From passing on incorrect information to snooping on friends, a number of shocking data protection breaches in police forces have been uncovered. With hundreds of incidents every year it is time to start asking whether it is too easy for police databases to be abused to snoop on innocent people.
Big Brother Watch has long been concerned about the number of data breaches occurring within police forces. In 2011, we published the report ‘Police Databases: How More Than 900 Staff Abused Their Access’. The report highlighted a shocking number of data protection breaches and the subsequent limited number of punishments that were handed out. We also commented on the recent case of a police officer being charged with stealing thousands of accident victims’ details from her police force’s computer to sell to law firms.
Judging from the new figures, uncovered by the Press Associations, it appears that little is being done to deter officers from breaching data protection. The figures show a number of occasions of inappropriate access of disclosure of information:
- Kent Police reported a member of police staff performed “unauthorised computer checks” on an ex-partner’s ex-partner “for personal reasons”. They received a final written warning
- A sergeant with Humberside Police received a final written warning after accessing police records to send text messages
- Three staff with South Yorkshire Police received words of advice after they provided false information in relation to a case.
- A PC in Staffordshire resigned, prior to any sanction, after accessing information on police systems relating to family members, locations and past colleagues without legitimate policing purpose.
- In 2010, a police community support officer (PCSO) in Sussex was dismissed for accessing their son’s police record, while two years later a fellow PCSO received a warning for snooping on the details of a partner’s ex.
- Dyfed Powys Police said words of advice were given to a member of police staff after wrong information was sent to two people with the same names. The force said the recipients each had the other’s fixed penalty notices.
There were also “information leakages” on social media:
- A superintendent with Greater Manchester Police sent out a message on a social networking site that indicated police activity was about to take place. The superintendent received management action.
- A colleague with South Wales Police resigned after making “inappropriate remarks” via a social networking site.
The figures also uncovered a total of 113 staff were sacked and 186 resigned as a result of breaches. Of those investigated, at least 34 were inspectors or chief inspectors, while 474 were deemed “staff” – civilian officers who do not get involved with rank-and-file policing.
The Information Commissioner, Christopher Graham has warned that “Public confidence in the security of information held about them is the foundation on which all sorts of online services and developments depends. The public expects to see firmer action taken against people who break the rules in this area, and Parliament needs to recognise that.”
It is still troubling how frequently staff resign during the disciplinary process, leaving open the possibility of returning to work for a different police force and evading any punishment. These incidents make clear that custodial sentences are needed for illegally accessing confidential information and that the current regime treats data crimes as second class crimes only punishable with a fine. The Information Commissioner is absolutely right that tougher penalties are needed urgently and Parliament should not delay in giving him the powers he needs to protect our privacy.