Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Evening Standard
Evening Standard
World
Tristan Kirk

Digital court systems blamed for surge in personal data breaches

Breaches of personal data in court proceedings have surged to more than 10,000 in a year, with the dramatic increase being blamed on new digital systems in justice.

Courts staff and lawyers have been mistakenly uploading confidential and sensitive information to the wrong case files on the Common Platform, a cornerstone of the Ministry of Justice’s reform of the criminal courts.

The HM Courts and Tribunals Service (HMCTS) annual report has now revealed that the number of data breaches has shot up from 2,682 recorded in 2020/21 to 10,225 between April 2023 and March 2024.

The body, which manages the criminal and civil courts of England and Wales, said it has taken the blame for 45 per cent of the year’s breaches, while 55 per cent were the fault of “third parties”.

“For those where we were not at fault, this was primarily due to authorised third parties uploading information incorrectly onto our system, following the introduction of new case management systems such as the Common Platform,” said the report.

“We continue to engage with all parties to put measures in place to mitigate these issues. For example we have implemented several IT solutions to minimise the impact, including the ability of our Service Centre staff to remove incorrect documentation uploaded by professional users.”

It said there has been a “general trend” since September 2023 of less mistakes being made by professional court users – such as lawyers and police officers – while errors by court staff have been tackled with “face-to-face training”.

HMCTS has to refer significant data breaches to the Information Commissioner’s Office, and it has promised to “learn lessons and continually improve our systems”.

The annual report also reveals that, among the data breaches, were incidents where confidential home addresses were leaked in a divorce battle and a separate legal fight over a child, the surname and address of adoptive parents were passed on in error to the birth mother during a court battle, and the address of a defendant in a criminal case was given out to a third-party by mistake.

A HMCTS spokesperson said: “The majority of these incidents are a direct result of incorrect information being uploaded to the system by third parties – not by HMCTS. We receive and handle millions of pieces of sensitive data safely and securely every year and take any breaches extremely seriously.”

The Common Platform has been gradually rolled-out across magistrates and crown courts in England and Wales in the last few years, with the aim of creating a single digital file for each criminal case that can be accessed by police forces, lawyers, court staff, probation and judges.

Justice chiefs faced sustained protests from court staff over the initial rollout of the new system, amid complaints that it was cumbersome, malfunctioning, and had slowed down court hearings.

HMCTS announced in February that parts of its long-running Reform Programme had been scrapped, including the ambition to roll out the Common Platform to the whole criminal justice system.

The old Digital Case System (DCS) would be retained in part, the body announced, while planned upgrades to the Common Platform had been put on ice to focus on work to ensure the new system worked properly.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.