Three Saskatoon police officers looked at private information they did not need to access for a work-related reason said Saskatchewan's privacy commissioner.The Saskatoon Police Service (SPS) officers looked at the files of nine people for personal reasons.In October 2023, an SPS superintendent asked for a check on who was looking at a certain file. This check found that one officer "Sworn Member A" had looked at information for five people without a work reason.“The audit revealed that one sworn member of the SPS [Sworn Member A] had accessed the personal information of five individuals inappropriately,” said Ron Kruzeniski, the privacy commissioner.“The audit also revealed that Sworn Member A had queried certain addresses as well as four individuals linked to those particular addresses.”This officer even used another police officer's computer to look at and print some private information.After finding this out, the SPS deputy chief of operations asked for an investigation. They found two more officers had also wrongly looked at someone's private information.In February, the police told the privacy commissioner about these issues. One person whose privacy was compromised also asked for an investigation.The officers looked at information they should not have accessed. This included people's names in police records, information about criminal history, investigations, opinions, and licence plate numbers.Usually, licence plates are not considered private information. However, in this case, it was considered private information because an officer named "Sworn Member B" looked up a plate to find out who owned a car without a work reason.“In SPS’ access and privacy unit’s investigation report, SPS noted that the accesses to personal information within the [record management system] was for reasons that were personal and unrelated to their work. The ‘need-to-know’ principle states that information should only be available to those in an organization who need to know it for purposes related to their immediate duties,” said Kruzeniski.The police told the privacy commissioner they removed Sworn Member A's access to the record system.This officer said they destroyed the papers they printed. Kruzeniski wants to know more about where the officer took the papers, who destroyed them, and when and how and wants to make sure the privacy breach is contained. He also wants Sworn Member A to write down that they did not show the private information to anyone else.The SPS said the other two officers did not conduct any more suspicious searches, so they can still use the records system.Kruzeniski asked the police to get written statements from these two officers that they did not share private information with anyone.Of the nine people whose privacy was violated, six received letters, and one received an email explaining what had happened.The police could not find contact info for the other two people. Kruzeniski said the police sufficiently attempted to contact everyone affected.The SPS told Kruzeniski that officers take training on protecting private information."[The sworn members] knew, or ought to have known, that access to the personal information identified was not for a business purpose, and was therefore inappropriate and a contravention of SPS police," the SPS wrote in their report."The SPS does not believe that the breach occurred due to a lack of reasonable security measures on the part of the SPS, but by the wilful decisions of the subject employees."
Three Saskatoon police officers looked at private information they did not need to access for a work-related reason said Saskatchewan's privacy commissioner.The Saskatoon Police Service (SPS) officers looked at the files of nine people for personal reasons.In October 2023, an SPS superintendent asked for a check on who was looking at a certain file. This check found that one officer "Sworn Member A" had looked at information for five people without a work reason.“The audit revealed that one sworn member of the SPS [Sworn Member A] had accessed the personal information of five individuals inappropriately,” said Ron Kruzeniski, the privacy commissioner.“The audit also revealed that Sworn Member A had queried certain addresses as well as four individuals linked to those particular addresses.”This officer even used another police officer's computer to look at and print some private information.After finding this out, the SPS deputy chief of operations asked for an investigation. They found two more officers had also wrongly looked at someone's private information.In February, the police told the privacy commissioner about these issues. One person whose privacy was compromised also asked for an investigation.The officers looked at information they should not have accessed. This included people's names in police records, information about criminal history, investigations, opinions, and licence plate numbers.Usually, licence plates are not considered private information. However, in this case, it was considered private information because an officer named "Sworn Member B" looked up a plate to find out who owned a car without a work reason.“In SPS’ access and privacy unit’s investigation report, SPS noted that the accesses to personal information within the [record management system] was for reasons that were personal and unrelated to their work. The ‘need-to-know’ principle states that information should only be available to those in an organization who need to know it for purposes related to their immediate duties,” said Kruzeniski.The police told the privacy commissioner they removed Sworn Member A's access to the record system.This officer said they destroyed the papers they printed. Kruzeniski wants to know more about where the officer took the papers, who destroyed them, and when and how and wants to make sure the privacy breach is contained. He also wants Sworn Member A to write down that they did not show the private information to anyone else.The SPS said the other two officers did not conduct any more suspicious searches, so they can still use the records system.Kruzeniski asked the police to get written statements from these two officers that they did not share private information with anyone.Of the nine people whose privacy was violated, six received letters, and one received an email explaining what had happened.The police could not find contact info for the other two people. Kruzeniski said the police sufficiently attempted to contact everyone affected.The SPS told Kruzeniski that officers take training on protecting private information."[The sworn members] knew, or ought to have known, that access to the personal information identified was not for a business purpose, and was therefore inappropriate and a contravention of SPS police," the SPS wrote in their report."The SPS does not believe that the breach occurred due to a lack of reasonable security measures on the part of the SPS, but by the wilful decisions of the subject employees."