The Orange Rag - from Legal Technology Insider :: Midgley Corner - if this were the real world, heads would roll

AlphaLaw Advertisement:

Linetime Advertisement

SOS Legal Advertisement:

InTechnology Advertisement

Legal Inc Advertisement

Recent Articles

CRM4Legal gets new pricing structure & APAC roadshow

Issue #3 of American Legal Technology Insider out now

Recommind taps into $7.5million funding

Baker Mack names Telfer as head of global IS

Green IT expo at the Barbican in November

Linetime liberate Axxia site

Additional speaker for Legal IT Forum

Latest Asia-Pacific news round-up

It's like the Dark Ages out here

TWM swap out IRIS in favour of Axxia

New managed services offering for UK legal market

More Legal Technology Insider FAQs

BT limits wi-fi access to its wi-fi users

New appointments at LexisNexis Axxia/Visualfiles division

E-conveyancing giant warns of 'restructuring' and 'right-sizing'

Main Page

Previous:	The best marketing gimmick of the year - so far?
Next:	Federated search white paper

Midgley Corner - if this were the real world, heads would roll

by Charles Christian on Fri 23 May 2008 10:14 BST | Permanent Link | Cosmos

The UK government's policy of playing fast and loose with personal data – and in the process apparently ignoring its own data protection rules – has taken another turn for the worse with the publication of the report into the 'misplacing' a disk of DNA profiles sent by Dutch authorities in January 2007.

A review by Peter Lewis, chief executive of the Crown Prosecution Service, found the disk was sent unexpectedly to the CPS – it should have gone to Mutual Legal Assistance, which deals with international exchanges of police information and evidence. Instead, it was sent by business post in an envelope addressed to CPS's Ludgate Hill office, but not to an individual or even a department. The disk arrived 29 February 2007. On 2 March a senior manager noticed the disk and contacted Dutch authorities, who told him the right lawyer to contact within the CPS.

The review said "By March 2007 the Dutch disk was in the hands of the lawyer who, although not expecting the disk, was aware of the background to Operation Thread [as the Anglo-Dutch co-operation was known], knew what was likely to be contained on the disk and should have understood its importance to the investigation of crime in the Netherlands. All that was now required was for the disk to be placed in a safe or secure cabinet and for contact to be made quickly with the police to arrange for the secure collection or transfer of the disk. This was a simple task that could and should have been undertaken immediately."

But this "simple task" was not carried out. The disk did not get delivered to the police until almost a year later – January 2008 and the 2159 DNA profiles from crime scenes were not checked against the UK database until February 2008. This resulted in 15 matches. Because of the delay in dealing with the disk, 11 of the 15 suspects had already gone on to commit further crimes in the UK.

The report gave a brief summary of the disk's travels, or lack thereof, in that period. The lawyer who had the disk took an unexpected and lengthy leave of absence in early April 2007. This person did not tell their manager about the disk. In late April Dutch authorities asked about the disk, but nothing was done. In August 2007 the CPS searched for the disk and could not find it. On 14 August the Home Office asked the Dutch if they could pop another copy in the post. The report notes: "The Dutch Authorities were more concerned about the whereabouts of the original disk and the matter was not pursued." In late October the lawyer returned from leave of absence. The disk was found and police contacted 21 November.

The report said: "There followed an almost casual exchange of correspondence over the next two months... The disk was eventually collected by NDNADB [National DNA Database] on 11 January 2008. No evidence was found that the disk was copied or ever left the CPS offices."

The report is circumspect about actual crimes committed as a result of this failure, because: "A number of individuals who may have felt they had successfully escaped justice in the Netherlands are now at risk of arrest and it would be very unfortunate if a fuller reporting of Operation Thread alerted them to their vulnerability and caused them to go into hiding, flee the jurisdiction or impede investigations in the Netherlands." The report made several recommendations for improving data transfer in future, but said: "It is essential that understandable concerns caused by both the delay in executing Operation Thread, and the uncertainty of its final outcome, do not in any way diminish enthusiasm for similar exchange agreements with other partner states in the future."

And, just to prove that any future Tory government will be equally shambolic and cavalier with personal data, during the course of the campaign leading up to yesterday's by-election in Crewe & Nantwich, a local Tory party official accidentally emailed several Excel spreadsheets containing details on thousands of voters to radio station Manx Radio, a local newspaper and another media outlet. The information included names, addresses and voting intentions for 8,000 people.

The Tory party's initial response was that this was no big deal as the offending emails "were only seen by a couple of journalists" – although a official subsequently told some media channels that they were not allowed to report this story, because that was the law. (It's not.) The Information Commissioner's Office is now investigating the leak.

If these leaks had occurred in the real world, heads would be rolling in all directions but clearly government agencies and political parties operate in a different reality to the rest of us.

Posted to:

Main Page

Comments