West Midlands Police have refused to confirm whether the force’s use of phone hacking technology has solved any crimes — because the question is “too in depth”.
The statement was given in response to a media query from Birmingham Eastside after an investigation by The Bristol Cable revealed that 28 UK police forces have bought mobile data extraction software from hacking technology supplier Cellebrite.
West Midlands Police was listed among those forces, spending £24,216 in January 2014 on the “most popular hacking tool” UFED (Universal Forensic Extraction Device).
Birmingham Eastside asked the West Midlands Police press office:
In response the press office said that the question would have to be handled by the Freedom of Information Department, meaning an answer could take up to four weeks.
Birmingham Eastside asked if the press office was able at least to give a simple “yes” or “no” answer to two questions about whether the software was used by police, and whether it had contributed to the solving of any crimes.
The press office again insisted that “the information you require is too in depth to be answered on our media desk.”
Cellebrite is an Israel-based technology company which claims to be the main supplier of powerful hacking devices used by UK police forces to extract phone data from suspects.
It is reported that mobile phone examination is often used by local officers in the investigation of low-level crimes such as assault, burglary and traffic offences, raising concerns over breaches of privacy rights.
A North Yorkshire Police audit report on the technology, mentioned in the investigation by the Bristol Cable, said that in half of mobile phone searches, the force had conducted the search without an authorisation warrant.
Myles Jackman, Legal Director for the Open Rights Group said:
“Mobile phone examination should not be routine and should always be authorised by a warrant. Police should only be able to examine someone’s phone if they believe it will provide evidence in relation to the crime of which they are suspected.”
The lack of clarity of how this technology is being used raises some serious privacy-related concerns. The Open Rights Group adds:
“Only data relevant to an enquiry should be kept by the police and this should be kept securely in accordance with the Data Protection Act. Any other personal data should be deleted as soon as it is clear it’s not relevant.
“Failure to do this could mean that police forces are in breach of ACPO’s own guidelines.”