Metropolitan Police Data Retention and Usage Policies result in ICO Enforcement Notice
Published on: 20th November 2018
By PYXI GDPR Team
The Metropolitan Police Service have been issued with an enforcement notice from the Information Commissioner's Office to require them to address their data protection policies relating to the Gangs Matrix. This system stores and analyses data to monitor gang activity and identify principal persons of interest in the gang networks.
The ICO has judged that the data stored about the gangs, and people associated with the gangs is not being managed within the terms of the Data Protection regulations.
In particular concerns have been raised about a lack of data retention policy around this information and considers that aspects of the data retention within the system (specifically around victims of gang crime) are excessive and unjustified. They describe a situation in which there is insufficient differentiation between gang members and victims within the system. They also raised concerns about the sharing of information with other agencies in a "blanket and undifferentiated manner" and believe there is no necessity for this.
The MPS has been served notice to address these issues. Failure to do so will be a criminal offence.
PYXI GDPR Team: 20th Nov 2018 09:06:00
Subscribe to our
Weekly GDPR Newsletter.
It's full of really useful updates
for UK small businesses.
ICO Q2 Data Security Incident Trends
The ICO's figures for Q2 show that the most frequently reported data security incident relates to disclosure of data. The ICO's website has published information about Q2 2018-19's data security incidents by type and sector, and the single mo... click to read more