Inspectors find “serious” CPS errors led to data security breaches
The Victims’ Commissioner reacts to “alarming” inspectorate findings as it was revealed the CPS was responsible for a significant number of “serious” data security breaches of victims’ personal details.
The Victims’ Commissioner for England and Wales, Dame Vera Baird QC, has called for the Director of Public Prosecutions to urgently “redress this situation and restore victim’s trust in the CPS” following an inspectorate report that said CPS staff made a series of “serious errors” leading to a significant number of data security breaches.
Dame Vera said the Crown Prosecution Service (CPS) was “evidently” not living up to its duties to victims following the report from Her Majesty’s Crown Prosecution Service Inspectorate (HMCPSI).
HMCPSI inspectors examined 700 cases to see how effectively the CPS handles cases before the first hearing in the magistrates’ courts. Inspectors found that 98 of those cases contained a security beach.
The breaches included a range of serious errors. Some of these involved CPS staff sending the wrong set of previous convictions to the defence or the court. In some, the case summary contained an unauthorised disclosure such as the address of a member of the public who called in the incident. Other breaches included the sharing of witnesses’ personal details; a victim’s unredacted medical notes; and photographs of a victim’s injuries which included their date of birth on a hospital wrist band.
Dame Vera said: “As the HMCPSI report makes clear, the CPS deals with incredibly sensitive information on a daily basis. The CPS has a clear duty to victims, witnesses and the wider public to make sure documents are processed securely and in line with data security requirements. This is evidently not happening.”
She said the breaches “include personal, intimate details of some of the most vulnerable people. These individuals entrusted the CPS with their personal information and have been sorely let down.”
She criticised the main recommendation for the report as “shocking in its simplicity” and said the report’s findings would “only further undermine victims’ already shallow confidence in the CPS”.
The report follows hot on the heels of a recent inspectorate document, which found fewer than one in five CPS letters to rape victims are of acceptable quality. Reacting to the report at the time, Dame Vera labelled the findings “disappointing” and said she was “concerned about the adequacy of the CPS response to rape prosecutions.”
Recent Crown Prosecution Service data also showed a further fall in the number of charges for rape despite police referring more cases to them. The result is that 2019/20 saw the lowest number of rape convictions ever recorded, with only 1.4% of cases reported to the police resulting in a charge by CPS. At the time, Dame Vera said: “Thousands of rape complainants are not getting justice and repeated calls for CPS to return to a merits-based approach to charging have so far been disregarded.”
Following the latest revelations, Dame Vera said she intended to seek an explanation from the Director of Public Prosecutions (DPP) on “how this situation came to be and how it will be resolved”, adding she would “be pushing him to work with some urgency to redress this situation and restore victims’ trust in the CPS.”
Dame Vera Baird QC, Victims’ Commissioner for England and Wales, said:
“These are alarming findings. As the HMCPSI report makes clear, the CPS deals with incredibly sensitive information on a daily basis. The CPS has a clear duty to victims, witnesses and the wider public to make sure documents are processed securely and in line with data security requirements. This is evidently not happening.
Practically 1 in 7 of the cases investigated by the inspectorate resulted in a data breach of some sort. Rubbing salt in the wound, the report refers to “a culture of defeated acceptance” that there will be breaches.
The main recommendation of the report – that ‘the CPS should develop consistent principles and guidance…around information management’ is shocking in its simplicity and these findings will only further undermine victims’ already shallow confidence in the CPS.
These breaches include personal, intimate details of some of the most vulnerable people. These individuals entrusted the CPS with their personal information and have been sorely let down.
I intend to ask the Director of Public Prosecutions how this situation came to be and how it will be resolved. I will be pushing him to work with some urgency to redress this situation and restore victims’ trust in the CPS.”