Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Privacy International Takes Police Phone ‘Hacking’ Case to IPC

Privacy International has written to the investigatory powers commissioner (IPC) requesting an urgent review into potentially unlawful use by the UK police of mobile phone extraction (MPE) technology.

Created by the controversial Investigatory Powers Act 2016, the role of IPC is to provide oversight of the intelligence services and police.

The rights group wants the IPC lord justice Fulford to investigate whether there’s a proper legal basis for the police to be using MPE tech and whether it’s “necessary and proportionate” to do so given its intrusive nature.

"We are concerned that the police are able to download all of the contents of people's phone, when no one seems to be sure whether there is a law or statute that says they can do this. Policing isn't meant to be a free-for-all, where they can make up their own rules as they go along,” argued Privacy International solicitor Millie Graham Wood.

“We are really worried that the police's use of this highly intrusive technology is growing at an alarming rate, without any proper scrutiny, and crucially without people knowing their rights when faced with a police officer who wants to search their phone.”

The move follows the release of the group’s Digital Stop and Search report in March which collected FoI responses from 47 police forces, over half (55%) of which admitted they were using MPE tools, with a further 17% trialling the technology.

It revealed confusion over the legal basis for their use, stemming from a lack of guidance at a national and regional level.

Data is often extracted from devices without the user’s knowledge, stored insecurely and for an indefinite period, and taken not just from suspects but also victims and witnesses, even for investigations of low-level crimes, the report claimed.

“Having issued a complaint to the information commissioner, raising potential breaches of data protection legislation, we have now contacted Sir Adrian Fulford, the investigatory powers commissioner, to ask him to consider whether the way mobile phone extraction technology has been used by the police constitutes intrusive surveillance such that it should fall within his remit,” concluded Graham Wood.

“If the use of mobile phone extraction technologies constitute either interception or hacking, then this raises a fundamental issue as to the legality of the actions by a large number of police forces over a lengthy period of time."

What’s Hot on Infosecurity Magazine?