Met Police gang database in ‘serious’ breach of data-protection laws, ICO finds

November 16, 2018

A database of information on gang activity maintained by London’s Metropolitan Police Service (MPS) “led to multiple and serious breaches of data protection laws”, an investigation by the Information Commissioner’s Office has found.

The Gangs Matrix holds data on people suspected of being gang members. An ICO probe found that, while there is “a valid purpose for the database, the inconsistent way it was being used did not comply with data-protection rules”.

Breaches included keeping a data subject’s details “on an informal list of gang associates” even after they had been removed from the matrix. These lists were stored “on the relevant officer’s personal system drive”, the ICO said. Other formerly suspected gang members who had now been assessed as having “a risk score of zero” were not removed from the database at all. 

“As a result, data subjects are never truly removed from the Gangs Matrix,” the ICO enforcement notice said. “Their personal data continues to be processed as though they remained connected with gangs. Their personal data and supposed association is shared with third parties and subject to the general policy of the MPS to encourage enforcement against them.”

Related content

The Met’s data-sharing activities saw full, unredacted personal data contained in Gangs Matrix records provided to “a range of public authority and private body third parties with both statutory and non-statutory functions”, according to the ICO.

The MPS has been cooperating with the regulator and has already “stopped sharing personal data on the Gangs Matrix with third parties where there is no individual sharing agreement in place”. The force is now working with the ICO to undertake a data protection impact assessment.

Deputy information commissioner of operations James Dipple-Johnstone said: “I am pleased that the MPS has been cooperating with us and has committed to bringing the Gangs Matrix in line with data-protection laws, and we will continue to work with them. I believe that by taking these steps and demonstrating that people’s data rights matter to them, the MPS will be able to build increased trust amongst their communities.”

The concept of the matrix – which is characterised as “the bedrock” of the Met’s anti-gang strategy – is laid out in the force-wide Gangs Operating Model policy. But each of London’s 32 individual boroughs is responsible for maintaining their own localised database. This data is then collated into a citywide database.

The ICO’s investigation was launched a little over a year after human rights organisation Amnesty International raised concerns about the Gangs Matrix.

PublicTechnology had contacted the Metropolitan Police requesting comment and was awaiting response at time of going to press.

Source link