Do Police Data Breaches Show Us “the Enemy Within”?

By John Hagan, solicitor

In a recent case report on this site I expressed concern about the extent to which individuals in professional positions with access to confidential personal data can abuse their position to access that data for their own purposes – to snoop or spy upon someone they know. I suspect that the number of people caught doing this is just the tip of the iceberg.

Even police officers who are otherwise upstanding examples of their profession can fall victim to this “temptation”. In a recent case PC Leigh Valentine of the Essex Constabulary was issued with a “final written warning” by a disciplinary committee after admitting “gross misconduct” for accessing confidential files on the police database.

PC Valentine apparently received “glowing” character references from his fellow officers and was praised for having saved the life of a man who was about to throw himself off a bridge.

In response to the misconduct proceedings, Valentine admitted looking up files without any valid policing purpose. It appears he was carrying out searches on his then wife’s step-brother and a man who was dating his then wife’s mother.

Stephen Morley, acting on behalf of Essex police sent out a warning to officers thinking of misusing their access to the database that this was “not a chance worth taking, because if they are caught they will be dealt with severely”. However, the force did not ask the disciplinary panel to consider sacking PC Valentine – even though his illegal access to this data was not just a civil but a criminal offence.

Commenting on this case DCC Matthew Horne of Essex Police said “We take breaches of professional standards extremely seriously and the information and intelligence we hold must only be used to keep people safe. When any officer or member of staff accesses this information inappropriately and not for a specific lawful policing purpose it is a gross breach of the public’s trust. It is right that we take robust action on these cases to protect public confidence in policing and the integrity and professionalism of the overwhelming majority of Essex’s police officers.” 

Photo of John Hagan, a solicitor who specialises in civil actions against the police and personal injury law.

Police Misconduct Under-Reported?

On the facts that are known to me, probably this was a proportionate outcome, however it is another example of an officer admitting “gross misconduct” who gets to keep his job. In my experience of police misconduct hearings, it is very rare for the officers involved to be dismissed.

As reported by the London Evening Standard between January 2014 – December 2015 of 506 Metropolitan police officers disciplined for offences including corruption, discrimination, perjury, assaults and sexual offences only 1 in 5 lost their jobs.

This is not a very high figure, in proportion to the seriousness of the misconduct offences committed by many police officers, and tends to strongly contradict the picture painted by radio show host Jonathan Vernon-Smith in a recent BBC Radio 3 counties debate in which I participated. Listen to it here:

In discussing the case of PC Andrew Blades, who was dismissed by the Lancashire Constabulary after admitting dangerous driving for pulling his police car deliberately into the path of a motorcyclist whom he wanted to apprehend, Mr Vernon-Smith suggested that police officers losing their jobs and livelihoods for misconduct was now commonplace, and he deplored a culture in which he felt police officers who should be celebrated as “heroes” were having their heads roll.

I very much objected to Mr Vernon-Smith’s characterisation of the situation, as my own experience is that officers are strongly shielded by their forces, and by their Union the Police Federation, from accusations of misconduct and tend to be let off as lightly as possible even when they do admit offences, as is borne out by the present case of PC Valentine, the Metropolitan police statistics quoted above and similar cases handled by my colleague Iain Gould, one of the UK’s leading police claims specialists as reported on his own blog.

The case of PC Valentine and other officers also begs the question – how many similar misconduct offences are serving police officers getting away with, or, dare we say, having brushed under the carpet ? It remains the case that under UK law there is currently no legal obligation to report personal data breaches to anyone.

Hopefully this will change with the new EU General Data Protection Regulation which obliges data controllers to notify the Information Comissioner’s Office of personal data breaches. Time will tell. But we must remain aware that the threat to our private data security comes not just from without in the form of cyber piracy and hackers, but from the enemy within, in the form of professionals such as police officers who abuse the availability and accessibility of the ever growing police database on the citizens of this country.

Contact me via my firm’s website