Greenleaf, Graham --- "NSW Police refuse to log access" [1994] PrivLawPRpr 74; (1994) 1(5) Privacy Law & Policy Reporter 94
NSW POLICE REFUSE TO LOG ACCESS
Office of the NSW Ombudsman - Improper Access To & Use of Confidential Information by Police, Special Report to Parliament, Report 04/94, April 1994
The NSW Ombudsman, David Landa, has found it necessary to make a Special Report to Parliament because of the refusal of the NSW Police Service to require police officers to record reasons for accessing criminal information or motor vehicle records. The Report recommends that the Police Service implement his recommendation.
The report is a result of the 1992 NSW Independent Commission Against Corruption (ICAC) Report on corrupt trade in information, where 37 of those found to have engaged in corrupt conduct were police (see 1 PLPR 47). Subsequently many of these cases became complaints against police investigated by the Police Service overseen by the Ombudsman.
These complaints were only part of a large number received by the Ombudsman concerning disclosure of confidential information by police. Despite the widespread publicity surrounding the ICAC inquiry, the rate of these complaints of around 80-90 per year in 1990/91 and 1991/92 doubled in each of the last two years. The Police Service deals with the majority of these complaints, where sustained, as ''minor disciplinary issues, generally having the police ''counselled'.
The present Police Service practice concerning access is to record only the name of the accessing police officer and the registration number of the vehicle accessed or the name of the person's criminal history accessed. When police are faced with these records during a complaint investigation, it is ''not uncommon' for them to be incapable of recalling reasons for a large proportion of their accesses. They assert that no access has been for other than official purposes, and, in the absence of any evidence to the contrary, are then given the benefit of the doubt.
''Having considered many such cases, it became clear that the existing means of recording the use of the system leaves it open to corruption', Mr Landa concluded. He recommended the inclusion of an extra field on the log-in screen, requiring police to record reasons for access.
The Police Service COPS Focus Group, consisting of the Computer Security Administrator, Manager of Information Processing, Director of Information Technology Branch, and Commander of Professional Responsibility, rejected this recommendation because of ''the overheads that would be generated from recording reasons for each log-on' (estimated by them at 30 seconds for a 100 character reason, for over 4 million accesses per annum), because ''persons would record generic reasons which would not assist with determining the real reason' and because of their ''belief that corrupt persons would not enter the real reasons for log-on' so ''the approach suggested would not be foolproof'.
The Ombudsman states that this workload analysis is flawed because most entries would not be 100 characters but would only require an abbreviated reference to a police file, that ''the extra time required is grossly over- estimated', and no assessment it made of the potential benefits of implementation. Second, ''failure to enter a sufficient reason could, of itself, warrant some disciplinary action'. Anti-corruption measures, he says, cannot be ''foolproof' but this is not a reason to avoid systems of accountability.
Comment
The Ombudsman's report indicates a continuing indifference by the NSW Police Service to the prevention of corrupt use of confidential information, despite mounting evidence that such use remains out of control (see ''NSW police continue privacy abuses' in this issue)
Graham Greenleaf