An app offered to hostage negotiators was used by police staff to record thousands of calls with witnesses and victims.

Sussex Police staff were inadvertently given access to the software which was able to record all phone calls made on devices.

After the administerial blunder, hundreds of thousands of phone calls were unlawfully recorded by Sussex and Surrey Police, including one which could have affected a trial.

An internal review found that over 1,000 police staff had downloaded the app, with 432 holding audio files.

Of these files, four users had recordings relating to investigations. One of these would have had a potential impact on a case if it had gone to trial.

Sussex Police temporary assistant Chief Constable Fiona Macpherson said: “Police management of personal data is vital and we take rigorous measures to ensure this.

“This case exposed a lack of governance around use of this digital application, and this is regrettable.

The Argus: Sussex Police HQSussex Police HQ (Image: Andrew Gardner/The Argus)

“As soon as the error was reported, we took urgent action to ensure that this did not happen again.”

Police representatives added that the app was given to hostage negotiators “for the purpose of supporting kidnap and crisis negotiations and maximising public safety”.


MOST READ:


The app has since been withdrawn from use, with the Information Commissioner’s Office deciding not to impose a £1 million fine on Sussex Police.

Sussex Police added that they have referred the matter to the ICO as well as the Crown Prosecution Service.

Stephen Bonner, deputy commissioner of the ICO, said: “Sussex Police and Surrey Police failed to use people’s personal data lawfully by recording hundreds of thousands of phone calls without their knowledge.

“People have the right to expect that when they speak to a police officer, the information they disclose is handled responsibly.

“We can only estimate the huge amount of personal data collected during these conversations, including highly sensitive information relating to suspected crimes.

“This case should be a lesson learned to any organisation planning to introduce an app, product or service that uses people’s personal data.

“Organisations must consider people’s data protection rights and implement data protection principles from the very start.”