Lauri Love: 'Britain's FBI' loses court attempt to evade decryption laws
Cops slapped down after trying to dodge suspect's legal protections with civil backdoor
The National Crime Agency's (NCA) application to force alleged hacktivist Lauri Love to decrypt computer equipment seized from him two years ago has been declined by a Westminster judge.
At a hearing this morning in Court Seven at Westminster Magistrates' Court, the NCA's application to make Love disclose his passwords was refused.
The NCA made their application to force decryption in order to counter one made by Love to get his seized property back, which was made under section 1 of the Police (Property) Act of 1897.
As noted in the ruling (PDF) by District Judge Nina Tempia, the application was denied explicitly because the NCA has attempted to use the case management powers of the court "to circumvent specific legislation that has been passed in order to deal with the disclosure sought."
As legal journalist David Allen Green explained, this was an instance of a civil matter being dealt with by a magistrates' court, which normally only handles criminal matters. The police power to compel suspects to hand over their encryption keys is legislated for under Part III of the Regulation of Investigatory Powers Act 2000 (RIPA).
However, the NCA, as Green explained, attempted "to sidestep the RIPA scheme and effectively circumvent the section 55 safeguards and the protections of the Code of Practice" (PDF) by filing a civil claim against Love, essentially asserting that his confiscated equipment is their property according to the 1897 law.
The NCA declined to offer a comment to The Register, saying only that "proceedings are ongoing."
A substantive hearing on Love's application to recover his equipment will take place on 28 July.
The alleged hacktivist is also wanted for extradition to the United States to face several charges in the beautifully-titled case of USA vs. Love. These extradition hearings will be heard in full over two days, from 28 to 29 June.
An indictment filed in the United States District Court, Eastern District of Virginia (PDF) alleged that Love (also known as "nsh", "route", "peace", "shift"):
[S]pecialized in gaining unauthorized access to protected computers and obtaining sensitive and confidential information stored on those computers, including names, social security numbers, and credit card numbers.
He is charged with one count of "conspiracy", six further counts of "damage to a protected computer and aiding and abetting", another count of "access device fraud and aiding and abetting", and a final count of "aggravated identity theft and aiding and abetting".
In a statement to The Register, Love's lawyer, Karen Todner, of Kaim Todner Solicitors, said: “Mr Love is very pleased with the decision of District Judge Tempia today not to grant the direction requested by the NCA. This was clearly the right outcome. A decision in the NCA’s favour would have set a worrying precedent for future investigations of this nature and the protection of these important human rights.”
“The NCA first served a RIPA Notice on Mr Love in February 2014 but took no further action to continue it after he did not comply. Over two years later, by seeking a direction from the court for Mr Love to disclose the encryption keys and passwords, the NCA were clearly attempting to circumvent the proper statutory mechanisms put in place by Parliament for the investigation of encrypted data and the important safeguards tied in with these. The District Judge rightly saw through this approach and found in Mr Love’s favour.”
“We continue to defend his extradition proceedings which are ongoing.” ®
Sponsored: Becoming a Pragmatic Security Leader