Evidence Obtained by Hacking or Torture – Michael Drury, Caroline Mair and Andrew Watson write for Lawyer Monthly

Evidence Obtained by Hacking or Torture – Michael Drury, Caroline Mair and Andrew Watson write for Lawyer Monthly

BCL partner Michael Drury, senior associate Caroline Mair and legal assistant Andrew Watson’s article ‘Evidence Obtained by Hacking or Torture: Do Two Wrongs Ever Make a Right?’ has been published by Lawyer Monthly.

Here’s an extract from the article:

“In Ras Al Khaimah Investment Authority v Azima [2021] EWCA Civ 349 (‘RAKIA’) the civil division of the Court of Appeal confirmed the long-standing rule that relevance of evidence is key to its admissibility, not whether it was obtained lawfully. As a result, evidence of fraud on the part of Mr Azima, which was said to have been obtained by unlawful ‘hacking’ of his computer, could nonetheless be deployed. The court took the view that refusing to admit the evidence or striking out the claim as an abuse of process would have left Mr Azima with the benefit of his fraudulent conduct.

In weighing up the public policy considerations of needing to be seen to provide justice whilst at the same time ensuring that members of the public abide by the law, the court has continued to favour the former, well established by the time of the seminal judgment in Jones v University of Warwick [2003] EWCA Civ 151. But what bearing does this decision have on the admissibility of illegally obtained evidence in criminal proceedings, especially if sought to be deployed by a defendant? And does this case in any way erode the well-established rule that illegally obtained evidence obtained through torture will not, under any circumstances, be admitted in evidence?

In principle, in criminal proceedings the same rule applies: provided that admitting evidence will not have an adverse effect on the fairness of proceedings, and it is relevant to matters in issue, it will be admissible. Indeed, Kurama v R [1995] AC 197, which is the leading authority from (relatively) modern times, was a criminal prosecution from Kenya where the search leading to the evidence was plainly unlawful. As the court reiterated there, quoting from an 1861 judgment (in another criminal case): “It matters not how you get it; if you steal it even, it would be admissible”.

Nonetheless it is hard to imagine that deliberate breaches of the criminal law by the authorities would not lead to exclusion of such evidence, given the fairness requirement embodied in the Police and Criminal Evidence Act 1984 and its extensive subsequent case law or, in the world of surveillance, by the Investigatory Powers Act 2016 (‘IPA’ – for technical surveillance) and the Police Act 1997 and Part II of the Regulation of Investigatory Powers Act 2000 (for physical surveillance and associated actions), which provide state actors with comprehensive processes and codes to ensure they act compatibly with the criminal law and the Human Rights Act 1998. In short, there can be little excuse for a state actor not acting lawfully.

These issues were well illustrated in the recent Court of Appeal (Criminal Division) judgment in A,B,D,C v R [2021] EWCA Crim 128 concerning the use of evidence thought by suspects to be protected by the ‘EncroChat’ encryption system, which was hailed as one of the greatest evidential breakthroughs against serious and organised crime. The underlying point was the need to assert that not only was the material outside the prohibition on the use of intercepted material but that, if the prohibition did not apply, the actions were taken with lawful authority where the acquiring agency (here the NCA) had a relevant Targeted Equipment Interference Warrant under the IPA. The need for compliance with the IPA was a given throughout the proceedings, on what was effectively a premise that compliance guaranteed admissibility (if this was not interception, which the Court of Appeal concluded it was not). Significantly, subject to other arguments about admissibility and abuse of process – which the Court of Appeal strongly hinted would not carry any weight but seem to the authors to present substantive challenges (as is the case in proving all hacking activity) – such evidence can be relied upon by the prosecution.

Whilst the historical and ethical bases for restraining state power are obvious, there is an argument that the same bases do not readily apply to an individual. Of course, it is not for the accused to present anything by way of evidence in their defence; instead that task lies squarely with the prosecuting authority. But to what extent, for example, is a defendant, wishing to use illegally obtained evidence in support of their defence, at liberty to use that material?

Self-apparently a defendant exposes themselves to the risk of further investigation and prosecution should they engage in criminal activity such as hacking (or theft) even if the purpose was to secure evidence to support innocence. But to that extent the individual is in no different position to the civil litigant in terms of the consequences of their actions, although with the obvious practical difference that law enforcement bodies will already be party to the case and the defendant’s actions (or the actions of those associated with them) will be much more readily apparent to those who might be minded to initiate a criminal inquiry. It seems clear that the fundamental test of ‘relevance not lawfulness‘ should not change simply because of the identity and position of the party seeking to adduce the evidence.”

This article was published by on 30/06/21. You can read the full version on their website.

Related articles

Michael Drury’s expertise in data collection and surveillance matters by state entities is unparalleled in the United Kingdom. As a former director of legal affairs at GCHQ, the largest of the UK’s security and intelligence agencies, for 14 years; founder member of the Serious Fraud Office; and for the last 10 years a partner in BCL providing advice on national security and criminal investigations to both corporate and individual clients, his breadth of experience both in terms of developing legislation (particularly the Regulatory Investigatory Powers Act as the forerunner to the current Investigatory Powers Act 2016) and practical casework gives him unique insights into how the law has developed and the practical consequences that follow. He has already provided advice on the US-UK Bilateral Data Sharing Agreement due to commence this autumn and brings his breadth of knowledge to bear on what is a new departure in a field that is inherently controversial.

Caroline Mair is a BCL barrister specialising in financial crime investigations and anti-money laundering regulatory matters. She has a breadth of experience; notably since joining BCL in 2010 she has advised an individual implicated in a lengthy cross-border investigation concerning the alleged manipulation of LIBOR and has also assisted in defending two individuals charged with conspiracy to cheat HMRC in relation to a multi-million pound film investment scheme fraud – the first prosecution of its kind to be brought. Caroline has developed her regulatory practice in advising regulated persons in relation to their anti-money laundering obligations under the complex 2017 Money Laundering Regulations.

Andrew Watson is a legal assistant and has been involved in a number of matters concerning HMRC, Trading Standards and the SFO and has a particular interest in relation to cash seizure and forfeiture under the relevant provisions of POCA 2002 and the Criminal Finances Act 2017. Recent data protection work has included advising on the obligations placed on a data controller by the DPA 2018/GDPR when considering whether to comply with a non-mandatory ‘Request for Information’.

Related articles