Avon and Somerset is one of at least 28 UK police forces forensically examining mobile phones. We reveal the powerful technology being targeted at low-level crime, and the serious security breaches it’s enabled in the hands of local officers.
Words: Alon Aviram
Illustration: Liane Aviram
Over the past decade, Cellebrite – an Israeli technology company – has become the go-to supplier for British police forces wanting to crack phones.
The firm is contracted by the FBI and security services worldwide. It has quickly come to dominate the domestic policing market for mobile phone forensics. “Mobile phone examination has become absolutely routine,” says Peter Sommer, a professor at Birmingham City University and digital forensics expert witness, who has observed its use in the investigation of high-level crime.
Police documents seen by the Cable back up Sommer’s assessment. They reveal that over the past few years, mobile phone examination has been rolled out to local officers for investigating lower-level crime on a mass scale. The types of crimes that can warrant a mobile phone search include the likes of assault, burglary and traffic offences.
Leafing through procurement records, we found that Avon and Somerset Constabulary (A&S), along with at least 27 other police forces and the Home Office, has contracted with Cellebrite. Since 2014, A&S has paid it at least £47,760 for a number of contracts.
The records also show our local force bought the company’s most popular standalone hacking tool – the Universal Forensic Extraction Device (UFED). Cellebrite’s technology can quickly crack through mobile phone passcodes, sweeping up text messages, emails, contacts, photos, videos, and GPS data in minutes, simply by connecting handsets to a laptop-sized device.
A&S has been typically reluctant to comment on its involvement in this fast-growing area of policing. Freedom of Information requests sent by the Cable asking for information on mobile phone examination were rejected on grounds that it would be too costly to retrieve the data, because it is not centrally recorded. The force also turned down our request for an interview, saying: “We do not discuss, for operational reasons, ways in which we undertake investigations.”
So in a bid to better understand the police force’s actions, we pieced together the available expenditure data, reports and police records nationally. The jigsaw we’ve assembled – admittedly, an incomplete one – appears to show a troubling picture.
In a North Yorkshire Police audit report we examined, the force found that 50% of a sample of mobile phones searched by district examiners – or local officers – lacked an authorisation warrant. This means auditors were unable to find proof that police had received permission to examine 50% of searched phones. The report concludes that, while the current setup allows for rapid examination of mobile phones, there is insufficient scrutiny of local police examiners.
The internal investigation also found that 26% of examinations undertaken from 2012 to 2015 were “serious crime types, for example sexual offences and murder cases”. The report stresses that district examiners should only investigate low-level crime. There were also cases where evidence was left unencrypted, increasing the risk of sensitive data being lost or misappropriated.
“Given the wealth of personal data they hold, it is extremely alarming that such a high rate of phone examinations lack evidence of authorisation,” Silkie Carlo, a policy officer at the human rights campaigning organisation Liberty, tells the Cable. “It is wholly unacceptable that data extracted is left unencrypted, misplaced or even misappropriated.” The audit report, Carlo adds, demonstrates that without standard safeguards, giving police such capabilities threatens both “our rights and our security”.
Millie Graham Wood, a legal officer at Privacy International, a charity that (as its name suggests) defends people’s right to privacy, calls our findings “concerning”. They reveal “a worrying attitude towards examination of mobile phones, with investigations into serious crimes including sexual offences and murder cases undermined”, she says.
The documents show, Graham Wood adds, “that as increasing public funds are spent on fast-track systems to extract data from phones in non-serious crimes, the extraction is carried out by junior officers, who receive insufficient training and fail to provide a clear audit trail”.
Rolling out the technology
The picture in North Yorkshire does little to inspire confidence regarding our tight-lipped local force’s acquisition of Cellebrite technology. In 2015 the Inspectorate of Constabulary (HMIC) found that “demand for digital downloading” at A&S was increasing, and that an unacceptable backlog had developed. According to the same report, A&S eased the bottleneck of digital devices waiting to be examined by creating easy-to-use “downloading kiosks… to speed up the process”, with an increasing number of officers being trained to use them.
Like North Yorkshire police, A&S rolled out mobile phone examination to local officers in a bid to speed up examinations – a move likely to present oversight challenges. The questions raised in the North Yorkshire report around authorisations, data security and proportionality need to be addressed by A&S – and all other forces. Graham Wood adds that it is unclear “what process is in place to inform suspects that their mobile phones have been examined, what happens to data extracted and deletion practices”.
But procurement records make clear that the training of greater numbers of officers and the provision of mobile phone examination kiosks are being rolled out across forces nationwide. In a bid to handle the ever-growing volumes of digital information, police forces are streamlining how they go about examining mobile phones and devices.
West Yorkshire Police, for instance, has trained more than 150 officers in how to examine mobile phones for “low level” crime. According to police guidance, crimes that can attract such searches range from traffic offences, to intent to supply, to assault.
Durham Police, meanwhile, reports that 90% of mobile phone searches are now conducted by local officers. And City of London Police says that examination is undertaken by “frontline officers… generally in the first custody detention period”. Cellebrite’s UFED device can be used to extract data in the field, with no need to return to a lab or police station, ensuring that, the firm says, “a suspect’s phone can be examined before [they have] a chance to destroy or erase data”.
Unlocking our lives
None of this proliferation is in itself surprising. With the explosion of mobile phones, portable digital devices, and cloud-based storage, police and security services have been expanding their technological arsenal in order to glean as much information as possible for investigative purposes. Mobile phone examination is, understandably, instrumental in investigating crime.
Beyond mobile phone examination, Cellebrite and its competitors also sell cloud-based hacking gear, granting police increasingly easy access to every part of our digital and online lives. Without a pushback, as the cost of surveillance and examination devices plummet, police forces are beginning to deploy them with far greater frequency for more mundane objectives. In the eyes of the state, seizing and examining equipment in relation to a criminal offence is legal, even for low-level offences, if a device may hold evidence and authorisation is granted.
But as mobile phone forensic capabilities are rolled out in the Bristol area and beyond, there are serious legal and ethical questions around proportionality, the extent of searches, and the lack of an audit trail – as the North Yorkshire police report makes clear. The passing of the government’s ‘Snooper’s Charter’ is still fresh in the mind. Silence on the part of police, such as A&S’s refusal to engage with this article, does little to garner public confidence amid growing state surveillance – and will rightly make critics more vocal.
“Privacy International calls for greater transparency, and for rigorous systems to be put in place to ensure technology is not abused or misused by the police,” says Graham Wood. She adds that urgent independent oversight is needed “into the necessity and proportionality of downloading kiosks in police stations”. Given that most people now carry a full computer’s worth of information on their person, these seem like sensible demands.