Policing Authority says Garda chief breached email policy

Nóirín O’Sullivan insists use of Gmail account has not compromised security

Garda Commissioner Nóirín O’Sullivan  with Joseph Nugent, the Garda’s civilian chief administration officer, at the public meeting at Griffith College, Dublin, with the Policing Authority.  Photograph: Colin Keegan/Collins
Garda Commissioner Nóirín O’Sullivan with Joseph Nugent, the Garda’s civilian chief administration officer, at the public meeting at Griffith College, Dublin, with the Policing Authority. Photograph: Colin Keegan/Collins

Garda Commissioner Nóirín O’Sullivan has insisted there is no evidence her use of a private email account to send material relating to her work has compromised the security of the State or even her communications.

However, members of the Policing Authority, at a public hearing at Griffith College in Dublin on Thursday, told her they had reviewed the Garda's policy and it stated commercial email providers should not be used.

One member of the authority, Maureen Lynott, told Ms O'Sullivan that her use of a Gmail account was clearly in breach of the force's own policy.

Policing Authority chairperson Josephine Feehily said the public needed to have confidence that the security and integrity of the Garda had not been breached by Ms O'Sullivan, whom she invited to explain her position.

READ SOME MORE

“Over the weekend a newspaper reported on use of commercial email services in the organisation,” Ms O’Sullivan said of a report in the Sunday Times.

“I just want, at this point, to put on record that I am very conscious of my obligations to protect national security and policing operations and would under no circumstances use any system which would allow them be compromised.

Controls

“An

Garda Síochána

has strong security controls on the use and access to Garda IT systems. Our systems are secure. No evidence exists suggesting they have been compromised.”

Speaking on Thursday night, Minister for Justice Frances Fitzgerald said she was “awaiting a report that is being done in An Garda Síochána but I have been assured that security has not been compromised and that all of the checks and balances were in place”.

She added: “Of course, I’ve made substantial investment in ICT [information and communications technologies] for An Garda Síochána ... I have been informed their policy needs to be reviewed as well, but a lot of checks and balances were put in place in relation to this account, which was a Garda account, not a personal email. It was set up by An Garda Síochána and I have been told there has been no compromise of any security information whatsoever, but I’ll be getting a full report on it.”

The Garda's civilian chief administration officer, Joseph Nugent, insisted there was nothing unusual about the use by the Garda of Gmail accounts.

He said many members had official Garda email accounts and Gmail accounts set up by the force.

He believed the issue was not that policy had been breached, but that policy had “struggled” to stay apace of the technological advancements in recent years.

Convenience

While once public servants had an email address for work and one for personal use, with no mix of the two, now many devices such as new phones required the user to have an email account with a specific commercial provider to set up and begin using their device.

“On occasion, certain third party commercial providers are used for the purposes of convenience,” he said of the Garda.

“Clearly, not for the purposes of circulating sensitive material but, for example, circulating material that would be in the public domain; speeches, presentations … looking at research articles.”

He said Gmail was used by Garda personnel on devices “configured, authorised and secured by An Garda Síochána” and could not be accessed at locations such as internet cafés.

It was also “quite a step” and “a difficult piece” to take information or documents from the Garda’s system of Gmail accounts and switch it to private IT infrastructure or devices.

However, he could not stop a Garda member printing out a document and taking information away in hard copy format.

It was also impossible to prevent a Garda member “lighting up a private Gmail account in an internet cafe” and sending information relating to their jobs via that account outside the Garda network.

Ms O’Sullivan said a large number of critical Garda vacancies remained despite the pledge this week by Government to promote 11 officers into key posts. Some 14 senior posts would become vacant in the first half of next year as senior officers retired.

Conor Lally

Conor Lally

Conor Lally is Security and Crime Editor of The Irish Times