Northern Ireland’s police chief has gone on record that he is “deeply sorry” about 2 “industrial scale” breaches of internal data, revealing the identities of 1,000s of his officers & staff.
The Police Service of Northern Ireland (PSNI) accidentally shared details on a spreadsheet about 10,000 of its employees on Tues.
Details of a 2nd data breach from July emerged less than 24 hours later.
Chief Constable Simon Byrne revealed that a PSNI unit set up to support staff had already received over 600 referrals.
Safety
Police officers have told their bosses that they are worried about their safety after the incidents.
The breaches have caused shock among officers, many of whom try not to reveal their occupation to people, including their friends & family, due to security concerns.
In the most recent major attack in Feb., an off-duty senior detective suffered ‘life-changing injuries’ after being shot several times by dissident republican paramilitaries.
Mr Byrne stated that he had spoken to his officers & staff, & had realised that some were “anxious, frustrated & really, really angry”.
“You can only imagine the unconscionable horror as people start to realise that maybe a loved one is put in jeopardy by what they are seeing,” he explained.
‘Unprecedented Crisis’
Regarding a claim by dissident republicans that they had obtained the staff list, Mr Byrne responded that the PSNI had “not been able to verify the substance behind that”.
He observed that he would not resign amid the crisis & offered an apology from himself & his senior team.
“Leadership is not about walking away – it’s facing up to responsibility,” he said.
“We need consistency & calm heads to lead us through an unprecedented crisis.”
Morale within the PSNI is at ‘rock bottom,’ & one big, immediate job for Simon Byrne is restoring his officers’ trust in the force.
However, the problems do not end there.
Law Firms
Law firms are already revealing that they will represent officers & civilian staff who have had their identities revealed in these data breaches.
With over 10,000 people affected, the potential bill for compensation could run to 10s of millions of pounds.
That would be hugely problematic not just for the PSNI but the wider budget for public services in N. Ireland.
Mr Byrne was speaking after facing questions in an emergency meeting of the Northern Ireland Policing Board, the independent organisation which scrutinises the work of the PSNI & holds its senior management to account.
The Chief Constable had returned early from a holiday abroad for the behind-closed-doors meeting on Thurs.
‘Human Error’
In a press conference after the meeting Mr Byrne acknowledged that the PSNI could face a financial hit if it were required to update its data systems, pay compensation, or face a fine from the Information Commissioner’s Office (ICO).
The Chief Constable confirmed that no officers had been moved from their homes due to safety concerns after the data breaches.
But he explained that the force was assessing whether some specialist officers should be redeployed “away from their usual place of work to a new location”.
Police Federation
Policing Board members also heard from the Police Federation, a union representing rank-&-file officers, & the Northern Ireland Public Service Alliance, which represents civilian PSNI workers.
The members “were left in no doubt that this breach has left many staff shocked, worried & angry,” outlined Deirdre Toner, Chair of the Policing Board.
“This breach has been identified as due to human error, with very serious consequences,” she added.
Ms Toner said the board had impressed upon the PSNI’s senior management “the need to ensure every necessary step will be taken to reassure and protect affected staff, & to put the safeguards in place that will ensure this cannot happen again”.
Security Advice Update
The Police Federation revealed that “several hundred” officers had already told their managers they were “concerned & worried” by this week’s breach.
In the biggest data breach, described as “monumental” by the union, information about every PSNI officer & civilian employee was mistakenly published in response to a Freedom of Information (FoI) request.
The information appeared online for 3 hours on Tues. & led to the PSNI updating security advice to its officers & staff.
The surname & 1st initial of every employee, their rank or grade, where they are based & the unit they work in, including sensitive areas such as surveillance & intelligence, were included.
Information about the 2nd data breach, involving the theft of a spreadsheet with the names of 200 officers & staff, surfaced on Wed.
Stolen Laptop not Reported for 3 Weeks!
The PSNI stated that documents, along with a police-issue laptop & radio, were believed to have been stolen from a ‘private vehicle’ in Newtownabbey, County Antrim, on July 6.
The police have now confirmed that they were able to remotely wipe both of these devices & are confident that information on them would not be accessible by a 3rd party.
However, on Thurs.’s Policing Board meeting ACC Todd revealed that there was a 3-week gap between the PSNI laptop being stolen & the theft being reported to his office.
He explained that the information came through to our security on the 27th & I dealt with it immediately after that as soon as it came to my attention”.
“The gap in between is part of an ongoing investigation,” ACC Todd added.
‘Very Alarming’
Alliance Assembly Member Nuala McAllister described Thur.’s meeting as “long & intense” but that questions remain about how the data breaches were allowed to happen.
Policing Board member Mark H Durkan observed that the claim that dissident republicans have information on police officers in the wake of the breaches is “very alarming” & “sadly inevitable”.
The Ulster Unionist Party’s Mike Nesbitt commented that some clarity had been provided on how Tues.’s breach came about, saying it was partly a ‘systemic error’ & partly ‘human error.’
He told BBC Radio Ulster’s ‘Evening Extra’ that one of his concerns is possible effects on intelligence gathering.
Informants, he suggested, might “think twice” about continuing to engage with police, given that “they can’t even keep secure information about their own officers”.
‘Actions’
Sinn Féin assembly member Gerry Kelly commented that the Policing Board had made the point “forcefully” that the PSNI must now work to assess the differing levels of risk faced by individual officers.
The Democratic Unionist Party’s Policing Spokesperson, Trevor Clarke, acknowledged that the Chief Constable had “fronted up & apologised” but that “among those directly affected inside & outside the PSNI he will ultimately be judged on actions, not words”.