The Information Commissioner’s Office (ICO) has publicly criticised the Metropolitan Police Service for its record in handling subject access requests (SARs).
It has said the London force has failed in its data protection obligations by not responding to SARs within a calendar month and has issued two enforcement notices ordering it to respond to all requests by September.
Suzanne Gordon, director of data protection, complaints and compliance at the ICO, has outlined the issue in a blogpost that says the ICO has been working with the Met Police on its large SARs backlog.
It says a recent report showed there were still more than 1,100 open requests, nearly 680 of which were over three months old.
Although the force has a recovery plan in place the ICO says it is a cause for concern, and has asked the Met Police to make changes to its internal systems, procedures and policies.
“Ultimately, the public must be able to trust that police forces are upholding their information rights, and this case is a reminder to other police forces that we will take action against those organisations that do not comply with their SAR obligations,” Gordon says.
Image from Metropolitan Police Service