A Freedom of Information (FoI) request made by think tank Parliament Street has revealed that 237 serving officers and members of staff have been disciplined for computer misuse in the last two financial years.
Sackings and Resignations
The FOI request, which was responded to by 23 forces also revealed that 6 employees resigned and 11 were sacked over failures in adhering to IT best practices e.g. for disclosing personal information.
Took Photos of Screen and Shared
In Hertfordshire, two incidents out of 16 disciplinary cases involved employees taking photographs of the screen of a (confidential) police computer system and sharing those photos via social media.
The most individual computer misuse incidents were recorded by Surrey Police with 50. Second in the misuse ranking was the Metropolitan police where 18 people were disciplined (4 were accused of misusing social media) and one staff member was sacked for misusing the Crime Reporting Information System.
Greater Manchester Police managed to take the third position in the incidents rankings with 17 for misuse of force systems.
Other incidents uncovered by the FoI request included 3 officers getting sacked from Gwent Police (for researching the crime database for a named person, disclosing confidential information, and for unlawful access to information) and 3 getting sacked form Wiltshire Police force for using the police databases without lawful access to the information. Also, one member of Nottinghamshire Police was disciplined for using the police computer system to search for information about a civil dispute they were involved in.
Case In July
These incidents were reminiscent of the case from July this year whereby a serving Metropolitan police officer was given 150 hours of community service and ordered to pay £540 after pleading guilty to crimes under the UK’s Computer Misuse Act, which included using a police database to monitor a criminal investigation into his own conduct.
What Does This Mean For Your Business?
We all must adhere to data protection laws (GDPR) and best practices to ensure that company computer systems are used responsibly and legally. The irony of the information uncovered with the FoI request is that hundreds of those persons who are entrusted to uphold and enforce the law appear to be prepared to risk their jobs, break the law and betray public trust. The fact that hundreds of police have been caught (there may be many more who haven’t) misusing police systems which contain large amounts of sensitive personal data raises serious questions about privacy and security.
This may indicate that police forces need to offer more education and training to employees about data protection and the correct (and legal) use of police computer systems as well as tightening up on monitoring, access control and validation/authorisation.