Updated: 10.30am
Alliance Party leader Naomi Long, who is Norther Ireland's former justice minister, has said the data breach which saw details from the Police Service of Northern Ireland (PSNI) being released online was “an incredibly serious situation”.
Speaking to RTÉ radio's Morning Ireland, Ms Long said she understood human error, however, added that the question remains as to how a single individual could release so much data.
Among the questions which need to be answered was why was all the information in one place, she said, why was it not encrypted and why was a relatively junior member of staff would be able to access that information.
“This is an unprecedented breach of people's data — their names, the locations they work, and in some cases in terms of their rank, it would disclose sensitive information about individuals that wouldn't be available in the public domain in terms of their role, if they're undercover officers, if they're involved in intelligence operations and so on, and also PSNI staff, civilian staff who would never expect their information, name, rank to be in the public domain, will also have been exposed in this data breach,” Ms Long said.
She added that when the Policing Board meets in emergency session, it will have to ask some “fairly probing questions, particularly how a relatively junior member of staff was able to inadvertently publish this background data when they were answering a Freedom of Information request”.
“There are some simple solutions, but the question still arises as to how it could ever happen in the first place, given the sensitivity of this information and the fact that it appeared to be able to be published by a relatively junior member of staff inadvertently, and managed to attach the non anonymised data to an otherwise statistically quite bland report,” Ms Long said.
“The Policing Board will want to investigate what has happened and to ask serious questions. The PSNI themselves will have to do an internal investigation and I have no doubt that the Information Commissioner that this will have been reported to them as a breach and fines and penalties could follow as a result.
“But I think the more serious aspect of this than who does the investigation is the human and financial cost of what has happened. There will have been officers, their families, members of civilian staff and their families who will have spent a very uncomfortable night last night feeling exposed and vulnerable in a way that they previously were,” she added.
Human error
Meanwhile, Ulster Unionist Party (UUP) MLA Mike Nesbitt said he wants to know when the Policing Board became aware of the data breach and how they moved to correct the situation.
“They are saying that it was human error, but they're also saying it can't happen again. I wouldn't say it can't happen again. I guess they're saying we will no longer upload spreadsheets, but the human condition is full of human error.
“You cannot stop human error. You can maybe put in more processes to try and guard against it, but you definitely cannot do away with human error, that is part of our condition,” he told RTÉ radio’s Today show.
The attempted murder of Detective Chief Inspector John Caldwell in February indicated the level of threat faced by members of the PSNI, he said, adding: “That's why security is such an issue.”
A realistic assessment from the PSNI of the threat level to the 10,799 names on that list is now required, Mr Nesbitt warned.
“I believe that the threat level will not be uniform. So, for example, there could be a difference between, say, a civilian working on a desk at police headquarters and a police officer who might be working undercover, looking at organised crime.
“We need to be realistic about this, because these are real people and they are suffering very severe distress with the news, obviously.”
People, for understandable reasons, were very precious about safeguarding their information, he added, so what has happened is deeply shocking and “incredibly surprising”, Mr Nesbitt said.
“The implications are potentially massive,” he added.
'Cool heads'
The chair of the Police Federation of Northern Ireland, Liam Kelly, has called on the PSNI to outline what steps it will take to protect officers and their families following the data breach.
Also speaking to Morning Ireland, Mr Kelly said an investigation needs to be held quickly to identify the levels of exposure and threat to officers, adding that investigation needs to take place before any question of compensation arises.
His reaction to the news of the data breach had been of “shock, dismay and anger,” he said.
“The reality for a lot of our officers is that they go to great lengths, doing everything possible to protect their police identity and the role due to the terrorist threat that is on them both on and off duty. So when you hear that your own organisation has put some data into the public domain which could potentially compromise you, that has obviously led to justifiable anger and shock.
“The investigation, when it concludes, will be able to quantify the exposure both online and identify the potential risk and harm to individuals or groups of individuals.”
Processes and procedures will have to be put in place to ensure that incidents such as this never happen again, he added.
“Our identities and everything else around it are the most important things to us and our families. And we really need to make sure that the organisation values that and ensure that it's protected to the highest possible level.”
Mr Kelly said compensation may be an option at some point in the future, but added that the PSNI is already operating with a deficit budget. However, he warned the force must be held accountable for the breach.
“At some point in the future, our officers could look at whether or not compensation is appropriate for them, depending on the consequences for them personally, because what we could find here is that there are some officers and some of the more sensitive roles might not be able to do those roles anymore because of what has happened here.
“At the very top end of the spectrum, we could have officers who potentially may have to relocate not only from the workplace but from their home address as their information has gone into the hands of people who intend to cause a problem.”
Mr Kelly called for “cool heads” to allow the investigation to determine what damage had been caused.
