“Success does not consist in never making mistakes but in never making the same one a second time.”
― George Bernard Shaw
Our officers stand on the thin blue line ready to protect their community. In truth, quite often that thin blue line is a battle line we have drawn between law abiding citizens and the criminals who would harm them.
When the concept of a uniformed police force was first championed by Sir Robert Peel in London in the early 1800s, he was met with much resistance due to fears of what would essentially be a standing army within the city; comparisons were made to police as a government-sanctioned occupying force. The problem of how to enforce laws while preserving rights is not at all new.
Those police officers sweating it out on the front line: that’s where the concept of Guardian Policing comes in. But the Guardians of these Guardians are failing the thin blue line.
Those behind the scenes are not competent custodians of the data they hold on both those who serve the public nor those that have been medically retired – even victims are being let down by shockingly lackadaisical data protection procedures.
The management of personal data within police forces has become a travesty and police and civilian senior management are acting like an occupying army in defence mode and under siege. Whilst they disingenuously proclaim their conduct is correct, in reality rights and liberties are definitely not being preserved.
We at IODPA have been saying that Police Pension authorities have no lawful and legitimate reason to demand full disclosure of medical records from birth when they decide to review an injury award.
Put the question of the legality to retain personal sensitive data aside momentarily and stop to think for a second … if you are a medically retired officer with an injury award, do you think that your personal sensitive data is in good hands? Do you really think it is safe for them to hold your full medical records for eternity – to dip into them whenever they like, by whomever they like?
Think again. In July 2016 Big Brother Watch published a report entitled, ‘Safe in Police Hands’. The subtitle of the report is ‘How Police Forces suffer 10 data breaches every week and still want more of your data’.
Everything contained with this report is relevant to your confidential data retained when you, as a police officer, was medically retired. Police forces do not treat your data with extra care just because you used to serve as a police officer. The truth is quite the opposite. You are more likely to be a potential victim of a data protection breach compared to a member of the public, for they definitely have your data – others become victims as and when they come into police contact.
Often they will have lost your data but they will claim they haven’t. They will cherry-pick and redact information when supposedly complying with a subject access request under the Data Protection Act. Given your own knowledge of your former employer, do you think they have the capacity to be prepared to conceal, remove or destroy incriminating evidence of injustice you suffered but otherwise, until asking for your data, had no physical proof?
They are quick to deny they breach data protection protocols. The numbers say differently:
Table 1. 1st June 2011 – 31st December 2015
|No.||Police Force||Number of Data Breaches|
|4||Avon and Somerset||163|
Just this week there have been major breaches of personal data involving involving not only GMP but the supposed guardian of the police complaints system in England and Wales, the Independent Police Complaints Commission.
The quote from the victim’s solicitor is very revealing. Showing the default position of defensiveness- never to admit there’s been a problem unless they’ve been forced by an external agency to come clean.
He added GMP had initially refused to accept it had done anything wrong and its internal investigation concluded no officer had infringed the police code of conduct.
If they never accept they are wrong are the self-reported figures given to answer Big Brother Watch’s Freedom of Information request actually accurate or it is an under-representation of the true number of breaches?
What is the point of the College of Policing data protection principles if they can’t even ‘police’ themselves?