Abstract

Policy as regards a European database to fight organised crime needs to distinguish between criminal records databases and intelligence databases. The issues involved are different. As will be argued later: prosecutors need a case tracking database; employers need a convictions database for vetting purposes; judges need a convictions database for sentencing purposes; but police officers need databases for convictions, for intelligence and to store material on a particular complex investigation or series of interlinked investigations. The issues involved in setting up and using each overlap but are not identical.

Databases should not be seen as a route around problems arising from differences between national jurisdictions. The legal problems need to be identified and overcome as a prerequisite to setting up a database. Cyberspace is imaginary, not extra-jurisdictional

Questionnaire

1)Does your country have a database for investigations? Is it central or regional? Do these databases include exclusively criminal investigations or do they also include administrative/other investigations? What is their legal basis (statutory or other)? Please analyse and attach the introducing legal texts as amended (in English or the original language of publication).

Background

The UK has a number of different databases, the legal basis of which is in need of clarification. The Bichard Enquiry into the Soham murders has recently reported and made a number of recommendations which will affect the whole system of data recording within the criminal justice system.

The Police and Crown Prosecution Services are organised into 43 areas in England and Wales. There are 8 areas in Scotland, where the prosecuting authority is called the Crown Office and Procurator Fiscal Service, and there is a single area covering Northern Ireland. Scotland has a separate legal system to England and Wales. Each of these police and prosecution areas has at least one local database as well as access to records on the Police National Computer [PNC2].

Although policing in the UK is traditionally locally organised, there has been a National Crime Squad [NCS] since 1998, there is also a National Criminal Intelligence Service [NCIS] and there is shortly to be a Serious Organised Crime Agency [SOCA] at national level. [see Consultation document “One Step ahead” Cm6167

]

There are a number of other police organisations within the United Kingdom, in addition, Customs and Excise play an important role with regard to duty evasion, drug smuggling and trafficking and the Immigration Service has a role to play in dealing with trafficking in human beings. Some of these functions will be taken over by SOCA.

The whole system of national databases is undergoing a process of reform. A National Identity Register is planned to support the introduction of ID cards, the Office of National Statistics is working on a population register, it is proposed to make the electoral register a national database, and the Department of Education is looking at plans to produce a child identifier database. In addition there are plans for increased interactivity between databases in the criminal justice system, particularly with regard to individual criminal cases.

The Government has targets for the computerisation of recording systems in all branches of the public sector and this will include Social Services, who will be introducing an Electronic Social Care Record.

See:

Access to this without the consent of the client on child protection and mental health grounds is already envisaged. Given the historical relationship between police and social work, there may be conflict in this area in the future.

In addition all social care workers will be registered on a database. Social workers will be the first to be registered, followed by care workers. There will also be special procedures for workers with international qualifications. See:

The use of databases has been reviewed by the Bichard Inquiry, following on the Soham murder case…”to assess the effectiveness of the relevant intelligence-based record keeping, the vetting practices in those forces since 1995 and information sharing with other agencies , and to report to the Home Secretary on matters of local and national relevance and make recommendations as appropriate.” The recommendations from this Inquiry and the response to them of the Home Office are likely to produce new legislation and a different legal basis for all these matters. The Bichard Inquiry’s report is now in the public domain at: . The most important recommendation in the present context is for a national intelligence database for Police purposes.

Existing databases used by the Police

Databases for particular investigations

What do we mean by a database for investigations? For a complex stand-alone investigation, such as a murder or similar serious crime where a great deal of information has to be collated and analysed quickly, the UK has HOLMES2 [Home Office Large Major EnquirySystem]. This allows a database to be created quickly from new data gathered in the course of the investigation of a serious crime or a major incident. “It identifies and plots lines of enquiry, keeps track of vital pieces of evidence and reduces paperwork. All 53 police forces are signed up to it as well as National Crime Squad, National Crime Faculty, Ministry of Defence [MoD] police, British Transport Police {BTP] and Royal Military police [RMP]. Several forces can work together adding information to a single Incident Room”. [PITO website] It can also be used for low-profile crimes such as a series of burglaries where data management becomes complex.

Therealso exists SCAS [Serious Crime Analysis System], which is a specialised database related to murder, rape or abduction. This is to enable the rapid comparison of such crimes and the rapid identification of past cases exhibiting similar behaviour. This enables offender profiling and allows the investigating constabulary to have access to evidence previously gathered.

These two databases were the ones identified by representatives of the police during interviews as what could genuinely be called “investigative databases”.

The general system of data recording

There is a summary of the PITO statement to the Bichard Inquiry below that explains the PNC system nationally and the local systems. There are a number of highlights not mentioned by PITO which are worth noting here:

“…the strength of PNC is that it is a national system and depends on all forces entering quality, accurate and timely data to common minimum standards” I use this quote from the July 2000 Thematic Report of Her Majesty’s Inspectorate of Constabulary “ On the Record” to illustrate what will be the biggest problems of any European database.

There is also the C.A.T.C.H.E.M database at the National Criminal and Operations Faculty. This is primarily a research facility.

There are also regional databases, such as the Drugs Misuse Databases.

There has been a national DNA database since 1995. This is managed on behalf of the police service by the Forensic Science Service. It consist of a suspect database and a crime scene database.

“The Police and Criminal Evidence Act 1984 (PACE), as amended by the Criminal Justice and Public Order Act 1994, provides a power to take non-intimate DNA samples from all persons suspected of, reported for, charged with, convicted of, or cautioned for, a recordable offence. A "non-intimate DNA sample" essentially comprises a mouth swab or rooted hair (other than pubic hair). A "recordable offence" is any offence for which a person is liable, on conviction, to a term of imprisonment. The legal statutes mentioned above also provide that police may take DNA samples from suspects without their consent, using force where necessary, providing a Superintendent of Police has given authority, in accordance with the provisions of PACE.”

ACPO memo to House of Lords Science and Technology Committee Inquiry on DNA Databases

In the course of an investigation the police may also additionallyhave or seek access to a number of non-police databases:

In the public sector:

National Health Service

Inland Revenue

Passport Agency

Driver Vehicle Licensing Agency

In the private sector:

British Telecommunications PLC

The mobile phone companies such as Orange, Vodaphone etc.

Legislation

The major current pieces of relevant legislation are:

Rehabilitation of Offenders Act 1974

Amended 2002

Review 2004

Police and Criminal Evidence Act Revised Codes of Practice 1995

[original act 1984:

Code a:

all codes:

Police Act 1997

Youth Justice and Criminal Evidence Act 1999

[section 60 of the above removes section 69 of PACE

“evidence from computer records inadmissible unless conditions relating to proper use and operation of computer shown to be satisfied”

Data Protection Act 1998

Human Rights Act 1998

Computers Misuse Act 1990

Freedom of Information Act 2000

Regulation of Investigatory Powers Act 2000

Criminal Justice and Police Act 2001

para 134 inserts a new 120A into the 1997 act

Anti-Terrorism, Crime and Security Act. 2001

Crime [International Cooperation] Act 2003

Problem of legal basis

The Law Society’s submission to the Bichard Inquiry suggests that there is no coherent legal framework governing the use of personal data in the public sector. They argue that this has already been recognised by the government and that the recommendations of the Cabinet Office Performance and Innovation Unit report “Privacy and Data Sharing: the Way Forward for Public Services” provide an excellent starting point.This report identified a lack of awareness of how the legal framework operated and a problem with a lack of powers to share data between public bodies, even where consent has been given. The report argued that it was possible to achieve the objective of making better use of personal data in the delivery of public services while also enhancing privacy. It did however argue that crime policy might be the area where privacy was least possible.

The Department of Constitutional affairs produced a guide to the law on data-sharing in November 2003

The guidance discusses the powers of public bodies to collect use, and disclose personal information. It considers five areas of law are involved:

• the law that governs the actions of public bodies

(administrative law);

• the Human Rights Act 1998 and the European

Convention on Human Rights;

• the common law tort of breach of confidence;

• the Data Protection Act 1998; and

• European Union law.

The advice in the document, in summary, is that it is a matter of administrative law as to whether a public body has the power to carry out data sharing. It must then be considered whether, even though it may have the power, its exercise may be unlawful due to the operation of the Human Rights Act of 1998, the Data Protection Act or the common law tort of breach of confidence. These provisions should be interpreted with regard to the relevant principles of the ECHR and of European law.

But there are also Home Office circulars and notes of guidance which govern police use of databases. There are ACPO [Association of Chief Police Officers] Compliance Standards governing the placing of data on PNC2 and there will be in the near future recommendations as to best practice from the Centre of Excellence at the National Crime Faculty, Centrex, Bramshill.

A very clear statement, which is summarised in the following paragraphs, has been provided to the Bichard Inquiry by the Police Information Technology Organisation [PITO]. This body was established as a non-departmental public body [NDPB] in 1996 under the tripartite governance of ACPO, the Association of Police Authorities [APA] and the Home Office. PITO is responsible for the provision of national Information Technology and Communications systems to the police. “The policies and processes that govern the operational use of these ICT services are established by ACPO and monitored by the police and HMIC.”

In addition to national services provided by PITO, primarily the PNC, there are local intelligence systems devised and operated by individual constabularies. These vary greatly. PNC comprises several national police databases, including Stolen Vehicles, Criminal Names index and wanted/Missing persons. It is a 24 hour a day, 7days a week service available to organisations approved by the ACPO IM [Information Management]Police Security Sub-Committee [PSSC], which controls access by the police and partner agencies, including prosecution. It has existed since 1974 and has expanded over time. The PITO report singles out as an example, the Phoenix application, which includes criminal record information and did not go on-line until May 1995.

The information on the PNC is “owned” by police forces, and each Chief Constable is a data controller under the terms of the Data Protection Act 1998 for the management of this information.

Individual forces, under HO Circular 29/95, are responsible for creating PNC records and for data input into PNC databases. Rules governing operation of all PNC services are prescribed by the PNC User Manual, which is “owned” by the Police PNC Policy and Prioritisation Group [P4G]. This reports to the PNC Management Sub-Committee.

Weeding and deletion of records is administered by PITO and implemented directly by PNC software in accordance with ACPO defined business rules, contained in the ACPO memo “General Rules for Criminal Record Weeding on Police Systems”. Sine 1995 rules have been incorporated in the ACPO Code of Practice for Data Protection.

PITO is introducing 3 further systems over the coming years:

NSPIS Custody system [National Strategy for Police Information Systems]

NSPIS Case preparation system

Violent Offender and Sex Offender Register [ViSOR]

The Custody and Case Preparation Systems are being procured by most police forces jointly and are referred to as a single system.

The Custody system is intended to assist with the administration of custody centres and ensure compliance with the requirements of the Police and Criminal Evidence Act [PACE]. It enables automatic reporting and updating of local arrest and summons details directly onto PNC.

The Case Preparation system is designed to assist police to compile and present prosecution case files and associated evidence for presentation to other Criminal Justice Agencies [eg Crown Prosecution Service, Magistrates Court Service and the Crown Court Service. The outcome of any trial will automatically be reported to PNC.

Not all police forces will go along with this system. Some have already developed their own alternatives.

ViSOR will provide police and probation with a register of violent and/or registered sex offenders An interim application was in place by September 2002 and by January 2004, 38 of the 43 police forces in England and Wales were using it.

Local intelligence systems exist throughout the Cnstabularies and their CJ partners. PNC data is “hard data” based on verifiable fact. Local systems contain much more “soft data”, often based on speculation and hearsay. The National Intelligence Model is now being used to provide a framework for assessing the reliability of information sources. Intelligence is increasingly shared between forces and with national organisations. Regional intelligence sharing is becoming more formally organised.

Scottish System

The Scottish system was singled out for praise at the Bichard inquiry. They have centralised their IT systems and their intelligence database comes on-line during 2004. For non-UK readers, it may be worth pointing out that “United Kingdom” refers to the uniting of the Kingdoms of Scotland and England in 1707. From 1603, when James VI of Scotland became simultaneously James I of England, the same individual was King or Queen of both countries but each had its own separate parliament and own legal tradition. In 1707 the parliaments were merged, but Scottish legislation was a matter for a Grand Committee of Scottish MPs within the UK Parliament. Scotland has recently regained its own Parliament, though with fewer powers that the one that sis at Westminster.

There are 8 police forces in Scotland. The Lord Advocate and Procurator Fiscal can give instructions to the Chief Constables on offences and prosecutions. Otherwise the Chief Constable has sole responsibility for operations and effective and efficient use of resources. The role of the Procurator is a major distinction between Scotland on the one hand and England and Wales on the other. It also means that there is more in common between the Scottish system and Continental European systems that between “England and Wales” and other EU systems.

The major legal difference between Scotland and England and Wales is that corroboration of evidence is required for the proof of guilt. An accused cannot be convicted on the basis of a single unsupported piece of evidence. There are other differences, but this is the most important in the present instance. There is a Separate body of Scottish Law and a separate Scottish Parliament with law-making powers in a variety of areas.

The Scottish Police Information Strategy began with a feasibility study in 1993.

After 1998 the process accelerated and a centralised system was put out to tender in 2000. This included the Scottish Intelligence Database [SID]. This database will cover all Scottish forces by Autumn 2004 and already covered three of the eight at the time of the Bichard Inquiry. It is worth noting that the Cullen Inquiry into the shootings at Dunblane played a role in accelerating progress in a similar way to that about to be played in England and Wales by the Bichard Inquiry.