Until this kind of phuck-up costs someone their pension, the public sector and Pseudo-public sector will not care... its not their money being fined.
M
Greater Manchester Police has been fined £150,000 after three DVDs containing footage of interviews with victims of violent or sexual crimes were lost in the post. Cops sent the unencrypted (our emphasis) DVDs to the Serious Crime Analysis Section of the National Crime Agency by recorded delivery but they never arrived. The …
The sum involved as one tax funded entity fines another tax funded entity is not even a rounding error in the accounts. No individual is censored or directly accountable.
Make the fine £25K and directly payable by the chief of the GMP or the superintendent of the relevant unit, deducted from wages and this would be meaningful.
Until then, all we'll hear are noises about lessons being learned.
http://www.manchestereveningnews.co.uk/news/greater-manchester-news/trespassers-find-police-videos-987994
Broke in - false, the doors were wide open
Found in police station - partly. Some were strewn around the car park
Tapes wiped - no they weren't
Anon because I found them.
I believe you as I know others that do this sort of stuff...
Maybe, just maybe, the ones that kicked in the doors were y'know, the ones that sprayed the graffiti.
We tend to call them the homeless, squaters, vandalls or junkies around these parts. Not Urbex people.
Pass a law that any confidential information that is to be sent in the post must be encrypted and the key sent separately.
Set this as a criminal offence punishable by up to 2 years jail and a fine for the person who sends it as they are responsible.
Also include information sent via email or over the internet.
That might work because these silly fines between themselves do nothing.
I see where you are coming from with that and I almost wrote "post" without the "sent"
The distinction is clear, it is the person sending it and how they send it.
Sure, they can pass it to the post room but at the end of the day when something is sent there is always a "from" and a "to". Whoever is the "from" is responsible for the encryption regardless of how it gets to the "to"
Training or employing someone in charge of encryption solves the problem.
Agreed on the encryption first but then whats to stop them writing the password on the disks?
"Or the computer illiterate copper?"
Computer literacy doesn't come into it - we've no information on that one way or the other - but what's relevant is that we appear to have someone who doesn't know about a proper chain of custody of evidence. If they hadn't got lost and had been presented in court could he have produced a set of signatures for everyone who handled it in the Royal Mail?
Given you can send things protectively marked "secret" or "restricted" via the UK postal service unencrypted (sensitive logs, arch diagrams, designs of secure networks burnt to dvd etc), provided you take the highly secure process of putting it inside a envelope addressed then placed inside a envelope for protection, I am rather unsurprised...
Flag this as stupid, yes on more than one occasion, but the peon's are ignored and middle managers want to just follow the letter as laid down to them.
One can hope this leads to the defined rules changing, with minimum strength and ciphers clearly detailed in them.
I think they are referring to the written guidelines/rules about sending 'restricted' data through the mail/courier system. Commercially sensitive information requires independent risk assessment, but the rules are too relaxed given that 'restricted' can mean any of a number of different things. Incidentally, I have been sent a number of highly sensitive commercial documents - which were reclassified as 'restricted' by government in this way.
First, how is it possible that a recorded delivery being lost?
Second, when Police is fined in UK, who does pay really in the end? Wouldn't that be the taxpayer anyway?
Third, if there is no other sanction than a collective fine, how one can expect that individual responsibilities are fully assumed?
I've had numerous things 'lost' by both recorded delivery and by couriers where everything is tracked. Once it's in one of their sorting warehouses, just consider yourself lucky if it comes out.
Oh, I had a multi-parcel delivery heading for my home that "vanished" when it was allegedly delivered at my home. Their problem was that I had been tracking the tracking, so to speak, so when I got home and found nada at home as well at either neighbour I drove to the distribution centre which was just some 500m away from where I lived, and I wasn't accepting their BS:
1 - someone had "signed" - the sig on file wasn't mine, nor of any neighbour, so I asked if they were in the habit of just handing parcels to a local passerby when bored.
2 - there was a "mistake" in the "system" (the eternal excuse for people, especially those that have no IT background and think that may work) and "the parcel" was still in the warehouse, which they then "found" - at which point I told them it was a two parcel dispatch.
At that point I lost patience and told the site manager who had now arrived that I would be returning tomorrow morning, and that there were only two outcomes: either the "missing" parcel was "found", or the whole depot would be talking to the police for theft and insurance fraud because I wasn't going to assume I was the only system "mistake".
Unsurprisingly, the day after the other parcel was "found". In those days I was just happy to recover my computer goods because I needed them, nowadays they would still be talking to the police anyway as I have lost my tolerance for sh*t like that.
So the police lose £150K, as they obviously have the cash to spare... whereas the senior management scum responsible for ignoring the law (which obviously doesn't apply) isn't run up a flagpole by their sensitive parts as a warning to the others.
C'mon, is that the society we really want to live in? Recent voting trends imply it is not.
Wait wouldn't sending evidence by mail break the chain of custody ?
A very interesting point! I was not a Police Officer although I did work for a Force in a civilian capacity for several years, so anything I write is not an expert opinion.
It might depend on whether the material was the evidence or a copy of the evidence. Certainly if blood - stained shirts, knives, drug samples and the like were swilling around in the post then I would expect that could certainly break the chain of evidence, but for a copy DVD with an interview on it... I doubt it.
If the material was "mission critical" then putting the only copy in the post would be foolish on an unimaginable scale, but of course that doesn't mean that it can't happen.
Perish the thought...
"but for a copy DVD with an interview on it... I doubt it."
Also not a police officer but formerly a court-going forensic scientist. If the copy was being sent for investigation by someone who'd then give evidence on it then I'd have thought chain of custody would be necessary.
OTOH I think DiC samples for independent analysis are sent by post. I know one was. An unexpected item arrived by post and the X-ray couldn't identify it. It was put round the back of the lab until the Army sent round an ATO team. They "opened" it with their shotgun robot. It turned out to be someone's urine sample that he'd sent without making prior arrangements. He didn't get his independent analysis done.
Apart from the privacy issues anyone handling what are potentially court exhibits should really be taking personal responsibility for their actions. They could be called into court to give evidence to prove that what was examined and exhibited in court was what it was claimed to be. I think it would be entirely reasonable that those responsible for posting the items should be held responsible by the ICO. I'd also expect any defence barristers in cases handled by the GMP to give chain of custody a close examination and probably get a number of cases thrown out if this is the GMP's standard of exhibit handling.