We are privileged in this country to have one of the few remaining, largely unarmed police forces in the world. In fact few people know that we have one of the oldest police traditions in the world, as Sir Robert Peel began his experiments with a police force here in 1814.
From the founding of An Garda Síochána (AGS), it was to have a very different character to most police forces. The first commissioner, Michael Staines said “The Garda Síochána will succeed, not by force of arms or numbers, but by their moral authority as servants of the people.”
This has largely been the case, with a few notable exceptions. Indeed, most people will have some personal experience of the latitude and discretionary powers afforded a Garda from simply having lived in this country. Where a youthful indiscretion is met with a stern rebuke from a set of brass buttons to more serious matters, the fact that a Garda is allowed to use personal judgement, where appropriate, shows a high degree of trust in each officer of the law. And we as the citizenry, benefit from it.
However, where these normal parameters are breached, it must be said, our institutions do not have a good record of dealing with it. Again, many of us will recall a particular copper somewhere who was less than exemplary, but yet still seemed to be allowed to wear the uniform.
This would seem to explain much that was found in the report from the Office of the Data Protection Commissioner (ODPC) into the audit of the data protection procedures and actions of AGS.
In summary, the report said “Overall, we found the majority of the areas examined demonstrated a professional police force operating in compliance with data protection legislation”.
This is unsurprising, as we would expect, for the vast majority of Gardaí are without doubt, utterly upright in their duties. But human nature being what it is, there will always be a small few who will not be so exact in their observances.
Hence the report goes on to say, “While the audit team was generally satisfied with the in-built data protection mechanisms in PULSE, this was not the case in relation to the oversight of access by individual AGS members to records of individuals and the related risk of disclosure outside of AGS.”
Basically, what the report is saying is that individual Gardaí accessed personal records within the Garda PULSE information system without due cause. As has been reported elsewhere, celebrities, sports people and persons of note had their records accessed without due cause, and the worry was that such information could have been made available outside the AGS to the likes of private investigators or even the media.
The report says that it found “disturbing instances” of “improper access”. These had been largely unnoticed because scheduled audits of PULSE access had not been carried out. This was despite such audits being provided for in the AGS Data Protection Code of Practice. Now, the report says that by the end of the audit, steps had already been taken to counteract this, with measures such as stronger warnings being presented to those accessing the system, more detailed reasoning for access being required to progress a request, recording and escalation where reasoning was lacking and random audits of access for compliance.
So the picture that emerges is of a largely compliant force that not only recognises its responsibility, but that also had in place necessary mechanisms to ensure compliance. So why weren’t they being used? Why were the audits, that were already provided for, not being carried out?
I would argue that this goes back to the fact that we enjoy a style of policing here that is based on honour and trust and not fear and force. The long heritage of a police force here is, unfortunately, based on a colonial experience and so any police force, from the early “peelers” to the current Gardai, is still viewed somewhat with suspicion and wariness. Many people still lapse into a sort of studied reticence when even speaking to a Garda, let alone when engaged by one in carrying out their duties.
“The report says that it found “disturbing instances” of “improper access”. These had been largely unnoticed because scheduled audits of PULSE access had not been carried out”
But within the force, the assumption is always that each officer is beyond reproach until proven otherwise. And that is a very good thing, but when that is not the case, denial, obfuscation and deflection has all too often been the experience.
While never, with good reason, questioning the integrity of the force at large, the ODPC report says “Though not specifically raised in the course of the audit, it is the view of ODPC that AGS should have a dedicated data protection unit, headed by an Officer with direct access to the Garda Commissioner”.
The idea of the noble lie, that the guardians of any society should be told they are better than everyone else and so are uniquely qualified to be a guardian, is just that a lie. It does not work. So even when you have a police force that is in the vast majority utterly upright, there is still a need for vigilance, beyond self-regulation, to ensure that when those small numbers of individuals act in contravention of their duties, they are quickly identified and treated appropriately.
The ODPC audit would suggest that while measures and procedures were in place to prevent inappropriate PULSE access, they were not enforced. I would argue that this is down to the trust model, with so many benefits but that can still be found wanting.
Constant monitoring is still required and warranted to prevent the few from despoiling the reputation and honour of the rest. Despite these very topics being discussed by classical Greek philosophers, we are still struggling with them today. While some argue that a guardian does not need a guardian, we now know that this is not the case.
And if further proof of this was needed, at time of writing, we have just learned about the recording system that has been in place in many Garda stations around the country, from the Harcourt Street Office and the Phoenix Park HQ, to places such as Monaghan, Naas and Ennis. These systems allegedly recorded calls incoming and outgoing from the stations and may well compromise existing and past cases.
The fact that such a system exists, in light of the ODPC audit report, shows that vigilance, beyond self-regulation is still required, irrespective of the technologies, procedures and policies in place. A lesson that applies to any organisation that gathers personally identifiable information for its operations. `
Subscribers 0
Fans 0
Followers 0
Followers