When Is A Data Breach Not A Data Breach?

Last updated on October 13th, 2023 at 08:02 pm

Reading Time: 4 minutes

When the Data Breach  in question relates to the contents of the Metropolitan Police’s Intranet it would seem.

Thank goodness for Google Cache, I thought I’d lost this piece, but now it is found, and I am a happy dinosaur now

On Monday morning I became aware that a vexatious user of Twatter was sharing, to all and sundry on Twitter, images of a Met Police Computer Screen and the information thereon.  The person in question thought that it was a damn fine thing to do, and was fully justified in her vociferous campaign against Misogyny within the Metropolitan Police.  She volunteered the information that these images had been forwarded to her by somebody within the Metropolitan Police Service, but it was not stated if this person was Police Officer or Police Staff, but I believe they are female (if I can say that).  I should also point out that the recipient is not, and never has been a Police Officer in ANY Force, and I don’t believe she has ever been Police Staff.  I find it difficult to comprehend how she can be ‘authorised’ to be in possession of anything from a Police Computer System, regardless of the nature of the content.  If it was for public consumption it would be on their website.

The Tweet in question was this one, I’ve had to use an image of it because the good ‘doctor’ has ‘blocked’ me.

Breach2
Breach2

 

Unfortunately my eyesight is not what it once was, and I cannot make a great deal of what is on the screen, but that isn’t really my issue.  Many people, including a retired Senior Officer from the Met, have challenged me, stating that they see nothing wrong with the content and no offences have been committed.

Like a lot of other organisations, the Metropolitan Police has a website and an Intranet.  Their website is obviously where their Press Releases, Recruiting Information, Crime Trends etc are published for the benefit of the Public.  The Intranet is a totally internal ‘private mini internet’ where emails are sent and received, information is published to assist officers to do their jobs efficiently.  It is accessed by (for want of a better description) payroll number and password, and access is restricted to authorised users only.

My Dilemma

My dilemma is this. To a certain degree I don’t really give a toss what the contents of the ‘leak’ were.  It is suggested that it is a conversation between two serving Met Police officers, and nothing Secret or Confidential.  However, even if I accept that, I still have an issue with it.  The person sharing it on Twitter, and her cronies, has openly admitted what it supposedly is, where it came from and posting it in a public forum without the consent or authorisation of the Metropolitan Police or the 2 officers allegedly having the ‘conversation’.

Bearing in mind that you need to be an authorised user to log on and access the content, or any part of it, how can it be right that some anti-police agitator can be supplied with screenshots, and, apparently, nobody commits an offence.

Directorate of Professional Standards

The matter has been reported to the Met’s Professional Standards Department, who appear to have put it in the ‘too difficult tray’ and declined to investigate it.  If this a true and accurate position, then they have done so, possibly without confirming the contents of the screen grab and definitely without establishing the identity of the supplier and whether or not he/she has accessed and passed on anything else they shouldn’t have.

Twitter

A number of people have reported a number of Tweets regarding this toi Twitter, believing them to be in breach of Twitter’s guidelines.  At the time of writing there has been no response, which normally means that they aren’t breaching the guidelines.

The Information Commissioner

I have forwarded this sorry tale to the Information Commissioner, hoping, at least, to get a definitive answer as to whether or not any offences have been coommitted, and if so, by whom.  At the time of writing I have had no acknowledgment, but I’m thinking I might resubmit a lengthy email, outlining my concerns.

Conclusion.

There isn’t one really, not at the moment.  Personally, I don’t have sufficient knowledge of the Computer Misuse Act, but it seems totally bonkers to me that, assuming no secrets have been spilled, the officer or civilian, who supplied the screen shot, has seemingly committed no offence, neither criminal nor disciplinary.  Professional Standards have seemingly declined to perform even a cursory investigation.  Twitter thinks its OK and the Information Commissioner has yet to contribute to the discussion.

As we stand, it seems to me that nobody, apart from myself and a few like-minded individuals, sees a problem with it,  not even a former Met Superintendent. That would appear to leave the issue in limbo.  I have to admit that I’m extremely disappointed, if, as stated, Professional Standards have declined to do even a cursory investigation.  It is a closed Met system.  They presumably can identify the items viewed, then they can examine the audit trail for those items and established who has viewed them.  It is certainly possible, not exciting detective work, but possible. If the person supplying the information was so certain that they were bomb proof why didn’t they just print them, instead of taking photographs?

It seems like a mess.  It seems like the DPS are being complacent. But what do I know, I’m only a retired dinosaur?

Enjoyed the post? Share it?
0
0
Scroll to Top
Verified by MonsterInsights