Gardaí handling of data relating to false reports of child abuse images criticised by ICCL

Retention is proportionate and in line with relevant legislation, says An Garda Síochána

'Nothing is removed from the database so far, so it is still retained,' said Liam Herrick of the ICCL. Photograph: Dominic Likinski / PA Wire
'Nothing is removed from the database so far, so it is still retained,' said Liam Herrick of the ICCL. Photograph: Dominic Likinski / PA Wire

The executive director of the Irish Council for Civil Liberties, Liam Herrick, has called on An Garda Síochána to clarify what it is doing with information it has retained on “completely innocent people” and asked if the information was recorded on the Pulse system or shared with other agencies.

Speaking on RTÉ radio’s Morning Ireland, Mr Herrick explained that for the last 20 years a system has operated internationally whereby a not for profit organisation in the US called the National Centre for Missing and Exploited Children (NCMEC) acts as a repository of child sexual abuse material and information which is shared with that body by internet providers and members of the public. They, in turn, then share it with law enforcement agencies around the world.

“Since 2010 An Garda Siochana have been receiving information from this body and since 2015 they’ve been getting it directly from this national centre in the US, the guards then process that information and they filter out that which they believe is serious material which merits criminal prosecution and that which isn’t.

“Last year we wrote to An Garda Siochana to get more information about what they do with this data. We’re part of the European digital rights network that is concerned that there may be difficulties with how the system operates. Obviously everybody wants to take the strongest possible measures to deal with child sexual abuse material but concerns have been raised that there might be false positives, material might be flagged as child sexual abuse material that’s innocent and also what happens that material subsequently.

READ SOME MORE

“In March 2021 we wrote to the guards and in October 2021 we got a detailed response from An Garda Síochána which said that in the previous year over 4,000 referrals were made to An Garda Síochána about potential child sexual abuse material, but 11 percent of that information was categorised by An Garda Síochána as completely innocent.

“There were various other categories and at the end of the day [and] only 10 percent of the information they got was actually actionable for criminal processing, but that 11 percent, that was innocent 471 cases,” he said.

Mr Herrick added that it would seem that each referral does lead to a file and “an entry on a database but the question is what happens afterwards? So the guards have gone through a process and they’ve deemed it to be innocent, they’ve said that this might mean that it’s an innocent picture of a child in a bath or on a beach or something like that, a family photograph that was incorrectly flagged as being illegal.

“The difficulty is it would seem from the correspondence we’ve had with An Garda Síochána they retain that information. We’ve got confirmation that all of the referrals go on a database and nothing is removed from the database so far, so it is still retained”.

Mr Herrick said this was a Europe-wide problem which raised a number of very serious questions. A key issue was whether the information was being retained illegally. If so, it should be deleted, he suggested. It may also point to a deeper problem with a high level of false positives, something that might be taken as an indication of an inefficient system.

Mr Herrick said there were “potentially negative consequences” for the people involved. It may also be the case that the Gardaí did not know that they were retaining the information until the issue was flagged by ICCL.

“Information about completely innocent people and completely innocent material is being retained by An Garda Síochána and they do not have a valid legal basis for retaining personal data in relation to that material.

“Does any further consequence flow from this? Is this information flagged on the Pulse system, is it accessed by other members of An Garda Siochana or other agencies? Is there potential negative consequences for some of these people? The answer to that question is we don’t know.”

Responding to the comments by Mr Herrick, a spokesperson for An Garda Síochána the force “has a legislative basis for the processing of potential child abuse material for law enforcement purposes under the Data Protection Act 2018, which transposed the Law Enforcement Directive into national law.

“Data from NCMEC is held in a segregated database only accessible to a specialist unit within the Garda National Protective Services Bureau (GNPSB) tasked with assessing these referrals.

“In cases where no criminal offence is identified following a review of material referred to An Garda Síochána for investigation, no crime incident records are created. This means there is no impact on any person referenced in that data – and no references to them as suspects or victims.

“However, there is a rationale for the continued segregated retention of the original referral data, including: quality assurance and accountability... reference and intelligence material in respect of future investigations [and] compliance with the provisions of other legislation.”