* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Tuesday, June 3, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Entertainment-Focused Narrative and Culture Change Practice – New America

    Transforming Culture Through Engaging Entertainment Narratives

    Rising stars: Young classical musicians surging on social media – Yahoo

    Meet the Next Generation of Classical Music Sensations Making Waves on Social Media!

    Devin Harjes Dies: ‘Manifest’ & ‘Boardwalk Empire’ Actor Was 41 – WyomingNews.com

    Tragic Loss: Devin Harjes, Star of ‘Manifest’ and ‘Boardwalk Empire,’ Passes Away at 41

    Why Starz Entertainment Stock Soared Today – The Motley Fool

    Unpacking the Surge: What Fueled Starz Entertainment’s Stock Explosion Today!

    Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    AI for lawyers: Win back your time using technology – nationaljurist.com

    Reclaim Your Time: How AI is Transforming the Legal Profession

    Prosecutors accuse men of exporting U.S. military technology to China – Milwaukee Journal Sentinel

    Men Charged with Illegally Exporting U.S. Military Technology to China

    ROLAND’S NEW WIRELESS TRIGGER TECHNOLOGY, PORTER & DAVIES ON TOUR, NEW 64 AUDIO ASPIRE UNIVERSAL IEM MODELS, WAVES FREE PLUGIN PACK – Modern Drummer Magazine

    ROLAND’S NEW WIRELESS TRIGGER TECHNOLOGY, PORTER & DAVIES ON TOUR, NEW 64 AUDIO ASPIRE UNIVERSAL IEM MODELS, WAVES FREE PLUGIN PACK – Modern Drummer Magazine

    This giant microwave may change the future of war – MIT Technology Review

    Revolutionizing Warfare: The Impact of a Game-Changing Giant Microwave

    Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

    Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Entertainment-Focused Narrative and Culture Change Practice – New America

    Transforming Culture Through Engaging Entertainment Narratives

    Rising stars: Young classical musicians surging on social media – Yahoo

    Meet the Next Generation of Classical Music Sensations Making Waves on Social Media!

    Devin Harjes Dies: ‘Manifest’ & ‘Boardwalk Empire’ Actor Was 41 – WyomingNews.com

    Tragic Loss: Devin Harjes, Star of ‘Manifest’ and ‘Boardwalk Empire,’ Passes Away at 41

    Why Starz Entertainment Stock Soared Today – The Motley Fool

    Unpacking the Surge: What Fueled Starz Entertainment’s Stock Explosion Today!

    Unveiling the Enigmatic: First Looks at Destruction and Puck in ‘The Sandman

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    AI for lawyers: Win back your time using technology – nationaljurist.com

    Reclaim Your Time: How AI is Transforming the Legal Profession

    Prosecutors accuse men of exporting U.S. military technology to China – Milwaukee Journal Sentinel

    Men Charged with Illegally Exporting U.S. Military Technology to China

    ROLAND’S NEW WIRELESS TRIGGER TECHNOLOGY, PORTER & DAVIES ON TOUR, NEW 64 AUDIO ASPIRE UNIVERSAL IEM MODELS, WAVES FREE PLUGIN PACK – Modern Drummer Magazine

    ROLAND’S NEW WIRELESS TRIGGER TECHNOLOGY, PORTER & DAVIES ON TOUR, NEW 64 AUDIO ASPIRE UNIVERSAL IEM MODELS, WAVES FREE PLUGIN PACK – Modern Drummer Magazine

    This giant microwave may change the future of war – MIT Technology Review

    Revolutionizing Warfare: The Impact of a Game-Changing Giant Microwave

    Bajeed Pattan Joins Forbes Technology Council as Innovation Leader – PRWeb

    Bajeed Pattan Takes the Helm as Innovation Leader at Forbes Technology Council!

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Scottish biometrics watchdog outlines police cloud concerns

October 12, 2023
in Technology
Scottish biometrics watchdog outlines police cloud concerns
Share on FacebookShare on Twitter

The Scottish biometrics commissioner has written to Police Scotland outlining his ongoing concerns over the cloud-based digital evidence sharing system used by the force, which uses hyperscale public cloud infrastructure to store and process sensitive biometric data despite major data protection concerns.

At the start of April 2023, Computer Weekly revealed the Scottish government’s Digital Evidence Sharing Capability (DESC) service – contracted to body-worn video provider Axon for delivery and hosted on Microsoft Azure – was being piloted despite the police watchdog raising concerns about how the use of Azure “would not be legal”.

According to a Data Protection Impact Assessment (DPIA) by the Scottish Police Authority (SPA) – which notes the system will be processing genetic and biometric information – the system presents several risks to data subjects’ rights.

This includes the potential for US government access via the Cloud Act, which effectively gives the US government access to any data, stored anywhere, by US corporations in the cloud; Microsoft’s use of generic, rather than specific, contracts; and Axon’s inability to comply with contractual clauses around data sovereignty.  

In the wake of Computer Weekly’s coverage, Scottish biometrics commissioner Brian Plastow served Police Scotland (the lead data controller for the system) with a formal information notice on 22 April 2023, requiring the force to demonstrate that its use of the system is compliant with Part Three of the Data Protection Act 2018 (DPA 18), which contains the UK’s law enforcement-specific data protection rules.

Plastow specifically asked whether biometric data transfers have taken place, what types have been transferred, in what volumes, and which country the data is being hosted in.

Responding to the commissioner’s formal notice, Police Scotland confirmed in July 2023 that is had “uploaded significant volumes of images to DESC during this pilot”. It further assured the commissioner that “data is encrypted by the DESC solution prior to being hosted on a Microsoft Azure UK datacentre”.

Plastow writes back to Police Scotland

Writing to Police Scotland in a letter dated 5 October, Plastow noted while the force’s response was helpful, it “did not ameliorate my specific concerns” around the uploading of sensitive biometric data to DESC.

“A primary concern is that by Scottish government opting for a ‘US headquartered’ solution provider (rather than a UK or EU cloud provider, or a non-cloud solution) to host sensitive biometric data (and other law enforcement data), and by sanctioning the holding of the data encryption keys for that data by Axon (rather than by Police Scotland), then such data is fully exposed to the provisions of The Clarifying Lawful Overseas Use of Data Act 2018 (US Cloud Act), and the related US and UK data access agreement,” he wrote.

“Such UK/US arrangements inevitably involve different legal requirements regarding data security, data privacy, and breach notification. You will also be aware that the reach of the US Cloud Act extends anywhere in the world, and so the fact that DESC servers hosting Police Scotland data may be physically located in the UK is irrelevant.”

He added the uploading of biometric data to DESC could potentially breach Principle 10 of Scotland’s statutory Biometric Code of Practice, which specifically revolves around the need to protect biometric information from unauthorised access and disclosure, and comes with an obligation to “promote the highest quality of privacy enhancing technology.”

Plastow also confirmed in the letter that he has sent a Code of Practice questionnaire for Police Scotland to complete by the end of November 2023, which in part seeks information on the use of cloud-based systems provided US headquartered to store and process biometric data, as well as confirmation on how the security and sovereignty of that data is being protected.

He further reiterated that his office will be conducting a “separate but related assurance review” on Police Scotland’s handling of biometric data in winter 2023 to see whether it complies with the code.

While the commissioner had already set out his intention to conduct a general assurance review in December 2021 prior to issues with the system being raised, he added in the letter that he will be specifically seeking additional information about the uploading of biometrics to DESC as part of that process.

“If the loading of biometric data in the current pilot is continued, extended, or expanded, I would anticipate reaching a determination on whether the uploading of biometric data to DESC by Police Scotland complies with the Code of Practice early in the New Year,” he said. “Any determination that it does not, would require me to submit a report to the Scottish Parliament about the failure to do so, and potentially further action as detailed in…the Scottish Biometrics Commissioner Act 2020.”

Security and sovereignty

Breaking down his concerns further, Plastow outlined how the offshoring of Scottish biometric data to US cloud providers and data processors means that it cannot be fully administered from Scotland.

“If US federal authorities were to issue a warrant or subpoena together with a non-disclosure instruction to Axon and/or Microsoft for the surrender of Scottish biometric data under the provisions of the US Cloud Act, then Police Scotland would presumably not even know that their data (the sensitive data of a person or persons) had been accessed and indeed acquired by a foreign state,” he wrote, adding that no third-party should be able to access biometric data belonging to Police Scotland without its knowledge, agreement, or explicit consent.

“This is a necessary safeguard to prevent biometric data belonging to Police Scotland being surrendered by a third-party contractor in response to the legal requirements and non-disclosure instructions of a foreign jurisdiction.”

On data security, Plastow added he is concerned about the security of highly sensitive biometric data being stored on public cloud infrastructure “in circumstances where Police Scotland does not retain full control (or in this case any control) of the data encryption keys within DESC” which are held by Axon according to the SPA DPIA.

“This extremely sensitive biometric data may include images of victims of crime, for example the injuries of a victim of rape or sexual assault, as well as images of persons who may have been charged but not yet convicted of any crime or offence,” he wrote, outlining and linking to a number of examples of data breaches where Microsoft-controlled digital infrastructure was compromised.

“These examples demonstrate that there are major risks to be considered when storing ‘any’ sensitive data on the public cloud infrastructure…More broadly, you will also be aware of recent cyber attacks on UK policing involving cloud and non-cloud infrastructure where third-party contractor security vulnerabilities have damaged the reputation of policing.”

Plastow concluded the section on data security by noting such cases “provide empirical evidence that ‘outsourcing’ data, and especially law enforcement data such as sensitive biometric data, to external contractors is an exceptionally risky endeavour”.

Responding to the letter, a Police Scotland spokesperson said: “We acknowledge the content of the letter from the biometrics commissioner and will respond to his concerns in due course.

“Police Scotland continues to work closely with the Scottish government and our criminal justice partners to ensure robust, effective and secure processes are in place to support further development of the system.

“We also continue to engage with the biometrics commissioner, the Information Commissioner’s Office and relevant partners as we progress Digital Evidence Sharing Capability to support the transformation of the criminal justice system for Scotland.”

Wider concerns

Plastow added his concerns are not limited to the DESC system and also extend to other cloud-based law enforcement systems and databases across the UK.

As an example, he specifically noted that the Police Digital Service (PDS) and Home Office Biometrics (HOB) have introduced the PDS Xchange platform powered by “US headquartered” Amazon Web Services (AWS), which has been integrated with the UK law enforcement fingerprints database IDENT1 since April 2022.

He said while “it is for the ICO to give advice on such matters relating to compliance with UK data protection law, however as there are more than 831,000 Scottish fingerprint forms within IDENT1, and Scottish access to the entire system, such UK decisions to ‘offshore’ biometric data in a ‘US headquartered’ cloud solution also has potential devolution consequences for Scotland”.

According to Owen Sayers – an independent security consultant and enterprise architect with more than 20 years’ experience in delivering national policing systems – there are a significant number of Home Office systems used by Police Scotland or that otherwise ingest its data, much of which will include biometrics: “As a result, Plastow’s concerns will probably extend beyond the Xchange system as he looks at the wider landscape.”

He added: “This, of course, makes the recent announcement by the policing minister for England and Wales about opening passport and driving licence databases up for police facial recognition use even more interesting and complex; the Scottish laws and biometrics Code of Practice will need to be taken into account and it’s not immediately clear how data might be differentiated between English and Welsh use and Scottish use, even if Westminster pass legislation to allow this re-use of images, which is contentious enough as it is.”

Computer Weekly contacted the Home Office about whether it consulted the relevant Scottish authorises about placing its citizens data in legally questionable hyperscale pubic cloud infrastructure, but received no reply by time of publication.

Plastow also noted that his counterpart for England and Wales, Fraser Sampson, has shared similar concerns about the lawfulness of using such cloud infrastructure for the processing of law enforcement data.

In April 2023, for example, Sampson warned that policing and justice bodies must be able to demonstrate “immediately and unequivocally” that their cloud deployments are lawful.

“Cloud is a brilliantly fluffy euphemism that doesn’t actually tell you anything about the system,” he said. “What you want to know is, ‘What country is my data being stored in and what does that mean?’. It’s really basic. And what are the risks of that then being accessed either maliciously or judicially?”

Sampson added that policing and justice bodies must also be conscious of the risks that relying so heavily on certain suppliers and systems can create: “We’re creating more and more dependencies for operational policing and law enforcement on these systems, and where you create a dependency, you create risk.”

Throughout the letter, Plastow also alluded to the fact that the Information Commissioner’s Office (ICO) is yet to take a formal view on the legality of hyperscale public cloud infrastructure for the storing and processing of law enforcement data generally.

The ICO has previously confirmed to Computer Weekly that it has never given formal regulatory approval for use of such systems by UK law enforcement bodies, despite being in full view of the issues due to its ongoing conversations with the data controllers involved.

In the SPA’s correspondence with the ICO released under the Freedom of Information (FOI) Act, for example, the regulator largely agreed with its assessments of the risks. Regarding international transfer requirements, for example, it noted that technical support provided from the US by either Axon or Microsoft would constitute an international data transfer, as would a US government request for data made via the Cloud Act.

“These transfers would be unlikely to meet the conditions for a compliant transfer,” said the ICO. “To avoid a potential infringement of data protection law, we strongly recommend ensuring that personal data remains in the UK by seeking out UK-based tech support.”

It added: “If you have a remaining residual high risk in your DPIA that cannot be mitigated, prior consultation with the ICO is required under section 65 DPA 2018. You cannot go ahead with the processing until you have consulted us.”

Computer Weekly contacted the ICO to ask if it was able to provide a timeline on when it will come to a formal decision on the legality of using these cloud systems for law enforcement data storage and processing, but received no response by time of publication.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366555237/Scottish-biometrics-watchdogs-outlines-police-cloud-concerns

Tags: biometricsScottishtechnology
Previous Post

Google Cloud sets up public sector-focused business division to trap more UK government business

Next Post

A Majority of Israelis Think Netanyahu Should Resign

AI carves out a niche in ecology and conservation research – Nature

AI carves out a niche in ecology and conservation research – Nature

June 3, 2025
Opinion | JD Vance Defies the Market’s Gravity – WSJ

JD Vance: Challenging Market Norms and Defying Expectations

June 3, 2025
RFK Jr. Says Healthy Pregnant Women Don’t Need Covid Boosters. What the Science Says. – KFF Health News

RFK Jr. Challenges Covid Booster Necessity for Healthy Pregnant Women: What the Research Reveals

June 3, 2025
Updates to Lifestyle’s Spring Quarter bucket list – The UCSD Guardian

Exciting New Additions to Your Spring Quarter Bucket List!

June 3, 2025
It’s Waymo’s World. We’re All Just Riding in It. – WSJ

Welcome to Waymo’s World: The Future of Autonomous Driving Awaits!

June 3, 2025
Fed’s Logan: The US economy remains resilient – FXStreet

Fed’s Logan: The US economy remains resilient – FXStreet

June 3, 2025
Entertainment-Focused Narrative and Culture Change Practice – New America

Transforming Culture Through Engaging Entertainment Narratives

June 3, 2025
NC lawmakers target pharmacy “middlemen” in proposed reforms – North Carolina Health News

NC Lawmakers Take Aim at Pharmacy Middlemen with Bold Reform Proposals

June 3, 2025
If we want better political representation, let’s stop voting straight ticket in Indiana – Indiana Capital Chronicle

Break the Mold: Why Ditching Straight Ticket Voting in Indiana Can Transform Political Representation

June 3, 2025
AI for lawyers: Win back your time using technology – nationaljurist.com

Reclaim Your Time: How AI is Transforming the Legal Profession

June 3, 2025

Categories

Archives

June 2025
MTWTFSS
 1
2345678
9101112131415
16171819202122
23242526272829
30 
« May    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (661)
  • Economy (675)
  • Entertainment (21,581)
  • General (15,257)
  • Health (9,718)
  • Lifestyle (678)
  • News (22,149)
  • People (677)
  • Politics (684)
  • Science (15,896)
  • Sports (21,180)
  • Technology (15,662)
  • World (663)

Recent News

AI carves out a niche in ecology and conservation research – Nature

AI carves out a niche in ecology and conservation research – Nature

June 3, 2025
Opinion | JD Vance Defies the Market’s Gravity – WSJ

JD Vance: Challenging Market Norms and Defying Expectations

June 3, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version