Kit Malthouse
Main Page: Kit Malthouse (Conservative - North West Hampshire)Department Debates - View all Kit Malthouse's debates with the Home Office
(3 years, 10 months ago)
Commons ChamberWith permission, Mr Speaker, I would like to make a statement about the technical issues that we have experienced with the police national computer over the past week.
The records and information held by the police help to keep us safe, but they, like many other public bodies, have an obligation to ensure that the information they hold is properly managed. As I am sure you are aware, Mr Speaker, not all information and records held by the police can be held indefinitely. To ensure that the police are complying with their legal obligations in respect of the records they hold, a regular housekeeping process is undertaken to delete personal data and records from the police national computer and linked databases: in this case, data relating to individuals who were investigated by the police but where no further action was taken. This is undertaken for a variety of reasons, but chiefly to abide by legal obligations.
With such a large database, holding some 13 million records, an automated process is used to remove records that the police national computer has no legal right to hold. A weekly update was designed by engineers and applied to the police national computer, which then automatically triggers deletions across the PNC, and other linked databases. Last week, the Home Office became aware that, as a result of human error, the software that triggers these automatic deletions contained defective coding and had inadvertently deleted records that it should not have, and indeed had not deleted some records that should have been deleted. An estimated 213,000 offence records, 175,000 arrest records and 15,000 person records are being investigated as potentially having been deleted. It is worth the House noting that multiple records can be held against the same individual, so the number of individuals affected by this incident is likely to be lower. Operational partners are still able to access the police national computer, which holds, as I say, over 13 million records. Clearly this situation is very serious, and I understand that colleagues across this House will have concerns, which of course I share.
By your leave, Mr Speaker, I want to set out for the House the steps that we have taken to deal with this complex incident. On the evening of 10 January—the same day the Home Office became aware of the incident—engineers put a stop on the automated process to ensure that no further deletions took place. All similar automated processes have also been suspended. Early last week, Home Office civil servants and engineers worked quickly to alert the police and other operational colleagues, and established a bronze, silver and gold command to manage the incident and co-ordinate a rapid response. The gold command provided rapid guidance for police forces and other partners to ensure that they were kept abreast of the situation.
Secondly, Home Office officials and engineers, working closely with the National Police Chiefs Council, police forces and other partners, immediately initiated rapid work, through the gold command, to assess the full scale and impact of the incident. This included undertaking a robust and detailed assessment and verification of all affected records, followed by developing and implementing a plan to recover as much of the data and records as is possible, and to develop plans to mitigate the impacts of any lost data. This is being done in four phases. Phase 1 involves writing and testing a code to bring back accurate lists of what has been deleted as a result of the incident. Phase 2 will involve running that code and then doing detailed analysis on the return to fully analyse the records that have been lost and establish the full impact. Phase 3 will be to begin the recovery of the data from the police national computer and other linked systems. Phase 4 will involve work to ensure that we are deleting any data that should have been deleted as usual when this incident first began. Phase 1 of the process has taken place over the weekend, and I am assured that it has gone well. The second phase is now under way, and I will hopefully have an update in the next few days.
While any loss of data is unacceptable, other tried-and-tested law enforcement systems are in place that contain linked data and reports to support policing partners in their day-to-day efforts to keep us safe: for example, the police national database or other local systems. The police are able to use these systems to do simultaneous checks.
I urge patience while we continue our rapid internal investigation and begin the recovery. I hope the House will appreciate that the task in front of us is a complex one. Public safety is the top priority of everyone working at the Home Office, and I have full faith that Home Office engineers, our partners in the National Police Chiefs Council and police forces throughout the country, with whom we are working, are doing all they can to restore the data. Although that is rightly our immediate priority, the Home Secretary and I have commissioned an internal review as to the circumstances that led to this incident, so that lessons can be learned. I will update the House regularly on the process. I commend this statement to the House.
I am grateful to the policing Minister for his statement and for advance sight of it, and I am grateful to him for his briefing over the weekend, but I must ask where the Home Secretary is. The loss of hundreds of thousands of pieces of data—data so important for apprehending suspects and safeguarding vulnerable people—is extraordinarily serious. It was the Home Secretary who needed to show leadership and take control. That is what previous Home Secretaries have done in a crisis. On the Passport Office, Windrush and knife crime, whatever their mistakes, Home Secretaries came to and answered to this House; they did not just offer a media clip, as has happened today. This Home Secretary, who is failing on violent crime and failing on the Windrush compensation scheme, with chaos on border testing, and who was found to have broken the ministerial code, will now not even answer to Parliament and the public on this most serious of issues. The Home Secretary likes to talk tough, but when the going gets tough, she is nowhere to be seen.
Will the Minister tell us when the Home Secretary first knew about the data loss and why the public had to find out from the media? Given that the initial reports were of 150,000 items of data, and the figure now seems to be over 400,000, can the Minister be sure of how much data has actually been lost? In his statement, the Minister said that on 10 January the process of deletion was stopped, but will he confirm that the faulty script was introduced into the police national computer on 23 November, meaning that the problem was not identified for 48 days?
The Minister said in his statement on Friday that
“the loss relates to individuals who were arrested and then released with no further action”.
This is serious in itself. For example, let us consider cases of domestic abuse: when suspects are released, the data becomes very important to protecting victims and making further arrests. In a letter, Deputy Chief Constable Malik, the National Police Chiefs Council lead for the police national computer, said that the deleted DNA contains
“records…marked for indefinite retention following conviction of serious offences.”
This is, therefore, not only data on individuals released with no further action; it includes data about convicted criminals, so will the Minister now correct the statement that he issued on Friday?
Will the Minister confirm whether 26,000 DNA records and 30,000 fingerprint records held on separate databases have been deleted? Will he assure the House that the engagement with the PNC to delete the Schengen information system—SIS II—database was unrelated? What is the full impact on the UK visa system from the data loss, and how is it affecting ongoing police investigations and intelligence gathering?
The PNC and the police national database are due to be replaced by the national law enforcement data programme, but the assessment by the Infrastructure and Projects Authority is that the successful delivery of the project is in doubt. Is it still in doubt? If so, why? There are reports that 18 months ago senior police outlined that the Home Office was not investing in the PNC and that it presented a significant risk to the police’s ability to protect the public. Was that warning heeded?
Finally, if it is not possible to recover data via the process currently under way, what contingency plans are in place to seek to recover the data via other means? Does the Minister accept that maintaining the security of this vital data is critical to addressing crime, bringing criminals to justice and keeping our communities safe, and that if the Home Office is not doing that, it is failing the public?
The hon. Gentleman has given me a long series of questions, which I shall try to answer as efficiently as I possibly can. Once the error became clear to the team, they escalated it up through the Home Office, first of all on Monday, and then through Wednesday into ministerial and other offices, in accordance with normal protocols.
As to the scale of the data, while the figure of 400,000 has been quoted, that is an accumulation of the various bits of information that may or may not have been deleted. As I said, a number of bits of information may apply to one individual, so the number of individual records on the PNC that might be affected could be smaller, but we will not know exactly until later this week, once the programme that is being analysed has come to an end.
As for when the script was introduced, that was indeed six weeks prior to what is called the weeding date, which is when the deletion was due to take place. That is standard practice, to load the script into the system some weeks before it is due to run. It did not run until the Saturday, when the error within it became immediately apparent.
As to the records that are affected, I am informed that the records that have been deleted are those that relate to people who were apprehended or put under investigation by the police. When there was subsequently a declaration of no further action to be taken, if there were prior convictions or offences on the police national computer, my information—what I have been told thus far—is that that those will remain. Only information relating to that specific incident, which was no further action, may or may not have been deleted. To a certain extent, that helps to mitigate some of the risk.
It is also worth pointing out that, as I said in my statement, there are other databases, both locally and those held nationally, such as IDENT the fingerprint database or the national DNA database, which may also be searched. The PNC draws its data from a number of other databases and when, because of our legal obligations, a deletion request is put on to the police national computer, it cascades deletions down through the other databases in accordance with the law. Those subsequent deletions were halted immediately, and that should help us, we hope, with recoverability of the dataset.
The hon. Gentleman asked about SIS II. That is indeed unrelated, and visa processing was suspended for approximately 24 hours. Everybody whose customer service threshold could not be met as a consequence of that was informed, but processing was resumed pretty quickly. We are assessing the impact on ongoing police investigations, while we analyse the report that has been run, which will give us the full picture of what has actually happened on the system.
Having said that, policing partners and the Home Office have put in place mitigations, not least informing other police forces—as Nav Malik did—that they should be making subsequent checks of their own and other databases, not least the police national database, which is a separate database from the police national computer and holds intelligence and other information.
On the national law enforcement data project, the replacement of the PNC, while that process has had its fair share of problems, it is fair to say we have undergone a reset. There is now a renewed sense of partnership working between the Home Office and the police, to make sure we get that much needed upgrade in technology correct.
The hon. Gentleman’s final point was about accepting the maintenance of data. He is absolutely right: we accept that it is very important that we, and indeed police forces and other governmental bodies that hold people’s personal data, do our best to maintain its integrity and to do so as faultlessly as possible. In these circumstances, we were attempting through this code to comply with our stringent legal obligations to delete personal data where it cannot be held by us or by other databases. Sadly, human error introduced into the code has led to this particular situation, which we hope is rectifiable. I am more than happy to keep the hon. Gentleman updated, as I did on Saturday afternoon, when I briefed him.
I thank the Minister, the Home Secretary and the police leadership around the country for the very professional way in which they have responded to a most unfortunate error, an error that none of them wanted or made personally. Will he give us a little bit more encouragement, however, because is it not the case that there are now many good ways to retrieve data that has been wrongly deleted? Might we be looking at a remedy for this in a few weeks’ time, when the computer experts have finished their job?
My right hon. Friend is absolutely right that the initial assessment was some optimism about the ability to recover this data, not least because it is held in a number of areas. We will not have the full picture until we get to the end of this week, once we have analysed the report and, of course, looked at the data that we should have deleted but have not because of this error. However, he is quite right that we should be optimistic about that and recognise that all is not lost. There are other ways that this data can be cross-checked, in particular as part of a police investigation. We are working with our policing partners to ensure that they make full use of that, so that they can proceed as usual with their investigations.
I thank the Minister for advance sight of his statement. Two weeks ago, the Home Secretary was boasting that the United Kingdom is now a safer place because of Brexit. However, before it was disbanded by the Government, the Select Committee on the Future Relationship with the European Union heard detailed expert evidence explaining why the United Kingdom is not a safer place as a result of the law enforcement part of the Brexit deal. One of the key reasons is that we have lost real-time access to Europe-wide databases on criminal records, DNA, fingerprints and, indeed, intelligence. That is not just my view but the expert view of Lord Ian Blair, the former Metropolitan Police Commissioner, and Lord Peter Ricketts, the former National Security Adviser. Now that situation has been further exacerbated by this loss of important fingerprint, DNA and arrest history records, which the police use for real-time checks on our own UK-wide databases.
Mr Speaker, you really couldn’t make it up, yet curiously the Home Secretary is nowhere to be seen. Instead, she has sent her junior Minister to take the flak. I have two areas of questions for him. First, was this data cleaning operation in any way connected to the removal of records from the police national computer following the end of the transition period? Does the 400,000 figure include the 40,000 records that were removed from the police national computer post Brexit, or is it on top of that? Secondly, given the UK-wide nature of the database, what discussions have taken place with police forces in the devolved nations? Will the Minister commit to full co-operation with Police Scotland and other devolved forces until this issue is resolved?
On the hon. and learned Lady’s two substantive questions, this had absolutely nothing to do with SIS II—the Schengen information system. These were, as I said earlier, deletions in line with our legal obligations not to hold data for people who are not of continuing interest to the police, under legislation that was enacted by this House some years ago. On the conversations with police forces, obviously the National Police Chiefs Council lead has cascaded throughout policing the information required to put in place mitigations. We will also, of course, co-operate as closely as possible, and I will be keeping my opposite number in the Scottish Government informed.
As to the sentiments expressed by the hon. Member for Torfaen (Nick Thomas-Symonds) and the hon. and learned Lady about the Home Secretary, I can only apologise that they are facing someone who is an inferior to their own status, but they will understand that the Home Secretary has an enormous draw upon her duties. She takes her duties in this House extremely seriously—there is no doubt about it—but I have been much more, I guess, embedded with this over the last few months, as one would expect for a Minister of State who is standing by his Home Secretary, doing her bidding.
I thank the Minister for providing the House with more detail on this unfortunate issue. Can he confirm that the police have a full understanding of what has happened and that appropriate measures will be taken to ensure that it is not repeated?
That is absolutely right. I understand that the police were informed, along with the senior levels of the Home Office, on the Monday after the incident occurred, and they are part of the Gold group command that is dealing with the incident. As hon. Members will have seen from the letter that was leaked to The Times—the detailed letter that was sent round policing—the NPCC lead on this matter is very much at the table, working with us to ensure that we rectify it as soon as possible.
It is very hard to understand how 400,000 records could be deleted from such a crucial system without there being a proper back-up system in place. If this was the normal weekly process as ever, why was new coding being used? If new coding is often used, why are there not built-in safeguards? Is it true that Ministers were warned many months ago that their approach to the police national computer and database posed a significant risk to policing’s ability to protect the public? What did the Home Secretary do about that?
With a large database of something like 13 million records, it is routine to use mini-programs that run on the database to deal with data. As I understand it, this new coding was put in place as a weeding request from policing itself. Obviously, to ensure that this does not reoccur, one of the questions that we will have to answer is: what went wrong not only in the writing of the code that introduced this error but in the quality and system checking that then sat behind it? Once we have gone through the exercise of ensuring that we have rectified this as much as we can, that will be exactly the kind of lesson that we learn.
There have been concerns about the process of replacing the police national computer and the police national database, but over the last few months, the Home Secretary and I have worked hard to put reset processes in place around that project. I am confident that we are now on a better footing to move forward to a brighter future for police technology.
This incident is not without precedent—the Minister will recall that in 2007, 25 million child benefit records were lost. Can he confirm that everything possible will be done to remedy this and to learn whatever lessons need to be learned?
My hon. Friend is right that, over the years, there have been a number of issues around governmental handling of data. It is a large and complex issue, and we are dealing with huge amounts of data that are very difficult to handle. He can be assured, and I hope the rest of the House will be, that we are working flat out to get on top of this problem and to rectify it. The first stage of our plan has gone well. The second stage is under way, and I expect to report better progress to the House in due course.
The Times reports today that the Home Office was warned in July 2019 that police databases were “creaking” and that they operated on
“end of life, unsupported hardware and software”.
It further reports that the Home Office response was that it would only “fix on fail”. In other words, knowing that there was likely to be failure, the Home Office decided to just let it happen and fix it if it had to. Can the Minister tell the House whether there was ministerial involvement in that response, and if there was not, does he not think there should have been?
I was not necessarily in post at that point, so I do not know whether there was ministerial involvement in that particular decision. I can tell the right hon. Gentleman that we have been working quite hard over the last year or so to get the technology projects in the Home Office—the national law enforcement data programme and the new communications network for the police—back on track. They have had their fair share of problems—that is no national secret—but I am confident that things are in a better position now than they were before.
While I understand the issues claimed in The Times today around the police national computer, it is worth pointing out that this issue had nothing to do with the state or otherwise of the hardware and software of the police national computer. It was pure human error in coding and was not necessarily a reflection of the age of that system. We are committed to putting in place a brand-new system. That project is now back on track after a reset, and I am confident that over the next two or three years, we will see a significant change in the way UK policing uses technology.
Does my hon. Friend agree that, instead of attempting to score political points from this unfortunate error, the Opposition parties should be engaging constructively and working in the national interest?
Yes. It is the hope of all Government Members that Opposition Members will work constructively with us. I had a very constructive briefing over the weekend with the hon. Member for Torfaen (Nick Thomas-Symonds); the shadow Policing Minister, the hon. Member for Croydon Central (Sarah Jones); and the Chair of the Home Affairs Committee, the right hon. Member for Normanton, Pontefract and Castleford (Yvette Cooper). We are committed to as much transparency as the House requires, because with a large, complex database, when human error is introduced, these kinds of issue need to be exposed so that we can all learn from them, whatever situation, political or otherwise, we are in.
The Home Secretary likes to talk tough on crime, but the shocking loss of 400,000 records is a major failing on her watch and she is incapable of facing up to it. She should be here before the House today. The Policing Minister talked in his statement about mitigation. Can he give the House an absolute guarantee that no investigation has been or will be compromised because the deleted information could not be cross-referenced?
The hon. Gentleman again casts aspersions on the Home Secretary, who is one of the hardest-working politicians I have come across in my 20-odd years in politics, and I think it is deeply unfair to make that claim. As he knows, it is perfectly usual for Ministers of State to take urgent questions or indeed make statements in this House, and we are doing no different from what a Government that he supported did in the past.
We will know the full extent of the impact of this issue over the next few days, as our plan swings into action, and we are working very closely with police forces across the country, through the National Police Chiefs Council, to make sure that any operational impact is obviated or mitigated.
I thank the Minister for his statement and for what I know is his personal commitment to resolving this matter. He will appreciate that offences are sometimes continued, which may be for lack of evidence, but that material that is retained may subsequently become valuable if it can be cross-checked in the event of arrests for subsequent offences. Will he make sure that obtaining a back-up of such material, which can be of importance to future prosecutions or investigations, is a top priority, and that all the other related criminal justice agencies will be kept fully informed of progress on this matter?
In his usual succinct way, my hon. Friend puts his finger on the button of the issue. We are working very hard at the moment, as I say, to scope exactly what has happened and make sure we can retrieve exactly the sort of data that he refers to from the various other databases on which it is held—both at force and indeed at national level, or even, for example, at forensic provider level. There is some optimism that we may be able to do that, although we will not know for certain until later this week.
Having said that, as my hon. Friend will know from his very distinguished career at the Bar, the police have a number of other databases and sources of information from which they can seek corroborating evidence or otherwise through an investigation, and as I said before, we are working closely with them to make sure that those mitigations are in place while we get this problem sorted out.
Millions of people, including me, watched ITV’s excellent recent drama series “The Pembrokeshire Murders”, which showed how painstaking police examination of old DNA evidence helped to convict a brutal serial killer many years after he committed his heinous crimes. Is it possible—and I think the public and victims of crime deserve an honest and candid answer from the Minister on this—that records that could help to convict serious offenders in the future have been lost forever?
It is worth stressing, as I said before, that this data loss relates to people who have been subject to no further action from the police, and any biometric data—DNA, fingerprint or otherwise—that may have been deleted from the police national computer relates only to that offence for which no further action has been taken. At the moment—I am trying to be candid with the hon. Gentleman, as he urged me to be—I cannot give him an exact picture of what the downstream impact is, but it is worth pointing out that the police national computer is not the only place in which records such as the DNA records he refers to are held. We obviously have a separate DNA database, and then forensic providers who provide those samples also have their own DNA databases, and there is obviously intelligence that remains on the police national database as opposed to the police national computer. However, our primary effort at the moment is to scope the scale of the issue, and then to seek the rectification that both he and I would be keen to see.
I thank my hon. Friend for updating the House so swiftly on this unfortunate incident of human error. Can he confirm that everything humanly possible is being done to rectify it, and will he commit to updating the House on the recovery of the data?
I am grateful to my hon. Friend for his question. I can assure him that we are doing everything we possibly can. We have a very dedicated engineering team who have been working flat out since the incident occurred, including over the weekend, to seek rectification. As soon as I have more information about phase 2, I will make it known to the House through whatever channel is agreed with Mr Speaker.
The Minister has told the House this afternoon that the affected records apply to cases where individuals were arrested and then released with no further action. However, a letter sent from the National Police Chiefs Council to senior officers stated that records potentially deleted in error include records that have previously been marked
“for indefinite retention following conviction of serious offences”.
In light of what the Minister has told the House and in light of his earlier statement of 16 January, was the National Police Chiefs Council incorrect to make that statement to senior officers?
No, the person from the NPCC was not incorrect, I do not believe, although the picture has evolved, it is certainly true to say, over the past few days. The information I have been given thus far is that where an individual may be on the police national computer for a number of offences over time, but on this occasion, for a particular offence, was released with no further action, it is only the information that relates to that particular offence for which there was no further action that may or may not have been deleted.
Having said that—I guess it is safe to put this caveat in—we are in the process of analysing exactly what the impact of this loss has been. Once that becomes clearer, I will be more than happy to give the hon. Gentleman and others in the House the assurance that they need or, indeed, to give the wider conclusions of what that report is telling us. These are all initial views of what we believe may well have been happening. The first phase of our recovery plan has gone well; the second phase, which is analysing what the report is telling us about this frankly huge database, will come in the next few days, and then I will be able to give more certain answers.
Can my hon. Friend confirm for my constituents in Hertford and Stortford that the police national computer database is a really important tool to help our brilliant police and that, thanks to the swift action he has outlined, it remains so, notwithstanding what is an isolated incident of human error?
My hon. Friend speaks the truth, which is that the police national computer sits at the heart of British policing, providing enormously helpful information to police forces across the country seeking to apprehend criminals. It is still in use—it is still being used as we speak for the reasons that it needs to be, not least because we are talking about a very small percentage of the database overall that has been affected—and that is critically why we have committed to investing in a replacement for the police national computer, which is a system that I guess is a legacy from the past. We want to ensure that the police have the best technology and the best data handling available to them, so that they can do their best to fight crime on our behalf.
The Minister will be well aware that this news will have caused great alarm right across the country, and certainly to the residents of Warwick and Leamington. Can he explain to us what assessment he has made in terms of safeguarding and those who are vulnerable, including the victims of domestic abuse? Does he agree that now is not the time to be cutting 87 back office staff from Warwickshire police, including the domestic abuse unit and all the corporate knowledge that goes with that?
As I say, we are in the middle of phase 2 of our recovery plan, which is assessing precisely the scope of the issue we are facing and then moving into the recoverability of the data, so that we can mitigate exactly the circumstances that the hon. Gentleman mentions. As to decisions made by the police and crime commissioner for Warwickshire, I hesitate to inject an element of politics into this matter, but it should come as no surprise that the police and crime commissioner for Warwickshire is a Conservative, and it has routinely been rated as a very high-performing force.
I am grateful for the update that has been provided to the House and the work that is being done to try to recover these records, but does my hon. Friend agree that the strength of condemnation of the Home Secretary from those on the Opposition Benches contrasts with their desire to install as Home Secretary someone who previously said we should not have any of these kinds of records in the first place?
My hon. Friend raises a very pertinent point. Of course, we were trying in this process to do what the law tells us to do, which is to respect people’s privacy and to delete data that we are supposed to delete. It is possibly true that some Members on the Opposition Benches—not, I have to say, the hon. Member for Torfaen (Nick Thomas-Symonds), but others on those Benches—have an interesting relationship with the notion of the police using and interpreting data. This is an issue of technical complexity, which software engineering experts in the Home Office are grappling with day by day. We will bring more information as we have it, but safe to say—I know that my hon. Friend takes a strong interest in policing and the policing family—we are doing our best to ensure that the police are in as good a position as they can be to continue to fight crime.
Let us head over to Northern Ireland with Jim Shannon—a virtual Jim Shannon!
My goodness, Mr Speaker; thank you very much, whether virtually or in person, but virtually today.
I thank the Minister for his most comprehensive statement. My concern lies in the fact that there are cases that are sensitively linked to Northern Ireland. I would appreciate an understanding that contact has been made with the Police Service of Northern Ireland and the Department of Justice in Northern Ireland to go over how the data breach may have affected Northern Ireland citizens and residents and, further, whether it is felt that victims of crimes in particular may be affected and what steps are to be taken if they are affected.
As I say, the whole of UK policing has been involved, through the National Police Chiefs Council, in the effort both to comprehend the scale of the problem and then to put in place mitigation. The hon. Gentleman is quite right; as usual, victims of crime are uppermost in his mind, as they are, hopefully, in all of ours. I will be able to tell him later in the week, hopefully, what the precise impact might or might not have been and what the mitigations that we put in place will do to ensure that victims are not impacted while we recover this data and get ourselves back on an even keel.
I thank the Minister for his statement. Can he confirm that the human error that caused this problem is being designed out of the system and that it would be more helpful for the Opposition to hold to account their own police and crime commissioner in the west midlands, who recently saw more than 16,000 crimes go unrecorded?
It is often hard to design out human error in a system that interacts with humans, but my hon. Friend is quite right that one of the lessons that we need to learn from this process—and we will in time—is not necessarily just how the human error occurred so that we can prevent that from happening in the first place, but how the quality assessment system that should have picked it up over time before it ran did not do so. I suppose the reassuring bit of this incident is that the moment that script did run on the system, it rang alarm bells in the Home Office and a rectification plan swung into place. That should give some assurance that we are at least on top of problems where they occur; the next step is to ensure that they do not occur in the first place.
As to my hon. Friend’s wider point about the conduct or otherwise of the west midlands police and crime commissioner, I think it will become pretty clear in the run-up to the police and crime commissioner elections in May, as people focus on crime performance, where they should put their cross in the box.
This extraordinarily serious scandal happened on the Home Secretary’s watch, yet, disappointingly, she is not here. As a former police officer, I know at first hand the value of the PNC. The reality is that the loss of fingerprints and DNA evidence will mean that the police are unable to tie suspects to crime scenes. In essence, this will result in criminals walking free and evading justice. Will the Minister outline what steps are being taken to ensure that this sort of loss never happens again?
I do not know whether I ought to be taking offence at the hon. Gentleman’s suggestion of my obvious lack of suitability to appear before such an esteemed audience as Her Majesty’s Opposition, given their seeming obsession with the Home Secretary. I would have thought the most important thing was to ensure that the integrity of police data is as good as it can be and that the police are in the best position possible to fight crime. As I outlined in my statement—for the hon. Gentleman’s sake, I will say it once again—we are in the process of making sure that we understand the scale of the problem and then putting in place rectification and retrieving the data that is required. The stage that follows that is learning exactly the lesson that he wants us to learn, which is how we can ensure this it does not happen again.
I thank my hon. Friend for updating the House; he is more than capable of doing this. A previous shadow Home Secretary stated in the Chamber in 2018:
“The state has no business keeping records on people who are not criminals.”—[Official Report, 11 June 2018; Vol. 642, c. 640.]
Does my hon. Friend agree that the outcry from the Opposition Benches is indeed in contrast to that statement?
My hon. Friend, in his usual forthright way, identifies the perhaps interesting relationship that Opposition Members have had with UK policing and, indeed, the data and intelligence tools required by the police to put them in the best position to fight crime. I know that he and I will stand shoulder to shoulder, whatever the Opposition might say, to ensure that British policing gets the best technology and information it needs to ensure that it can fight crime in my constituency and in his, 24 hours a day, seven days a week, 365 days a year, as it has been doing over the past 12 months.
The Home Secretary’s office claimed four days ago that no records of criminal or dangerous persons had been deleted. Can the Minister tell the House whether he knows that to be categorically true?
One of the things that I said in my early statements was that I had asked officials from the police to confirm to me their initial assessment about what risk was posed to the public, and we are awaiting the conclusions of that particular report before I can give the hon. Gentleman a categorical answer. What we do know is that these particular records that were deleted related to people who were released by the police with no further action. They were either arrested or under investigation, but for that particular crime they were what is called NFA. To a certain extent, that gives some assurance, but I am afraid I cannot I give him the full picture, possibly until later this week or early next week. I am fully committed to doing that.
Can my hon. Friend confirm that those who are currently relying on police national computer data for investigations will be able to rerun their searches once the recovery work on the police national computer is complete?
I can confirm that. The moment we have recovered the data and put things back as they were, and made sure that we have deleted the data that we should have deleted but had not, we will be encouraging police forces across the country to rerun their searches. It is worth reiterating what I said earlier, which is that there are other databases on which these searches can be run, and we are encouraging police officers and, indeed, working with the National Police Chiefs Council, to make sure that those mitigations are used as fully as possible by UK policing.
Could the Minister please update the House on whether the computer glitches reported today are having any impact upon recruiting? Could he also update us on the observation that police forces across the UK may be rejecting applications from re-joiners?
It is very ingenious of my hon. Friend to get the uplift into this particular statement, but I welcome his ingenuity. The uplift is not affected at all. Recruitment is going well and, as he knows, we are ahead of target. He has raised with me the issue of his particular force not necessarily accepting applications from re-joiners. I am in the process of bottoming out that particular issue. As soon as I have an answer for him, I will let him have it.
Mr Deputy Speaker, you would have thought that the Home Secretary would be fronting up a statement on an issue as important as this, but I guess that requires a commitment to the job that she appears to lack. The National Police Chiefs Council was told that the loss and mis-matching of biometrics and DNA samples matched were hampering the investigation of crimes. Are they also interfering with the operation of the visa and immigration system? Will we see visas granted that should not be and visas denied that should have been granted?
First of all, may I object to the hon. Lady offering such a calumny against the Home Secretary? The Home Secretary is 200%—if that is possible—committed to the job. Throughout the covid pandemic, and indeed before, she has been at the helm on the bridge at the Home Office working as hard as any politician I have come across in my 20-odd years in frontline politics. It is deeply, deeply unfair to cast aspersions on her commitment, not least because even before she became Home Secretary I believe she was chair of the all-party group on victims of crime and has a long-standing commitment to doing the best for those who have been subject to heinous acts by others.
On the hon. Lady’s question about visas, there was a brief delay in the processing of visa applications for about 24 hours while the risk was assessed. It was deemed that the process could continue and nobody has subsequently been delayed.
I thank the Minister for coming to the House so swiftly to update us and for committing to continue to do so if there are further developments. Will he confirm that the Home Office is working with the police and partners to try to recover the data and assess the full extent of the problem?
What a novelty to be asked a question in person! I can confirm what my hon. Friend says. We are working extremely closely with policing partners—the National Police Chiefs Council, the National Crime Agency and others—who use the computer system for their vital day-to-day work. They are involved in the gold group on this particular incident and obviously there have been ongoing conversations between the Home Secretary, the chairman of the National Police Chiefs Council and others to make sure we are in lockstep in our plan to mitigate and then restore the database to its previous integrity.
Will the Minister confirm that among types of crime that very often lead to no further action are those involving domestic abuse? In that case, can he give an absolute guarantee to the House that there will be full recovery of all the data, or do we put at risk victims of domestic abuse when we know that building up a pattern of criminal behaviour is so important for the police and other agencies to bring offenders to book and to protect victims of domestic abuse?
As I have said before, I am afraid I cannot, as yet, give the absolute cast-iron guarantee that the hon. Gentleman seeks on the restitution of the data. The early indicators are optimistic that we will be able to retrieve it, but until we have analysed the report that has been run today, we will not know for sure. That will take a few days. It is, however, worth pointing out to him that there are other systems elsewhere where the police retain intelligence about criminals and identifying markers, whether database or fingerprints. For example, for somebody who has been accused or for whom there is intelligence around domestic abuse, that detail may well be held on the police national database, which is a separate system to the police national computer. From that, the sort of person he is talking about may well be identifiable. However, I am afraid I cannot give him a full picture until, probably, the early part of next week.
My hon. Friend has repeatedly said that this dreadful state of affairs was caused by human error. Can he confirm to the House that there is no suggestion of any criminal intent? Can he also confirm that one of the strengths of the system is that when this error happened, it immediately set off alarm bells, so that action could be taken?
My hon. Friend has a background in technology, so it is quite right that he should raise such pertinent questions. On his first question, no, there is no allegation of wrongdoing over and above error. On his second, he is absolutely right that we should be reassured by the fact that this human error was picked up the moment that it ran on the system. The ability to keep deleting items was stopped, and general instructions were sent out to the linked databases to stop them also deleting data, so we caught it pretty much as soon as it was happening. The question now is how quickly we can rectify it.
If these 400,000 lost records are not recovered, this human error will have an impact on public safety, will it not?
We will not know entirely until we have analysed the reports, but early indications were optimistic about recovery, as I say, because data is held elsewhere. If, in some circumstances, data is irrecoverable, we will have to consider other mitigations with policing partners to make sure that we remain as safe as we can in this country.
In a few weeks’ time, Colin Pitchfork, who raped and brutally murdered two teenage girls in my South Leicestershire constituency some 30 years ago, will have a parole hearing. I know that the Minister is not responsible directly for the Parole Board, but he is responsible for public protection. First, can he write to me confirming that any records lost did not pertain to Colin Pitchfork? Secondly, and more importantly, can he give an assurance at the Dispatch Box that my constituents, if Colin Pitchfork is released, will not be put at risk by any of the records lost?
I would be more than happy to write to my hon. Friend, as he requests. It is worth pointing out that the issue we are dealing with is people who have been subject to police investigation, or arrested and released with no further action. That would seem to exclude Mr Pitchfork from consideration. However, I will make sure in writing to my hon. Friend. He and I will both want to make sure that the offender management system, which is administered by the Ministry of Justice, ensures that the conditions put on that individual when, or if, he is released mean that people in my hon. Friend’s constituency, who wish to be safe, remain safe.
I thank the Minister for his statement, and for responding to questions from Members. For cleaning purposes, this sitting is now suspended for three minutes.