The UK Is Using Bulk Interception to Catch Criminals—And Not Telling Them
"Suspects are being left in the dark."
UK authorities are collecting and analysing data in bulk to identify suspected child exploitation offenders on the dark web, but are not informing defendants of how they were caught.
The practice starkly highlights the UK government's stance on not including intercept as evidence in court. This, according to Eric King, a surveillance expert and director of activist group Don't Spy On Us, leaves suspects "totally in the dark."
"The right to a fair trial relies on the fact that material being used against the defendant is shown to them, so they can answer to it and explain it," King said.
In a government document from the end of February, the Home Office briefly mentions that intercepting data en masse is an effective tactic for disrupting criminal suspects on the dark web.
"By analysing data obtained through bulk interception, investigators are able to link the anonymous identities of criminal users to their real world identities," the document reads. The security and intelligence agencies use these techniques and then assist law enforcement.
"Bulk data has supported the disruption of over 50 child sexual exploitation offenders in the UK in the last 30 months alone," the document states.
But, as is the case with all data obtained via intercept in the UK, this information is not admissible in court, meaning that defendants are unlikely to find out how they were identified or get a chance to challenge it.
Paul Bernal, a lecturer in law at the University of East Anglia (UEA) with a focus on surveillance legislation, told Motherboard in an email that using bulk intercept and not presenting it as evidence was "distinctly harmful for defendants."
"It is a general principle of justice that defendants should know how the case against them is built, who their accuser is and so forth" he said. "That's being evaded here."
The Home Office confirmed that bulk intercept data is not admissible in court, and declined to provide details of any of the 50 mentioned cases because they relied on sensitive intelligence.
A National Crime Agency spokesperson said that the agency's Joint Operations Cell with GCHQ "is providing the capability to analyse bulk data, enabling us to better identify and target serious child sex offenders. It is also enabling us to tackle hard-to-reach offenders who use sophisticated technical methods to avoid detection."
Researchers have speculated, based on published Snowden documents, that GCHQ may have the capability to deanonymise Tor users by examining the timing of connections going in and out of the Tor network. (It's important to note that Tor was never designed to counter this sort of attack).
GCHQ told Motherboard in an email that, "Unfortunately we cannot comment on operational work, or on any cases that may be the subject of legal proceedings."
The blocking of intercept as evidence has long irked activists, who argue that it should be admissible in court cases. King said Don't Spy on Us is campaigning for a lift on this ban, and is hoping to have the Investigatory Powers Bill amended (a proposed and controversial piece of legislation that aims to bring all of the country's surveillance powers under one banner). The government's stance on intercept evidence is particularly peculiar, King said, considering that data acquired from equipment interference—or hacking—will be allowed in court under the Bill.
"For me it's a no-brainer: intercept should be used in evidence. It insures that prosecutions have all the tools available to them, and insures that defendants get to see all the material that make up the case against them," King said.