Legal help for data breach compensation claims

Crown Prosecution Service fined £325,000 for huge data breach

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

The Crown Prosecution Service (CPS) has been fined £325,000 by the ICO for losing recordings of sensitive police interviews. Not only did the CPS lose the footage, but they also failed to encrypt the lost police data as well.

The recordings were of multiple interviews with alleged child sex abuse victims that were to be used at trial.

It goes without saying that the unencrypted police data lost in this case was of an incredibly personal and sensitive nature. The fact that it was lost and allowed to be potentially exposed bas led to the huge fine imposed by the Information Commissioner’s Office (ICO).

The recordings were supposed to be sent by tracked delivery between two CPS offices. The DVDs containing the footage were reportedly left in a reception area accessible to non-CPS staff, and they were not secured in tamper-proof packaging.

It took a month for the CPS to realise that the sensitive footage had been lost, and no one knows what happened to the DVDs.

The ICO found the CPS negligent. Head of Enforcement, Steve Eckersley, said:

“The victims of serious crimes entrusted the CPS to look after their highly sensitive personal data – a loss in trust could influence victims’ willingness to report serious crimes.

The CPS failed to take basic steps to protect the data of victims of serious sexual offences. Given the nature of the personal data, it should have been obvious that this information must be properly safeguarded, as its loss could cause substantial distress.

The CPS must take urgent action to demonstrate that it can be trusted with the most sensitive information.”

The severity of police data breaches – which includes data breaches by the CPS, like this one – can never be underestimated. The nature if the personal and sensitive data they have a duty to safeguard must near be allowed to be exposed or compromised; particularly when the data is for victims of serious crimes.

The fines that the ICO has the power to impose are now far greater as a result of the GDPR that came into force last week.

You can read more about the ICO’s result in this investigation here.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Matthew on May 31, 2018
Posted in the following categories: Police and tagged with


The Equifax data breach post-mortem was a wake-up call
Healthcare sector at risk of grunt bot attacks
%d bloggers like this: