back to article Man arrested in Northern Ireland police data leak as more incidents come to light

A man was arrested in Northern Ireland for suspected Collection of Terrorist Information following an incident where police mistakenly leaked details that identified 10,000 serving officers, but he has now been released on bail. The information was leaked when police posted a spreadsheet online listing the surnames and …

  1. Anonymous Coward
    Anonymous Coward

    I understand why but it's a bit of a bullshit charge

    The PSNI published this information. In relation to a Freedom of Information request.

    They are now charging someone with copying and passing on the information they published freely.

    Anywhere else but Northern Ireland this would be a case for a civil liberties countersuit.

    If the person charged had other offenses, such as membership of a terrorist organisation, then charge them with those.

    1. Anonymous Coward
      Anonymous Coward

      Re: I understand why but it's a bit of a bullshit charge

      Only today in England, Liverpool Police have had a kicking for trying to prosecute a poor sod they sent classified information to by mistake.

    2. Peter2

      Re: I understand why but it's a bit of a bullshit charge

      Yes, and no.

      For instance, I have an interest in military history and have a number of books sitting on my bookshelves about quite nasty improvised weapons the home guard deployed during WW2, and a instruction manual on practical methods for guerrilla warfare published during WW2. (both came from Waterstones; strangely...)

      While owning those is absolutely legal, were I to develop links with a terrorist organisation then I would expect that my ownership of those would probably (and quite rightly) considered to be materials useful to terrorism which is an offense in the UK. This is easier to prosecute than membership of a proscribed organisation since terrorist organisations rarely issue convenient membership cards, and their members do tend to lie about their membership of that sort of group.

      In the same way, it's well known that the IRA was funded and lavishly equipped by the Soviet Union to cause problems in Britain during the cold war; which is where the IRA got their funding, plastic explosives, RPG's, HMG's and AK's from. After decades of peace, after Russia invaded Ukraine elements of the real FSB IRA hunted down and shot an off duty police officer 6 months ago while he was coaching kids at a club.

      In that context i'd suggest that anybody with links to the Real IRA (or the Real Russians) who downloaded a list of police officers and then say the electoral registrar with a list of names and addresses and started cross referencing them could probably expect that while owning both sets of public information is entirely legal, the combination of both along with their associations would be quite enough to justify a forensic examination of their entire life and their contacts under anti terrorism legislation while they are safely incarcerated.

      And frankly, I don't think that that would particularly bother many people in England, Wales, Scotland or either the Northern Ireland, or the Republic of Ireland since I doubt that many people think that political violence is any kind of answer to anything. The investigation would be as fair as anything conducted by human beings is capable of being, so if they were innocent then they would in all likelihood be found innocent by the criminal justice system. (We don't do "plead guilty or else" or any other form of plea bargaining system on this side of the pond)

      1. Anonymous Coward
        Anonymous Coward

        We don't do "plead guilty or else"

        "The investigation would be as fair as anything conducted by human beings is capable of being, so if they were innocent then they would in all likelihood be found innocent by the criminal justice system"

        While I appreciate your faith in the British justice system, I can think of a few occasions during the relatively recent past when innocent Irish people got locked up: Birmingham Six, Guildford Four and Maguire Seven, Winchester Three, etc.

        1. Doctor Syntax Silver badge

          Re: We don't do "plead guilty or else"

          And a large number of assistant post-masters.

      2. Blazde Silver badge

        Re: I understand why but it's a bit of a bullshit charge

        While owning those is absolutely legal

        I'd advise a little caution. You're reliant on a court agreeing you have a 'reasonable excuse' for possessing them. Your membership of an organisation doesn't in any way affect the fact of them being likely to be useful to terrorists. They either are or they aren't.

        While there's a fair amount of precedent at this point, juries tend to be generous with the excuse definition, and the CPS doesn't waste resources against people they don't actually want in prison (perhaps for some other reason), the burden of proof is still on you to explain your possession. That's a bit different from something being absolutely legal. Waterstones' employees have the very reasonable excuse that they're selling the books to buyers who have a responsibility to ensure they in turn have a reasonable excuse. Hopefully you do have a fair number of other military history books, records of visiting exhibitions or association with other enthusiasts and so on to back up your academic interest.

        Incidentally if this N.Ireland arrest is related to the spreadsheet leak it's likely to be one of the slightly different (and arguably less bullshit) offences which specifically criminalises information about police officers. For example section 58A presumably makes it an offence to even ask someone to give you this spreadsheet:

        https://www.legislation.gov.uk/ukpga/2000/11/section/58A

        "A person commits an offence who—

        (a)elicits or attempts to elicit information about an individual who is or has been—

        (i)a member of Her Majesty's forces,

        (ii)a member of any of the intelligence services, or

        (iii)a constable,

        which is of a kind likely to be useful to a person committing or preparing an act of terrorism, or

        (b)publishes or communicates any such information."

        (It would also criminalise the original leak if it were intentional, but that doesn't appear to the case)

      3. Anonymous Coward
        Anonymous Coward

        Re: I understand why but it's a bit of a bullshit charge

        "In the same way, it's well known that the IRA was funded and lavishly equipped by the Soviet Union to cause problems in Britain during the cold war; which is where the IRA got their funding, plastic explosives, RPG's, HMG's and AK's from."

        According to the document you linked to it mentions only a single shipment (this is "lavishly equipped"?) during the Cold War and does not mention any funds being provided during that period.

        Contrast this with multiple large Libyan shipments and funding from (mainly Irish-American) US citizens during the course of The Troubles...

        Also "the IRA" - which one are you referring to? Official IRA? Provisional IRA? Continuity IRA? Real IRA? New IRA? I can't believe it's not the IRA?

        1. The commentard formerly known as Mister_C Silver badge
          Facepalm

          Re: I understand why but it's a bit of a bullshit charge

          Were the "I can't believe it's not the IRA" gang the ones who used "no more nails" bombs?

        2. Anonymous Coward
          Anonymous Coward

          Re: I understand why but it's a bit of a bullshit charge

          The so-called "Real IRA" - wannabe psychos the lot of them. It's the Surreal IRA I worry about with their plans to smear thick-cut marmalade over all the cows in County Fermanagh and what they're planning on doing with the latest shipment of anti-personnel pilchards they've received from Iran. http://writers-voice.com/ABCDE/D/DK_O_Donnell_the_surreal_ira.htm

      4. This post has been deleted by its author

      5. ChoHag Silver badge
        Thumb Down

        Re: I understand why but it's a bit of a bullshit charge

        > [Owning a book] is easier to prosecute than membership of a proscribed organisation

        Knowledge is easier to prosecute than actions?

        > (and quite rightly)

        Hmmm...

      6. ShortLegs

        Re: I understand why but it's a bit of a bullshit charge

        "We don't do "plead guilty or else" or any other form of plea bargaining system on this side of the pond"

        Oh yes we do. If you plead Guilty at the earliest opportunity you get an automatic deduction of sentence. If you leave it to the last minute, you receive some credit. If you plead Not Guilty, and are subsequently found guilty, you can receive a stiffer tarrif.

        Ad for the "investigation" being fair... one word, Malkinson. If you dont understand, google it. Lets also say Guildford 6, Birmingham Six, Guildford Four, Maguire Seven

      7. Mobster

        Re: I understand why but it's a bit of a bullshit charge

        That is where the US does better in my opinion - prosecuting for having information that was not obtained illegally would be almost impossible in the US. I understand your bit about criminal organizations not handing out membership cards, but that is what the police are supposed to do, find out who are members of terrorist organizations, not just charge anyone with innocent information that could have been used by a terrorist organization.

    3. big_D Silver badge

      Re: I understand why but it's a bit of a bullshit charge

      Yes, this is just scapegoatism, to divert attention away from the real problem.

    4. Anonymous Coward
      Anonymous Coward

      Re: I understand why but it's a bit of a bullshit charge

      Most governments mistake transparency for data breaches. Oversight and review are not welcome.

  2. Cynical Pie

    Newsflash

    The current IC will do absolutely nothing, zilch, nada.

    He will issue a stern telling off as he can't be bothered to enforce the legislation and makes up punishments on a whim

    1. Doctor Syntax Silver badge

      Re: Newsflash

      If he doesn't enforce the legislation how can he be dealing out any punishments at all, whether made up on a whim or otherwise?

  3. Pascal Monett Silver badge
    FAIL

    So, arrested for accessing published information ?

    Well done The Plod. You goofed, and now you're blaming anyone who looks at your goof.

    I'm sure the terrorist charges were welcome.

    I think Collection of Terrorist Information should be mirrored by a Publication of Terrorist Information.

    Then we'd see how many numbskulls remained to goof like that.

    1. wolfetone Silver badge

      Re: So, arrested for accessing published information ?

      I'd like to see what happens when the lawyer gets involved and points out the PSNI were acting as Agent Provocateur with the release of information. Because surely they're not that incompetent that they'd release information like this by just a pure mistake?

      1. Anonymous Coward
        Anonymous Coward

        Re: So, arrested for accessing published information ?

        THAT's your username and you're saying they're the agents provocateur? :D

        Every other police service under the management of the UK Crown seem to be leaking left right and centre, why should the RUCPSNI be different?

    2. NXM

      Re: So, arrested for accessing published information ?

      According to my 10-minute bout of research into the Terrorism Act 2000, the plod might be in contravention of section 58 (1) (a) concerning making a record of information which may be useful to terrorists.

      https://www.legislation.gov.uk/ukpga/2000/11/section/58

      Perhaps the CPS might take a view on that as making a record must include publishing information on a website.

  4. big_D Silver badge
    Facepalm

    We cocked up...

    so we are desperately trying to find a scapegoat to divert attention away from us!

    1. anothercynic Silver badge

      Re: We cocked up...

      Well, not necessarily find a scapegoat, but rather "we cocked up, so we're desperately trying to stop the dissemination of the information by any means necessary, even if we have to label someone a potential terrorist", given that Irish dissidents (I assume one of the more... 'extreme' IRA splinter groups) said they had the information already.

      If there are any attacks on PSNI police on the back of this data breach, I would hope that those who perpetrate those attacks will be met with the full force of the law.

  5. Anonymous Coward
    Anonymous Coward

    Publicly available data

    Don’t look Ethel

    Too late, she looked.

    1. Phil O'Sophical Silver badge
      Coat

      Re: Publicly available data

      Did she have a stroke?

  6. Anonymous Coward
    Anonymous Coward

    2 other NI public bodies receive ICO reprimand

    Around the same time as the PSNI's 2 data leaks the ICO issued reprimands to 2 other NI public bodies regarding data leaks that occurred in 2020 and 2021:

    https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2023/08/ico-warns-of-email-data-breach-risk-as-it-issues-two-reprimands/

    Unlike the PSNI "big leak" which seems to have been due to that common mistake of "publishing an Excel spreadsheet without first removing additional sheets, that contain the source data, from it" these other 2 leaks were due to that other common data leak chestnut of "putting email recipients in the To or CC fields instead of BCC".

    Perhaps like the OWASP Top 10 list we also need a GDPR Top 5 list of the most common causes of personal data breaches?

    I won't be surprised if the ICO ends up only issuing a reprimand to the PSNI - it is now the ICO's policy to issue reprimands rather than fines to public bodies.

    1. Doctor Syntax Silver badge

      Re: 2 other NI public bodies receive ICO reprimand

      "it is now the ICO's policy to issue reprimands rather than fines to public bodies"

      Public bodies receive public money to do whatever job is relevant to the purpose for which the body was set up. If some of that money were taken away in fines you might reasonably claim that they were being denied the funds to do that job.

      I'd hope that the reprimand is reflected on the annual reports, lack of annual increments etc. of the management chain that allowed the leak to take place. If that happened and became general knowledge in the Civil Service it would probably lead to improvements

  7. Jou (Mxyzptlk) Silver badge

    Not encrypted?

    Encryption is standard for many companies. As it should be with police officers laptops. The current trend is going so far to NOT store recovery information (Bitlocker Recovery key as well known example) anywhere so the data cannot be decrypted by design and is considered safe. Losing the data on the Laptop is less a problem than an company admin which can access all recovery keys at once and possibly sell those somewhere.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not encrypted?

      "Encryption is standard for many companies. As it should be with police officers laptops."

      In the case of the "2nd" PSNI incident the problem does not appear to have been regarding the stolen laptop (which I assume was encrypted) but rather with the paper documents stolen at the same time which contained the details of 200 members of staff

      1. Doctor Syntax Silver badge

        Re: Not encrypted?

        "which I assume was encrypted"

        reports said it was.

  8. Claverhouse
    Angel

    Strange Times

    This offence appears to date to the Terrorism Act 2000, which states that a person commits an offence if they collect or make a record of "information of a kind likely to be useful to a person committing or preparing an act of terrorism." It includes viewing, or otherwise accessing by means of the internet, a document or record containing information of that kind.

    Ah, the Major - Blair years...

    .

    Anyway, so in an Ulster * context, does this mean if I compiled muster-lists of the Craft, the Orange, the Purple. and the Black, I have so committed a terrorist act ?

    .

    .

    * As part of the ongoing Acceptable Names Allowed, all things known, be they Anglo Saxon or flower-names, to be changed from the traditional for maximum disorientation to a Yank PC diktat, generally the Province is not to be called Ulster lest it offend the little thugs living therein.

    1. Anonymous Coward
      Anonymous Coward

      Re: Strange Times

      "As part of the ongoing Acceptable Names Allowed, all things known, be they Anglo Saxon or flower-names, to be changed from the traditional for maximum disorientation to a Yank PC diktat, generally the Province is not to be called Ulster lest it offend the little thugs living therein."

      Or perhaps for the area not to be referred to as Ulster as it only contains 6 out of the 9 counties of the Province of Ulster?

      1. Bear

        Re: Strange Times

        Okay - call it Occupied Ulster then.

        1. Anonymous Coward
          Anonymous Coward

          Re: Strange Times

          "Okay - call it Occupied Ulster then."

          You mean partially-occupied Ulster?

  9. Doctor Syntax Silver badge

    Decades ago it was made an offence in NI to leave a parked vehicle unlocked. Has this been rescinded or did a Superintendent not know about that nor about the advice frequently handed out by police, not to leave valuables in plain sight.

    1. Phil O'Sophical Silver badge

      IIRC, the first person prosecuted under that legislation in the 80s was a serving police officer.

      1. Anonymous Coward
        Anonymous Coward

        It would be a brave joyrider who started an RUC man's car for him in the 80’s.

  10. Sparkus

    accountability?

    So which hallucinating AI (sorry, human being) posted the information in the first place?

  11. First Light

    A whole month

    The PSNI didn't tell the 200 people affected by the theft for a month, and then claimed no information was taken from the device.

    But that issue is moot considering the officers' info was released later anyway.

    From the Graun:

    Last weekend it emerged that about 200 police officers and staff were not informed for almost a month about the theft of devices and documents with data potentially affecting them, the PSNI said.

    A police-issued laptop, radio and documents were stolen on 6 July from a car parked in Newtownabbey that is understood to belong to a superintendent.

    Todd said in a statement last Saturday it was believed the laptop and radio were deactivated “shortly afterwards”.

    “We are confident no data has been lost from these devices and they are of no use to any third party,” he added.

    https://www.theguardian.com/uk-news/2023/aug/16/man-arrested-after-northern-ireland-police-data-leak

  12. Anonymous Coward
    Anonymous Coward

    Confused....

    (1) Police forces

    Police forces should use encryption to protect HR information

    (2) Online Safety Bill

    Encryption is an attack on civil society

    Yup.....confused!!

  13. Anonymous Coward
    Anonymous Coward

    3rd PSNI data leak

    Today's local news is that there has now been a 3rd PSNI data breach announced - a police officer's laptop and notebook were blown off the roof of their car on a motorway after they left them on the roof and drove off.

    Parts/pages of the notebook are still missing...

    https://www.bbc.co.uk/news/uk-northern-ireland-66545757

    Keystone Cops eh?

    1. Anonymous Coward
      Anonymous Coward

      Careful now

      Pointing out PSNI incompetence might fall into the category of 'disseminating information likely to be of use to terrorists'.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like