Feeds

Getting off the UK DNA database: ACPO explains how

Or not...

Security for virtualized datacentres

The UK is something of a DNA record kleptocracy, with a national DNA database now well in excess of three million records, and with new sampling opportunities available to the police on remarkably easy terms. These days it's ever so easy to get onto the UK database, but how do you get off?

What's that you say? You don't? Well, up to a point - but it's not strictly true to say that once you're on the database you absolutely can't get off again. It's just very, very hard and it's going to take you a long, long time. Fortunately, would-be escapees now have the benefit of some guidance from the Association of Chief Police Officers.

Exceptional Case Procedures for Removal DNA, Fingerprints and PNC Records, released by ACPO on 24th April, is in part a response to recent decisions made by the Information Tribunal in connection with police retention of criminal records data. Alongside this, "recent widespread media coverage relating to the retention of DNA", ACPO says, is likely to result in a high volume of removal requests over the next 12 months. These requests will in the first instance be made to Chief Officers in their role of data controller, and ACPO feels that it is important that "national consistency" is achieved in their responses.

OK? So how does it work? "Exception cases will by definition be rare," says ACPO, and might well include cases "where the original arrest or sampling was found to be unlawful." Or, if it turns out to be absolutely clear that there wasn't any offence in the first place, that might count. And ACPO gives a specific example:

"For example where a dead body is found in a multi-occupancy dwelling and the cause of death is not immediately obvious. All the occupants are arrested on suspicion of murder pending the outcome of a post mortem. All arrested persons are detained at the local police station and samples taken. It later transpires that the deceased person died of natural causes. No offence therefore exists, and all persons are released from custody."

Find corpse, nick everybody within range just in case? One certainly hopes that's seriously exceptional. Fortunately though, the honest Chief Copper doesn't have to wrestle with these thorny issues alone. Or possibly, at all, considering ACPO's recommended procedure.

First, a request for deletion of a Police National Computer (PNC) record, DNA sample or fingerprints should be viewed as being "a request to remove all items." It is then "essential", says ACPO, that the DNA and fingerprint records are matched correctly to the appropriate arrest summons number on the PNC record. But here comes a gotcha: "Samples taken on other occasions should not be deleted." Which we take to mean that if you're not pursuing a DNA record specific to a PNC arrest record, then you're not going to get off the database. Close the door on your way out.

But what if it is associated with an arrest record? "In the first instance applicants should be sent a letter informing them that the samples and associated PNC record are lawfully held and that their request for deletion / destruction is refused" Oh, right... "unless the applicant believes the application should be regarded as exceptional." In that case, "the applicant should be invited to state the grounds upon which they believe their case to be exceptional."

And then the Chief Officer gets to decide? Well, not exactly. "The Chief Officer is asked to consider any response and either reply to the applicant rejecting the application for the removal of the record(s)" Oh, right... "or refer the case papers to the DNAFRP [DNA & Fingerprint Retention Project], thus ensuring that a consistent approach is adopted nationally."

Then DNAFRP will respond with advice taking into account any relevant precedents, and then the Chief Officer gets to decide. Using a response letter template supplied by DNAFRP. It may be occurring to you that one might easily die of old age while this process was under way. But don't you go thinking dying's going to get you off the database, sunshine, oh no... ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.