rights Network, stated that this surge makes clear that the digital border is expanding through policing.

This concern aligns with recent Home Office statements regarding new powers under the Border Security, Asylum, and Immigration Act 2025. These powers allow immigration enforcement officers to search undocumented migrants for hidden SIM cards as part of seizing phones and gathering digital intelligence.

Qureshi argued that migrants and racialized people are singled out for surveillance that would never be tolerated elsewhere. She described this as a wider trend of pre-emptive criminalization and an enormous infringement on the right to privacy. The Met denied any indication that the increase was related to immigration crime, attributing it to increased popularity.

How does gig economy data fit into policing strategies?

The Metropolitan Police requested data from ride and food delivery services such as Uber, Bolt, JustEat, Deliveroo, and Domino’s Pizza a sum total of 768 times in 2025. This integration of commercial data into police intelligence operations reflects a broader trend in modern surveillance.

Counter Terrorism Policing started a procurement process for software to process data from Uber rides and deliveries for intelligence analysis. The requirements included importing CSV files, ANPR data, drone data, Zipcar records, and delivery data. This suggests an effort to synthesize multiple different data points effectively.

Dr. Keenan explained that this is what the government wants police to be doing: bringing in capacities to use powerful surveillance technologies. The operational secrecy around national security tech often prevents public disclosure of specific systems or their uses, even when tender processes are initiated.

Hundreds of delivery drivers were arrested last year in immigration enforcement operations. This occurred shortly after gig economy firms pledged to use facial recognition checks and fraud detection technology to clamp down on illegal working. The intersection of corporate compliance and police surveillance creates a complex web of data collection.

What are the implications for digital privacy?

The scale of these requests indicates that every year the Met makes thousands of inquiries from a wide range of companies. The information provided helps officers gather intelligence, solve crimes, and find missing people. However, the breadth of this collection raises significant questions about civil liberties.

As technology continues to evolve, the definition of private data expands. From encrypted messaging apps to delivery routes, the digital footprint of individuals is increasingly accessible to law enforcement. The balance between public safety and individual privacy remains a critical debate in modern society.

For those interested in understanding the engineering challenges behind secure communication platforms, one might explore Apple's 2027 Flagship Display: The Engineering Path to a Borderless Phone, which discusses the future of device hardware.

Similarly, for those concerned with personal data protection in an increasingly monitored world, reviewing Firefox 151 Update: Privacy Enhancements and Security Patches Explained offers insights into browser-level privacy tools.

Conclusion

The revelation of over 700,000 communications data requests by the Metropolitan Police in 2025 provides a stark view of modern surveillance capabilities. The discrepancies with tech providers like Proton and Signal highlight the difficulties in verifying these figures. Meanwhile, the surge in LycaMobile queries and gig economy data integration points to specific operational focuses.

These findings underscore the expanding digital border through policing. As law enforcement agencies increasingly rely on commercial data sources, the implications for privacy and civil rights become more pronounced. The debate over how much metadata should be accessible to police forces is likely to intensify as technology continues to advance.

What's Your Reaction?

Like Like 0
Dislike Dislike 0
Love Love 0
Funny Funny 0
Wow Wow 0
Sad Sad 0
Angry Angry 0
Christopher Holloway

Christopher Holloway is the founder and director of Progressive Robot, a UK-based technology company. A full-stack engineer with more than two decades of experience, he works across PHP development, ecommerce, Linux infrastructure, technical SEO and AI automation, and writes here on technology, AI, hardware and software.

Comments (0)

User