A freedom-of-information request by Huntsman Security has discovered that UK police forces detected and investigated at least 779 cases of potential data misuse by personnel between January 2016 and April 2017.
Despite the high number of cases, the same request also revealed that the vast majority of the 34 police forces approached1 are taking steps to improve their monitoring systems. For all but one of the forces, those plans include monitoring IT systems to ensure they aren't being accessed or used for unethical purposes.
The findings, out Wednesday, come just months after the government's official PEEL: Police Legitimacy 2016 report, which found that forces needed to do more to investigate and prevent staff abuse of IT systems and sensitive personal data, in order to assure public confidence.
Published in January 2017, the PEEL report investigated whether police forces and personnel were treating their privileged status ethically, and how this affected their legitimacy. The study reviewed issues such as whether personnel were accessing and abusing stored personal data – concluding that more than a third (37 per cent) of forces "required improvement" one way or another. Forces across the UK needed to be more proactive in finding and investigating cases. The report recommended that forces ought to do more to proactively identify data handling issues rather than waiting for complaints from members of the public or within the organisation.
The FoI also found that the number of cases being investigated per day has risen, even without counting ongoing investigations. Compared to 603 investigations taking place in 2016, there were 176 in the first 100 days of 2017.
While at a glance this might imply the problem is getting worse, it could also show improved ability to detect when staff are accessing data that they shouldn't, Huntsman Security said. The FoI also showed that the majority of forces have begun introducing better monitoring systems, as recommended in the PEEL report. Better monitoring will assist police in becoming more adept at identifying misuse of systems and applications.
"Public trust and legitimacy is critical for the police: without these, a modern police force risks losing the confidence of the people it aims to serve," said Peter Woollacott, chief exec of Huntsman Security. "If there is any prospect of the safety and security of information being at risk, then every action should be taken to safeguard it before damage is done. The PEEL report highlighted that forces cannot rely on abuses being reported.
"Implementing systems that don't themselves intrude on privacy, but can identify when someone is accessing data that they shouldn't be, is a good way for forces to ensure all personnel are behaving in an ethical manner when it comes to sensitive data." ®
1Huntsman Security contacted 45 police forces across the UK. Ten forces did not respond, while one responded but did not provide any information.