The British government requested data on one journalist as part of Operation Elveden, focused on alleged bribes made to public officials for information, and "accidentally" received data on 1,000 News UK staff. Vodafone said there was some type of human error that led to the extra data being supplied, while police officials said they returned the information.
Police wanted information focused on one journalists that worked for News UK from 2005 to 2007, and used the Regulation of Investigatory Powers Act (RIPA) to receive the data - and the information was returned back to Vodafone after about four months.
"Unfortunately, there was a human error during the processing of this information - which was drawn manually from a legacy system - as a consequence of which the Met Police were supplied with a corrupted dataset containing a significantly higher volume of metadata than had been the focus of the warrant received by Vodafone. The metadata in question relates to call logs and other information, such as pricing data, not the content or location of any communications."
Although the request was made legally, it is a glaring problem that needs to be fixed on Vodafone's side, to ensure extra records don't magically find their way to the government in the future. Citizens already are increasingly concerned about possible police and government surveillance, and News UK staff will likely be interested to hear more about this incident - and to learn if their information was analyzed before being returned.
"The Metropolitan Police Service (MPS) recognized the sensitivity of the excess data provided and ensured it was retained securely, until it was returned to Vodafone," a police spokesman said. "The Metropolitan Police consulted with the Interception of Communications Commission's Office and the Information Commissioner on how this error should best be managed."