A new report from Policing Insight shows how managing information in police forces is neither a priority nor a skill that is valued by police leaders. Talking to experts across policing and from the Information Commissioners Office, the frustration at how forces fail to get the basics right is palpable. The report argues that innovation will be limited while managing information is seen as a specialist skill and not everyone’s responsibility, including the chief’s.
Progress in policing relies on technology and it’s not just about innovation and using new tools, it’s about getting the basics right. A solid foundation to managing data and managing information is critical to the success of any future innovation. Policing Insight has teamed up with Capita and published a report that looks at why information management should be a core policing function.
“Data protection and data quality, information management and information assurance – these functions simply don’t win the same headlines as the latest piece of whizzy tech.”Aimee Smith, Director of Data for the Metropolitan Police.
James Sweetland, the author of ‘From back office to business critical’ echoes messages from the Police Digital Summit, from CityForum events and other strategic conferences where the plea for getting data right is left to the specialists and is not coming from the strategic leaders.
Trust and confidence lie at the heart of policing, if the public don’t trust the police to deal with their data properly, what confidence can they have that they are doing everything else right? This report rightly homes in on last year’s data breach in the Police Service of Northern Ireland (PSNI) and the report into what went wrong. When it’s possible for personal information about police staff to be accidently published – ironically via an FOI request – it shows the weakest point is people.
“There is an urgent case for modernisation and professionalisation of policing’s information management functions. The mass of data held by policing is growing and will continue to grow ever faster, adding even more complexity.”
The report notes that the Police National Database contains 2bn records from 220 databases maintained by 50 law enforcement bodies. How can it be then that managing all that data is seen as a back office function when those in charge of the process, like Aimee Smith, say ‘these functions are absolutely worth their weight in gold.’
Aimee is an evangelist and inspirational when it comes to data, but she’s a Chief Data Officer, not a uniformed officer in the principal officer team, where they too should be saying the same thing.
“Chiefs are not properly having that conversation at the moment because they don’t truly understand the risk that they’re holding with data. Everyone can keep shunting it into the future, but this issue is going to be brought increasingly to the fore.”Aimee Smith, Director of Data for the Metropolitan Police.
Talk of risk – operational, reputational and other – should focus the mind of any chief. The risk of getting it wrong, releasing the wrong data, acting on data where the ethics haven’t been considered are stark if the basics aren’t implemented properly in terms of managing data in line with data protection laws.
Aimee is right that the investment in the basics, especially data quality will leave chiefs in a position to make the most of the ‘whizzy AI’ to reduce crime.
“Without addressing the fundamentals of police information management, these policing opportunities and crime challenges cannot be tackled effectively.”Ian Barrett, Director of Publishing and Development, Policing Insight.
The topic of technical debt comes up frequently at police data conferences and it’s no different in this report. Spending time looking after legacy systems crowds out time to innovate, although this report is more about the processes for dealing with the information held in them and how compliant that all is when it comes to data protection law.
“The technical debt of policing historically has meant that managing the sheer volume of data is hard on the siloed system. There isn’t this perfect view of one single system. There’s a feeling that the systems, processes and governance aren’t enabling us to manage our data.”Stephen Russell Director of Data, Strategy and Technology, Warwickshire Police.
It is inevitable that the 43 force model comes under scrutiny in a report like this. With 43 forces and 43 PCCs there’s going to be – and there is – variation in approaches and adherence to standards is critical if there is to be any hope of consistency. This report makes for gloomy reading when there are so few shining examples of good practice when it comes to information management. West Midlands and West Yorkshire both come up along with Thames Valley and Police Scotland. Interestingly Jo Farrell, the new Chief Constable north of the border led the NPCC function that includes information management so that’s encouraging too.
“Information management is business critical to so much that policing wants to get right, but it’s still not treated as such within forces. Until this function is given the attention and investment it needs, best practice – across England and Wales at least – is likely to remain relatively thin on the ground.”
I’m interested in the final point in the report where it focuses on caution and uses the term ‘lawfully audacious,’ which I have heard before. It returns to the point above about risk: what is the risk appetite for information and can you be sure it’s right if you don’t look after the data on which its founded on? The data protection officer is key but not solely responsible.
“Actually, the role of a data protection officer is not to say ‘data protection says no’, it’s about ‘OK, how can I help you do that in a way that manages risks properly?’.”Emily Keaney, Deputy Commissioner of Regulatory Policy, ICO.
And when the inspectorate looks at how police forces operate, Aimee Smith says they need to expand their scope to go beyond data integrity and data quality and ‘include how you took organisational or operational decisions based on that data.’ That would certainly focus minds because forces shouldn’t wait for a crisis before taking this seriously.