Members of the Scottish Parliament (MSPs) may delay the release of new technology designed to enable police in Scotland to harvest data from citizens’ mobile devices and laptops without using passwords.
Over £500,000 was spent by Police Scotland to purchase 41 portable devices which can override the encryption on most consumer device storage. However, rollout has been suspended over fears that the techniques amount to a violation of the law. MSPs have called for more safeguards as a result.
The news follows a new publication in Holyrood which advocates placing a delay on the project until more is known about the legal intricacies of the proposed measures.
The report raises concerns as to why the Scottish Police Authority (SPA) allowed such a scheme to come about, while conduct of Police Scotland during trials in Scotland also comes under fire.
The justice sub-committee that published the report, said that individuals who had their phones seized and searched had not been told what was going on.
Convener of the sub-committee, John Finnie said:
“Prior to the introduction of any new technology to be used for policing purposes, an assessment of both the benefits and the risks should have been carried out. It appears that, in relation to the introduction of cyber kiosks, only the benefits were presented by Police Scotland to the SPA, with the known risks not provided.
“The SPA, for its part, seems to have accepted the information provided with very little critical assessment. Even the most fundamental questions, such as the legal basis for using this technology, appear to have been totally overlooked.
“This sub-standard process has resulted in over half a million pounds worth of equipment sitting gathering dust. Clearly, this is not an acceptable situation. The sub-committee wants to work with the Scottish government and the stakeholder groups belatedly assembled to consider the implications of introducing cyber-kiosks to find a solution which would provide the necessary safeguards for the use of this new technology,” Mr Finnie added.
Assistant Chief Constable, Steve Johnson of Police Scotland said:
“Like the justice sub-committee on policing, we have received written confirmation from the Crown Office and Procurator Fiscal Service about the clear legal basis, and robust statutory regime, for the use of this much-needed technology.
“The rigorous scrutiny of this process by the justice sub-committee has added significant value to the development of Police Scotland’s assurance and governance processes for the use of this necessary equipment.”
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/