Feeds

CPS: We won't prosecute over BT/Phorm secret trials

No fair cop after all

The essential guide to IT transformation

The Crown Prosecution Service confirmed today that it would not be prosecuting anyone in BT's secret trials of Phorm's web monitoring system.

"We have decided not to consent to a request from an individual to begin a prosecution of BT Group Plc and Phorm Inc in relation to alleged unlawful interception of internet browsing data," said the CPS in a statement on its website.

It said there was insufficient evidence to begin a prosecution under section 1 of the Regulation of Investigatory Powers Act (RIPA) 2000, and added it wasn't in the public interest to take the case any further.

The ISP wiretapping case had been under consideration "at a senior level" with the CPS. In October 2008 privacy campaigner Alex Hanff complained to the agency after police refused to investigate.

Here's CPS's reviewing lawyer on the case Andrew Hadik's statement in full:

We have thoroughly reviewed all of the material supplied by the individual who wished for us to consent to a prosecution, as well as the evidence provided by City of London Police, BT and Phorm. On the basis of the evidence gathered and with advice from legal and technical experts, we have determined the extent and seriousness of the alleged criminality.

At present, the available evidence is insufficent [sp] to provide a realistic prospect of conviction. In the vast majority of cases, we would only decide whether to prosecute after the investigation had been completed and after all the likely evidence had been reviewed. In rare cases, however, it may become clear prior to the collection and consideration of all the likely evidence that a prosecution would not be in the public interest.

We would only take such a decision if we were satisfied that the broad extent of the criminality had been determined and that we could make a fully informed assessment of the public interest. This is such a case.

We obtained expert evidence to enable us to understand how the technology worked, how many people were affected and how they were affected. Those are the key elements of the alleged offending. Even if further evidence were available and collected, we are satisfied that it could not change our assessment.

We have concluded a prosecution would not be in the public interest. As such, consent to a prosecution cannot be given.

The CPS said it found several public interest factors against prosecution of anyone involved in BT's secret trials of Phorm's controversial software.

It said BT and Phorm had received considerable legal advice about the use of the web monitoring system and were advised it was unlikely to be contrary to section 1 of RIPA. "Informal advice" on the same matter was also provided by the Home Office, said the CPS.

"BT received further and conflicting legal advice that led to it halting the covert trials. As there was no evidence to suggest either company acted in bad faith, it could be reasonably argued that any offending was the result of an honest mistake or genuine misunderstanding of the law," it added.

The agency said that both companies had cooperated with the police investigation, and added that the "behaviour in question" was "unlikely to be repeated".

It also cited the separate probe by the Information Commissioner's Office, which decided not to take action in the case.

“The CPS was also asked to consider if an offence had been committed under the Computer Misuse Act 1990 or the Copyright Designs and Patents Act 1988," said Hadik.

“The core alleged criminality in this case was the possibly unlawful interception of data, not computer modification or copyright. Additionally, the same factors that would weigh against a prosecution in relation to the alleged interception would also apply to a prosecution for another offence.”

Hanff reacted with anger at the CPS's decision not to prosecute.

"My argument is that wholesale interception of the nations communications for commercial gain is absolutely a public interest issue and refusal to prosecute undermines confidence in our entire judicial system; it paints a very clear picture that big business is above the law," he told The Register.

Hanff said he would consider a judicial review and mull the process of filing a complaint against the CPS if he can find the funds needed to take the matter any further.

BT told us it was "pleased with the decision not to allow a prosecution." ®

The essential guide to IT transformation

More from The Register

next story
Super Cali signs a kill-switch, campaigners say it's atrocious
Remote-death button bad news for crooks, protesters – and great news for hackers?
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Felony charges? Harsh! Alleged Anon hackers plead guilty to misdemeanours
US judge questions harsh sentence sought by prosecutors
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.