WhatsApp and Signal messages at risk of surveillance following EncroChat ruling, court hears

Millions of messages harvested

Lawyers are seeking leave to appeal a ruling by the Investigatory Powers Tribunal in May 2023 that found the National Crime Agency (NCA) had lawfully obtained warrants to authorise French police to intercept messages from EncroChat phone users in the UK.

A French and Dutch Joint Investigation Team (JIT) harvested more than 115 million supposedly encrypted messages from an estimated 60,000 users of EncroChat phones after infecting the handsets with a software “implant”.

As part of the UK’s response to EncroChat, Operation Venetic, police have made more than 3,100 arrests, convicted 1,500 offenders, recovered over nine tonnes of Class A drugs, and seized 3,500 rounds of ammunition and £84m in cash.

During the hearing, defence lawyers representing 11 defendants told judges that the National Crime Agency had unlawfully used a targeted equipment interference (TEI) warrant to authorise French police to hack EncroChat phones belonging to people resident in the UK.

The court heard that the Investigatory Powers Act 2016 allows law enforcement to obtain a TEI warrant for a single investigation or operation, such as the covert monitoring of the activities of an identified organised crime group. However, the lawyers argued that a TEI warrant could not be used to monitor all users of a particular messaging service. It was not enough, they said, that the targets for surveillance were using a common technology “incidental to their suspected criminality”.

The primary purpose of Operation Venetic was to receive, triage and disseminate intercepted material gathered by the French from EncroChat phones and deliver it to police forces to conduct multiple investigations.

It was also clear from the NCA’s warrant application that Operation Venetic was not set up for a single operation or investigation, but to facilitate current UK law enforcement activity and future criminal investigations.

Defence lawyers quoted Lord David Anderson KC’s initial legal advice to the Crown Prosecution Service – which he later changed following representations from the NCA – that a TEI warrant would not be appropriate for EncroChat.

Anderson initially concluded that the NCA could not lawfully apply for a thematic TEI warrant to break into an encrypted platform on the grounds that it was used by a “vast and miscellaneous group of unrelated criminals”.

Anderson also warned that the NCA would be deploying “a drift net” rather than a “harpoon” that would set aside the statutory protections in “favour of a wholly general attempt to uncover serious criminality of all kinds”.

Distinction between bulk and thematic warrants blurred

The court heard that the IPT had unlawfully blurred the distinction between bulk warrants, which allow the bulk interception of communications, and thematic warrants, which permit a much narrower range of interception, in breach of privacy rights under the European Convention of Human Rights.

Lawyers said it was not a coincidence that the NCA had “re-badged” Project Venetic as Operation Venetic shortly before it applied for the TEI warrant.

If the NCA was able to use a TEI warrant for bulk interception merely because it had decided to call an investigation an “operation” rather than a “project”, that would mean there was no longer a statutory distinction between bulk surveillance and thematic equipment interference, the court heard.

“It will have drastic effects on law enforcement because it will send a clear message that, from now on, bulk [surveillance requirements] of the Investigatory Powers Act can be ignored,” lawyers said.

Threat assessment

The court heard that the Investigatory Powers Tribunal had relied on the NCA’s confidential 2019 Strategic Threat Assessment that EncroChat phones were exclusively used by criminals.

Defence lawyers argued that the Court of Appeal should assess whether the NCA had written the assessment to support its application for a TEI warrant.

The court heard that the NCA knew from 2018 onwards that French officials were investigating EncroChat servers at the OVH datacentre in Roubaix, France.

The NCA’s principal technical officer travelled to France to assist in reverse engineering the EncroChat servers in 2019 and provided the French with test handsets.

A February 2019 official minute from Europol indicated that the intention was to decrypt and obtain EncroChat communications from a server, the court heard.

In addition, NCA technical officers had developed their own EncroChat implants before the French hacking operation.

“There were at least a year’s worth of clear indications to the NCA before the confidential assessment was published as to what the French, and for that matter the Dutch ... were planning,” the court heard.

NCA should have applied for TI warrant

The court was told that the NCA had wrongly applied for a targeted equipment interference (TEI) warrant when the only lawful warrant that could be used under the Investigatory Powers Act 2016 was a targeted interception (TI) warrant.

“In the choice between a TI and a TEI for intercepting stored communications, in this situation there is no choice … a TEI cannot be the appropriate warrant. It is a TI,” a defence lawyer told the court.

The IPT’s conclusion that “Parliament could not have intended a TI warrant to be required because that would give a ‘windfall benefit’ to defendants whose communications were intercepted” was wrong, the court was told.

A barrister told the court: “The court’s function is to give effect to the will of Parliament as expressed in the plain words of the statute, not to seek to find an interpretation that second guesses or disapplies plain words.”

Appeal raises ‘important and compelling issues’

The barrister argued that if the court thought the IPT may have made an error in law about the interpretation of the Investigatory Powers Act and how it should be applied by the National Crime Agency and the investigatory powers commissioner, who regulates surveillance, it should allow the appeal.

“The potential consequences of an erroneous legal approach to primary legislation of this kind, particularly in the context of surveillance law, are of themselves compelling and important, and to say otherwise risks doing an injustice,” he said.

The barrister told the court that the issues raised were “important and compelling” not just for the applicants, but for other related EncroChat cases and “interception cases generally”.

He said it would be a “remarkable” development if a type of interception falling within the definition of interception in the Investigatory Powers Act, and included in the IPA’s privacy protections, “had been removed from those protections entirely”.

David Perry KC for the NCA and the Crown Prosecution Service said none of the grounds for appeal had any arguable merit. He said the court should not grant leave to appeal unless it considers that the appeal would raise an important point of principle or practice.

The Investigatory Powers Tribunal has made no decision about the legal admissibility of EncroChat evidence in UK courts and has referred the question back to criminal courts to resolve. A number of legal challenges over the admissibility of EncroChat evidence are before crown courts.

The Court of Appeal reserved its decision.