(C) Alec Muffett's DropSafe blog.
Author Name: Alec Muffett
This story was originally published on allecmuffett.com. [1]
License: CC-BY-SA 3.0.[2]


WhatsApp and Signal messages at risk of surveillance following EncroChat ruling, court hears

2024-07

Police could lawfully use bulk surveillance techniques to access messages from encrypted communications platforms such as WhatsApp and Signal following a ruling by the UK’s Investigatory Powers Tribunal (IPT), a court has heard.

Lawyers claimed that a decision by the IPT following an international police operation to harvest bulk encrypted messages from the EncroChat phone network has opened the door to mass surveillance of other encrypted messaging systems.

They told the Court of Appeal’s Civil Division last week that the tribunal’s 2023 ruling on EncroChat “drives a coach and horses” through the statutory provisions of the Investigatory Powers Act governing bulk surveillance.

“It would mean that any messaging platform, such as WhatsApp or Signal, could be the subject of a wholesale thematic equipment interference warrant,” the court was told.

Millions of messages harvested Lawyers are seeking leave to appeal a ruling by the Investigatory Powers Tribunal in May 2023 that found the National Crime Agency (NCA) had lawfully obtained warrants to authorise French police to intercept messages from EncroChat phone users in the UK. A French and Dutch Joint Investigation Team (JIT) harvested more than 115 million supposedly encrypted messages from an estimated 60,000 users of EncroChat phones after infecting the handsets with a software “implant”. As part of the UK’s response to EncroChat, Operation Venetic, police have made more than 3,100 arrests, convicted 1,500 offenders, recovered over nine tonnes of Class A drugs, and seized 3,500 rounds of ammunition and £84m in cash. During the hearing, defence lawyers representing 11 defendants told judges that the National Crime Agency had unlawfully used a targeted equipment interference (TEI) warrant to authorise French police to hack EncroChat phones belonging to people resident in the UK. The court heard that the Investigatory Powers Act 2016 allows law enforcement to obtain a TEI warrant for a single investigation or operation, such as the covert monitoring of the activities of an identified organised crime group. However, the lawyers argued that a TEI warrant could not be used to monitor all users of a particular messaging service. It was not enough, they said, that the targets for surveillance were using a common technology “incidental to their suspected criminality”. The primary purpose of Operation Venetic was to receive, triage and disseminate intercepted material gathered by the French from EncroChat phones and deliver it to police forces to conduct multiple investigations. It was also clear from the NCA’s warrant application that Operation Venetic was not set up for a single operation or investigation, but to facilitate current UK law enforcement activity and future criminal investigations. Defence lawyers quoted Lord David Anderson KC’s initial legal advice to the Crown Prosecution Service – which he later changed following representations from the NCA – that a TEI warrant would not be appropriate for EncroChat. Anderson initially concluded that the NCA could not lawfully apply for a thematic TEI warrant to break into an encrypted platform on the grounds that it was used by a “vast and miscellaneous group of unrelated criminals”. Anderson also warned that the NCA would be deploying “a drift net” rather than a “harpoon” that would set aside the statutory protections in “favour of a wholly general attempt to uncover serious criminality of all kinds”. The French security agency, DGSI, provided technology to spy on users of EncroChat

Distinction between bulk and thematic warrants blurred The court heard that the IPT had unlawfully blurred the distinction between bulk warrants, which allow the bulk interception of communications, and thematic warrants, which permit a much narrower range of interception, in breach of privacy rights under the European Convention of Human Rights. Lawyers said it was not a coincidence that the NCA had “re-badged” Project Venetic as Operation Venetic shortly before it applied for the TEI warrant. If the NCA was able to use a TEI warrant for bulk interception merely because it had decided to call an investigation an “operation” rather than a “project”, that would mean there was no longer a statutory distinction between bulk surveillance and thematic equipment interference, the court heard. “It will have drastic effects on law enforcement because it will send a clear message that, from now on, bulk [surveillance requirements] of the Investigatory Powers Act can be ignored,” lawyers said.

Threat assessment The court heard that the Investigatory Powers Tribunal had relied on the NCA’s confidential 2019 Strategic Threat Assessment that EncroChat phones were exclusively used by criminals. Defence lawyers argued that the Court of Appeal should assess whether the NCA had written the assessment to support its application for a TEI warrant. The court heard that the NCA knew from 2018 onwards that French officials were investigating EncroChat servers at the OVH datacentre in Roubaix, France. The NCA’s principal technical officer travelled to France to assist in reverse engineering the EncroChat servers in 2019 and provided the French with test handsets. A February 2019 official minute from Europol indicated that the intention was to decrypt and obtain EncroChat communications from a server, the court heard. In addition, NCA technical officers had developed their own EncroChat implants before the French hacking operation. “There were at least a year’s worth of clear indications to the NCA before the confidential assessment was published as to what the French, and for that matter the Dutch ... were planning,” the court heard.
[END]

[1] URL: https://www.computerweekly.com/news/366596534/WhatsApp-and-Signal-messages-at-risk-of-surveillance-following-EncroChat-ruling-court-hears
[2] URL: https://creativecommons.org/licenses/by-sa/3.0/

DropSafe Blog via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/alecmuffett/

You are viewing proxied material from magical.fish. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.