The Information Commissioner's Office (ICO), the UK data watchdog, has demanded mobile phone hacking devices not be issued to police officers until their legality has been conclusively established.
The provisions, often referred to as ‘cyberkiosks', are the size of an iPad, and can harvest vast amounts of sensitive data from mobile phones in their vicinity, overriding passwords and encryption without the owner's knowledge. They are produced by Israeli firm Cellebrite — in all, forces spent US$492,000 (£371,000) on 41 devices.conducted two trials of the technology in the cities of Edinburgh and Stirling in 2016 and 2017 respectively, without warning the public, confirming whether the devices complied with data protection laws, or carrying out Equality and Human Rights Impact Assessments or Privacy Impact Assessments.
During the several month-long trials, police accessed a total of 375 mobile devices and 262 SIM cards without obtaining warrants, while investigating "low-level crime" — phones seized during official stop and searches, or arrests, were probed using the cyberkiosks, with all constituent data indiscriminately downloaded. It's unknown how many convictions resulted from their usage, or whether the data was retained by authorities.
Sub-Committee on Policing will be taking evidence tomorrow from @policescotland on the rollout of cyberkiosks. @OpenRightsGroup are calling for a proper legal basis to be established for the whole digital forensics framework in #Scotland. https://t.co/wcSE7bDn3N pic.twitter.com/eAHaEyuCCf— ORG Scotland (@ORGScotland) November 14, 2018
Civil liberties campaigners in the UK have long-railed against ever-increasing storage of data by police, not least because every year officers across the country are disciplined for misuse of the Police National Computer (PNC). The issue is widespread but rarely-acknowledged in the mainstream media — typically only the most egregious individual cases receive coverage, such as in May 2018 when a Welsh police officer with a previous conviction for sharing extreme pornography via WhatsApp was found to have repeatedly used the system for non-police purposes.
In part, this is due to police failing to publicly release data on the overall number and nature of PNC abuses. However, it was reported in 2013 the number of Metropolitan Police officers investigated for PNC misuse had more than doubled in five years, with 76 officers in London facing censure for inappropriately accessing data 2009 — 2013. There were even suggestions some had altered information held on the database.