Public protection should take priority over privacy, says police chief
Police Scotland’s chief constable has argued protection of the public takes priority over data privacy.
The force is calling for a “fundamentally different approach” to data protection and confidentiality, with “consistent common sense” rules about sharing people’s information.
Speaking at the Scottish Police Authority (SPA) board meeting, Chief Constable Iain Livingstone said the force faces challenges implementing general data protection regulations (GDPR) because of issues balancing privacy rights with fulfilling their duty to protect vulnerable people.
Acknowledging “there has never been a greater focus” on data privacy, Mr Livingstone said: “Striking a balance of an individual’s data privacy rights with our duty to uphold rights to life and to uphold the right of freedom from inhumane treatment, torture and slavery is something policing is not alone in seeking to strike.
“Sharing information is often key to upholding those rights, as significant case reviews around domestic violence, offender management and child protection have underlined repeatedly over the years.”
He claimed Police Scotland “maintain necessary momentum to meet our obligations” on data protection, having adopted the information commissioner’s 12-step plan on GDPR compliance.
“My priority is, and will remain, protection of vulnerable people from risk or threat of harm,” he said.
“I’m committed to supporting officers and staff who act in good faith when balancing protection with regulatory compliance.”
SPA board member Tom Halpin asked the chief constable about “consistent concerns raised regarding Police Scotland’s approach to data sharing” and how to reassure the public.
Mr Livingstone replied that, based on his years of professional experience and case reviews, information sharing was “crucial”.
He said: “When you look back at some critical incidents that went wrong and often cost life, almost inevitably the first recommendation relates to information sharing.”
Deputy Chief Constable Will Kerr revealed to the SPA meeting that the force would consider proposals to change the way it handles personal information, arguing GDPR “was never intended to prevent us sharing information on well-being with people who may be vulnerable”.
Mr Kerr suggested there was an imbalance between data protection and police being able to share information, and said he would be writing to the information commissioner “setting out what our intent is to take a different interpretation of a more practical and flexible interpretation of GDPR”.
He said: “While the guidelines, not least from the commissioner’s office and others, are catching up, we’ve been reflecting in the interim about how we best fulfil that statutory function of policing.
“I will be coming to our strategic leadership board over the next few weeks with a fundamentally-different approach which we think is entirely human rights compliant but gets that proportionate balance between someone who may be on a pathway to harm and sharing information with partners.
“Because, while the issue of consent is very important, if somebody is undergoing a crisis then we need to apply some structures and consistent common sense to how we share that information with key partners.”