Police Scotland told to pause rollout of cyber kiosks while legal concerns are addressed

Written by Jenni Davidson on 10 April 2019 in News
News

Process of assessing use of technology has been 'sub-standard' committee finds

Credit: Dominick Guzzo/CC BY-SA 2.0 

The rollout of cyber kiosks by Police Scotland should be stopped until questions around the legal basis for using them have been cleared up, members of Scottish Parliament have said.

Cyber kiosks are laptop-sized machines which allow police to bypass encryption to read personal data from digital devices such as mobile phones or laptops without using a password. Police Scotland bought 41 cyber kiosks, which it had intended to roll out to police stations across Scotland from autumn 2018.

However, the force postponed the rollout after concerns were raised about the legal basis for using the devices.

In a new report published today, MSPs on the Scottish Parliament’s Justice Sub-Committee on Policing criticised the Scottish Police Authority (SPA) for a lack of effective scrutiny and Police Scotland for not following best practice before trialling the devices and then deciding to roll them out across Scotland.


Related content


During the trials, police in Edinburgh and Stirling searched the mobile phones of suspects, witnesses and victims without undertaking the required governance, scrutiny and impact assessments, the committee said. Members of the public whose phones were seized and searched were not made aware that their phones were to be searched using cyber kiosks as part of a trial, and they were not offered the option of giving their consent.

The sub-committee has requested that the Scottish Government consider its findings and to provide clarity on the legal position of cyber kiosks.

Policing sub-committee convener John Finnie said: “The sub-committee fully supports Police Scotland’s ambition to transform to effectively tackle digital crime. However, prior to the introduction of any new technology to be used for policing purposes, an assessment of both the benefits and the risks should have been carried out.  It appears that, in relation to the introduction of cyber kiosks, only the benefits were presented by Police Scotland to the SPA, with the known risks not provided."

He added: "The SPA, for its part, seems to have accepted the information provided with very little critical assessment. Even the most fundamental questions, such as the legal basis for using this technology, appear to have been totally overlooked. This sub-standard process has resulted in over half a million pounds worth of equipment sitting gathering dust. Clearly, this is not an acceptable situation. The sub-committee wants to work with the Scottish Government and the stakeholder groups belatedly assembled to consider the implications of introducing cyber kiosks to find a solution which would provide the necessary safeguards for the use of this new technology.”

 

About the author

Jenni Davidson is a journalist at PublicTechnology sister publication Holyrood, where this story first appeared. She tweets as @HolyroodJenni.

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Related Sponsored Articles

Clouds are secure: Are you using them securely?
23 April 2019

BT presents a complimentary copy of Garner's report, which highlights how, through 2022, at least 95% of cloud security failures will be the customer's fault

WATCH: Encourage an open ethos to secure your organisation
2 April 2019

BT's CISO public sector, Hugh Tatton-Brown, joins Tech Talk’s recent podcast to discuss the current state of the security...

Not all ethical hackers are equal
26 March 2019

At a time when global organisations are trying to keep costs low to be competitive, BT details how security testing is not an area in which you can afford to cut corners