Thu, 23 Jul 2009

DNA database unauthorised use and data loss, and incorrect storing of DNA samples

The government has a habit of forgetting data on trains and unauthorised access, so what's the situation concerning the National DNA Database (NDNAD). As too often with the Home Office, there's some confusion.

On Monday 20th July, Home Secretary Alan Johnson gave a written answer to Parliament on this very topic.

Direct access to information on the National DNA Database (NDNAD) is restricted to a limited number of designated personnel under the control of the National Policing Improvement Agency (NPIA), either directly, or under a contract awarded to the Forensic Science Service (FSS) for operation and maintenance of the NDNAD and development of its IT systems. Throughout the lifetime of the contract, the FSS are required to demonstrate compliance with specified security requirements. Police and law enforcement personnel do not have access to the information on the NDNAD, but receive reports from the NDNAD Delivery Unit of matches between DNA taken from crime scenes and that taken from individuals.

The Keeping the right people on the DNA database consultation document explains:

Accessing records on the NDNAD is strictly limited. When a police officer asks for a search to be carried out against a profile of a crime scene sample, he or she does not have access to the database. Instead they are provided with details only of those profiles which provide a match. [...] Access to NDNAD records is restricted to around 30 staff either working in the NDNAD or the Forensic Science Service. We are confident that the security measures in place to monitor abuses or potential abuses of the database are working well. But we are not complacent. The effectiveness of the controls is subject to ongoing review

Three days earlier, Alan Brown, Head of Police Powers and Procedures, Home Office - the person to whom responses to the DNA consultation should be sent to - was a guest speaker at the seminar for blacks communities on the DNA consultation organised by Black Mental Health and GeneWatch UK. He also covered this topic. Some of the notes I took during his intervention:

There are strict statutory limitation on what happens with access to the NDNAD. In the entire country there are only 33 people who have access to this database. It's not the case that the nearest police station can tap into, it's severely restricted.

Since it was bought in 1995, there has been absolutely no leak whatsoever from the DNA Database

Back to Alan Johnson:

In relation to those NPIA and FSS staff, there has been one instance of unauthorised use of the database during the last five years. This involved a contractor working for the FSS who was found to have used an administrator account on the IT system rather than his own. Following an investigation by the NPIA, no evidence of any improper access to database records was found. However, as use of the administrator account was in contravention of security procedures, the individual was removed from further work on the database. No incidents of unauthorised or improper use of match reports by police and law enforcement personnel have been reported to the NDNAD in the last five years.

Since the NDNAD was set up in 1995, two instances of loss of data have been reported. These took place in February 2009 when the FSS faxed DNA reports intended for two police forces to incorrect fax numbers. In both instances, the faxes were either retrieved by the police or destroyed within 36 hours of the event. A thorough investigation was undertaken by the NPIA and reported to the Home Office. No evidence was found of any malicious intent by any individual.

So which one is it: 'absolutely no leak whatsoever' or 'one instance of unauthorised use' and 'two instances of data loss'? Considering the detail in Alan Johnson's answers and some other surprising statements by Alan Brown, I'm ready to bet on the data leaks and losses. It's still much better than for many other government databases though.

The Mail reported on a case of industrial espionage in 2006 where FSS alleged five civil servants who help run the NDNAD copied confidential information and used it to set up a rival database. "The [writ] document adds it would not have been possible for the five men to create the software necessary to produce a DNA database without having had access to 'and copying and/or retaining copies of the software and/or the database.'" However one of the defendent said: "We have never been accused of taking personal information about individuals from the DNA database. What we are accused of is taking the database itself, not the information." There's not enough information to determine if this is the same case referred to by Alan Johnson, but the discrepancy between the number of people involved in the two descriptions would suggest these are two different cases.

The NPIA, in its 2008/09 annual report, states that no personal data related incidents were reported to the ICO. However there were four loss recorded in the department of inadequately protected electronic equipment, devices or paper documents from outside secured Government premises, and one unauthorised disclosure. These can be for any of the systems controlled by the NPIA and not necessarily the NDNAD.

These statements are specifically about the NDNAD and would not take into account any authorised access or data loss on other databases that contain some of the NDNAD information. It was revealed in 2006 that one of the three accredited laboratories, LGC, was building its own mini-database of DNA records. Dr Wallace from GeneWatch UK commented at the time: "This makes a mockery of claims that access to and uses of the database are tightly restricted and controlled". Police National Computer (PNC) records contain DNA report summaries, which although they do not include the DNA profile, list information such as status indicating whether the arrestee has been convicted, barcode number of the sample, name of the lab used and sample type - usually mouth swab.

Alan Johnson concludes:

As a result of the investigation into this incident, an existing project to replace use of fax was accelerated. As from 17 April 2009, fax has no longer been used to transmit any DNA reports to forces. They are now sent in line with Cabinet Office guidance over a secure network either by email or as a web service on a secure network.

The National Police Improvement Agency (NPIA) gives more details in the April edition of the Forensics21 programme monthly update:

DNA Fax Replacement Project

In the Autumn of 2008 the ACPO DNA Operations Group, agreed to decommission the faxing of match reports from the National DNA Database and move to a more secure and efficient method of communication.

NPIA commissioned the Forensic Science Service (FSS) special projects team to provide an alternative solution to faxing, particularly for those forces not yet on eDNA. An interim email solution was proposed. The project to move all forces onto electronic receipt of DNA match, summary and elimination reports was successfully piloted with two forces on 8th April. The email solution went live with all forces on 17th April as planned. All faxing of DNA reports has ceased to operate and all DNA reports are now only sent over the CJX restricted network either by email or as a web service.

There are further significant business benefits associated with eDNA and in particular those relating to security, rapid accurate exchange of security and the ability to interface with other force data systems. A project is now being established to facilitate the roll-out to all forces.

What about the DNA samples held by the three accredited laboratories contracted to store them: the Forensic Science Service (FSS), LGC Forensics Ltd. and Orchid Cellmark? Alan Brown reassured one man concerned about what the police may do with his DNA samples:

Your DNA is held in a secure laboratory. It's not held by the police. It's not in a police station. It's in secure conditions.

The consultation document doesn't add much:

The physical storage of samples is also subject to stringent security arrangements. The samples are held at laboratories on behalf of chief police officers.

That's the theory, but earlier this month there were headlines about an instance of DNA samples found next to tubs of ice cream in a West Yorkshire police freezer. The Times:

The report [by Her Majesty’s Inspector of Prisons and Her Majesty’s Inspector of Constabulary] said: “Policies and audit trails relating to the handling, storage and submission of DNA, blood and urine samples had not resulted in samples being stored correctly or dealt with expeditiously.

“Samples were incorrectly stored in fridges and freezers alongside ice cream, with some improperly bagged.

“This led to confusion among staff tasked with submitting samples so many were not submitted for analysis and had been allowed to remain in freezers for a number of years.”

The report highlighted particular concerns about a blood sample labelled as related to a deceased victim of a road accident which had either not been submitted for toxicology tests or properly disposed of if not required.

It said: “We were unsure whether it really related to a road death investigation or whether there was an error on the label.

“We also noted a number of historic blood samples relating to ’unconscious drivers’, which again appeared neither to have been analysed nor disposed of.”

The inspectors also questioned the security of samples which were put in fridges or freezers in insecure rooms.

“One freezer door was damaged and wide open, calling into question the integrity of the samples inside,” the report said.

“Samples in another freezer had been defrosted and it was noted on the exhibits themselves that this had occurred, yet they had not been disposed of.

“These practices were exposing the force to unacceptable levels of risk. The maintenance of public confidence in forensic evidence is crucial.”

David Crompton, West Yorkshire’s Deputy Chief Constable, said: “The report refers to one instance of ice cream being found in a fridge near forensic samples.

“These samples were hair, blood, urine and fingernail samples from people who had been eliminated from criminal inquiries - though they were of no further value and there was no intention of either subjecting them to analysis or putting them on the DNA database.”

Mr Crompton said more than 100,000 people are detained in custody by West Yorkshire Police every year, which is 300 per day. “Managing detainees is a very challenging task,” he said.

This may well be an exception, but that's no excuse for those whose DNA was taken.

First published on 2009-07-23; last updated on 2009-07-24.

websiteblogblog archivenews feedfeedback