Sunday, October 20, 2024

Mindcraft

Subscribe

Met Police Probing Senior Post Office Employee for Alleged Evidence Destruction

Understanding Tensor Processing Units: Their Function and Impact on AI

Understanding Tailgating (Piggybacking) and Effective Prevention Strategies

NCSC Chief Sounds Alarm on Discrepancy Between Cyber Threats and Defense Capabilities

Sir Alan Bates Urges Prime Minister to Ensure Post Office Scandal Victims Receive Compensation by March 2025

Utilizing IT Observability to Enhance Business Metrics

Intel and AMD Join Forces to Create x86 Alliance Against Arm Architecture

Digitalisation Forum Established in Preparation for Norway’s Digital Strategy

Half of Business IT Considered Obsolete

The UK Information Commissioner should look into police cloud deployments

Scottish biometrics commissioner Brian Plastow is urging the UK data regulator to investigate whether Police Scotland’s cloud-based Digital Evidence Sharing Capability (DESC) complies with data protection laws. This comes after Microsoft admitted it cannot guarantee the sovereignty of UK policing data hosted on the Azure public cloud.

Plastow expressed concern about the uncertainty surrounding police cloud deployments, especially in light of recent criticism of the Information Commissioner’s Office’s (ICO) guidance on police cloud usage. He emphasized the need for a formal investigation to ensure that DESC, which includes biometric data, meets UK data protection requirements.

The issue dates back to April 2023, when it was first reported that the Scottish government’s DESC service, hosted on Microsoft Azure and piloted by Police Scotland, faced legal concerns. The police watchdog raised alarms about potential risks, such as US government access under the Cloud Act, generic contracts, and data sovereignty issues.

Despite these warnings, DESC processing began without resolution of these issues. Plastow issued an information notice to Police Scotland in April 2023, but his concerns persisted. Subsequent revelations in June 2024 confirmed that Microsoft could not guarantee data sovereignty for UK policing data on its cloud infrastructure.

The situation has raised questions about compliance with data protection laws, particularly in regards to biometric data processing. Plastow pointed out the importance of ICO oversight in determining compliance with UK GDPR and the Data Protection Act. He stressed the need for a specific investigation into DESC to address ongoing uncertainties.

Criticism of the ICO’s guidance on police cloud usage has further fueled calls for a thorough investigation. Concerns have been raised about the risks associated with police cloud deployments and the need for robust data protection measures. Plastow highlighted the necessity of ensuring that DESC and similar systems adhere to legal requirements to protect sensitive data.

Mindcraft

Mindcraft is your premier destination for the latest updates and in-depth analysis of the ever-evolving world of information technology. Our mission is to keep you informed about the most significant developments, trends, and innovations in the IT industry, all in one place.

In the world of IT, innovation is the heartbeat that drives progress, turning dreams into reality and transforming the impossible into the inevitable.

Mindcraft Team Tweet

Share please!