PL&B UK E-news, Issue 84

1. European Court’s ruling will have a major impact on how the UK police operates

The European Court of Human Rights has ruled that the UK has to stop its current practice of retaining DNA and fingerprint samples of individuals who are suspected of crime but not convicted (PL&B e-news December 8th 2008). The court said this was in breach of the Council of Europe Convention for the protection of individuals with regard to automatic processing of personal data (Convention 108 and its Article 8 on the right of respect for personal and family life), as keeping such data could not be justified on grounds of prevention of disorder or crime.

The ruling will have a major impact on how the UK police operates. However, the Court did not specify how the UK should achieve compliance. In a statement, Home Secretary Jacqui Smith said: "DNA and fingerprinting is vital to the fight against crime, providing the police with more than 3,500 matches a month, and I am disappointed by the European Court of Human Rights' decision.

On 16 December speech to Intellect, a trade association for IT professionals, Smith announced that the government will immediately begin to remove the DNA of children under 10 from the database, but did not elaborate on how other changes to the DNA database would be made. She said that a forensics White Paper will be published in 2009, and it will include proposals for consultation on the retention of DNA data.

Read more about the case in the February 2009 issue of PL&B UK, or the current international edition (December issue).

2. The Regulation of Investigatory Powers Act to be reviewed in 2009

The Home Secretary, Jacqui Smith, announced on 16 December that there will be a review of the Regulation of Investigatory Powers Act (RIPA) early next year.

The purpose of the review is to bring RIPA powers "in line with tests of safeguards, openness, proportionality and common sense".

The Government will look at the need to authorise RIPA powers, who authorises their use, and who can use them. Local authorities will be asked their views on whether RIPA powers should be exercised only with the consent of a senior executive.

3. Financial Services Authority warns shareholders of threat to personal data

The Financial Services Authority (FSA) has warned about 11,000 UK shareholders that their personal details are on a database shared by fraudsters, which can be used to target people and illegally sell them shares.

Share fraudsters are often based overseas and use high pressure sales techniques to target investors illegally, offering them non-tradable, overpriced or even non-existent shares.
The FSA wrote to the shareholders at the beginning of December after acquiring the fraud database with their personal details including names, telephone numbers and addresses, from Canadian authorities. It is likely that the list has been sold to a number of ‘share fraud’ gangs.

4. Leeds city council loses children’s personal data

Leeds Council announced, on 9 December, that it has lost a memory stick containing unencrypted details of 5,000 nursery-age children. The stick, which was found by a member of the public, was not encrypted or password protected. The stick included details of children’s names and addresses, their parents’ benefit claims, dates of birth, phone numbers, child protection information, and ethnicity.

A Leeds City Council spokeswoman said: “The loss was immediately reported by the employee concerned to their line manager and enquiries were made to recover it. Regrettably it could not be located. At the time, it was understood that no sensitive or confidential data was on this stick, so no further action was taken.

“Unfortunately, once recovered, it became apparent the memory stick did have sensitive information on it that should not have been there.

“As soon as we were made aware of the content, a full investigation into the circumstances of this case was launched and an immediate reminder to all staff is being issued regarding the security of personal and sensitive information.

For further details on the Privacy Laws & Business UK Newsletter, please click here.

Copyright Privacy Laws & Business 2008