The man who has the job of being the UK's Biometrics Commissioner has warned that some police forces are ignoring the rules about deleting unnecessary data, with the nation's databases of DNA profiles and fingerprints containing huge numbers of unlawfully held records.
The commissioner said in his report on biometric retention [PDF] that the opposite is also happening too, with some critical records being destroyed before they're needed because police aren't applying to have the retention of DNA profiles extended. It's all a bit of a mess.
There are two broad sets of biometric rules in the UK. The laws covering actual DNA samples say they "must be destroyed as soon as a DNA profile has been derived from it and in any event within six months of the date it was taken," while the guidelines covering DNA profiles and fingerprints are dependent on the guilt of the person they're attached to, with the rules saying they "must be deleted from the national databases at the conclusion of the relevant investigation or proceedings."
But it's not happening according to the commissioner, who says "unlawful matches" generated by matching new suspects with out-of-date data are being used to feed police information they shouldn't, legally, have access to.
The good news is there's now 7,800 people on a separate counter-terrorism database. Or is that bad news? [The Register]