The Garda Commissioner Noirín O'Sullivan broke Garda rules when she used a Gmail address for dealing with Garda business.
Ms O’Sullivan confirmed reports she had used a Gmail account for Garda business, explaining in a statement that restrictions on size and storage on the Garda email system meant that she “occasionally” used a Gmail address, raising concerns about security.
The Irish Times understands the use of commercial email systems for the transmission of official Garda information is prohibited under the Garda's policy on email use.
The statement issued by the Garda said this policy was now being reviewed, as it did not take into account advances in technology which require mobile devices to have Gmail installed.
Asked for a copy of the policy the Garda press office said: “We are unable to supply the documents you have requested as they are internal documents”.
To further queries on penalties for breach of Garda policy, the press office reissued a statement similar to a general one issued on Sunday.
Breach of policy
Senior Garda sources played down the significance of the breach of policy by the Commissioner, though they acknowledged that while it was necessary to have Gmail installed on phones and tablets, it was not necessary to use it.
Sources said a breach of the policy would not necessarily be a disciplinary matter, and that there were “extenuating circumstances”. However, the affair is a serious embarrassment for the commissioner, who has faced criticism this year on a number of subjects, including the Garda’s recent strike threat and the treatment of whistleblowers in the force.
The commissioner will shortly issue a report on the matter to the Minister for Justice Frances Fitzgerald and to the Policing Authority. She will also appear at a public meeting with the Policing Authority on Thursday, where she may face questions on the matter.
Garda sources say the force’s own email system can be slow or cumbersome when users are trying to access it out of the office. One source said it was easier and sometimes necessary to use Gmail to access emails and documents.
However, the revelation in the Sunday Times, confirmed on Monday by the Commissioner, has raised concerns about the security of Ms O’Sullivan’s communications.
The Garda has insisted it is satisfied that “the commissioner’s systems are secure and there is no evidence that they have ever been compromised.”
The statement also says that the commissioner had “due regard to the sensitivity of any information being transmitted in this way”.
The commissioner takes “all recommended security measures” when using Gmail, including “regularly changing the password [and] using a mix of letters, numbers and symbols”, according to the Garda statement.
The garda insisted that Ms O’Sullivan “is well aware of her obligations to protect national security and policing operations and would under no circumstances allow them to be compromised”.
‘Nothing to add’
The Department of Justice said on Monday night it had nothing to add to the commissioner’s statement.
Access to and use of commercial email services such as Gmail differs across Government departments and agencies. For example, staff in the Department of Justice are restricted from accessing Gmail, while staff in the Department of Finance are prevented from opening documents on Gmail.
However, the junior minister responsible for data protection, Dara Murphy has said he is not aware of any "overarching" Government policy prohibiting public servants from using web services such as Gmail for official business.
Speaking to The Irish Times in Berlin, he declined to comment on the specific case involving Ms O'Sullivan, but said his staff urged strong data protection awareness across all ministries and state agencies. Asked what this meant in practical terms, he said it remained up to "individual organisations to make their own determinations".
“I am not going to give a pronouncement on the rights or wrongs,” he said. “I am not aware there is a Government policy. I haven’t given any thought as to whether what should or shouldn’t be a policy.”