Feeds

CPS apologises for DNA disc blunder

Civil Service pass-the-parcel

High performance access to file storage

The Crown Prosecution Service has apologised unreservedly for misplacing a disc of DNA profiles sent by Dutch authorities in January 2007.

The 2,159 DNA profiles from crime scenes were not checked against the UK database until February 2008. This resulted in 15 matches. Because of the delay in dealing with the disc, 11 of the 15 suspects had already gone on to commit further crimes in the UK.

The disc contained DNA profiles but no identifying information - the idea was to find matches between the two databases first, then get the legal clearance to link those to actual database entries.

A review by Peter Lewis, chief executive of the CPS, found the disc was sent unexpectedly to the CPS - it should have gone to Mutual Legal Assistance, which deals with international exchanges of police information and evidence.

Instead, it was sent by business post in an envelope addressed to CPS's Ludgate Hill office, but not to an individual or even a department.

The disc arrived 29 February 2007. On 2 March a senior manager noticed the disc and contacted Dutch authorities, who told him the right lawyer to contact within the CPS.

The review said: "By March 2007 the Dutch disk was in the hands of the lawyer who, although not expecting the disk, was aware of the background to Operation Thread [as the Anglo-Dutch co-operation was known], knew what was likely to be contained on the disk and should have understood its importance to the investigation of crime in the Netherlands.

"All that was now required was for the disk to be placed in a safe or secure cabinet and for contact to be made quickly with the police to arrange for the secure collection or transfer of the disk. This was a simple task that could and should have been undertaken immediately."

But this "simple task" was not carried out. The disc did not get delivered to the police until almost a year later - January 2008.

The report gave a brief summary of the disc's travels, or lack thereof, in that period.

The lawyer who had the disc took an unexpected and lengthy leave of absence in early April 2007. This person did not tell their manager about the disc. In late April Dutch authorities asked about the disc, but nothing was done.

In August 2007 the CPS searched for the disc and could not find it. On 14 August the Home Office cheekily asked the Dutch if they could pop another copy in the post. The report notes: "The Dutch Authorities were more concerned about the whereabouts of the original disk and the matter was not pursued."

In late October the lawyer returned from their leave of absence. The disc was found and police contacted 21 November.

The report said: "There followed an almost casual exchange of correspondence over the next two months... The disk was eventually collected by NDNADB [National DNA Database] on 11 January 2008."

No evidence was found that the disk was copied or ever left the CPS offices.

The report is circumspect about actual crimes committed as a result of this failure, because: "A number of individuals who may have felt they had successfully escaped justice in the Netherlands are now at risk of arrest and it would be very unfortunate if a fuller reporting of Operation Thread alerted them to their vulnerability and caused them to go into hiding, flee the jurisdiction or impede investigations in the Netherlands."

The report made several recommendations for improving data transfer in future, but said: "It is essential that understandable concerns caused by both the delay in executing Operation Thread, and the uncertainty of its final outcome, do not in any way diminish enthusiasm for similar exchange agreements with other partner states in the future." ®

3 Big data security analytics techniques

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.