1. Introduction
Wanted People UK ("WPUK") operates in a sensitive environment where the publication of crime-related content carries inherent risks. This Risk Management & Safeguarding Framework sets out the approach WPUK takes to identifying, assessing, mitigating, and monitoring risks across all areas of operation.
2. Legal & Regulatory Context
WPUK operates within the legal framework of England and Wales, with particular reference to:
- UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018
- Human Rights Act 1998
- Defamation Act 2013
- Protection from Harassment Act 1997
- Surveillance Camera Code of Practice
3. Purpose
The purpose of this framework is to provide a structured approach to risk management and safeguarding that protects individuals, maintains public trust, and supports WPUK's mission of assisting law enforcement. It covers all aspects of WPUK's operations, from content publication to data processing and public engagement.
4. Core Risk Categories
4.1 Legal Risk
Risks arising from potential breaches of UK law, including defamation claims, data protection violations, contempt of court, and interference with police investigations. WPUK mitigates legal risk through legal review of policies, sourcing content only from law enforcement, and maintaining a content removal procedure.
4.2 Reputational Risk
Risks to WPUK's reputation arising from misidentification, association with vigilantism, or negative public perception. WPUK mitigates reputational risk through responsible publication practices, clear disclaimers, and proactive engagement with stakeholders.
4.3 Operational Risk
Risks related to platform availability, data security, cyber attacks, and system failures. WPUK mitigates operational risk through robust hosting, regular security assessments, encrypted data storage, and incident response procedures.
4.4 Safeguarding Risk
Risks to the safety and wellbeing of individuals, including those featured on the platform, lead submitters, victims, and witnesses. WPUK mitigates safeguarding risk through strict editorial guidelines, anonymity protections, and cooperation with law enforcement.
5. Safeguarding Principles
5.1 Protection of Individual Rights
All individuals featured on the WPUK platform retain their fundamental rights, including the presumption of innocence, the right to privacy, and protection from harassment. WPUK will take immediate action to protect these rights when they are at risk.
5.2 Victims & Witnesses
WPUK takes special care to protect the identity and safety of victims and witnesses. No information that could identify a victim or witness is published on the platform. Lead submitters are afforded full anonymity.
5.3 Responsible Identification
WPUK recognises the risk of misidentification and takes steps to minimise it. Published content includes clear warnings that resemblance does not confirm identity, and users are directed to report information through official channels only.
6. Content Review & Risk Controls
All content is subject to the following risk controls before publication:
- Verification that the content originates from or is approved by a UK police force
- Check for legal restrictions (court orders, anonymity orders, reporting restrictions)
- Editorial review to ensure neutral, factual language
- Assessment of safeguarding implications
- Confirmation that publication serves a legitimate public interest
7. Data Protection Safeguards
WPUK implements the following data protection safeguards:
- Data minimisation: only necessary personal data is collected and processed
- Purpose limitation: data is used only for its stated purpose
- Encryption at rest and in transit
- Access controls and role-based permissions
- Regular data protection impact assessments (DPIAs)
8. Complaints & Incident Reporting
WPUK operates a formal complaints procedure for any individual affected by content on the platform. All complaints are recorded, investigated, and responded to within the timescales set out in the Content Removal & Complaints Procedure. Security incidents are logged and reported to the Board, and to the ICO where required under data protection law.
9. Incident Response
WPUK maintains an incident response plan for dealing with data breaches, security incidents, and safeguarding concerns. The plan includes clear escalation procedures, communication protocols, and remediation steps. All incidents are reviewed after resolution to identify lessons learned and prevent recurrence.
10. Governance & Oversight
Risk management is overseen by the WPUK Board of Directors, which reviews the risk register and safeguarding framework at regular intervals. The Board ensures that adequate resources are allocated to risk management and that the operational team has the training and support necessary to implement risk controls effectively.
11. Continuous Improvement
WPUK is committed to the continuous improvement of its risk management and safeguarding practices. This framework is reviewed annually and updated to reflect changes in the legal environment, operational practice, and emerging risks.
12. Our Commitment
WPUK is committed to operating safely, responsibly, and in the public interest. This Risk Management & Safeguarding Framework reflects our dedication to protecting individuals, maintaining public trust, and supporting the work of UK law enforcement.
For questions about this framework, contact us at:
governance@wantedpeople.uk