Humberside Police’s 168 data breaches puts it at number 3 for offending forces
Humberside Police committed 168 data breaches – the third highest number of data breaches of all police forces – new figures reveal.
Big Brother Watch, set up to challenge policies that threaten our privacy, freedoms and our civil liberties, and to expose the true scale of the surveillance state, has published its findings into all police breaches between June 1, 2011 and December 31, 2015.
It found, through submitting Freedom Of Information requests, that in the past 5 years there have been 2,315 breaches in police forces, including:
- 869 (38%) instances of inappropriate/unauthorised access to information.
- 877 (38%) instances of inappropriate disclosure of data to third parties.
- 25 cases involved misuse of the Police National Computer.
- 1,283 (55%) cases resulted in no disciplinary formal disciplinary action being taken.
- 297 (13%) cases resulted in either a resignation or dismissal.
- 70 (3%) cases resulted in a criminal conviction or a caution.
- 258 (11%) cases resulted in either a written or verbal warning.
Figures reveal that Humberside Police committed 168 data breaches during the period, behind West Midlands Police (488) and Surrey Police (202).
Some of Humberside Police’s breaches included accessing police systems for non-policing reasons, disclosure of personal information, disclosure of police operation details to a third party and disclosure of bank account details.
Of the breaches by police, staff and volunteers, five resigned and others were given warnings. Others were withdrawn and no further action taken or were dealt with locally. No criminal proceedings were brought.
Head of Humberside Police Professional Standards Branch Chief Superintendent Judi Heaton, said: “There is clear guidance both through training and explicit messaging to staff on their use of police systems to access data, outlining the circumstances under which they are permitted to interrogate those systems.
“We have a dedicated team who actively monitor the proper use of information held and seek to take appropriate remedial action if anyone steps outside of the conduct we expect.
“The number of cases we have dealt with demonstrates our commitment to ensuring the public can have confidence that their personal information will only be accessed and disclosed within the law.
“The majority of the cases we have dealt with have been of a minor nature.”
Big Brother Watch said: “Safe in Police hands? shows that between June 2011 and December 2015 there were at least 2,315 data breaches conducted by police staff.
“Over 800 members of staff accessed personal information without a policing purpose and information was inappropriately shared with third parties more than 800 times. Specific incidents show officers misusing their access to information for financial gain and passing sensitive information to members of organised crime groups.”
Notable breaches were:
– A special constable was dismissed for passing confidential information in relation to a detainee to a relative.
– An officer found the name of a victim amusing and attempted to take a photo of his driving licence to send to his friend via snapchat. The officer resigned during disciplinary action.
– An officer has been suspended and is under investigation for abusing his position to form relationships with a number of females. It is suspected that he carried out police checks without a policing purpose.
Greater Manchester Police
– An officer informed an individual they were to be arrested. In response management action was taken.
– An officer inappropriately shared information. Allegation that officer has breached force confidentiality by attending a fellow officer’s house and informing him that a sex offender lived in his road. As a result of his actions the information was passed to a third party outside the organisation
North Yorkshire Police
– Unidentified officer left paper file containing sensitive data in raided property. No action was taken as the officer could not be identified.
South Yorkshire Police
– It is alleged that whilst off duty, an officer has used mobile device to conduct a check on a vehicle. In response advice was given to the officer in question.
South Wales Police
– An officer was dismissed without notice for photographing and disseminating restricted documentation for personal gain.
Dyfed Powys Police
– An officer passed a USB device to a member of the public. It contained sensitive police information, including intelligence reports, emails and public information letters relating to crime. In response informal action was taken by the force.
Based on the findings of the report, Big Brother Watch proposes 5 policy recommendations which it says would enhance protections for personal information and ensure that serious data breaches are properly punished.
- The introduction of custodial sentences for serious data breaches.
- Where a serious breach is uncovered the individual should be given a criminal record.
- The mandatory reporting of a breach that concerns a member of the public.
- The removal of Internet Connection Records from the Investigatory Powers Bill.
- The adoption of the General Data Protection Regulations.
Renate Samson, Chief Executive of Big Brother Watch, said: “We trust the police to keep us safe, in the 21 st Century that is as much about keeping our data secure as protecting us on the streets.
“The revelation that the police are still committing 10 data breaches a week shows that work still needs to be done before we can be sure our personal information is safe in their hands.
“The Government are about to give law enforcement access to the details of all the websites each and every one of us look at. In light of our findings questions must be asked about whether more access will make for better policing, or only increase the opportunities for misuse.”