🚨 What Crimes Could a Police Officer Commit by Misusing Police Databases in Spain?

Accessing police databases for personal reasons — such as checking on someone you know, helping a friend, or looking into a case you’re not assigned to — is not just unethical. It’s often a criminal offense under Spanish law.

🔹 1. Discovery and Disclosure of Secrets (Art. 197 of the Penal Code)

Accessing or using personal or confidential data without authorization constitutes a crime against privacy.

If the data is extracted from official police systems, the act can be punished with prison and fines.

🔹 2. Disclosure by a Public Official (Art. 198 CP)

When the offender is a public official or law enforcement agent, penalties increase.

Using your position to access data “out of curiosity” or “to help someone” is treated as abuse of authority.

🔹 3. Breach of Custody of Documents (Arts. 413–416 CP)

Removing, sharing, or allowing unauthorized access to official records (police reports, case files, etc.) may be prosecuted as infidelity in the custody of documents.

🔹 4. Computer Crimes (Art. 197.2 and 264 CP)

Even when the officer has credentials, using them for unauthorized purposes can be seen as illegal system access or data misuse.

🔹 5. Administrative & Data Protection Sanctions

Beyond criminal liability, such conduct can lead to:

Disciplinary action (suspension, dismissal, ineligibility).

Sanctions by the Spanish Data Protection Agency (AEPD) for unlawful processing of personal data.

⚖️ What Spanish Courts Have Said

The Supreme Court (STS) and several provincial courts have ruled that having technical access does not mean having legal authorization.

Officers have been convicted for repeatedly checking police databases for private reasons — even if they didn’t share the information publicly.

Case law confirms that internal database access for non-official purposes = “discovery of secrets by a public official.”

High-profile example: former police commissioner Villarejo was convicted for unauthorized collection and disclosure of confidential data.

⚠️ Key Takeaways

Having access ≠ having permission.

Every query must be justified by your official duties.

Misuse can lead to criminal prosecution, loss of career, and data protection penalties.

If you’re an officer: only use police systems for legitimate professional purposes.

If you’re a citizen: you can report unlawful data access to the courts or the AEPD.