Yorkshire plods LOSE 9,000 GUNS in rogue BOFH database blunder

'Update your details please' 'Um, yes, you licensed me to have these six AK-47s ...'

Security for virtualized datacentres

Bungling police staff at South Yorkshire Police have finally copped to a huge snafu in their firearms database after spending the last two months writing to thousands of firearms licence holders. The letter simply requested they "update their details". Bosses have blamed the database snafu on the actions of a sacked administrator.

South Yorks coppers had apparently first noticed that the force did not know where all the licensed firearms were located as far back as October 2012. Chief Superintendent Rob Odell told the Yorkshire Post that it was around that time that it became clear that the records were not being updated. The incident has led to serious concerns about the accuracy of thousands of entries on a critical police database.

A member of the force’s Firearms and Explosives Licensing Department was dismissed for misconduct in February after bosses discovered she had been “inaccurately recording” – or not recording at all – information submitted by firearm and shotgun owners.

Legal owners of firearms in the UK must inform the police whenever they move house, sell or dispose of a firearm, or want to buy a new rifle. This information is recorded on the National Firearms Licensing Management System (NFLMS), which all 43 of the UK’s police forces – as well as the Serious and Organised Crime Agency – have access to.

Chief Superintendent Odell told the paper that after discovering the scope of the problem, firearms licensing bosses wrote to all 9,000 firearm and shotgun certificate holders in the county earlier this month, claiming the force’s records were being “audited”.

“We are in a situation not of our making,” said Chf Supt Odell, “but we are trying to deal with it in as quick and pragmatic a way as possible. We are keen to assure our records and this is the best way to do it.”

The letter to the county’s gun owners, which The Register has seen, did not give any indication that the police had effectively lost control over the database of firearms and their owners. Nor did it mention that the police first noticed discrepancies eight months before writing to owners. It said:

We are currently undertaking an audit of all firearms and shotguns held within South Yorkshire and would appreciate your co-operation with this matter. I would be grateful if you could complete the table below with the details of firearms or shotguns you currently possess and return this information … to enable us to check these details against our records.

Bill Harriman, director of firearms at the British Association for Shooting and Conservation, the UK’s largest shooting organisation, told the paper: “South Yorkshire Police has an abysmal record when it comes to firearms licensing so this revelation comes as no surprise to me. When BASC members started receiving these letters, we suspected something was wrong with police record keeping.”

“Neglecting to record critical information such as changes of address or changes of firearm could potentially undermine the [police’s legal] duty to preserve public safety,” he added.

A police spokesman said: “The integrity of police-held information needs to be assured and South Yorkshire Police acted as soon as possible to ensure this is the case.”

The NFLMS is a prime example of pisspoor government IT procurement. Following the Dunblane tragedy of 1997, Lord Cullen recommended the introduction of a single, national computerised system for monitoring legal firearms ownership.

After a delay of almost a decade the system was initially rolled out in 2006, following a litany of “technical problems”.

Linda Saynor, the then firearms and explosives licensing manager at South Yorkshire Police,explained the database’s purpose at the time to public policy site The Information Daily: "The National Firearms Licensing Management System will allow firearms officers to check the applicant on the database to see whether an application has been submitted anywhere in the country previously and what the outcome was."

The NFLMS interfaces with the police’s existing STORM command-and-control system and the Guardian information collection and data management package. Some police forces, such as Devon and Cornwall, have managed to connect the NFLMS to their own in-house mapping systems, producing maps showing the locations of firearm owners’ homes which beat constables can access from their force-issued mobile devices.

As with any database, the accuracy of the NFLMS depends on the data entered into it. While firearms owners are subject to criminal prosecutions for minor technical offences* linked to their licences, some worry that failures by police licensing departments could have a negative effect upon law-abiding shooters.

“If I didn’t inform the police that I’d sold one of my rifles they’d prosecute me,” said 55-year-old Simon Wright of Northamptonshire, “my firearms certificate would be revoked and I’d get a criminal record. But there won’t be any comebacks for the police in this case. I’m just lucky enough to be covered by a different force’s licensing department who take pride in their work.”

UK firearms owners are subject to thorough background checks by the police before being granted a firearm certificate. The licensing process includes checks with the Police National Computer, Special Branch (who conduct their own background checks on applicants), and forces’ local intelligence systems. Chief constables are personally responsible for signing off certificates issued by their forces.

A Parliamentary memorandum by the Office of Legislative Affairs commenting on Blighty's gun laws said: “No one knows whether the control regime works. Moreover, the manner of its administration suggests that in some quarters it is not given as high a priority as the public might expect.” ®


* Most firearms certificates are normally granted with authorisations to hold hundreds of rounds. Going 100 rounds over that allocation is comparable to stopping in a yellow box zone at a junction; yes, it’s illegal, but the harm is negligible.

Intelligent flash storage arrays

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Hey Brit taxpayers. You just spent £4m on Central London ‘innovation playground’
Catapult me a Mojito, I feel an Digital Innovation coming on
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
EU probes Google’s Android omerta again: Talk now, or else
Spill those Android secrets, or we’ll fine you
prev story


Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.