Q&A: data protection and the police

Humberside police have been criticised for deleting records of previous allegations of sex offences against Soham murderer Ian Huntley but says it had to act due to data protection law. David Batty reports.
  
  


What is the row about?
It has emerged that Ian Huntley, jailed for life for the murder of Soham schoolgirls Holly Wells and Jessica Chapman, was suspected of nine earlier sex crimes, most involving underage girls. Humberside police dealt with four allegations of underage sex, one of indecent assault on a 12-year-old girl, and four of rape made against Huntley between August 1995 and July 1999. But the chief constable, David Westwood, said that the force did not keep these cases on its computer records because the Data Protection Act had required them to "weed out" details of accusations that did not lead to convictions. This meant that when they checked Huntley's background in 2001, after he applied for the job of caretaker at Soham Village College, there was no "intelligence" to warn of the danger he might pose to young girls. But the official data protection watchdog has dismissed Mr Westwood's claim as "nonsense".

What does the Data Protection Act say?
The 1998 act states that any personal information held by the police should be "adequate, relevant and not excessive" and "not kept for longer than is necessary". According to the Office of the Information Commissioner (OIC), which monitors compliance with the act, it is up to individual police forces to decide what information should be retained. It states that a balance must be struck between the need to catch offenders and protect the public from crime, and the need to ensure that those who are innocent or only guilty of minor misdemeanours are treated fairly. The previous act (1984) made broadly similar requirements.

Neither act set time limits for the destruction of particular types of information. Although guidance from the information commissioner states that police forces should regularly review the personal data they hold and delete any "which is no longer required for their purposes".

How did Humberside interpret this?
Mr Westwood said his force had interpreted the act to mean that information of past alleged crimes could not be held for the purposes of employment vetting. As Huntley had not previously been convicted of a crime or cautioned for any offence, details of the allegations were removed from their criminal intelligence system. The chief constable said: "We face here the contradictory nature of two public policies. First there is the Data Protection Act which requires the removal of information relating to individuals. Second is the retaining of information to protect vulnerable people. There is no national guidance on this." Mr Westwood accepted that other police forces did interpret the law differently, but called for "urgent national guidance" on the act.

How fair was this interpretation?
The assistant information commissioner, David Smith, attacked Humberside's reading of the act as "nonsense" given that the force had details of several allegations of sexual assault involving Huntley. He said: "The information that they were keeping was clearly relevant to protecting the public from crime. It was needed to prevent an offence. There's nothing in the Data Protection Act or in any guidance we've issued that required them to delete information of such obvious value. I don't know of any other police force operating in this way."

What other guidance is available to the police?
The Association of Chief Police Officers (Acpo) published a code of practice on data protection last year. With regards to criminal allegations, the guidelines state that: "It is not possible to lay down strict criteria for the removal of data from criminal intelligence records. The need to retain or remove such information can only be judged from the nature of the information, and whether it is necessary, lawful, proportional and relevant to its purpose." The decision to retain or remove personal information should involve consideration of the reliability of the source. This information should be reviewed on a regular basis and considered for deletion at least every 12 months. But data can be retained for longer if this will help the police meet their duties, such as protecting the public.

How does police practice vary?
The commissioner of Scotland Yard, Sir John Stevens, said police should hold on to information as long as possible. He said: "With the Data Protection Act you have to push it to the nth degree. The policy here is to hold on to things as long as we can. If someone's being investigated for rape and there is a possibility they're a murderer, we have a duty to hold on to that." However the president of the Police Superintendents' Association, Kevin Morris, said there was confusion about what records should be kept by forces. This had led to different forces interpreting the law in different ways, with some "weeding out" more information than others.

What will be done to address this?
The home secretary, David Blunkett, has announced an inquiry into information-sharing by the police. Home office minister, Hazel Blears, said that a new team had been set up to monitor police forces' performance on data entry and that a new code of conduct was expected in April. The OIC has said it will assist with the inquiry and pledged to issue further guidance on the law if necessary. The data protection watchdog also called on Acpo to issue new guidance to police forces.

 

Leave a Comment

Required fields are marked *

*

CAPTCHA

*