back to article UK cops score legal win in EncroChat snooping op

The UK's National Crime Agency has partially won an important legal battle in a case that challenged the warrants used to obtain messages from cyber crook hangout EncroChat. EncroChat offered an encrypted phone and mobile service for just $1,500 a month – and you thought your mobile bill was bad – which was chiefly used by …

  1. ChoHag Silver badge

    Yay! The price of my drugs is going up with the profits directed to the even better criminals who didn't get caught!

    The system is working!

    1. KittenHuffer Silver badge
      Joke

      Every cloud ....

      I'm not complaining. The extra income gives me enough to offset the rate of inflation!

  2. Jellied Eel Silver badge

    With great power comes great responsibility.

    I've always been in two minds about this kind of stuff-

    The tribunal said it didn't reach a determination about whether the NCA illegally intercepted communications while they were being transmitted, and decided to "defer further consideration of this chapter of the case" until after the Crown Court's criminal proceedings in a related EncroChat case have wrapped.

    Sure, we should have a right to privacy, but that also needs to be balanced with a need for security and preventing serious crime. In a law enforcement sense, the EncroChat operation has been hugely successful, and arguably demonstrates why there can be a good reason for lawful intercepts. But we still seem to be struggling to legislate when that's reasonable and proportionate. Previously, surveillance powers in the UK had arguably bloated too far, eg councils using intrusive surveillance to make sure people were using their recycing bins properly. That got reigned in to fewer agencies to investigate serious criminality.. But the danger is always politics, ie redefining what and when intrusive surveillance can be used against. Especially with the rise of 'hate crimes' and 'disinformation', where those 'crimes' are often just a difference of opinion.

    1. Anonymous Coward
      Anonymous Coward

      Re: With great power comes great responsibility.

      >But we still seem to be struggling to legislate when that's reasonable and proportionate.

      Genuinely, and I don't mean for this to sound like a politician-bashing statement, it is because this is a very technical area with many subtle differences between words and the legislators simply do not have enough understanding of it yet (have to) vote on it anyway.

      Sure, you could apply my statement to many areas, but the key thing with modern comms (and thus also encompassing internet access, encryption, E2EE, etc) is that it underpins *everything* and thus changes have a very far and wide reaching effect.

      1. Jellied Eel Silver badge

        Re: With great power comes great responsibility.

        Sure, you could apply my statement to many areas, but the key thing with modern comms (and thus also encompassing internet access, encryption, E2EE, etc) is that it underpins *everything* and thus changes have a very far and wide reaching effect.

        Indeed. Politicians create bad legislation, courts rule on that and sometimes throw it back as being unworkable or unenforceable. The part I don't really understand..

        However, while the TEI warrant allowed the cops to collect communications stored on a device – and thus, according to the tribunal, was obtained legally – there's a different type of warrant that UK authorities must obtain to intercept messages in transit.

        ..."It is clear that a TEI warrant cannot authorise conduct in relation to communications other than stored communications," the decision stated. "It will be necessary to determine whether the interception was of communications in the course of their transmission."

        So that seems a problem with the legal definition of a TEI warrant. Authorities need one to tamper with a user's device, and this is good. So there needs to be a check that it's reasonable and proportionate. But it also seems that legislation doesn't go far enough, ie why wouldn't that warrant also authorise the interception of communications, given that's necessary? And it's also lawful, providing you've got the correct paperwork, and has been for centuries.

        The bigger problem is what the NCA was doing seems no different to what 1001+ app slingers and big tech companies do every day in order to slurp data from unsuspecting users. Apple, MS, Google, Facebook etc all intercept communications in transit in order to flog ads and people's personal data.

        Why is it illegal for the NCA, or LEA and security services in general to do this, but fine for 'big tech'?

        It's not like law enforcement can grab coffee & donuts, then get comfy and trawl through teh funnies their colleagues may have found on the Internet. As Tesla employees apparently did with data collected by their car cams. Hence the need for warrants and justification, and pretty harsh penalties if officials abuse those powers. Commercial data slurpers should be treated exactly the same way. If our communications should lawfully be private, with narrow exceptions, they should be private. Yet different rules apply to tech companies. So the balance between privacy and security seems rather skewed.

        Especially as legislators seem determined to mess things up further by proposing bans on endpoint encryption. We need that for privacy and security, but big tech doesn't want this because it might mean Apple and Google aren't able to spy on us as easily. Or there's Twitter, who are proposing their own message encryption system that Twitter itself can't decrypt. Legally, that one seems simple enough given lawful intercept and data retention's now baked into national legislation across the UK, EU and most of the world.

        Criminals won't really care about encryption bans because they'll just carry on doing it, or using steganography and other tricks to hide or disguise their activities. Everyone else gets less privacy and security, which is not a good thing.

    2. cyberdemon Silver badge
      Devil

      If EncroChat cost $1500 a month but was ultimately just a sting op..

      Where did the money go, eh?

  3. Anonymous Coward
    Anonymous Coward

    Some Advice For The Unwary........

    (1) Use a burner phone

    (2) Use an anonymous email address (see www.mail.com)....and....

    (3) Use private encryption and Gmail (and avoid interweb service providers like SIgnal)

    (4) Use internet cafes (or the betting shop WiFi next door to the cafe)

    (5) Avoid areas with lots of CCTV (which means London is a problem!)

    (6) Never, ever use a credit card for payment while your burner is switched on

    (7) Read up on Bruce Schneier, Daniel Bernstein

    (8) For the technically adept, gmp is useful in finding 10,000 long decimal prime numbers

    ....I could go on, but that will do for now! Enjoy!

    1. notyetanotherid

      Re: Some Advice For The Unwary........

      >(3) Use private encryption and Gmail (and avoid interweb service providers like SIgnal)

      >(7) Read up on Bruce Schneier, Daniel Bernstein

      Not sure what your beef is with Signal, but Bruce Schneier has said, "I am a fan of Signal and I use it every day." (https://www.schneier.com/blog/archives/2022/10/interview-with-signals-new-president.html)?

  4. Zippy´s Sausage Factory
    Unhappy

    So if there's a different warrant for intercepting messages in transit, that's one thing.

    However I find the deferment of deciding whether that was required until after the trial a little bit worrying - surely the time to decide whether evidence was legally obtained is before the trial, and not afterwards? Is their thinking along the lines of "get convictions first and then we can just do a slap on the wrist afterwards"?

    I'm less worried about this case, as there seems to be plenty of other evidence, but more about the precedent here. If they decide that "ah yes, that was obtained illegally but never mind who cares" - that's not something that fills me with confidence in the legal system.

    1. Anonymous Coward
      Anonymous Coward

      No "fruit of the poisoned tree" defence in the UK

      In English courts, illegally-obtained evidence can still be accepted by the judge as evidence. Does anyone know for sure about Scotland or Northern Ireland?

    2. Insert sadsack pun here

      "surely the time to decide whether evidence was legally obtained is before the trial, and not afterwards?"

      No. The trial itself is when to decide whether the evidence is admissible in the trial, and as part of that the court will - if it is asked - to consider whether the evidence was obtained legally.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like