The mobile device data extraction system that has just been rolled out by the Metropolitan Police is designed to provide an easier way to slurp evidence from the mobile phones of suspects brought into custody. But some argue that the move is likely to change how crimes are investigated while it raises several data retention and …
you'd need a warrant to get my computer
so why not my phone. ipad? laptop?
Re: you'd need a warrant to get my computer
Time for encryption of every device I own, not because I have something to hide but because my business is my own. Why should the police have access to confidential emails, family pictures, confidential telephone numbers. If I have had to sign a document stating I will not divulge this information why should they have access it it on a whim of fancy.
Totally open to abuse of office with no safe guards, and pray tell why they would want to store pictures of my children for ever?
This poorly thought out legislation will be a gold mine for lawyers. Is that the intention? Jobs for the politicians friends and family. I think it is though I may be cynical
Give them the phone and remotely wipe it. When finished reload from iCloud or will they want to retrieve all you data from their when they demand your password and login?
As thick as a senior copper
How many times have these coppers positioned themselves to be enemies of the people, with trawls of DNA, fingerprints and the like, and a fetish for data retention, only to be dragged kicking and screaming through courts - at our expense - and brought into some kind of line? What will it take for them to understand they;re there to protect us, not make us all into suspects.
I suppose I'd be regarded as having something to hide, as my mobile intentionally has no data port and no camera.
How long will it take before everyone has a cryptfs filesystem on their Android phone? Or a deniable TrueCrypt partition on their WinPho perhaps?
crypto on Android
Doesn't ICS support filesystem encryption?
It's who you know
So the best thing a crim can do is to make sure his/her speed-dial list contains the numbers of the Top Cop, a few Members of P, some high profile journalists (ex-NotW, 'natch) and some extra-litigious lawyers. Just call them all up from time to time to establish credibility and then go about your business. Maybe for extra points, some photoshopped happy-snaps of said crim and high-profile copper's head in compromising positions.
If you do get your phone's collar felt (or downloaded) it's a good bet that once those "VIP" numbers and piccies start to appear, the data they took will get conveniently lost.
Implicate the whole country
Just get "The Phone Disc" from BT, which has 15 million number entries on it, and download the lot onto your phone! And it shouldn't be too difficult to rig the log files.
US Customs: No cell phone? That's evidence you are inbolved in crime!
I recently flew in to the USA, for which I have a passport, and the ever friendly ICE agent asks what I have on me. I said shaving kit and a set of clothes.
He asked about 'personal electronics'. I replied I have an MP3 player and a set of Sony noise cancelling headphones.
He starts tapping away on his computer - I already knew what my previous ICE interviews said through an access demand - and he said "Are toy aware you will be a "subject on interest" if you don;t have a cell phone? I said I stopped carrying data across borders when they started stealing laptops and phones.
I said last time his friend said I would be a subject of interest because I had no SIM. His friend also said I had to keep my cell charged so they could check it.
Looks line you're a "subject of interest" either way. Next time I'll carry my Mitsubishi - it only makes calks. Or my pager.
Re: US Customs: No cell phone? That's evidence you are inbolved in crime!
It's this sort interference with one's person that made the French revolt in 1789.
Are these fucking little bureaucrats trying to create anarchy to ensure they'll continue to be employed?
Himmler, where are you? -- Seems US Customs urgently needs your services!
Re: US Customs: Google phones
Wipe the phone before you fly and then log in and reload everything after you've cleared immigration. Just saying...
They didn't stop in 1789. The French are still revolting!
Just who pays these peoples wages again?
Officialdom is just dumb, dumb, dumb. It never ceases to amaze me just how stupid officials really are.
The next thing that will happen is that device encryption will become the norm so that all they end up slurping is a load of useless numbers. They'll have to send the information off to cracking experts and the net result is that the very information they need will be put even further out of their reach, rendering these slurping devices just that ... dumb data slurpers.
The only tool they'll have is the one that awards extra time in nick for failing to hand over any encryption passwords.
Superb. So you get nicked for being suspected of something, then in custody, knowing that they'll slurp your phone and keep your data forever, you refuse to hand over the unlock password and, even though innocent of the original charge, you'll get some time in nick for wanting what is yours by right ... a bit of self respect from the very people whos wages are paid for out of your taxes.
And to hear that Vince Cable and Miliband have been talking to each other just confirms what I had suspected all along; it doesn't matter who we vote in to power, they all want us under their feet.
Remember, remember, the fifth of November... I can see it coming. If it keeps up like this, then someone will probably try it again.
Re: Just who pays these peoples wages again?
"The next thing that will happen is that device encryption will become the norm so that all they end up slurping is a load of useless numbers. They'll have to send the information off to cracking experts and the net result is that the very information they need will be put even further out of their reach, rendering these slurping devices just that ... dumb data slurper"
Guess again. RIPA means that you can end up going to jail without trial or the ability to even tell anyone, if you refuse to hand over your encryption keys.
(By "dumb", I assume you mean "stupid" rather than "mute".. and no, not stupid, just ruthlessly amoral.)
as things stand, cops would need a court order, before they can start the RIPA process. Since the Home Office is very nervy about RIPA, it's likely that unless plod have a lot of corroborating evidence, they will be told to lay off any RIPA requests.
So the average joe, who happens to have an encrypted phone (how long till we see the apps) will be fairly OK.
Android haz itz: LUKs Manager
LUKS Manager provides on-the-fly encryption (AES by default) to virtual folders on Android devices.
Re: Phone encryption
Android already has SIM and storage encryption built in, at least it is on my stock Motorola XT862. Check under your Android devices Settings > Security or Settings >Location and Security menu.
Suspect by association
What about this scenario?
You get stopped for whatever reason, they slurp your data and let you go. An acquaintance you may have txt once or twice and they are in your contacts gets arrested for a violent crime 8 years later and suddenly you are being investigated as a 'known associate'
Totally out of order, they need a warrant for everything else they should have to have a warrant to do this. Its called due process and that's the thin line stopping us becoming a police state in which the police are the law rather than just upholding the law.
Re: Suspect by association
Yep, that one bothers me, too. My old phone had texts from someone who skipped the country with financial outfits unhappy, and someone else who spent some time in jail after being arrested at a festival with an axe and lots of wraps and bags all parcelled out to be sold.
(The irony is that the axe was being used blunt-side first to knock in tent pegs and nothing else, he was too lazy to get a new mallet, and that got him more time inside than the coke, E, etc.)
However, I am depressingly law-abiding, and wouldn't really enjoy this..
Re: Suspect by association
"they need a warrant for everything else they should have to have a warrant to do this"
Simple: They'll rely on you not knowing your rights and bully you into giving consent.
A case in point: A good friend of mine was waiting to be picked up for work at 7am a few weeks back when a cop car circles him and pulls up. The two bobbies started asking who he was. He asked them if he was obliged to tell them and they lied and said "yes". At that point he refused to co-operate and they assaulted him, grabbing him and putting him in cuffs "so they could search him". They wouldn't say what he was accused of doing, just that he fitted the description of someone who committed a crime in the area. It was only when his boss turned up and confirmed that he'd been at the opposite end of the county when the crime occurred that he was released.
The crime was the theft of a mobile phone three days previous. To say he was the only person in the area who matches the description is frankly bullshit; they grabbed him days after the event so there's no reason to suggest he would be the culprit. No apologies from the police so far, although they say they're looking into it. Yeah. I believe them.
Put simply, if they haven't witnessed you commit a crime then they can't touch you without your permission, but that permission can be given purely by lack of action on your part. My friend knew he did not have to answer their questions, but he didn't know how to defend himself. He now carries a mini video camera everywhere in case it happens again. He's had trouble sleeping ever since, and I've seen him jump out of his skin every time he hears a siren. And the police wonder why nobody likes them anymore.
Mine's the one with the mobile full of AntiTerrorist videos.
Just wondering ......
If I have encrypted pictures of me taking a dump, stored on my phone, or other device; and I'm forced to hand over the key by law; can the officers concerned claim that I have caused them offence and alarm? Or, is it their own stupid fault for demanding to see personal pictures stored on a private device?
(Mine's the one with the fresh turd in the pocket; do not search me.)
probably yes ...
ISTR when nuLab changed the law on flashing, they removed the element of intent on the perpetrators[*] part. It was pointed out at the time that this meant a woman who shimmied 10ft up a ladder and happened to see a naked man could prosecute.
* invariably male
Re: Just wondering ......
Haven't you heard of remote wipe?
(mines the one with loo paper on a big stick in the pocket)
Another reason not to carry a mobile
I stopped carrying a mobile four years ago when the full extent of illegal surveillance by UK telcos, and the reluctance of the police to enforce any aspect of RIPA, became apparent to me.
At the time I was thrust into a position that made it risky for me to carry a mobile phone. I couldn't chance my location or communications data being betrayed with impunity to criminals and corrupt police officers.
I looked at the fate of people like John & Joan Stirland - betrayed by BT and the police to murderers - and decided I would rather disconnect than die for the sake of someone else's convenience.
We need a BOFH phone: connect up to it, fail to give the correct code (or it just detects you are connecting up to it - this is The Bastard we are talking about) and the phone charges up a 10kV 10uF cap and dumps it onto the external connections - then throws a crowbar across the phone's battery.
Bonus points for having a battery that lacks any of that namby-pamby safety stuff in it.
Re: BOFH phone
> the phone charges up a 10kV 10uF cap and dumps it onto the external connections
They did that in "Tomorrow Never Dies".
Need a phone to enter the US?
Then maybe I should just take along my old traditional BT bakelite rotary dial phone. Lets see em slurp the data off that.
1. I expect that "everything on <anybody's> smartphone" will fall within the definition of Personal Data.
2. The Data Protection Act forbids the retention of personal data when it no longer fulfills the purpose of its collection.
3. The same Act forbids use of personal data collected for one purpose being used for another, without consent of the Data Subject.
3. It won't be hard to argue that, the Data Subject having been cleared in court, the purpose has gone, and requests for deletion will ensue. I should most certainly be taking that line if this ever happened to me.
I don't disagree with anything you're saying, but you seem to miss the point that this is the police, who seem to be, corporately, absolutely OCD about retaining data and institutionally blind when it comes to the rights of others.
Exhibit A being the illegal retention of DNA data, even when instructed by several courts to stop it.
Exhibit B being reports of protesters being assaulted by officers; even when independent video evidence was available showing clearly excessive force, a dozen officers were "looking in another direction" rather than at their colleague picking up a protester by the hair. The judge was apparently rather incredulous at this point.
I thought I would take a look at my favourite bunch of corrupt coppers in Kent and came across this gem:
With this classic item:
The apparent legal conflict was removed following the case of R (GC and C) v
Commissioner of Police of the Metropolis  1 WLR 1230,  UKSC 21 which
overturned the previous House of Lords ruling and aligned domestic law with European law by declaring the ACPO Guidelines to be unlawful.
So they now its illegal, the courts have clarified it is illegal but the Police still follow the guidelines of ACPO Ltd who have no power to make these kind of decisions.
So yes, the Police can and do ignore the law and will continue to do so.
Locked phones ?
Don't most phones need to be unlocked to access data on them ? It's ages since I needed to synch a phone to a PC, but I would hope it wouldn't allow a locked phone to be accessed via cable for obvious reasons.
So given that, and given that my phone is always locked when not in my hand, the police would need to ask me to unlock it ... which I would decline to do, in the absence of a court order compelling me.
Remote wipe? I think not, baby puppy...
IF (and it's a big if) things are done "properly", any seized phone should wind up in one of those nice faraday cage envelopes (http://faraday-bags.com/) which stop the phone sending/receiving any thing, so any attempt at a remote wipe is rendered useless - unless the thing self destructs due to lack of signal/call home sequence...
Not to mention...
...that any detected attempt of that would of course be taken to be "attempted destruction of evidence"/"perverting the course of justice" and, of course, why do that if you have nothing to hide....
Room to maneuvre, nah...
If your phone is stolen
and subsequently recovered by police, could they also use this to inspect it to check it's yours and for evidence regarding the stealing- even if you are not suspected of any crime yourself?
I use an app...
that backs up my SMS and call log into a GMail folder. Free from the Play Store, so not exactly your hardcore criminal stuff. If I create some of my own correctly formatted messages in that folder and restore them using this backup app, I think I can falsify the logs. Nice evidence you've got there.
"Don't most phones need to be unlocked to access data on them ?"
Houston, that's a big, fat no.
- Hi-torque tank engines: EXTREME car hacking with The Register
- Review What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
- Product round-up Trousers down for six of the best affordable Androids
- Antique Code Show World of Warcraft then and now: From Orcs and Humans to Warlords of Draenor
- Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...