Police did not breach data protection rules – Data Protection Commissioner

An investigation carried out by the Data Protection Commissioner did not find the Police in breach of the Data Protection Act despite the fact that Articles cited by the Police justifying a request for call logs were incorrect.

PN deputy leader Beppe Fenech Adami and Nationalist MP Jason Azzopardi had asked the Data Protection Commissioner to investigate a possible breach of data retention laws over claims by the Commissioner of Police that he had checked telephone logs.

In his report, the Data Protection Commissioner, Joe Ebejer, however did not find the Police in breach of the Data Protection Act.

"There was no processing of data which breaches the provisions of the act," Ebejer said, noting that the Police had never requested to see the call profiles but had referred to the calls logs available on cell phones or telephones with an ID system.

Ebejer's investigation included verifying whether data privacy - of Jane Borg, Silvio Scerri, Charles Attard and Inspector Elton Taljana - had been breached. (Darryl Luke Borg was not included in the investigation as he "doesn't own a mobile phone".)

After examining the audit trail supplied by service provider Vodafone - all four make use of the same provider - Ebejer concluded that none of the four numbers had been accessed between 4 August and 21 August.

Addressing a press conference at the PN headquarters this afternoon, Jason Azzopardi however noted Ebejer's conclusions had belied the Police Commissioner's statements.

In a statement issued by the police's communication office CMRU on 28 August, the Police had cited a number of Articles - one of which refers to the corruption of witnesses - which it said justified a police's request for call profiles.

According to the Data Protection Act, a request for call profiles is only justified in serious cases that carry a sentence of minimum one year.

Ebejer however noted all three Articles cited by the Police carried a sentence less than one year. He therefore argued that if the Police had actually made a request to see call profiles - something which the Police never did - none of the Articles cited would have justified the Police's request.

"This is an indictment of the Police's crass incompetence who refer to inapplicable articles," Azzopardi said, who at one point refused to accept suggestions that the Police may have not seen the call profiles (lists usually obtained from the service providers) but the call logs on the actual mobile device.

"Go tell it to the marines... call profiles and call logs are the same. Fact remains that the Data Protection Commissioner found that no requests had been made to Vodafone, Go or Melita mobile," Azzopardi said.

The shadow minister for home affairs insisted that "it was worrying that the person responsible for order was seeing himself above the law".

"The Police Commissioner must shoulder responsibility for intentionally misguiding the public and lie," Azzopardi said, adding that if the Police had not seen the call profiles then there should have been no reason to cite the Data Protection Act.

He reiterated that Zammit's role as Police Commissioner was untenable and said Prime Minister Joseph Muscat and Home Affairs Minister Manuel Mallia must shoulder responsibility.

The issue related to the Darryl Luke Borg case, who was accused of a hold-up he didn't commit. The case turned controversial when Home Affairs chief of staff Silvio Scerri was accused by the PN of having been in contact with former convict Charles 'iz-Zambi' Attard to allegedly act as a middleman for Darryl Luke Borg, whose wrongful prosecution in a hold-up was the subject of an inquiry by the Police Board.

Police Commissioner Peter Paul Zammit had later declared that call logs confirmed that Scerri had not contacted Borg. The PN had subsequently claimed that Peter Paul Zammit's alleged inspection of call logs was not covered by data retention laws.