Categories: RegulationSecurity

ICO Fines South Wales Police Over Sex Abuse Evidence Loss

The Information Commissioner’s Office (ICO) has fined South Wales Police £160,000 over its loss of a video recording that formed part of the evidence in a sexual abuse case.

ICO has also asked the force to sign an undertaking to implement policies to prevent the recurrence of similar incidents.

The force conducted a recorded interview in August 2011 with a victim who had been sexually abused as a child, with the recording being stored on multiple DVDs.

“Despite the DVDs containing a graphic and disturbing account, the discs were unencrypted and left in a desk drawer,” the ICO noted.

When an office move took place three months later, the discs were discovered to be missing, but this security breach went unreported for nearly two years due to what the ICO termed “lack of training”. The DVDs were stored in a secure part of the police station, but the force had “no specific force-wide policy in place to deal with the safe storage of victim and witness interviews in its police stations”, the ICO said in a statement.

A second interview was abandoned due to the victim’s distress and the DVDs haven’t been recovered, according to the ICO. The defendants involved were, however, later convicted in court.

Procedural failure

The privacy watchdog said the force’s failure was in not having “robust procedures” in place to protect such highly sensitive information.

“The organisation has failed to take all appropriate measures against the unauthorised processing and accidental loss of personal data,” said Anne Jones, assistant commissioner for Wales, in a statement. “The monetary penalty given to South Wales Police should send a clear message that organisations have to take responsibility for personal data and the way in which it is stored.”

Police data lapses

The ICO lashed out at UK police forces last year in a report detailing numerous lapses, following an audit of how British policing organisations handle personal data. Only one of the unnamed forces audited earned a “high assurance” rating.

The audit followed an incident in which the Metropolitan Police admitted to accidentally exposing more than 1,000 crime victims’ email addresses.

Earlier this year Google agreed to change its privacy policy for UK customers following an ICO investigation into the harvesting of personal information.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

2 mins ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

2 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

17 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

19 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

21 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

22 hours ago