tashka2000 - Fotolia

More than 2,000 police data breaches in 4.5 years, report reveals

Big Brother Watch calls for new policies to ensure police forces keep personal data safe after FOI requests show an average of 10 data breaches a week

Police forces across the UK are still involved in 10 data breaches a week, according to a report by civil liberties campaign group Big Brother Watch.

The Safe in Police Hands? report, based on freedom of information (FOI) requests, reveals that between June 2011 and December 2015 police officers and staff were responsible for at least 2,315 data breaches.

The greatest number of data breaches were by the West Midlands Police (488), followed by the Surrey Police (202), Humberside Police (168), and Avon and Somerset Police (163).

More than 800 employees accessed personal information for no policing purpose, while data was shared inappropriately or without authorisation almost 900 times, the report claims.   

Specific incidents show officers misusing their access to information for financial gain and passing sensitive information to members of organised crime groups, the report said.

In more than half the cases, the report said no formal disciplinary action was taken, while a written or verbal warning was issued in only 11% of cases.

However, 13% of cases resulted in either a resignation or dismissal and 3% resulted in a criminal conviction or a caution.

Considering data is now the driving force of society, Big Brother Watch said any breach can pose a threat to our privacy and security. 

Read more about internet connection records

“Abusing access to private and sensitive information is not acceptable by anyone, but particularly by those charged with keeping us safe and upholding the law,” the group said in a statement.

As a result of the government’s digital by default policy, the report notes that the levels of data the police handle will increase.

“While there have been improvements in how forces ensure data is handled correctly, this report reveals there is still room for improvement. Forces must look closely at the controls in place to prevent misuse and abuse,” the report said.

With the potential introduction of internet connection records (ICRs), as outlined in the Investigatory Powers Bill, the report said the police will be able to access data which will offer the deepest insight possible into the personal lives of all UK citizens.

Big Brother Watch said the breach of such detailed information would be over and above the extent of the breaches outlined in the report.

Big Brother Watch policy recommendations

Based on the findings of this report, Big Brother Watch has proposed 5 policy recommendations aimed at enhancing protections for personal information and ensuring that serious data breaches are properly punished.

Big Brother Watch recommends:

  1. The introduction of custodial sentences for serious data breaches.
  2. That where a serious breach is uncovered the individual should be given a criminal record.
  3. The mandatory reporting of a breach that concerns a member of the public.
  4. The removal of internet connection records from the Investigatory Powers Bill.
  5. The adoption of the EU General Data Protection Regulation (GDPR) despite the Brexit vote.

“We trust the police to keep us safe, in the 21st century that is as much about keeping our data secure as protecting us on the streets,” said Renate Samson, chief executive of Big Brother Watch.

“The revelation that the police are still committing 10 data breaches a week shows that work still needs to be done before we can be sure our personal information is safe in their hands.
“The government are about to give law enforcement access to the details of all the websites each and every one of us look at. In light of our findings, questions must be asked about whether more access will make for better policing, or only increase the opportunities for misuse.”

Read more on Privacy and data protection