A council chief authorised a probe by the Conservative administration into fellow Tory councillors' emails to hunt down the source of a leak.

Eastern Daily Press: LibDem leader Dan Roper compared the email probe to the hit political drama on Netflix, House of Cards. Picture: Media Rights Capital/OutNowLibDem leader Dan Roper compared the email probe to the hit political drama on Netflix, House of Cards. Picture: Media Rights Capital/OutNow (Image: Media Rights Capital/Netflix)

Dr Wendy Thomson, managing director of Norfolk County Council, sanctioned the investigation into who leaked an email about councillors expenses, along with a top council lawyer.

It has sparked criticism about why council officers, who should be politically independent, helped the leadership of the Conservative Party investigate a leak.

Liberal Democrat opposition leader Dan Roper likened the actions to political drama 'House of Cards', while Labour leader Steve Morphew called for an external review to prevent such a practice being used again.

'Our view is that this calls into question the integrity of the whole relationship between councillors and officers,' he said.

Eastern Daily Press: Conservative councillor Stuart Dark was tasked with carrying out the investigation into fellow councillors' emails Photo: Norfolk ConservativesConservative councillor Stuart Dark was tasked with carrying out the investigation into fellow councillors' emails Photo: Norfolk Conservatives (Image: Norfolk Conservatives)

An email, sent in April on behalf of then group leader Cliff Jordan to all Conservative councillors, recently seen by this newspaper, said: 'Confidential advice has now been sought from the monitoring officer, with regard to how to best interrogate NCC data services in the least intrusive way possible and ensure legal compliance.

'Authority has been granted by the managing director for this to take place imminently.'

The email did not specify the legal justification for the probe, but said the leak was 'not good for our group or the Conservative Party'. It said Conservative group members had given 'unanimous' and 'unambiguous' direction for an investigation.

It was led by Stuart Dark, Conservative councillor for Dersingham and a former senior Metropolitan Police officer. He is now chairman of the children's services committee.

Eastern Daily Press: The investigation involved the interrogation of data servers at County Hall Photo: ArchantThe investigation involved the interrogation of data servers at County Hall Photo: Archant (Image: Archant)

The approval of Dr Thomson, who is due to leave the council, let Mr Dark's investigation establish which councillors had forwarded the e-mail and to whom - rather than looking at the exact content of their e-mails.

It was launched after the EDP ran an article based on information in an email sent by Mr Jordan to his fellow Conservative councillors, telling them not to reveal what they had spent their allowance increase on.

It is understood that suspected sources of the leak were identified and Mr Dark requested more information, but it is not clear if the Conservative group took any disciplinary action against any member.

Current council and Conservative leader Andrew Proctor and Mr Dark have not commented.

Eastern Daily Press: investigations unit logoinvestigations unit logo (Image: Archant)

The council also refused to comment, or give the legal justification for the probe, stating it was a party political matter.

But Mr Morphew said Dr Thomson's intervention took it away from being a Conservative party matter.

Former Labour leader George Nobbs said it reflected a 'culture of paranoia' at County Hall, while Lib Dem Mr Roper said; 'This is disgraceful and like something out of House Of Cards. What message does this give to residents?'

•A lawyer says...

Data protection law, which is now contained in the Data Protection Act 2018 and the GDPR, is complex and technical.

On the face of it, you might think that someone who accesses a server and reviews personal data to try to identify the source of a leak, without the permission of those affected, is breaking the law.

But like everything concerned with data protection, nothing is straightforward.

Both the new Act and the GDPR contain a series of exemptions to the general rules, so for example, it is perfectly lawful to access personal data for the purpose of investigating crime, establishing or protecting legal rights, or even for health and safety purposes.

There are also certain rules which apply to public authorities, including councils.

•What we asked the council

We asked the council a series of questions about the issue.

They would not answer them and stated only: 'We do not comment on disciplinary matters within a political group.'

Our questions included:

•What permission/assistance did Mr Dark receive from the council over this investigation?

•Did an officer or officers give him permission to access email accounts?

• Was legal advice sought before this permission was granted? If so, from whom and what was the legal advice? How does all this fit with the Data Protection Act and the council's constitution?

•Was this not a party matter, rather than a matter for council staff to be involved in?

•How was Mr Dark able to access accounts?

•Did staff assist? If so, who, and what assistance was given?

•Who granted permission for council staff to be used and on what grounds?

•Follow the latest from our investigations unit on Facebook