Investigations may lack data during three-month process to restore 200,000 police records
Minister reveals former Met commissioner will lead review into incident
Credit: Karl-Josef Hildenbrand/DPA/Press Association Images
A minister has claimed that it may take up to three months to recover more than 200,000 records that were last month accidentally deleted from the Police National Computer database, and that investigations may be hampered in the meantime.
In a written statement to parliament last week, crime and policing minister Kit Malthouse said that efforts to restore the lost information are “now well underway and technicians are confident that all the data which has been deleted can be restored”.
But he added that this process may not be completed until well into the spring. Until then, police and other agencies may find themselves deprived of information pertinent to investigations.
“Work to recover that data is moving forward as quickly as is possible, but it is vital that the data is restored safely to protect the integrity of the data,” Malthouse said. “Our current assessment suggests that the work will take approximately 12 more weeks to complete, though clearly, we will accelerate this if we possibly can.”
He added: “While the data is incomplete, there is the possibility that law enforcement partners will not have access to records and information that could help progress their inquiries and investigations.”
The police minister clarified that data concerning 209,550 offences and 112,697 people had been deleted, with records on 15,089 people entirely wiped – including 195 sets of fingerprints. All the data relates to offences that did not result in a conviction, Malthouse said, and 99.5% of records were more than 10 years old.
The data loss will be subject to an external review led by Lord Bernard Hogan Howe, a crossbench peer and former police officer, who finished his career with a six-year stint as commissioner of London’s Metropolitan Police.
The aim of this exercise – which will conclude by the middle of next month – is to “ensure the necessary lessons are learned to avoid similar incidents in the future”, Malthouse said.
The Home Office is now into the third part of a four-phase incident-response plan. The first two stages saw the department compile a complete list of the files that had been erased and the extent to which individual forces had been impacted.
The third phase is dedicated to data recovery, while the final part of the response plan will see the Home Office take steps to make sure it is deleting the data that it intended to delete as part of the administrative process during which the records were wrongly wiped.
While these phases are completed, a backup of DNA data has been created at a “temporary, secure location”.
“We have made this data accessible to forces and national agencies this week and set up a business process has been created to enable matching in support of ongoing investigations,” Malthouse said. “During this period all audit and legislative requirements will be met.”
Forces can also mitigate the impact of the missing records by making use of various other resources, according to the minister. These include the Police National Database.
“This is a national intelligence database that holds records of arrests of individuals and contains information that will allow law enforcement partners to judge whether there is biometric information or other key evidence missing from the affected systems,” he said. “If missing data records are identified, then the investigating officers can request copies of biometric samples and arrest records from the owning organisations.”
Other national databases, such as the violent offender and sex offender register, can also be used, as can local systems, which Malthouse said are “frequently used as the primary system into which information is entered, before it is then integrated into PNC for national use”.
Local forces may also have retained a hard copy of fingerprints that can be requested by other agencies.
In some instances, they may simply be able to rearrest someone to obtain more DNA, according to the minister.
“If the police have enough evidence and they believe that the DNA of a suspect is required but cannot find any records on the PNC or other systems, they can arrest suspects and collect their DNA in line with their powers,” Malthouse said.
Email addresses and info about eligibility for payments accidentally revealed
Government will set legal requirements for digital identity providers rather than consider national identity cards
The Singaporean government’s response to Covid-19 has made extensive use of digital, devices, and data – not always uncontroversially. PublicTechnology talks to Kok Ping Soon, the...
Elizbeth Denham will remain in post until November, at request of secretary of state
Defence Medical Services (DMS) is pursuing ground-breaking digital, data and technology transformation which will revolutionise Tri-Service healthcare provision to over 135,000 Armed...
OneTrust presents the reasons why your organisation should invest in privacy management - and offers three easy tips for getting started
The remote-first world has seen email being relied on more than ever as a core communication mechanism - but with 93% of IT leaders acknowledging a risk to sensitive data, what steps should be...
One Trust breaks down the modular approach of the new SCCs