Thu, 23 Jul 2009

DNA database unauthorised use and data loss, and incorrect storing of DNA samples

The government has a habit of forgetting data on trains and unauthorised access, so what's the situation concerning the National DNA Database (NDNAD). As too often with the Home Office, there's some confusion.

On Monday 20th July, Home Secretary Alan Johnson gave a written answer to Parliament on this very topic.

Direct access to information on the National DNA Database (NDNAD) is restricted to a limited number of designated personnel under the control of the National Policing Improvement Agency (NPIA), either directly, or under a contract awarded to the Forensic Science Service (FSS) for operation and maintenance of the NDNAD and development of its IT systems. Throughout the lifetime of the contract, the FSS are required to demonstrate compliance with specified security requirements. Police and law enforcement personnel do not have access to the information on the NDNAD, but receive reports from the NDNAD Delivery Unit of matches between DNA taken from crime scenes and that taken from individuals.

The Keeping the right people on the DNA database consultation document explains:

Accessing records on the NDNAD is strictly limited. When a police officer asks for a search to be carried out against a profile of a crime scene sample, he or she does not have access to the database. Instead they are provided with details only of those profiles which provide a match. [...] Access to NDNAD records is restricted to around 30 staff either working in the NDNAD or the Forensic Science Service. We are confident that the security measures in place to monitor abuses or potential abuses of the database are working well. But we are not complacent. The effectiveness of the controls is subject to ongoing review

Three days earlier, Alan Brown, Head of Police Powers and Procedures, Home Office - the person to whom responses to the DNA consultation should be sent to - was a guest speaker at the seminar for blacks communities on the DNA consultation organised by Black Mental Health and GeneWatch UK. He also covered this topic. Some of the notes I took during his intervention:

There are strict statutory limitation on what happens with access to the NDNAD. In the entire country there are only 33 people who have access to this database. It's not the case that the nearest police station can tap into, it's severely restricted.

Since it was bought in 1995, there has been absolutely no leak whatsoever from the DNA Database

Back to Alan Johnson:

In relation to those NPIA and FSS staff, there has been one instance of unauthorised use of the database during the last five years. This involved a contractor working for the FSS who was found to have used an administrator account on the IT system rather than his own. Following an investigation by the NPIA, no evidence of any improper access to database records was found. However, as use of the administrator account was in contravention of security procedures, the individual was removed from further work on the database. No incidents of unauthorised or improper use of match reports by police and law enforcement personnel have been reported to the NDNAD in the last five years.

Since the NDNAD was set up in 1995, two instances of loss of data have been reported. These took place in February 2009 when the FSS faxed DNA reports intended for two police forces to incorrect fax numbers. In both instances, the faxes were either retrieved by the police or destroyed within 36 hours of the event. A thorough investigation was undertaken by the NPIA and reported to the Home Office. No evidence was found of any malicious intent by any individual.

So which one is it: 'absolutely no leak whatsoever' or 'one instance of unauthorised use' and 'two instances of data loss'? Considering the detail in Alan Johnson's answers and some other surprising statements by Alan Brown, I'm ready to bet on the data leaks and losses. It's still much better than for many other government databases though.

The Mail reported on a case of industrial espionage in 2006 where FSS alleged five civil servants who help run the NDNAD copied confidential information and used it to set up a rival database. "The [writ] document adds it would not have been possible for the five men to create the software necessary to produce a DNA database without having had access to 'and copying and/or retaining copies of the software and/or the database.'" However one of the defendent said: "We have never been accused of taking personal information about individuals from the DNA database. What we are accused of is taking the database itself, not the information." There's not enough information to determine if this is the same case referred to by Alan Johnson, but the discrepancy between the number of people involved in the two descriptions would suggest these are two different cases.

The NPIA, in its 2008/09 annual report, states that no personal data related incidents were reported to the ICO. However there were four loss recorded in the department of inadequately protected electronic equipment, devices or paper documents from outside secured Government premises, and one unauthorised disclosure. These can be for any of the systems controlled by the NPIA and not necessarily the NDNAD.

These statements are specifically about the NDNAD and would not take into account any authorised access or data loss on other databases that contain some of the NDNAD information. It was revealed in 2006 that one of the three accredited laboratories, LGC, was building its own mini-database of DNA records. Dr Wallace from GeneWatch UK commented at the time: "This makes a mockery of claims that access to and uses of the database are tightly restricted and controlled". Police National Computer (PNC) records contain DNA report summaries, which although they do not include the DNA profile, list information such as status indicating whether the arrestee has been convicted, barcode number of the sample, name of the lab used and sample type - usually mouth swab.

Alan Johnson concludes:

As a result of the investigation into this incident, an existing project to replace use of fax was accelerated. As from 17 April 2009, fax has no longer been used to transmit any DNA reports to forces. They are now sent in line with Cabinet Office guidance over a secure network either by email or as a web service on a secure network.

The National Police Improvement Agency (NPIA) gives more details in the April edition of the Forensics21 programme monthly update:

DNA Fax Replacement Project

In the Autumn of 2008 the ACPO DNA Operations Group, agreed to decommission the faxing of match reports from the National DNA Database and move to a more secure and efficient method of communication.

NPIA commissioned the Forensic Science Service (FSS) special projects team to provide an alternative solution to faxing, particularly for those forces not yet on eDNA. An interim email solution was proposed. The project to move all forces onto electronic receipt of DNA match, summary and elimination reports was successfully piloted with two forces on 8th April. The email solution went live with all forces on 17th April as planned. All faxing of DNA reports has ceased to operate and all DNA reports are now only sent over the CJX restricted network either by email or as a web service.

There are further significant business benefits associated with eDNA and in particular those relating to security, rapid accurate exchange of security and the ability to interface with other force data systems. A project is now being established to facilitate the roll-out to all forces.

What about the DNA samples held by the three accredited laboratories contracted to store them: the Forensic Science Service (FSS), LGC Forensics Ltd. and Orchid Cellmark? Alan Brown reassured one man concerned about what the police may do with his DNA samples:

Your DNA is held in a secure laboratory. It's not held by the police. It's not in a police station. It's in secure conditions.

The consultation document doesn't add much:

The physical storage of samples is also subject to stringent security arrangements. The samples are held at laboratories on behalf of chief police officers.

That's the theory, but earlier this month there were headlines about an instance of DNA samples found next to tubs of ice cream in a West Yorkshire police freezer. The Times:

The report [by Her Majesty’s Inspector of Prisons and Her Majesty’s Inspector of Constabulary] said: “Policies and audit trails relating to the handling, storage and submission of DNA, blood and urine samples had not resulted in samples being stored correctly or dealt with expeditiously.

“Samples were incorrectly stored in fridges and freezers alongside ice cream, with some improperly bagged.

“This led to confusion among staff tasked with submitting samples so many were not submitted for analysis and had been allowed to remain in freezers for a number of years.”

The report highlighted particular concerns about a blood sample labelled as related to a deceased victim of a road accident which had either not been submitted for toxicology tests or properly disposed of if not required.

It said: “We were unsure whether it really related to a road death investigation or whether there was an error on the label.

“We also noted a number of historic blood samples relating to ’unconscious drivers’, which again appeared neither to have been analysed nor disposed of.”

The inspectors also questioned the security of samples which were put in fridges or freezers in insecure rooms.

“One freezer door was damaged and wide open, calling into question the integrity of the samples inside,” the report said.

“Samples in another freezer had been defrosted and it was noted on the exhibits themselves that this had occurred, yet they had not been disposed of.

“These practices were exposing the force to unacceptable levels of risk. The maintenance of public confidence in forensic evidence is crucial.”

David Crompton, West Yorkshire’s Deputy Chief Constable, said: “The report refers to one instance of ice cream being found in a fridge near forensic samples.

“These samples were hair, blood, urine and fingernail samples from people who had been eliminated from criminal inquiries - though they were of no further value and there was no intention of either subjecting them to analysis or putting them on the DNA database.”

Mr Crompton said more than 100,000 people are detained in custody by West Yorkshire Police every year, which is 300 per day. “Managing detainees is a very challenging task,” he said.

This may well be an exception, but that's no excuse for those whose DNA was taken.

First published on 2009-07-23; last updated on 2009-07-24.

websiteblogblog archivenews feedfeedback

Mon, 20 Jul 2009

Making innocents into honorary criminals

An informed debate on the benefits and risks of sampling the DNA of all arrestees and retaining their DNA profiles in the National DNA Database (NDNAD) is necessary. This is why we have been lamenting the poor quality of the Home Office Keeping the right people on the DNA database consultation as it is distracting from a discussion of the substantive issues. With just over two weeks left to contribute responses, it is helpful to find an analysis by academic experts questioning the scientific argument for 'how long innocent people should be adjudged as “honorary” criminals' and their DNA profiles kept on the NDNAD. Keith Soothill, emeritus professor of social research, and Brian Francis, professor of social statistics, both from Lancaster University published Keeping the DNA link in the New Law Journal [the article is no longer available online but it may re-appear on the publication page of the ESRC National Centre for Research Methods]. The authors found in earlier works that even though offenders may have a diverse criminal career, that the risk for sex offenders and kidnappers to repeat offending is greater soon after their first conviction.

Much has been written in this blog and elsewhere about the confusion in the consultation of the use of data about offenders to justify options about arrestees – who have never been convicted of or admitted to an offence. The authors raise a related issue: 'In fact, arrests are useful indicators of police action but not of guilt. Re-arrests are dangerous indicators and making arrests the pivotal criterion encourages the notion that we are moving towards becoming a police state.' This is made worse by the option suggested by the Home Office where 'DNA information would not be deleted after a certain number of years from first arrest, but from their last arrest.'

An essential confusion between two distinct approaches is made by Soothill and Francis:

In much of the consultation document there is confusion between two types of discourse—a discourse relating to crime and a discourse relating to criminals. A discourse on crime interests the police and largely underpins the scientific analysis in Annex C of the consultation, while a discourse on “honorary” criminals who are created by retention policies interests those concerned with civil liberties. The danger is to assume a one-to-one relationship between a crime and a criminal. In fact, there are many more crimes than criminals. Indeed, there is a remarkable lack of discussion about persistent criminals—a topic that has exercised the mind of the Home Office in recent years. In brief, there is widespread evidence that around 7% of the population account for one-half of all convictions.

This paragraph efficiently clarifies issues in framing investigations and debates about the retention of individuals' DNA. Here's an excerpt from the author's conclusion.

We believe that a more appropriate analysis is needed to justify a retention period of six years. Second, if one is making a case for longer retention periods for those arrested for serious offences, then the only reason for them to be treated differently is that they have a greater risk of a serious offence. In contrast to the consultation document, we do believe that one can measure a heightened risk of a subsequent serious offence, and it should be on this basis that one moves forward with a longer retention period.

A couple of other articles than Keeping the DNA link, also looking at the post ECtHR ruling in S & Marper v UK situation, have recently been published:

You have until 2009-08-07 to send your response before the consultation period closes.

First published on 2009-07-20; last updated on 2009-08-12.

websiteblogblog archivenews feedfeedback

Fri, 17 Jul 2009

Home Office's arrogant approach to the DNA consultation

In Sentenced to genetic probation I pointed out some issues with the quality of the Home Office consultation on 'keeping the right people on the DNA database'. I attempted - without success - to obtain a corrected version of the included research paper and the correspondence the Home Office had about it. Earlier this week, as a last recourse to try to get a version of the consultation of a quality sufficient to address the substantive issue without being too distracted by all its mistakes, I followed the suggestion appearing on p.96 of the annex document:

If you have a complaint or comment about the Home Office’s approach to consultation, you should contact the Home Office Consultation Co-ordinator, Nigel Lawrence. [...] The Co-ordinator works to promote best practice standards set by the Government’s Code of Practice, advises policy teams on how to conduct consultations and investigates complaints made against the Home Office."

As you can see from the email exchange below, this went nowhere. The arrogance shown by the Home Office in its disregard to the audience of this consultation, in publishing a draft statutory instrument only a week after publishing the consultation and in how it deals with complaints about the consultation unfortunately appears rather typical. This morning, Alan Brown, Head of Police Powers and Procedures, Home Office - the person to whom responses to the consultation should be sent to - was a guest speaker at the seminar for black and minority ethnic (BME) groups on the National DNA Database (NDNAD) organised by Black Mental Health and GeneWatch UK. Instead of taking this opportunity to fully engage with a community overrepresented on the NDNAD, Alan Brown answered only a few questions after his intervention and promptly left the building. (A colleague from his department remained in the room but she didn't have the authority to participate in the debate or answer any question.)

Monday 13th July 2009, email I sent to Nigel Lawrence:

Dear Mr Lawrence,

May I request you review the 'Keeping the right people on the DNA databaseKeeping the right people on the DNA database' consultation as it is my understanding that it is in breach of the Cod of Practice, in particular of Criterion 3.

My concerns are:

1/ The chief economist was given an earlier draft (with different options) to review, hence his comments do not all apply to the consultation as is.

The proposed plans (published in the main consultation document) are not consistent with the preferred option in the impact assessment (published in the annex). The impact assessment recommend destruction of all fingerprints after 15 years while the consultation recommends destruction of the fingerprints at the same time as for the DNA profiles.

The different retention periods for fingerprints and DNA profiles is one of the five points Chief Economist John Elliott draws the reader's attention to in his examination of the impact assessment. So it appears he was not informed of the change of mind of the Home Office between when the impact assessment was written and the time the proposed plans were finalised.

2/ The quality of the information that can be verified with the information in the consultation is poor.

For instance the Table 3 on p.15 is incorrect. From the text on p.30 of the annex and the note 8 on p.31, one can infer that the dates in the table are incorrect and should be those found in the text, i.e. 2004, 2005 and 2006. Also, the percentages in the text for the NFA, cautions and non custodial sentences groups do not match those of the table (in one case the figure for the NFA group is higher than for the cautions group and the opposite in the other).

If we look past the typos and try to make sense of the data in this table: this data appear to come from 532 cases from three samples in June over three consecutive years, however, "that data came only from the first of a month, and aware that errors of estimation will be magnified by multiplying the figures to give a monthly total...", so this data is in fact an estimation based on approximately 18 cases (532 divided by the number of days in June) taken over three days at one year interval, or 7, 8 and 3 samples for the respective days. Is that a valid enough sample for such a consultation?

The research by the Jill Dando Institute does not appear to be peer-reviewed.

I can provide you with other examples if you wish.

3/ Most of the research included to justify the Home Office options is not relevant to those options.

Key options are about individuals who have been arrested and not convicted, and whether they may later offend. Included references are to studies about individuals re-offending, i.e., who have been convicted for the initial arrest, and hence are not applicable to the consultation's options.

The confusion this causes is such that even ministers after having had early access to the consultation have demonstrated, when interviewed at the launch of the consultation, their misunderstanding as they kept saying "re-offending" when talking about arrestees who may later commit an offence but have not yet "offended" (for an example where Jeremy Paxman had to keep reminding Vernon Coaker of this essential distinction, check out If even ministers, with all the specialist briefings they have access to, are confused by this essential aspect of the consultation, what chance do potential respondents have?

The samples of some of the surveys are also too specialised to be representative of the population of the NDNAD. For instance the oft referred Cambridge longitudinal study of Lila Kazemian was about "411 working-class males in London", this is hardly representative of either the geographical or gender spread of the NDNAD population or unlikely to have similar racial bias either.

4/ The costs and benefits model, in the impact assessment, is constructed on a tower of "key probabilities and assumptions".

Even more problematic is that some of these assumptions are misleading. For instance in section 25) on pp. 64-65, "The probability of committing an offence following an arrest, but no further action, is the same as the probability of committing and [sic] offence following conviction. The probability of this is 40%9". Note 9 lists the source for this statistics: Re-offending of adults 2006 cohort. The data in this report, from the Ministry of Justice, is about "the reoffending of adults released from custody or starting a community sentence", i.e., it has nothing to do with those offending for the first time after an earlier arrest.

5/ The cost of destruction of DNA samples is likely wrong.

Looking at Option B on p.52 and Option II on p. 56, it appears that the figure of L91,927,500 for destruction of DNA sample likely assumes an unlisted review cost. However, there's no need for review (except in a very small number of cases). As there can be a bulk deletion, this is most likely a mistake.

In view of all the above it is extremely difficult to respond to the consultation when it is of such poor quality and its authors shows such disregard to its audience.

I tried to contact both Dr Ken Pease and Lila Kazemian but neither responded to my emails (surprisingly their work appear to contradict the conclusions reached by the Home Office.). I also attempted to obtain communication between the Home Office and Dr Pease under the FoIA, but this was exempted.

This complaint is another attempt to ensure that a corrected and improved version of this consultation gets published with enough time to respond to it.

Wednesday 15th July 2009, Lawrence Nigel wrote:

Dear Mr Mery,

Thank you for your email (below) which highlighted the concerns you had on the DNA consultation document. You believed the consultation had not followed Criterion 3 of the Government's Code of Practice on Consultation.

Under Criterion 3 of the Code consultation documents should be clear about the consultation process, what is being proposed, the scope to influence and the expected costs and benefits. In this respect we believe the consultation document meets that Criterion.

Running public consultations makes preliminary analysis available for public scrutiny. It also allows additional evidence to be sought from a range of interested parties to help inform the development of the policy or its implementation. We therefore welcome stakeholder views on the details on the policy being consulted on as set out in the document and views of the costs and benefits as set out in the consultation stage impact assessment. We also welcome views from stakeholders where they seek to challenge the information contained in consultations. Together this helps inform the development of the policy and the development of the final costs and benefit impact assessment.

I have taken the liberty of forwarding your comments to the relevant policy lead for inclusion as part of the consultation response. If you wish to add to or amend or withdraw these comments, please write or email these to the addresses at page 23 of the DNA consultation paper. Your views will be considered along with views of other interested stakeholders.

Many thanks again for your comments.

Wednesday 15th July 2009, my reply:

Dear Mr Lawrence,

Many thanks for your prompt response. I find it very disappointing that it doesn't address the specific points I raised. This does not give me confidence that this review process to ensure compliance with the Code of Practice is an effective one. As expressed in my original email, I considered this a last recourse option so that we can have proper evidence and costing to build responses on.

I have no problem with my email being shared and I stand by what I wrote you, but it would have been polite for you to ask me prior to forward it. For your information, I am considering publishing this email exchange so that it can inform others considering raising concerns with this or other consultations.

The only evidence everyone agrees on is that "the number of matches obtained from the Database (and the likelihood of identifying the person who committed the crime) is 'driven' primarily by the number of crime scene profiles loaded onto the Database" (as the Home Office put it in 2005). To dare calling for the retention of DNA profiles of innocents for years, the Home Office must stop this arrogant behaviour more typical of a child... and publish strong peer-reviewed evidence.

websiteblogblog archivenews feedfeedback

Thu, 16 Jul 2009

National DNA Database custodian annual report

The National Policing Improvement Agency (NPIA), custodian of the National DNA Database (NDNAD), has published its Annual report and accounts 2008-09 (pdf). Below are annotated extracts about the NDNAD:


National DNA Database

The DNA Database is used by the police to identify offenders and eliminate people from enquiries.

* Based on actual figures for Q1- 2 of 2008/09 projected for the full year

These figures are misleading as most matches will be with individuals having nothing to do with the crime and hence do not result in prosecutions or convictions. Also included are false matches that occur when the DNA profile from the crime scene is not complete. Many matches occur with victims or passers-by or are false matches. For instance if a crime happens in a pub, most of those going for a drink that night whose DNA profile happens to be on the NDNAD will be counted as successfull matches. You don't even need to have been to that pub for your DNA to be matched if you shook hands with a friend who then went to that pub and left some of your DNA on his pint glass. For more info see the Ten myths about the National DNA Database or GeneWatch UK's evidence to the European Court of Human Rights (doc).

As the database gets bigger, the number of false matches will increase. The growth of the National DNA Database increases the risk of miscarriages of justice.

Detections' are crimes that have been recorded as 'cleared up' by the police. Here's GeneWatch UK's analysis in its evidence to the ECtHR: "[O]nly about half of these [detections] are ‘new’ detections, which require the Database – in the other cases the suspect will already have been identified prior to collection of their DNA. These figures are dominated by volume crimes, such as burglaries, and separate figures are not available for more serious crimes such as rape and murder, for which the Database is less effective."


We are leading the programme to connect the UK to the second generation Schengen Information System in time for 2012. When complete this will allow UK police forces to share and access a European data system that holds alerts on wanted and missing people, stolen vehicles, and certain categories of property.

Also linked to cross-boundary information sharing, last year we carried out a Scoping Study to look at implementation of the Prüm programme. Prüm provides for the cross-border sharing/availability of DNA, fingerprints and motor vehicle registration data on a 24/7 basis. It is designed to intensify cross-border police co-operation, especially in the fight against terrorism, cross-border crime and illegal migration.

Here's a bit more details of what's in store in the EU-Prüm-Decision (derived from the Treaty of Prüm) courtesy of DNA database management review and recommendations 2009 (pdf), a document published by the DNA Working Group of the European Network of Forensic Science Institutes (ENFSI): "The EU-Prüm-Decision deals with the exchange of judicial and police information between the EU-member states and some associated countries (Norway, Switzerland, Liechtenstein and Iceland). With regards to DNA countries are allowed to search in each other’s DNA-database. To enable this each country creates a copy of its DNA-database with a standardized table structure which can be accessed by common data-exchange and DNA-comparison software which is present in each country. The DNA data exchange and matching system used by the EU member states is similar to DNA data exchange and matching system of the Interpol DNA Gateway. [...] the Prüm DNA-profile exchange system is a hit-no-hit-system meaning that only DNA-profiles are compared. After finding a match, countries can obtain the personal and/or case information associated with the DNA-profile via existing police or judicial channels."


At the end of the financial year 2008/09, the principal risks facing the NPIA included those listed below. All risks and uncertainties listed here are being managed effectively through an internal control system.

The cost of automated deletion of DNA profiles is estimated at £15,000 (programming cost) in the Home Office consultation. The consultation also mentions as a risk: "deleting the wrong record leading to potential for miscarriages of justice of missed opportunities to detect crime."

Manual deletion after 6 year period, unless individual concerned has been re-arrested or convicted during this period is estimated to cost £52,170,000 over a 20 year period, while deletion upon request from individual concerned after a 6 year period, unless individual concerned has been re-arrested or convicted during this period is estimated at £7,385,000. There's a clear economic argument to automate the deletion process, but to put things in perspective, "[t]he police spend on forensics is estimated to be in the region of £500 million per annum". There are of course many other reasons, already mentioned on this blog, why it's a good idea to have a robust deletion process and use it!


In 2009/10 the National DNA Database and associated services will be transferred from the Forensic Science Service (FSS) to NPIA in order to enhance the security and disaster recovery of the database. This will involve the corresponding staff from the FSS.

FSS is currently contracted to operate and maintain the NDNAD. This contract is overseen by the NPIA. The NPIA website still lists end of 2008 as the end date for this contract, however it has been renewed. The eventual transfer of the NDNAD, services and staff from the FSS to the NPIA is news to this reporter. It appears to be part of a wider programme called Forensics21. This programme was "the first to receive approval by the tripartite commissioning body made up of ACPO, the Association of Police Authorities (APA) and the Home Office, and marks a very different approach to delivering transformational change in policing".


To support the NPIA’s commitment to promote equality, the Equality, Diversity and Human Rights (EDHR) unit [...] has continued to support the NPIA to complete equality impact assessments on policy, procedure, function, strategy and products. [..] This year, key support has been provided to the impact assessment of the National DNA Database, the IMPACT Programme and the National Police Promotions Framework.

This is an assessment to determine, or more likely confirm, the racial bias on the NDNAD.


2008/09 Restated 2007/08
Full Cost
Full Cost
National DNA Database (NDNAD) 9,517 1,337 (8,180) 8,877 1,131 (7,746)


National DNA Database

Charges are levied to cover the costs of accrediting the scientific laboratories that analyse DNA samples and send profiles to the Database.

In England, Wales and Northern Ireland, the Forensic Science Service (FSS), LGC Forensics Ltd. and Orchid Cellmark are laboratories accredited to analyse and store DNA samples, and upload DNA profiles. In Scotland, the Police Forensic Science Laboratory Dundee is accredited.


Business area Achievement
Police Science and Forensics Strategy team
Carl Jennings
Sue Mitchell
Ann Fairweather
Caroline Goryll
For outstanding work and quality in the
production of a large quantity of DNA Database
Parliamentary Questions

Relevant parliamentary questions can be searched using tools such as TheyWorkForYou and GeneWatch UK publishes monthly documents on its DNA database: Parliament and consultations page.

(Hat tip to Spyblog: National Policing Improvement Agency annual report and accounts 2008-09 - mobile handheld computers, ANPR database, DNA database, PNC, IMPACT, Aircell for the Tube, Prüm)

websiteblogblog archivenews feedfeedback