SOCA Publishes Letter to Select Committee on So-Called ‘Blue-Chip Hacking Scandal’

SOCA has now published its written response to Vaz, sent on 16 August 2013. In essence, SOCA director general Trevor Pearce explains that its information had been withheld so as not to interfere with police investigations, firstly operation Millipede, and subsequently the overlapping but separate operation Tuleta.

“Operation Millipede,” explains Pearce, “was focussed on investigating the fraudulent acquisition of personal data by private investigators.” Tuleta’s “terms of reference include to investigate criminal acts that intrude on individual privacy for journalistic purposes.”

Nevertheless, said Pearce, SOCA had kept in touch with regulators, including the ICO. It had promised to release all of its relevant investigations to the ICO at the conclusion of operation Millipede. Millipede came to an effective end in February 2012 with four convictions under the Fraud Act. At that time, the ICO issued its own statement, “The ICO advised SOCA on the data protection issues connected to the case and will now be provided with additional material from the SOCA for further investigation.”

But that information has still not been released to the ICO, four years after SOCA drew up its lists, and 18 months after it was promised, because of operation Tuleta. The information concerned is a list of 102 clients of four private investigators jailed for fraud in February 2012. One of the convicted parties, Daniel Summers, was said by SOCA to have "targeted banks, financial institutions, mortgage providers, government agencies and law enforcement databases.” What wasn’t known outside of SOCA, and perhaps the Home Affairs Select Committee, was the names of the clients that had paid for these services.

Critics of SOCA’s behavior have contrasted the events of the press phone hacking scandal  – which led to the Leveson Inquiry – with this, which has been labeled the ‘blue chip hacking scandal.’ The suggestion, which SOCA denies, is that the 102 unnamed clients includes the names of major UK corporations that are being protected. Nevertheless, the Telegraph this morning points out, “While SOCA has so far refused to reveal the names of the companies and individuals involve[d], Mr Vaz recently revealed that law firms, insurance companies and financial businesses were among the worst culprits.”

Responding to the SOCA letter, Vaz said, “It is clear that behind every client’s request of a private investigator lies a victim of potential illegality. This information has been in the possession of SOCA since 2009. It is therefore imperative that those who have committed wrong doing are brought to justice and I will be requesting a timetable of the action SOCA and the MPS intend to take. The scale of the problem is now frighteningly apparent. It seems that for every private investigator in the country, there could be 25 potential victims.”

It is unlikely that the media will relax speculation on the continuing ‘blue chip hacking scandal’ until it can be seen that those major corporations that employed a convicted private investigator are given the same treatment by SOCA and the courts as the media itself received over the phone hacking scandal.

What’s Hot on Infosecurity Magazine?