Sky News hack of Canoe Man's email in public interest, Ofcom says
Broadcaster's right to expression trumps privacy - this time
Sky News hacked into Yahoo! email accounts owned by John and Anne Darwin and broadcast their contents to the world - but Ofcom reckons that's OK, thanks to the unique nature of the case.
John Darwin is better known as the "Canoe Man", who faked his own death so his wife could collect his life insurance and they could both enjoy a new life in Panama.
Following the successful prosecution of the couple for fraud, Sky News revealed it had hacked both their Yahoo! accounts and shared the contents with the police, an admission which prompted Ofcom's investigation.
Investigations are normally triggered by a complaint from the aggrieved party, but when the head of a national news organisation goes on TV and admits his journalists committed a criminal act the regulator finds itself obliged to investigate.
BSkyB denied nothing and cooperated fully with the investigation, which is laid out in detail in Ofcom's Broadcast Bulletin (PDF, starts at page 71 after the usual slaps on the wrist for swearing and such). The investigating journalist sought permission from his managing editor to hack the email accounts, and permission was granted - without anyone seeking legal advice.
It's the kind of thing which wouldn't happen in a post-Leveson world, but at the time Yahoo! accounts could be easily compromised by guessing a few security questions. As the police were apparently taking no interest in the mailboxes, the information gathered by the journalist proved extremely important.
There was little doubt that John Darwin had faked his own death for monetary gain, but his wife's defence rested on the allegation that he had coerced her into complicity. The email exchanges between them were, therefore, important in showing a "very close loving relationship" and undermining the wife's coercion defence.
BSkyB says that at the time it had no guidelines on this sort of thing as "Sky News did not usually undertake investigative journalism, however when it does, the record showed that it is extremely rare for it to authorise conduct which has the potential to involve contravention of the law", which is (sort of) a relief.
Sky News also did the right thing in passing the information on to the police and saying nothing afterwards, says Ofcom, which is all very public-spirited, but doesn't change the fact that it would appear to be a breach of the Computer Misuse Act 1990, under which "unauthorised access to computer materials" (under which interception of emails falls) is not permitted.*
Ofcom doesn't really care if the journalist broke the law or not in hacking the email accounts - that's beyond the remit of a media regulator. The question they're concerned with is whether Sky News broke privacy regulations by broadcasting the contents of those mail messages once they'd been hacked.
Even convicted fraudsters are protected by privacy legislation, but in this instance (and this instance only) Ofcom has decided that the messages were of such legitimate interest that it outweighed their right to privacy.
Not that this is intended to set any kind of precedent, as the regulator makes abundantly clear:
Ordinarily, Ofcom would be unlikely to consider it warranted for a broadcaster to allow its journalists to access private email accounts and subsequently disclose email correspondence without permission or authority from the account holder for such programme content.
So journalists, and aspiring journalists, should take note: don't broadcast the contents of the mailboxes you hack into, unless you think you might be able to get away with it. ®
*While public interest is not a defence in this particular law, it is entirely at the discretion of the police and the Crown Prosecution Service to decide whether or not to prosecute, and it appears they have chosen not to do so.
Sponsored: 2016 Cyberthreat defense report