The analyst told her friend that the police could access what was thought of as private. That was the crime. Being honest about what the police can do.
The police also say that having the ability to breach privacy is key to keeping people safe but there is no mention of when info secretly scraped from the unsuspecting prevented other unsuspecting people from morbid circumstances.
This whole event looks like the cops are big mad they will now be asked for accountability on another method of investigation. Imagine having to answer for your actions!
To be fair to the plod that's not the only thing she's being charged with.
She's specifically been leaking information about ongoing investigations which for an LEO is a big no-no.
Mottram drove to Kay and Bennett's house to warn them about the police file on Kay – which as we know, and she didn't, was deliberately bogus.
If she'd just told people that EncroChat was insecure then she'd have plausible deniability, but she's clearly pretty involved in trying to assist people in keeping clear of the law (which is pretty cut and dry in the eyes of the law - regardless of what you think of the morality of it all).
Mottram bought weed from a dealer whose phone number was saved in her mobile phone. She also told Bennett about a murder file she had seen on her boss's desk, and took selfies with her work computer visible and showing an "official sensitive" document.
A few other dodgy bits here too, again, very much in breach of her terms of employment which, for LEA employees can get sticky pretty rapidly.
All of this is quite apart from whether you think the fuzz should have access to private citizens communications (which I should be clear I don't). But she's not just an innocent person who just told her mates that they shouldn't use a specific service to discuss breaking the law.
The analyst told her friend that the police could access what was thought of as private. That was the crime. Being honest about what the police can do.
Do you suggest police analysts should be fully transparent all the time, as in "Hey bob, the cops know you are going to raid the bank tomorrow, better re-arrange"?
Yes. The police, like any government agency, needs to state both the scope of its work and provide metrics for how taxpayers can expect their money spent. This expenditure should include how it achieve its goals and what progress should look like. Then let the people judge the methods are consistent with public expectations of accountability.
Police have repeatedly shown an incapability to behave, respect, or function as a person who has to be responsible for their actions. They cannot be allowed to operate without oversight.
They should be open about how investigative tools work, and what the current privacy expectations are, yes. In the end they have to present their evidence in court, and that includes things like this.
According to the NCA, Mottram told Jonathan Kay, 39, the police were monitoring people's encrypted EncroChat conversations, and tipped him off that the cops had intel on him presumably from his use of the app.
She basically tipped off crooks who were selling weapons illegally according to the article.
While I think that cops shouldn't have a backdoor to an encrypted messaging system or access to any messages without a warrant, this woman is also a big piece of shit who deserves to be in jail.
I just read the article and I missed that somehow. I thought she tipped off her mate who was selling weed and said that they were focussing on arms deals for now but be careful.
She tipped off a guy who was selling weed, and that guy tipped off a guy who might be selling arms? Or is being reassured that the police are only focused on firearms currently. The wording was kind of weird in their text message.
Just want to remind everybody that when the Snowden Revelations came out, not only was the UK's NSA-equivalent (the GCHQ) more abusive and extensive in its civil society surveilance that the NSA, but whilst the US government actually walked back on some of the abuses, the UK government simply retroactivelly legalized it and probably issued a bunch of D-Notices (the UK's Press censorship scheme) to quiet it down (certainly the UK press went real quiet on it really fast).
Also the chief editor at the British newspaper that brough out the Snowden Revelations - The Guardian - was kicked out some months later and that newspaper has not mentioned that subject since.
The country is way more authoritarian than people outside of it think: just because the "upper" classes are generally trained to be posh and project a gentlemany image (that and being inducted into the "old boys network" are the main selling points of private schools in the UK, curiously called "public schools" over there even though they're £30k per year per pupil) doesn't mean they don't think everybody else are plebes that need to be kept in their place and share the "lower" classes' belief that foreigners are inferior.
So many famous Brits are private school grads, seeing John Oliver and Richard Ayoade went to the same schools as the likes of BoJo and Thatcher is insane. So much of their public face is made up of this tiny population of people.
Well, if I remember it correctly 11% of the population attends Public Schools, though the most exclusive ones are attended by a tiny fraction of the population which are overwhelmingly represented in the Media, amongst High Court judges and in Politics.
The system that preserves power and wealth across generations through limiting opportunities for the rest also includes Cambridge and Oxford, were public school educated students used to be 70% not long ago (though nowadays its better and and they're only about half) even though they're 11% of all pupils, no doubt due the unmeritocratic selection process which relies on interviews rather than independent educational assessment (one of my acquainces was refused entry into an Architecture Degree because, as he was told, "he did not went to the right school", an impossible barrier to entry for most, more so for somebody of Arabic ancestry who had grown up in a Single Parent home because his father died when he was a child).
The investigation accelerated in early 2019 after receiving EU funding.[2] At the end of January 2020, a judge in Lille, France, authorized the infiltration of the EncroChat servers.[23] Intelligence and technical collaboration between the NCA, the National Gendarmerie and Dutch police culminated in gaining access to messages after the National Gendarmerie put a "technical tool" on EncroChat's servers in France.[20][22][1] The malware allowed them to read messages before they were sent and record lock screen passwords. Messages could be read by law enforcement beginning in April.[12] EncroChat estimated that around 50 percent of devices in Europe were affected in June 2020.[1][17]
The actual application design might have a weakness
The actual application might be conpromised (i.e. on purpose rather than an unknown design flaw)
The mechanism for generating the actual keys might have a weakeness (for example, for a while the symetrical key generation for HTTPS in the Mozilla browser was a lot less random than it was supposed to be so those connections were a lot easier to crack)
The mechanism for distributing the keys might have a weakness
Ultimatelly the one trully safe encryption mechanism is the One Time Pad, and that requires a key as long as the message (hence why seldom used) distributed in a safe way (for starters, never over a public network) and there's still the whole "compromised device" and "compromise application" risks (though implementing the One Time Pad protocol is stupidly simple)