Welsh police force fined £160,000 after losing sensitive video interview

Unencrypted DVDs go missing from drawer, not reported for two years


South Wales Police has been hit with a £160,000 fine for losing a video recording which formed part of the evidence in a sex abuse case.

The lost DVDs contained film of an interview with a victim, who had been sexually abused as a child. Despite the DVDs containing a graphic and disturbing account of events, the discs were unencrypted and left in a desk drawer.

The loss was discovered after an office move in October 2011, two months after the interview took place, but the security breach went unreported for nearly two years.

Data privacy watchdogs at the ICO (Information Commissioner's Office) put the tardy reporting down to a lack of staff training, rather than any attempt to hush up the incident.

Although the DVDs were stored in a secure part of the police station, South Wales Police had no specific force-wide policy in place to deal with the safe storage of victim and witness interviews in its facilities.

A second interview had to be abandoned due to the victim’s distress and the DVDs have still not been recovered. The defendants in the case were eventually convicted in court.

“Without any doubt we would expect a professional police force, in a position of trust, dealing with this type of highly sensitive information from victims and witnesses on a daily basis, to have robust procedures to keep track of the personal data in their care," said Anne Jones, ICO Assistant Commissioner for Wales.

“The organisation has failed to take all appropriate measures against the unauthorised processing and accidental loss of personal data. This breach is extremely serious and despite guidance from our office, the Ministry of Justice and Association of Chief Police Officers stating it is essential to have a policy on storing this sort of information, they still haven’t fully addressed the issue," she added in a statement on the settlement.

In addition to the monetary penalty, the Information Commissioner has asked the police force to sign an undertaking promising to revamp its data protection procedures, so as to safeguard against any repeat of the breach. ®

Narrower topics


Other stories you might like

  • Never fear, the White House is here to tackle web trolls
    'No one should have to endure abuse just because they are attempting to participate in society'

    A US task force aims to prevent online harassment and abuse, with a specific focus on protecting women, girls and LGBTQI+ individuals.

    In the next 180 days, the White House Task Force to Address Online Harassment and Abuse will, among other things, draft a blueprint on a "whole-of-government approach" to stopping "technology-facilitated, gender-based violence." 

    A year after submitting the blueprint, the group will provide additional recommendations that federal and state agencies, service providers, technology companies, schools and other organisations should take to prevent online harassment, which VP Kamala Harris noted often spills over into physical violence, including self-harm and suicide for victims of cyberstalking as well mass shootings.

    Continue reading
  • Tim Hortons collected location data constantly, without consent, report finds
    Hortons hears a sue

    From May 2019 through August 2020, the mobile app published by multinational restaurant chain Tim Hortons surveilled customers constantly by gathering their location data without valid consent, according to a Canadian government investigation.

    In a report published Wednesday, Office of the Privacy Commissioner (OPC) of Canada and the privacy commissioners from three provinces – Alberta, British Columbia, and Quebec – presented the results of an inquiry that began shortly after the publication of a June 2020 National Post article.

    That article revealed the Tim Hortons app tracked location data every few minutes even when relegated to the background, and the report compiled by Canadian privacy officials confirmed as much.

    Continue reading
  • Abortion rights: US senators seek ban on sale of health location data
    With Supreme Court set to overturn Roe v Wade, privacy is key

    A group of senators wants to make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment.

    A bill filed this week by five senators, led by Senator Elizabeth Warren (D-MA), comes in anticipation the Supreme Court's upcoming ruling that could overturn the 49-year-old Roe v. Wade ruling legalizing access to abortion for women in the US.

    The worry is that if the Supreme Court strikes down Roe v. Wade – as is anticipated following the leak in May of a majority draft ruling authored by Justice Samuel Alito – such sensitive data can be used against women.

    Continue reading

Biting the hand that feeds IT © 1998–2022