Feeds

Number of cops abusing Police National Computer access on the rise

Only a telegram from the Queen can get you off it

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

The number of Metropolitan Police officers investigated for misusing a controversial police database has more than doubled in the past five years, The Register can reveal.

Since 2009, a total of 76 officers in London have been investigated for misusing the Police National Computer (PNC), according to figures released under Freedom of Information laws. The PNC keeps records of all a person's interactions with the police, whether they were found guilty in court or not. It is estimated that more than 9.2 million people have records on the cops' computer system.

With this amount of data on hand, data security is of paramount importance. Yet the problem of PNC abuse is growing.

In 2009, 12 Met officers in London were probed for unlawfully accessing the PNC, whereas last year 25 officers were put under investigation.

The Met is currently investigating five officers accused of misusing the PNC. Two officers last year "resigned/ retired" following the investigation, according to the figures, and in 2011 two officers were dismissed without notice.

Anyone who has access to the PNC has a treasure trove of information about British people - and not just criminals. It holds vehicle information and details of stolen property, and is linked to the national DNA and biometric databases. Altering any of this information has the potential to be life-changing.

Even very minor misdemeanours are kept on record for life, potentially causing problems for individuals concerned. For instance if someone has been arrested just once - regardless of whether this was wrongful or for a ridiculously trivial crime - that person is banned from the US Visa Waiver scheme, which allows British nationals to get into the States without a visa.

A Metropolitan Police spokeswoman insisted all its staff were trained to obey data protection laws.

She said:

"The MPS expects its staff to behave professionally, ethically and with the utmost of integrity at all times. Any instance where the conduct of our staff brings the MPS into disrepute is treated extremely seriously in line with MPS policy."

According to reports in national newspapers, some 20,000 people have been wrongly branded a criminal due to mistakes in the information held on the PNC.

The Information Commisioner ordered police forces to delete criminal records from people who have kept their nose clean for decades, but the cops appealed and won the right to keep millions of minor records until a person reaches the ripe old age of 100, when they are finally set free from the database.

The police are very sensitive about sensibly reducing the amount of data held on the PNC, because the Soham killer Ian Huntley managed to get a job at a school, despite having a record on the PNC that linked him with sex crimes and burglaries. The police and social services were slammed for allowing this to happen, making them extra-cautious in the years since.

The police also brought in a new system called the Police National Database, which was introduced in 2011 and allows officers to share information on an estimated 15 million people - about a quarter of the British population.

Anyone who has been naughty in the past can apply to have their record erased, but they must persuade a top cop that their situation is "exceptional" - which basically means that appeals will be refused in most cases.

Nick Pickles, director of Big Brother Watch, commented:

"The police national computer is one of the least transparent databases operated by the state, with much of its contents never proven in court. It offers a detailed insight to people's lives, so it is hardly surprising that it is prone to abuse.

"The broader issue is that without any real audit process, these figures are likely to be the tip of the iceberg."

Are you concerned about the PNC? Did you work on building the system or are you involved with building similar systems? The Reg wants to hear from you. ®

Protecting against web application threats using SSL

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence
World's top Google-finding website calls it for the UK
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.