Essay Writing

• Essay Writing Services
• Essay Prices
• Order Your Essay
• Order Essay Marking
• Essay Marking

Free Example Essays

• Essay Examples
• Accounting Essays
• Aviation Essays
• Banking Essays
• Business Essays
• Commnunications Essays
• Construction Essays
• Criminology Essays
• Drama Essays
• Economics Essays
• Education Essays
• English Language Essays
• English Literature Essays
• Environmental Studies Essays
• Health Essays
• History Essays
• Law Essays
• Management Essays
• Marketing Essays
• Nursing Essays
• Social Work Essays
• Sociology Essays
• Teaching Essays
• Tourism Essays

Resources

• Essay Scam Warning
• Plagiarism Scanner
• Essay Writers
• Get Verified

Essay Examples - Information Technology Essays

Data Protection Act

The U.K. Data Protection Act (DPA) of 1998 was brought into public focus as a result of the 2003 conviction of Ian Huntley for the murder of two young girls.

Two police constabularies - Cambridge and Humberside - came under criticism for their implementation of the provisions of the DPA. Revelations that information detailing allegations of several criminal offences by Huntley had been deleted from Humberside police records, and that a vetting check requested of Cambridge police by Huntley's employer failed to pick up on those alleged offences, led to the 'Bichard Inquiry'. The aim of this inquiry was to look at how Humberside Police and Cambridgeshire Constabulary recorded, retained, used, stored and deleted information within the framework of data protection legislation as interpreted in national and local guidance. This essay has a similar aim, in that it will explain those provisions of the DPA that relate to the Huntley case and show that they were not in fact implemented by the police as they should have been, in order to optimise their system of information collection and storage. I will then go on to look at the effect the provisions should have had if they had been used correctly. Please refer to footnote1 for the source of the DPA 1998 text. The assertion by the Chief of Humberside Constabulary, that information regarding Huntley was deleted from their files in order to comply with DPA requirements will be the point to which explanation of DPA provisions will relate in particular, and my argument will be supported by pointing to some of the findings of the Bichard inquiry.

The provisions of the DPA 1998

Under the provisions of the DPA, data should be processed fairly and lawfully, and even then is subject to certain conditions. In complying with fairness and legality the data subject should, in some cases consent to the processing and then be made aware of the purpose for it and the identity of the data controller who oversees it. At the same time, no law of the land should be broken in that processing. Further, the conditions that must be met, relate to schedule 2 (/80029--n.htm) and schedule 3 (/80029o.htm). There are however exemptions (/80029--d.htm) to this. An extract from the exemption relating to the case we are discussing is as follows:

Personal data processed for -

(a) the prevention or detection of crime,

(b) the apprehension or prosecution of offenders are exempt from the first data protection principle

This would be categorised as sensitive personal data, therefore processing would be permitted without meeting any conditions of schedules 2 and 3. Because of this exemption the police were fully entitle to process data in regard to the numerous criminal offence allegations made against Huntley in the years leading up to the Soham murders.

One of the points made in the Humberside police chiefs original justification for deleting Huntley's records, was that the DPA did not allow for data to be processed for purposes relating to applications for employment after a certain time limit. This was not in fact the case. Two provisions come into play here. The first says that personal data processed for any purpose/s shall not be kept for longer than necessary to achieve the purpose/s. The significant point regarding Humberside police is that data review and retention policies are set by data controllers. Jay and Hamilton (2003, p.167-168) explain:

The Commissioner advises that data controllers should review their personal data regularly and delete the information which is no longer required for the purposes. The Legal Guidance suggests that controllers should adopt a systematic policy of deleting data. This might involve setting a standard life for records of a particular category. At the end of that life the record should be reviewed and deleted unless there is some special reason for keeping it.

Another provision states that personal data shall only be processed for the purpose/s for which it was originally collected. Part of the purpose/s being 'the prevention of crime' in this case, it related directly to the request for a vetting check on Huntley made by the Soham school that took him on as caretaker. Had that data been retained, the prevention of crime may well have been achieved. This vetting check also failed due to non-compliance with yet another DPA provision, again in regard to achieving the purpose for processing. This states that information should be updated and maintained for accuracy (/80029--j.htm#70). The Police National Computer (PNC), supposedly a resource to enable the sharing of data across UK police forces, received the request for a check via Cambridgeshire Constabulary in December 2001. The school had received an application for employment by a man under the name of Nixon. Nixon was in fact Huntley. Humberside police, aware of Huntley's alias had failed to update the record on the PNC. Once again, had the provisions of the DPA been embraced, crime may have been prevented.

Following the Bichard report the Information Commissioner issued a statement entitled Retention of Personal Information by the Police - Huntley Case. The following extract serves to highlight the DPA provisions that were not complied with and perhaps hints between the lines at what might have been had the police used those provisions in the way they were meant to.

It is for the police to decide what information should be kept, and for how long, for their job of preventing or detecting crime. Under the Data Protection Act (DPA) it is for individual police forces - not the Information Commissioner - to decide what information should be retained.

The DPA states that any personal information should be adequate, relevant and not excessive and not kept for longer than is necessary. The Information Commissioner has given no formal instructions or directions to any Police force on the retention of personal information under the DPA.

The Act requires the exercise of judgement. A balance must be struck between the need to catch offenders and protect the public from crime, and the need to ensure that those who are innocent or only guilty of minor misdemeanours are treated fairly. The Act does not impose set time limits for the destruction of particular types of information.

My explanation of the provisions relating to the Huntley case are based on the first five principles of the DPA 1998. The three remaining principles involving the rights of the data subject, unlawful processing of and accidental damage to data, and the transfer of data to territories outside of the European economic area do not relate to the case.

The DPA and the Soham Murder Investigation

As noted above, it is left to the discretion of the data controller in setting a policy for data review and retention. In the case we are discussing the data controller would be the Humberside Police Constabulary represented by the Chief Constable, David Westwood. The question of Westwood's assertion that data on Huntley was deleted in order to comply with the DPA was quickly resolved. Having studied the DPA with experts subsequent to his comments,

Mr Westwood admitted long term collective failure on intelligence handling within his force and that he had been wrong to blame the Data Protection Act for records being deleted.

The Association of Chief Police Officers (ACPO) is responsible for liaising with the Information Commissioner on DPA issues, and then for issuing guidance to police constabularies on its implementation. In 2000 their 'General Rules For Criminal Record Weeding On Police Systems' was available to all constabularies. It states the following:

Details may be retained for a period of five years of cases where a sexual offence is alleged, but the subject is acquitted, or the case is discontinued because of lack of corroboration or allegation of consent by the victim

Order Now. It takes less than 2 minutes.

1. * Name   
2. * Email   
3. * Phone   

1. * Your essay question 
   (please give as much detail as possible)  

Bearing in mind that Humberside police dealt with several allegations involving Huntley, including four involving rape, one of indecent assault on a minor, one of unlawful sexual intercourse with a minor, a burglary and non-payment of a fine, it is clear that a wealth of data on Huntley was available to the police and if an appropriate review and retention policy had been in place at Humberside, may have prevented the Soham Murders.

The Bichard Inquiry cited the criminal intelligence system as the greatest cause of the failure to hold and share data relating to Huntley. Interaction between the Information Commissioner, the ACPO, and UK police constabularies regarding implementation of the DPA, was also criticised. Those issues are not the remit of this discussion. The provisions of the DPA are though, and they were not found to be lacking. The Information Commissioner in defence of the DPA said:

It is ridiculous that organisations should hide behind data protection as a smokescreen for practices which no reasonable person would ever find acceptable, possibly referring to Chief Constable Westwood's claim that the DPA was to blame for the Huntley data fiasco, rather than his own system management.

The report following the Bichard Inquiry, referring to the absence of data on Huntley states:

The loss of this intelligence cannot be blamed on the data protection legislation. The loss of this intelligence was caused by the failings of Humberside Police's record-keeping systems. The legislation may be, as a member of the judiciary said recently, 'inelegant and cumbersome', but it was not the problem here, and I do not believe that radical revisions are necessary on the strength of this case.

The provisions of the DPA 1998 did not have a direct effect on the monitoring and investigation of Ian Huntley's criminal activities, by way of the fact that they were not complied with. The common charge that it is a complex piece of legislation that is difficult to understand and interpret has been addressed by the Information Commissioner following the Bichard Report. However, ACPO guidance was available to Humberside police, so that charge is redundant in this case. Had DPA provisions in relation to the collection and storing of police intelligence been embraced with enthusiasm and a full understanding, then data would have been available to the police in order to achieve their purpose of upholding law and order far more efficiently. It may well have prevented the murders of Holly Wells and Jessica Chapman in Soham in August 2002.

Back to: Essay Examples

Having looked at the provisions of the Data Protection Act of 1998, and related them to the case of Ian Huntley, I have shown that had they been understood and used correctly, the collection and storage of personal data regarding Ian Huntley would have provided a resource to police that would not only have enhanced the quality of their investigation into the Soham murders, but may have prevented the need for it. The DPA clearly contains adequate provisions that would not have obstructed the operation of an efficient data review and retention policy at the Humberside Police Constabulary. Unfortunately, despite guidance from the ACPO, no such policy was in place in the period leading up to the incident. Had there been, Huntley may have been stopped long before he got to Soham.

BIBLIOGRAPHY

Bichard - http://www.bichardinquiry.org.uk/faq/ [Accessed 07/03/05]

/evidence/full.asp?source=Associatio n+of+Chief+Police+Officers [Accessed 07/03/05]

/10663/html/national_systems_structure_findings.htm [Accessed 07/03/05]

Birkinshaw, P. (2001) Government & Information (2^nd Ed.) U.K. Butterworths

Blume, P. (2002) Protection of Informational Privacy Copenhagen, DJOF Publishing

BreakingNews <http://archives.tcm.ie/breakingnews/2004/06/15/story152492.asp [Accessed 07/03/05]

Bygrave, L. (2002) Data Protection Law The Hague, Kluwer Law Int.

Carey, P. (2004) Data Protection (2^nd Ed.) Oxford, Oxford University Press

Golds Legal (online) <http://www.golds.co.uk/articles/articles_busi_data_protection_update_feb2004.htm [Accessed 06/03/05]

HMSO http://www.hmso.gov.uk/acts/acts1998/

Information Commissioner (online) http://www.informationcommissioner.gov.uk/cms/DocumentUploads/Soham%20Case%20-%20Final%20statement.doc[Available 09/03/05]

Jay & Hamilton (2003) Data Protection - Law and Practice (2^nd Ed.) London, Sweet and Maxwell

Please note: The above essay was written by a student and then submitted to us to display and help others. Thanks to all the students who have submitted work to us.