Illegal Access – PNC (1905A/23)
Under the Freedom of Information Act, I would like to request the following information.
How many police staff have been found to have illegally / inappropriately accessed the Police National Computer in the past 10 years, broken down by year, from January 1 2013 to present date.
Please also provide a break down as to how many were by police officers, and how many were by non-officer staff members.
Of those police staff have been found to have illegally / inappropriately accessed the Police National Computer in the past 10 years, how many were:
(a) Not disciplined
Our data are not organised in such a way as to allow us to provide this information within the appropriate (cost) limit within the Freedom of Information (FOI) Act (see ‘Reason for Decision’ below).
Although excess cost removes the force’s obligations under the Freedom of Information Act, as a gesture of goodwill I have supplied information, relative to your request, retrieved before it was realised that the fees limit would be exceeded (see below). I trust this is helpful, but it does not affect our legal right to rely on the fees regulations for the remainder of the request.
We are unable to answer this request in full. Data predating 2020 is not available in a retrievable format. This is because prior to this period, disciplinary matters were recorded under previous regulations. There was no specific category in relation to misuse of PNC/police systems (Although improper disclosure of information does encompass inappropriate use of police systems, this allegation is not solely in relation to the misuse of systems and misuse of systems would have also been recorded under other categories such as discreditable conduct and corruption or malpractice). As a result of this – attaining the information required would involve going through each case and identifying whether or not firstly, if the case was in relation to misuse of systems and secondly, if the system that was being misused was PNC.
Roughly 4000 cases are recorded in a singular year and, assuming that each case takes approximately 5 minutes, this would take 20000 minutes just for a single year prior to 2020. This would exceed the 18-hour allotted time period to answer the FOI. However, current regulations do capture misuse of systems as a specific category, so we can provide the requested information from 2020 onwards with a higher degree of accuracy:
2020: 1 x Police Officer. Outcome was reflective practice.
1 x Staff member. Outcome was dismissal.
2021: 2 X Police Officers. Outcome – One officer was dismissed, one would have been dismissed.
2022: 2 x Police Officers. One officer would have been dismissed. One received RPRP.
1 x Staff member. Outcome not disciplined (the staff member resigned during investigation and there was no public interest to continue as the staff member was subject to misconduct only)
Note. These are cases that have been finalised with an outcome as they have been proven to have misused PNC.
It is important to note the force operates under the Police Code of Ethics and Standards of Professional Behaviour. This includes challenging any inappropriate behaviour or action which would discredit the police service or undermine public confidence in policing.
Our Professional Standards department, take a robust stance and are committed to rooting out abuse of power, criminality and corruption whenever we find evidence of it. This is done by carrying out thorough investigations, offering support and dealing appropriately with anyone found to be acting in an inappropriate manner.
REASON FOR DECISION
Please note that researching each individual case would exceed the appropriate limit (FOIA, s.12).
The cost of compliance with the whole of your request is above the amount to which we are legally required to respond, i.e. the cost of locating and retrieving the information would exceed the appropriate costs limit under section 12(1) of the FOI Act 2000. For West Midlands Police, the appropriate limit is set at £450, as prescribed by the Freedom of Information and Data Protection (Appropriate Limit and Fees) Regulations 2004, S.I. 3244.