The Corruption and Crime Commission’s Report on its review of unlawful access to the Transport Executive and Licensing Information System, known as TRELIS, has been tabled in State Parliament.
In a statement, the Commission said the Report, A review of the Department of Transport’s management of unlawful access to TRELIS, should serve as an important reminder for everyone in a position that allowed them to access personal information about members of the public.
“The community has a rightful expectation that personal information held in Government-owned and shared databases is protected — not only from external hackers, but from abuse and unlawful access by those people who have been authorised to use it to perform their official duties,” the Commission said.
“The Department of Transport uses TRELIS to facilitate the delivery of vehicle and driver licensing and registration services across the State,” it said.
“Of all the Government databases, it holds the most personal information about members of the public.”
The Commission said it had considered more than 100 alleged incidents of unlawful access and identified incidents involving improper user access to TRELIS.
“Some of the reasons for access included viewing of the user’s own driver licence details, renewing a family member’s vehicle registration, or obtaining information to share with family or friends,” it said.
The Commission said its Report detailed seven specific examples and outlined what the Department did to investigate the matter and what steps, if any, were taken.
“The Department’s lack of action in respect of unlawful access of information in TRELIS, promotes a culture of acceptance of its use for personal reasons,” it said.
The Commission acknowledged the Department had made some changes to policy and procedures in response to the Review – but more must be done.
“The Commission has made four recommendations for action by the
Department to ensure it has clear policies and procedures in place; a consistent triage and investigation process; effective activity alerts; and defined memorandums of understanding with all external users,” it said.
The Commission’s 27-page Report can be accessed at this PS News link.
