UK Police: 'Innocent people' on unregulated photo database

Police forces in England and Wales have uploaded up to 18 million "mugshots" to a facial recognition database. This is despite a court ruling it could be unlawful. They include photos of people never charged, or others cleared of an offence, and were uploaded without Home Office approval.

Photos of "hundreds of thousands" of innocent people may be on the database, an independent commissioner said.

The database complies with the Data Protection Act the police insisted.

It comes despite a ruling in 2012, when two people went to the High Court to force the Metropolitan Police to delete their photos from databases. The judge warned forces should revise their policies in "months, not years".

Met Police Commissioner Sir Bernard Hogan-Howe told the BBC that since the court case, his force had stopped putting images on the national database until the law had been clarified.
"So the broad concern is - are we keeping images of people who aren't convicted, and are we using them?" he said. "I don't think this is against the law but of course we always want to catch criminals." He added that he would look into the matter.

Biometrics Commissioner Alastair MacGregor QC said he was concerned about the implications of the system for privacy and civil liberties. MacGregor said police had been warned to put rules in place regarding the use of police mugshots - but had not done so.

He said he recognised the potential value of the database to the police, but warned senior officers had rushed in without considering all the implications. "These are important issues and it does seem to me surprising that they have not been addressed more carefully," he said.

Chief Constable Mike Barton, of the Association of Chief Police Officers, said forces had to stay up-to-date with new technology. "Everybody is very keen that the police enter the cyber world," he said. "I hear much criticism of policing that we're not up to speed and it does come as a surprise to me that we're now being admonished for being ahead of the game."

However, the use of the system has been criticised by some MPs and David Davis, the former Tory shadow home secretary, said that police forces should not "misuse the data in this way. There is a mind-set here, which is flawed…It's quite understandable, police always want more powers, but I'm afraid the courts and parliament say there are limits," he said. "You cannot treat innocent people the same way you treat guilty people."

http://www.bbc.co.uk/news/uk-31105678

« Anthem failed to encrypt data prior to cyber-attack
Snowden Reveals that China Stole Plans For New F-35 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Verisec International

Verisec International

Verisec International AB is a Swedish Tech company focused since inception in enabling Trust in Digital Transactions, through the development of proprietary cutting-edge technologies and services.

Hitachi ID Systems

Hitachi ID Systems

Hitachi ID Systems offers comprehensive identity management and access governance, privileged access management and password management solutions.

Redscan Cyber Security

Redscan Cyber Security

Redscan Cyber Security is a Managed Security Services Provider (MSSP) that enables businesses to effectively manage their information security risks.

Datiphy

Datiphy

Datiphy's data-centric security platform uses behavioral analytics, and data-centric auditing and protection capabilities to mitigate risk.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

The main objective of the Hub is to bring cybersecurity and other advanced technologies closer to companies and as a result help to increase their performance as Industry 4.0.

Inavate Consulting

Inavate Consulting

Inavate Consulting are experts in defining and implementing information assurance solutions and governance frameworks. Our ISO27001 consultants are the most experienced in the industry.

Nameshield Group

Nameshield Group

Nameshield is one of most experienced domain name registrars, trademark protection specialists and managers of online reputational risk in the world today.

7layers

7layers

7layers has established itself as one of the world’s leading test house groups for mobile devices and the growing number of wireless devices, modules and chipsets.

CYSIAM

CYSIAM

CYSIAM provides world-leading expertise in offensive security and critical incident response. We train our clients to be able to protect themselves and respond to attacks and breaches when they occur.

Varutra Consulting

Varutra Consulting

Varutra Consulting is an Cyber Security Consulting, Solutions and Training services firm, providing specialized security services for software, mobile and network.

Sababa Security

Sababa Security

Sababa Security is the first Italian innovation cyber security vendor, that provides security products, training, and managed services to protect diverse IT and OT environments.

Karate Labs

Karate Labs

Karate is an open-source unified test automation platform combining API testing, API performance testing, API mocks & UI testing.

appNovi

appNovi

appNovi inventories everything to map the attack surface, identify missing security agents, and prioritize vulnerabilities based on exposure.

Keeran Networks

Keeran Networks

Established in Edmonton in 1999, Keeran specializes in delivering comprehensive IT support and solutions aimed at optimizing technology investments for businesses.

12Port

12Port

12Port network security solutions help companies tackle modern cybersecurity threats cost-effectively while implementing zero-trust architectures.

PureID

PureID

Protect your enterprise with PureAUTH #IAMFirewall, Resilient SSO platform, purpose built to provide Passwordless Authentication & Zero Trust Access, by default.