How the police copy and keep your phone secrets

UK police are hacking suspects phones, even when they’re released without charge.

The police routinely copy and keep the contents of suspects’ mobile phones, according to this week’s Sunday Times.

In under half an hour the police could get from your phone your call history, all your text messages and your whole contacts book and put them into a vast database, the article claimed. And there the information stays, even if you are released without charge after a night in the cells.

The disturbing report claimed that as many as 22 English and Welsh police forces, including the Metropolitan Police and British Transport Police, are using off-the-shelf technology to do this. It claimed that the Metropolitan Police alone have 16 extraction terminals across London with 300 officers trained to use them.

In many ways it is a golden age for detective work. The police can access data from all kinds of sources because smartphones are both incredibly versatile and ubiquitous. Besides the emails and candid snaps from a night out, they can trawl your apps like Facebook or LinkedIn.

The Sunday Times report suggests that British police forces are treating the contents of citizens’ phones like they treated peoples’ DNA. For much of the previous decade British police collected DNA from arrested suspects and kept the samples even after the suspect was acquitted. In this way they collected and stored 1 million samples before the law stopped them.

In 2008 the European Court of Human Rights overturned a House of Lords ruling and decided it is illegal for the police to store innocent citizens’ DNA. The Sunday Times’ argues that ‘there is a direct parallel’ between keeping DNA records and ‘keeping the mobile phone data of those who have never been convicted of any offence.’

Civil liberties group Big Brother Watch agrees. They are adamant it is outside the law, saying so both to the paper and in a letter sent to Christopher Graham the Information Commissioner in May this year. Recently Graham told a committee of MPs and Peers he is investigating the legality of this mass data storage. He said: ‘This may not only circumvent existing safeguards but also put the personal information of third parties who are not suspected of any wrongdoing into the hands of the police.’

While the authorities argue the legality of this new policing technique users can take steps protect their data.

Certain handsets have sufficient encription to keep some content safe says Rick Ferguson from cyber security company Trend Micro. The Metropolitan Police is using a product called Aceso made by British company Radiotactics, he told the Bureau.

‘Depending on the handset, you can configure it to reduce the amount that is withdrawn,’ he said.

But ultimately if your device is seized no matter what you do at least some of your data will be exposed.