Is this the end of Encrochat for Organised Crime Groups?

July 1, 2020

By Olly Jarvis

In recent weeks, defence solicitors’ phones have not stopped ringing – new clients arrested for being involved in drugs conspiracies, the evidence based on Encrochat data.

EncroChat

For years, the telephones of choice for members of organised crime groups, particularly drugs conspirators were burner or pay-as-you go phones. They had their downsides, although unregistered and disposable, these phones could be analysed by prosecuting authorities for telephone traffic data and cell-site analysis.

For a time, the police were unable to access smartphones without having the pin and these devices were believed to be secure but as always, they found a way in.

In recent years, encrypted phones began to appear with intriguing names such as Wileyfox, using foreign sim cards, these phones enabled criminals to text each other (encrochat) in a way that was supposedly entirely secure. If the phone was turned on without using a passcode, the data was said to automatically delete.

Use of this technology by a defendant is an aggravating feature when it comes to sentence – see R v Nelson & Markham [2020] EWCA 718

Earlier this year, Encrochat users received a surprising bulletin on their phones that must have sent a chill down the spine!

It read…

“Today we had our domains seized illegally by government entities. They repurposed our domain to launch an attack to compromise carbon units.

With control of our domain they managed to launch a malware campaign against the carbon to weaken its security.

Due to the level of sophistication of the attack and the malware code, we can no longer guarantee the security of your device. We took immediate action on our network by disabling connectivity to combat the attack.”

Over the last few months a mass of prosecutions seem to have been instigated by the National Crime Agency against various OCGs, nationwide, based largely on text messages between Encro phones.

Was it a coincidence?

The Irish News reported recently that Detectives had found a way to access data in a drug dealer’s encrypted phone.

An NCA spokesperson is reported to have said,

“We are aware of reports related to police actions taken against Encrochat, however, we do not routinely confirm or deny the NCA’s involvement in investigations.”

It’s early days but questions arise as to the admissibility of evidence of Encrochat data.

There may be the more traditional arguments to exclude the evidence under section 78 of PACE 1984 or even abuse of process stemming from the way the evidence was obtained but perhaps the most interesting argument is whether, if this was truly a hack, even if a warrant was obtained, does the evidence infringe section 56 of Investigatory Powers Act (IPA) 2016 (which replaced section 17 RIPA 2000)?

Section 56 prevents the use of ‘intercept’ evidence in a criminal trial, or even questions being asked about it – the rationale being that the secrecy of crime detection techniques should be preserved. This has repeatedly been made clear in the appellate courts.  Note the exception in R v Knaggs [2018] EWCA 1863 where Dutch telephone call intercept evidence that was given to the British authorities and used in evidence – permissible because the calls were recorded outside the UK by a foreign agency.

Here are some highlights from the wordy section 56 …

56 Exclusion of matters from legal proceedings etc.

(1)No evidence may be adduced, question asked, assertion or disclosure made or other thing done in, for the purposes of or in connection with any legal proceedings or Inquiries Act proceedings which (in any manner)—

(a)discloses, in circumstances from which its origin in interception-related conduct may be inferred—

(i)any content of an intercepted communication, or

(ii)any secondary data obtained from a communication, or

(b)tends to suggest that any interception-related conduct has or may have occurred or may be going to occur.

  • “intercepted communication” means any communication intercepted in the course of its transmission by means of a postal service or telecommunication system.

***

If a government agency is able to see Encrochats as they are being sent and received, one has to ask, is this a live intercept?  And then, perhaps more importantly, the service of Encrochat data by the prosecution could arguably be secondary data obtained from a communication (section 56(I)(a)(ii).

This might be a good time to have that discussion…

Described in The Legal 500, 2020 as  ‘A master of the theatre of court’, Olly Jarvis is a criminal defence specialist, novelist of legal thrillers, and founder of  thecrimehub.com. He tweets from @ollyjarviso

Enquiries, contact Nick Buckley, Senior Clerk, Exchange Chambers.