Ricardo - stock.adobe.com
Police forces check intelligence and criminal databases after errors discovered in O2 phone data
Criminal Bar Association calls for information about reliability of communications data used in criminal trials to be disclosed
Police forces are checking intelligence and criminal databases following warnings of errors in data supplied to police and intelligence services by mobile service provider O2.
Police specialists are understood to be manually checking thousands of datasets supplied by the telco for intelligence purposes, counter-terrorism, or for use in criminal investigations.
Errors in communications data obtained from O2 by police and intelligence agencies mean that unique identity numbers – known as the International Mobile Equipment Identity (IMEI) number – that identify each mobile phone handset are not reliably recorded.
The fault, which affects mobile phone data supplied by O2 dating back over 18 months to mid-2022, means mobile phone handsets and messages could be attributed to the wrong handset. The error could also impact mobile phone location data.
Legal professionals say they have not been formally told about the problem and have raised concerns that flawed communications data could delay trials or damage trust in the justice system.
The chair of the Criminal Bar Association, Tana Adkin KC, said it was essential for information about the reliability of communications data to be disclosed.
“Provision of all information on reliability of evidence is essential to the conduct of fair trials to ensure public faith in the criminal justice system,” she told Computer Weekly.
Risk of flawed data
O2, which is part of the Spanish phone company Telefónica and operates as Virgin Media O2, is the second largest mobile network operator in the UK, with 24 million consumer subscribers.
Communications data – which includes details of the owner of a mobile phone, their location history, and details of when phone calls and messages were exchanged and who with – is used by investigators to track people’s locations and to build up lists of their contacts and associates.
According to claims made by the Home Office in 2020, communications data played a role in every major security service counter-terrorism operation over the past decade. It has also been used as evidence in 95% of all serious organised crime investigations handled by the Crown Prosecution Service.
Jessica Sobey, a barrister at Stokoe Partnership Solicitors, who has experience of mobile phone evidence in criminal trials, said there was a risk that the justice system may find itself in a position where evidence presented as reliable may be fundamentally flawed.
The case highlights a wider problem, which is that since 2000, following changes to the Police and Criminal Evidence Act 1984, courts presume that computer evidence is reliable unless there is evidence to show otherwise.
“With hundreds, if not thousands, of convictions hinging upon call data records and locations obtained from faulty software, the need for further scrutiny on the presumed reliability of computer-based systems and the ‘evidence’ that they produce cannot be understated,” she said.
“If there are software issues that are with the telecoms provider themselves, that wouldn’t necessarily be picked up by defence experts looking at the raw data,” she added.
Sobey said the accuracy and correct attribution of geolocation data was a “huge issue” in criminal cases, which rely on phone location to place people at the site of a crime.
Although it is unlikely that cases dating back to mid-2022 would have come to court by now, given current backlogs in criminal cases, she said there were likely to be cases where defendants have been given advice and taken a course of action based on false information.
Problems with mobile phone data in Denmark in 2019 led to the country releasing 34 people and reviewing over 10,000 court cases, following the discovery of bugs in software that coverts data into usable evidence.
Denmark suspended the use of communications data as evidence in criminal trials for two months after serious errors were found in communications data that impacted the accuracy of geolocation data.
Forensic analysis
However, Home Office officials say there are “important differences” between the incident in Denmark and that in the UK, where only communications data from one service provider is impacted.
They say UK investigators can use “multiple avenues” to obtain the required information to seek a prosecution.
Police investigators can apply to the Office of Communications Data Authorisations (OCDA) for communications data from mobile phones. The OCDA has the capability to obtain communications data supplied by telecommunications operators from a digital portal.
According to the latest figures, the OCDA – which became part of the Investigatory Powers Commissioners Office, an independent regulator, this year – received more than 270,000 authorisations for communications data in 2022, of which more than 98% were approved.
The agency, which has offices in Birmingham and Manchester, provides services seven days a week between 7am and 10pm. Police investigators require approval from a senior officer and the OCDA to access phone data, but do not require a warrant.
Read more about mobile phone surveillance
- Counter-eavesdropping agency unlawfully used surveillance powers to identify journalist’s source.
- Government agrees law to protect confidential journalistic material from state hacking.
- Security experts: Investigatory powers plans will delay security updates.
- Investigatory Powers Act: Home Office proposes rethink of safeguards on bulk data collection.
- Police secrecy over ‘IMSI-catcher’ mass surveillance of mobile phones.
Typically, police investigators receive two reports – a formal one as a PDF and an electronic version for feeding into specialist software such as CSAS – according to forensic expert Peter Sommer.
“This can produce maps showing the movement over time of a mobile phone and also use link analysis to show frequency of contact between phones. The software reveals potential criminal conspiracies – county lines narcotics trafficking, terrorism, etc. It can also be used to support or undermine alibis,” he said.
Reliability of comms data should be disclosed
Tana Adkin KC, chair of the Criminal Bar Association, said it was essential to provide information on reliability of evidence to conduct fair trials.
“The Criminal Bar Association has not been made aware of any alleged deficiencies in data records made available by mobile phone network operators to police and prosecution authorities.
“Members of the independent criminal bar defend and prosecute a range of serious offences in our courts and rely on evidence served under strict rules of disclosure.
“The CBA looks forward to any updates from the relevant authorities, including the Home Office, on mobile phone data in criminal proceedings to ensure ongoing compliance with the disclosure rules,” she said.
Errors under investigation
The National Police Chiefs’ Council (NPCC) confirmed that it has alerted all police forces in the UK about problems with O2’s data, which were first reported by the Evening Standard, and that police forces are “reviewing their data appropriately”.
“There is work ongoing nationally to fully understand the issue and resolve it,” a spokesman said.
The Home Office’s National Communications Data Service, part of the Homeland Security Group (see box), is also providing guidance to police, intelligence agencies and other government bodies.
An O2 spokesperson said: “We are investigating an issue relating to the accuracy of some data provided to certain operational partners. We take this matter very seriously and we have notified the relevant bodies, taken steps to help mitigate against a recurrence in the short term, and our teams are currently working to determine the facts and fully resolve any issues as a top priority.”
An NPCC spokesperson added: “Earlier this year, we were made aware of an error involving some data supplied by a telecommunications company.”
They said it was working with “a range of partners” to establish the exact implications of the fault and to “ensure all appropriate steps” are taken to mitigate and resolve the issue.
“We continue to work closely with the Crown Prosecution Service, Public Prosecution Service for Northern Ireland and the Crown Office and Procurator Fiscal Service to understand the impact and take necessary measures. At this stage we are unable to comment any further,” the NPCC spokesperson added.
A Home Office spokesperson said: “We are aware of an issue involving a telecommunications operator which has affected the provision of communications data. We are working with the relevant organisations and it would be inappropriate to comment further on this matter while an investigation is ongoing.”
The National Communications Data Service
The National Communications Data Service (NCDS), part of the Home Office’s Homeland Security Group, is tasked with providing and maintaining services to deliver communications data to security intelligence agencies and law enforcement.
The NCDS is one of the four partners in the Communications Data Lawful Intercept (CDLI) Service Partnership between Home Office’s Homeland Security Group, the National Crime Agency and GCHQ.
Read more on IT for telecoms and internet organisations
-
Police make arrests after hacking Ghost encrypted comms app
-
Inside the Met Police’s investigation into EncroChat crime gangs
-
Cops make arrests and seize drugs after hacking Exclu encrypted messaging app
-
ICO calls for police to end ‘excessive collection’ of personal data from rape and assault victims