3 Saskatoon police officers could face discipline after using police database for personal snooping

Three Saskatoon Police Serviceofficers are facing potential discipline after being caught snooping on personal information stored in the force's database for personal, non-official reasons, according to the police service and Saskatchewan's privacy watchdog.

One officer has had their access to the database revoked, and thematter for all three officers is currently under "administrative review," a spokesperson from the police service told CBC News in an emailTuesday.

An internal Saskatoon police audit last October found that officer, who is identified in a report as "sworn member A," inappropriately accessed the personal information of five individuals related to a specific investigative file.

The officer also improperly searched certain addresses and four individuals linked to those addresses, according to an Aug. 28 report from the Office of the Saskatchewan Information and Privacy Commissioner. The report did not say when the breaches themselves occurred.

"Additionally, it was discovered that sworn member A had accessed the [database] using another member's credentials when the other member was away from their computer, to conduct further queries and print pages from a specific file," information and privacy commissioner Ronald Kruzeniski stated in the report.

That finding spurred an internal Saskatoon police investigation that found two other officers, identified in the report as sworn members B and C, had also inappropriately accessed the personal information of another individual, Kruzeniski wrote.

The information breached included identifying information about people, such asnames, addresses, phone numbers andlicence plate numbers, as well as information about police interactions, criminal history and investigations, and the opinions of others about the individuals, according to Kruzeniski's report.

In an email to CBC News, the Saskatoon Police Service declined to comment on the relationship between the officers and the individuals whose privacy was breached. However, the force said the matter was "isolated" and that the breached information was "narrow in scope and related to specific events."

The police service reported the breaches to the privacy commissioner's office in February, and sent letters tothe nine individuals involved notifying them of the breach later that month.

The officebegan investigating in March. One of the people affectedalso asked the privacy commissioner to probe the matter the same month, the report said.

"I agree with SPS' finding that the three sworn members inappropriately accessed information based on their own wilful decisions," Kruzeniski wrote in the report, adding that the officersdisregarded privacy policy, as well as a pop-up window that prohibits access for personal reasons on the database.

The police service has taken reasonable steps to respond to the breaches and minimize the risks of similar future issues, Kruzeniski found. That includedimmediately removing sworn officer A from a unit that required that officer to access the database often, and then revoking their access to the database entirely.

The police service is also reviewing automatic log-off features to prevent officers from using another's credentials, has required all officers to retake mandatory privacy training, and is auditing access to the database across the force, according to the report.

However Kruzeniski recommended thatofficer A should be required to confirm in writing to the privacy commissioner's office,and to the police service,that they destroyed the printed records as the officer stated they did. That confirmation should includewhere, how and by whom the records were destroyed, Kruzeniski's report said.

He also recommended the force get written confirmation from all officers that they did not share or disclose the inappropriately breached information to anyone else within 30 days.

"Our service takes the protection of private information seriously and conducts annual training and periodic audits to ensure compliance," Saskatoon policesaid in astatement to CBC News on Tuesday.

"We recognize there is still work to be done and we are committed to honouring the recommendations made by the commissioner."

Depending on the findings of the disciplinary proceedings and the decision of Saskatoon policeChief Cameron McBride, the three officers could face probation, close supervision orformal reprimand, or be ordered to undergo counselling, treatment or training, among any other consequences deemed appropriate, according to the Police Act.