Feeds

CPS grovels after leaking IDs of hundreds arrested during student riots

FOI blunder spaffed details of people released uncharged

Secure remote control for conventional and virtual desktops

Exclusive A botched response to a Freedom Of Information Act request could be about to cost the Crown Prosecution Service (CPS) dear. Prosecutors have issued grovelling apologies after revealing the identities of over a hundred people who were arrested during the tuition-fee riots but subsequently released without charge.

Back in June, a member of the public asked the CPS under the FOIA to provide figures for costs and resources used in the Metropolitan Police’s Operation Malone – the generic title given to investigations following a series of demonstrations by students against tuition fees in 2010 and 2011.

The requester was bowled over when, instead of the customary refusal or obfuscations, they received a spreadsheet containing the names of 299 demonstrators arrested not just through Malone, but also during the disturbances and later under another operation, code-named Brontide.

The CPS provided the names of some 116 individuals who have not been charged; names of those charged but then acquitted; and the names of 44 individuals aged under 18 - whose details would not have been revealed regardless of outcome. Also recorded are details of defending solicitors, plus some personal observations, including comment on individual medical issues.

In the normal course of an FOIA request, all this information would in due course have been published automatically, but in the event the CPS was warned before this could take place. Nonetheless the blunder is a serious data breach and the CPS has sent a letter to everyone affected.

The letter, a copy of which has been seen by The Register, reads in part:

I am writing to inform you that some of your personal data has been inadvertently disclosed in error ...

The information disclosed includes your full name, date of birth, the Police Unique Reference Number (URN), the offence with which you were charged, the first appearance date at court and the nature of the next hearing [where applicable] ...

I understand that you may find the contents of this letter upsetting ...

The CPS has disclosed details of the breach to the Information Commissioner's Office.

Simon Entwistle, the ICO’s director of operations, commented to the Register:

“The public expects their personal data to be properly looked after by organisations. Where it looks like this hasn’t happened, the Information Commissioner’s Office will investigate, with powers to issue monetary penalties up to £500,000 where appropriate.”

MP John McDonnell, who has been campaigning on behalf of the students in these cases, is considering raising the matter in Parliament. He told The Register:

"This all shows how the policing of protest is increasingly out of control."

A CPS spokesperson supplied the Reg with the following statement:

Since becoming aware of this breach on 13 September 2012, the CPS has written and apologised to those whose details appeared on the document. The individual to whom the information was disclosed has also been contacted and advised that the information was provided in error and requested that it be destroyed. The CPS Chief Operating Officer has commissioned a review of this incident and the systems and controls we have in place which failed on this occasion, to be conducted by a senior and experienced prosecutor from another CPS Division. The findings will be acted upon as a matter of priority to ensure that such an error does not recur.

Of particular concern is the issue of what would have happened had the matter not been brought to the CPS's attention. According to its standard FOI procedures, the results of individual inquiries are published three months after being supplied to the original requester. It is unclear whether further checks would have been carried out then - or whether the entire file would simply have been broadcast to the nation. ®

Updated to Add

Since this article was was published a CPS spokesman has supplied the Register with a further statement saying that not all FOI responses are released to the public.

The essential guide to IT transformation

More from The Register

next story
Hello, police, El Reg here. Are we a bunch of terrorists now?
Do Brits risk arrest for watching beheading video nasty? We asked the fuzz
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
EU justice chief blasts Google on 'right to be forgotten'
Don't pretend it's a freedom of speech issue – interim commish
Detroit losing MILLIONS because it buys CHEAP BATTERIES – report
Man at hardware store was right: name brands DO last longer
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Yes, but what are your plans if a DRAGON attacks?
Local UK gov outs most ridiculous FoI requests...
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.