237 UK police force staff punished for misusing IT systems in last 2 years
Snooping workers blamed for bunch of data breaches
Updated One UK police staffer is disciplined every three days for breaking data protection rules or otherwise misusing IT systems, according to a Freedom of Information request by think tank Parliament Street.
In the last two years, 237 officers and admin staff have been punished for a variety of offences, including taking pictures of screens showing police databases and sharing them online, accessing data relating to civil cases that staff were involved in, and misusing social media.
In total, 11 people were sacked from police forces and six resigned as a result of data breaches. In Gwent, Wales, three people were dismissed for researching the database for named persons and then disclosing that information. Merseyside fired two officers and the Metropolitan Police sacked one staffer for misusing the Criminal Records Information System.
The highest number of offenders were reported by Surrey Police, which recorded 50 cases, 35 of which were for misuse of the police records database or email. At the Met, 18 officers and staff were disciplined for data offences – one person was sacked for misusing the Crime Reporting Information System and four were disciplined for misuse of social media.
Greater Manchester investigated 17 offences all recorded as "misuse of force systems".
Across England and Wales, 70 cases involved misuse of the police database.
The Information Commissioner's Office declined to comment, citing election purdah rules. A spokesperson said: "As a non-departmental public body the ICO has to consider its responsibilities during the pre-election period. Our regulatory work continues as usual but we will not be commenting publicly on issues in the run-up to the General Election."
We asked the police forces mentioned for details on what measures they are taking to improve.
A separate recent FoI request put to police forces reveals that many still lack systems to monitor their networks and see what staff and officers are accessing. ®
Updated at 14:11 UTC to add
A Wiltshire Police spokesman said: "All our police officers and staff receive regular training on the importance of professional use of Force computer systems at all times. "We work hard to ensure all our employees understand the seriousness of this training and the potential impact, both professionally and criminally, of misusing our computer systems."
Updated at 09:32 on 12 November to add
Detective Chief Superintendent Jonathan Chadwick, head of GMP's Professional Standards Branch, got in touch to tell The Reg: "As the third biggest force in the country in terms of total staff, Greater Manchester Police will always ensure that all reports of misuse of police data systems by its staff are fully investigated and that it follows national guidelines in applying appropriate outcomes to those investigations. These investigations are carried out by specially trained officers within the Professional Standards Branch and referrals to the Crown Prosecution Service are made in all relevant cases."
Meanwhile, Heddlu Gwent Police told us: "We expect all of our officers and staff to act in accordance with the Code of Ethics and the Standards of Professional Behaviour at all times. Anyone who does not adhere to these standards should expect to be held accountable and have appropriate action taken against them... There are intelligence led and random usage checks of all computer police systems, alongside a full auditing capability."