Feeds

Don't delay: Delete your DNA today

What to do now

High performance access to file storage

Changes of legislation and policies

What does the ECtHR ruling change for the government and the police? Article 44 of the European Convention of Human Rights (ECHR) states that the "The judgment of the Grand Chamber shall be final" and article 46 that "The High Contracting Parties undertake to abide by the final judgment of the Court in any case to which they are parties" - so the UK government can't ignore this ruling. Jack Straw confirmed in Parliament that "The judgment... goes on to suggest that distinctions should be made between the nature of offences for which samples have been taken, and discusses whether they should be time-limited and whether there should be an independent review. Those matters will be considered by my right hon. Friend the Home Secretary in consultation across Government. We have an obligation to report initially to the Council of Ministers and the Council of Europe by March."

The Joint Committee on Human Rights explained the mechanism of abiding by such rulings in its 31st report:

The UK has undertaken to give effect to the ECHR and to give effect to the judgments of the ECHR. The UK must abide by ECHR judgments by: (1) putting an end to the breach identified by the Court (the obligation of cessation); (2) preventing any further violations in the future (the obligation of non-repetition); (3) repairing the damage caused to the individual (the obligation of reparation); (4) paying to an individual applicant any award of just satisfaction made by the ECtHR (the obligation to make just satisfaction).

The obligation of cessation

The "blanket and indiscriminate nature of the powers of retention of the fingerprints, cellular samples and DNA profiles of persons suspected but not convicted of offences" must cease. "The Court recalls that it has found that the retention of the applicants' fingerprint and DNA data violates their rights under Article 8. In accordance with Article 46 of the Convention, it will be for the respondent State to implement, under the supervision of the Committee of Ministers, appropriate general and/or individual measures to fulfil its obligations to secure the right of the applicants and other persons in their position to respect for their private life."

Solicitor Peter Mahy, a human rights specialist at Sheffield-based Howells LLP representing Messrs S and Marper, puts it succinctly: "It will be very interesting to see how the UK government respond. The government should now start destroying the DNA records of those people who are currently on the DNA database and who are innocent of any crime." Up to one in five of the more than five million DNA profiles may have to go.

A process has to be put in place to deal with the scale of this operation. The Scottish Police Services Authority (SPSA), a non-departmental public body (NDPB), centrally handles the removals of more than 20,000 Scottish DNA records every year. Police forces in England and Wales will likely look at this model. With its role of overseeing delivery of the NDNAD Service, the NPIA should be a candidate for a similar central function. In the meantime those innocents whose DNA is on the NDNAD should request removal as explained earlier.

The retention rules will have to change too. The legislation enables the police to take and retain fingerprints and DNA samples indefinitely, but it does not compel them. Section 64 of the Police and Criminal Evidence Act 1984 (PACE) as amended by the Criminal Justice and Police Act 2001 includes:

(1A) Where - (a) fingerprints or samples are taken from a person in connection with the investigation of an offence, and (b) subsection (3) below does not require them to be destroyed, the fingerprints or samples may be retained after they have fulfilled the purposes for which they were taken but shall not be used by any person except for purposes related to the prevention or detection of crime, the investigation of an offence or the conduct of a prosecution.

The police may take samples and may retain them indefinitely, but it's up to them. The current rules were not decided by Parliament; they are established in the Retention Guidelines for Nominal Records on the Police National Computer, a document issued by the Association of Chief Police Officers (ACPO). This document also provides a template for the letter sent by chiefs of police when refusing requests for destruction of DNA records.

Chris Sims, ACPO lead on Forensics and Chief Constable of Staffordshire Police announced: "We will study this judgment carefully and consider in detail implications which could have a profound impact on the way in which the police service makes use of DNA technology to protect the public and tackle crime... It is important to stress that the existing law on the taking and retention of DNA and fingerprints remains in place. Police will continue to take DNA from those people arrested for crimes and will investigate crimes and bring offenders before the court using DNA evidence until such time as there is a legislative change."

This statement is overly cautious - no legislative change is needed for the ACPO to change its guidelines. What must change is the retention of records and samples. Taking DNA from those arrested for a crime is not the issue. Home Office minister Vernon Coaker, agreed in a Parliament debate in November that the "[ACPO retention] guidelines will need to be reviewed in the light of the outcome of the S and Marper case, and a PACE review is currently under way."

The obligation of non-repetition

The recent PACE review made it clear that it will be amended in line with the judgment. "The Government does not intend to make any proposals at this time in area. That is because of an outstanding case in the European Court of Human Rights... a response in respect of this area of policy will be made following consideration of the Judgement by the Court."

It is necessary for the legislation to change so that it is no longer possible for the police to create and follow policies that violate our human rights. However, effective change of current retention practices can happen much sooner with a change of policy.

The obligations of reparation to make just satisfaction

The Court considers that "the finding of a violation, with the consequences which will ensue for the future, may be regarded as constituting sufficient just satisfaction in this respect. The Court accordingly rejects the applicants' claim for non-pecuniary damage." Hence the reparation will consist of deleting the DNA profiles and destroying the DNA samples and fingerprints of Messrs S and Marper. The government has to pay within three months, ie by March 4, the sum of €39,387 awarded by the Court in respect of costs and expenses.

The Committee of Ministers has the responsibility to monitor the measures taken by the UK to comply with the judgment. "[U]ntil the state in question has adopted satisfactory measures, the Committee of Ministers does not adopt a final resolution striking the judgment off its list of cases, and the state continues to be required to provide explanations or to take the necessary action."

Some misconceptions

Retaining DNA of a large number of individuals has not proved helpful. A GeneWatch analysis shows that when "the number of individuals with DNA profiles on the Database... doubled from 2 million to 4.5 million... there has been no corresponding increase in the number of crimes detected. The percentage of recorded crimes which involve a DNA detection has remained roughly constant at 0.36%... The Home Office recognises that the increased number of crime scene profiles added to the Database drove the increase in DNA detections."

Nothing in the ECHR ruling affects the ability of the police to take DNA samples from those they arrest during their investigations. Nor does the ruling ask for wholesale deletion of DNA records of convicted criminals, though it does note that in other Council of Europe member States "[t]he retention of DNA profiles of convicted persons is allowed, as a general rule, for limited periods of time after the conviction or after the convicted person's death. The United Kingdom thus also appears to be the only member State expressly to allow the systematic and indefinite retention of both profiles and samples of convicted persons."

The Joint Committee on Human Rights in the conclusions of its report notes "[d]elays of upwards of five years in resolving the most significant breaches of the European Convention are unacceptable unless extremely convincing justification for the delay can be provided." This only serves to reiterate that those who are innocent and on the NDNAD should not delay requesting the removal of their DNA records. ®

(The full text of the judgement is available on the British and Irish Legal Information Institute website and you can download a six minutes video of the reading of the judgment's summary from a hard-to-find page on the Council of Europe's website.)

David Mery is a technologist and writer based in London. Last year he was one of 64 who requested from the Metropolitan Police to have his DNA profile purged and DNA samples destroyed. His request was one of 18 that were deemed exceptional enough to be granted. His website is gizmonaut.net.

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Singapore decides 'three strikes' laws are too intrusive
When even a prurient island nation thinks an idea is dodgy it has problems
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.