Policing the police – the ICO’s analysis of police use of mobile phone extraction

Policing the police – the ICO’s analysis of police use of mobile phone extraction

BCL partner Julian Hayes and associate Greta Barkle in an article for LexisNexis PSL, analyse the findings of the Information Commissioner’s Office (ICO) on the use of phone extraction by police forces.

Here’s a short extract from the article, which can be read in full here or in the LexisNexis PSL products*:

‘Why did the Information Commissioner’s Office (‘ICO’) conduct this investigation report into the use of mobile phone extraction (‘MPE’) by the police?

 The immediate genesis of the ICO’s investigation into MPE was an April 2018 complaint lodged by Privacy International (‘PI’) regarding what was perceived as an inconsistent and unlawful approach by UK police to extracting electronic data from mobile phones in criminal investigations. The complaint followed PI’s March 2018 report which called for a review of practices in this area, the introduction of safeguards to ensure intrusive powers were only used where the necessity and proportionality threshold criteria were met, and the publication of guidance aimed at informing the public of their rights.

The ICO investigation did however, take place in a much wider context. In 2017, the Attorney General announced a review of disclosure in the criminal justice system, in part because of the problems caused by the volume of digital material generated by police investigations. Shortly afterwards, the trial of a student accused of rape collapsed in high-profile circumstances after the late disclosure of messages from the complainant seriously undermining the prosecution case. Fierce public debate ensued over privacy and investigators’ obligation to pursue all reasonable lines of enquiry. Media headlines alleged the police were effectively undertaking “digital strip searches” of complainants’ mobile devices, raising concerns about the potential revelation of unrelated offences and the deterrent effect that may have on reporting offences. In May 2019, the CPS were forced to deny that complainants in rape cases must hand over personal data on digital devices or run the risk of the prosecution being discontinued. In July the same year, The London Independent Victims Commissioner said it was unacceptable to require rape victims to consent to divulge huge volumes of their personal data in order to access justice.’

*This article was originally first published by LexisNexis on 08/07/2020.

If you’d like to discuss any of the issues raised in this article with one of the authors then please do get in touch.

Julian Hayes is a Partner specialising in all aspects of corporate crime and regulatory work. As well as dealing with high profile fraud and corruption matters, including investigations with an international dimension, he has considerable experience of advising corporates on data protection and cybercrime issues.

Greta Barkle is a New Zealand qualified lawyer specialising in business crime, regulatory investigations, extradition and cybercrime. Prior to joining BCL Solicitors LLP, Greta worked on a range of complex disputes, including claims against the New Zealand Police and Government Communications Security Bureau in relation to dawn raids and unlawful surveillance of communications. Greta also assisted counsel in New Zealand’s leading white collar crime and extradition case and is an experienced criminal and regulatory prosecutor.