Give us feedback

ICO finds Gangs Matrix breached Data Protection Laws

ICO finds Metropolitan Police Service’s Gangs Matrix breached data protection laws, Press Release, November 2018

The Information Commissioner’s Office conducted an investigation and found that the  Metropolitan Police Service’s (MPS) use of the Gangs Matrix led to multiple and serious breaches of data protection laws.


The gangs matrix is a database in which the Metropolitan Police record intelligence relating to alleged gang members.  Amnesty raised concerns that the matrix breached data protection laws and the ICO investigated.

Some of the breaches found to have incurred were:

  • serious breaches of data protection laws with the potential to cause damage and distress to the disproportionate number of young, black men on the Matrix.
  • failure to clearly distinguish between the approach to victims of gang-related crime and the perpetrators, leading to confusion amongst those using it.
  • absence of effective central governance, oversight or audit of data processed as part of the Gangs Matrix, resulting in risk of damage or distress to those on it.

The ICO  found that, whilst there was a valid purpose for the database, the inconsistent way it was being used did not comply with data protection rules.  The ICO issued an Enforcement Notice compelling the MPS to ensure it complies with data protection laws in future and has given them six months to make these changes, which the MPS has accepted and already started to implement.