IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Police suffer 2,315 data breaches in five years

Big Brother Watch argues police cannot be trusted with more personal data

Police

Police have suffered 2,315 data breaches in the last five years, Big Brother Watch revealed today, leading it to question whether forces can be trusted to look after increasing amounts of people's personal data.

The privacy campaign group's Safe in Police Hands? report details UK police force data breaches from June 2011 to December 2015, sourced from Freedom of Information requests.

More than 800 members of police staff accessed people's personal information "without a policing purpose", adding that data was "inappropriately shared" with third parties 877 times.

However, police took no disciplinary action in 55 per cent of all breaches, Big Brother Watch found, and just 11 per cent ended in a verbal or written warning.

The data led Big Brother Watch to question whether police should have access to people's Internet Connection Records (ICRs), records of websites people visit, as proposed by the Investigatory Powers Bill.

Internet service providers would have to hold onto people's ICRs for up to a year, and decrypt it if law enforcement agencies request it.

But Big Brother Watch argued the ICR proposal should be removed from the bill, writing: "Police forces are already struggling to keep the personal information they can access secure. It is clear that the addition of yet more data may just lead to the risk of a data breach or of misuse."

The report added: "The power to collect, store and for the police to subsequently seek a warrant to access our online activity would create another vulnerability to our personal data and personal lives. The failure of the Government to demonstrate the need for the power means that there are no tangible benefits to set against the negative impact the power would have on our privacy."

Other recommendations made by the organisation included criminal records for those responsible for serious breaches, as well as the introduction of prison sentences, saying that existing penalties are not strong deterrants.

Police should also notify people whose data is leaked within 90 days of the breach being investigated, said Big Brother Watch.

West Midlands police force suffered by far the highest number of data breaches, at 488, with the next nearest being Surrey Police with 202.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Ten ways to protect your company from the next big data breach
data breaches

Ten ways to protect your company from the next big data breach

18 Feb 2022
Gumtree site code made personal data of users and sellers publicly accessible
data protection

Gumtree site code made personal data of users and sellers publicly accessible

16 Dec 2021
Pizza chain exposed 100,000 employees' Social Security numbers
data breaches

Pizza chain exposed 100,000 employees' Social Security numbers

19 Nov 2021
83% of critical infrastructure companies have experienced breaches in the last three years
cyber security

83% of critical infrastructure companies have experienced breaches in the last three years

11 Nov 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022