How can the phones of upto 3000 people be hacked but Operators not know anything of it?

This article makes for disturbing reading. So much for the reputation of privacy, security etc for phone conversations. How could this happen and no one knows? Good on the Guardian for finding this story!

Note: I have taken a pragmatic viewpoint for open and have argued for privacy and security on mobile devices. This is significant because there is a special place for mobile in the security and privacy domains. The mobile is a personal device and the risks of a breach affect individuals and even minors. It is not clear how hacking has happened but the very act of getting mobile numbers of celebrities is disturbing in itself and then following on to hack into them

Source: http://news.bbc.co.uk/1/hi/uk/8141884.stm BBC

Q&A: Phone hacking row

As police prepare to examine claims of widespread mobile phone hacking by the News of the World, we look at some of the key questions surrounding the story.

What is the row all about?

The Guardian newspaper’s front page is claiming journalists on the tabloid News of the World were involved in widespread phone-hacking of several thousand celebrities, sports stars and politicians.

The paper says it has evidence that News Group Newspapers – owner of The News of the World, the Sun, the Times and the Sunday Times – paid £1m to settle legal cases that might have revealed evidence of the journalists’ illegal activities.

If that evidence had been made available, then victims of phone hacking may have been able take action against the News of the World.

The Guardian says the News of the World made a £700,000 payout to Gordon Taylor, head of the Professional Footballers’ Association – but only on condition that details of his case were not made public, the paper said.

News Group’s lawyers are then accused by the paper of persuading the court to “seal the file” on Mr Taylor’s case to prevent all public access.

The allegations have not only caused deep concern for those who were apparently targeted but also raised questions over who knew the extent of the illegal activity and why more was not done to tackle it.

As well as the News of the World, those in the spotlight include the Crown Prosecution Service which allegedly agreed to seal the file, and the Metropolitan Police who failed to alert the alleged victims.

Fingers are also being pointed at Andy Coulson, News of the World editor when the allegations were made, and now a key figure in the Conservative party.

Former deputy PM John Prescott, one of the alleged targets, has called for police to investigate. Other including Lord Mandelson and former Home Secretary Charles Clarke have also waded into the row.

Why has it now come to light?

The story stems from the jailing of News of the World royal reporter Clive Goodman in 2007 for hacking into the mobile phones of three royal staff. At the time, News International said Goodman had been acting without their knowledge.

During that case it emerged private investigator Glenn Mulcaire tapped into the phones of Gordon Taylor, chief executive of the Professional Footballers’ Association, and four other prominent figures.

A year later Gordon Taylor sued News Group, which owns the News of the World, on the basis that its senior executives must have known about the alleged operation.

An out-of-court settlement was reached on condition that details of the case were not made public.

The Guardian claims the information from the case – which would have exposed allegations of widespread phone hacking by News of the World journalists – was then suppressed by the police and the High Court.

And it is some of that information that they disclosed in their newspaper on Thursday.

Whose phone was hacked into?

Cabinet ministers, MPs, actors and sports stars are all said to have been bugged.

On the Guardian’s list are former deputy Prime Minister John Prescott, former culture secretary Tessa Jowell, celebrity cook Nigella Lawson, actress Gwyneth Paltrow, London Mayor Boris Johnson, comedian Lenny Henry, singer George Michael and the late Jade Goody.

The Guardian quotes one source as saying between “2,000 and 3,000″ public figures had been bugged.

Who is Andy Coulson?

Andy Coulson was editor of the News of the World at the time when his journalists were allegedly involved in phone hacking into thousands of mobiles. Now he is director of communications for the Conservative party.

He started his journalism career on regional papers, before rising rapidly through the ranks to become News of the World editor by his mid 30s.

He oversaw a string of tabloid exclusives on the private lives of David Beckham, David Blunkett and Sven Goran Eriksson.

But he resigned in January 2007 on the day Clive Goodman was jailed for four months for illegal phone hacking.

He denied knowledge of events, but said he would take the ultimate responsibility for them. A Press Complaints Commission investigation found no evidence that he or anyone else at the paper was aware of Goodman’s illegal activities.

Less than six months later though he was back in a job, hired by David Cameron to be his director of communications and planning.

What have the Tories said?

Conservative leader David Cameron is standing by his communications director, insisting his job is safe.

“He does an excellent job for the Conservatives, in a proper, upright way at all times,” he said.

“It’s wrong for newspapers to breach people’s privacy with no justification.

“That is why Andy Coulson resigned as editor of the News of the World two-and-a-half years ago. Of course I knew about that resignation before offering him the job. But I believe in giving people a second chance.”

Why didn’t the police investigate?

It is unclear yet how far any police investigation has gone. What is known is that the alleged targets of the phone hacking were not informed when the information about the hack operation first came to light.

On Thursday, Met Police Commissioner Sir Paul Stephenson announced a senior officer had been ordered to “establish the facts” on the case.

Legal experts say even if the police had been aware of other phone hacking targets, unless there were complainants, they would not necessarily have investigated further.

However, John Prescott has said that if the victims were kept in the dark in the first place, they were unlikely to been able to complain.

Legal analyst Joshua Rozenberg said there was no obligation on the police to inform the alleged targets of the phone tapping.

“I think the police would say they don’t go around publishing information like this,” he said.

“It’s their job to investigate crimes and pass information onto the Crown Prosecution Service. And if the CPS chose not to prosecute, or even to tell the people involved, that’s their decision.”

How can a mobile phone be hacked?

Security expert Mark Cooper says there are three methods by which a mobile telephone calls can be intercepted.

This can be done either at the handset, or during the conversation – which is illegal and very expensive – or through the mobile phone company which connects the device.

Are there laws preventing people from hacking into phones?

It is illegal to gain access to another person’s telephone under Section 1 of the Regulation of Investigatory Powers Act 2000 (RIPA).

Legal affairs analyst Jon Silverman said the only exception is if the hacking is being done by the authorities, who will have gained legal clearance.

He said: “The RIPA act was a controversial one. The government wanted to put on a statutory footing the activities of bodies like the police, MI5 and security agencies generally.

“It raises the question of the very buoyant market for confidential information in this country and the biggest buyers are the media.”

What are the penalties for breaking the law in this way?

The maximum sentence is two years in prison, or a fine, or possibly both.

Comments

  1. Benjamin says:

    Phones aren’t safe anymore for a very long time.
    I have a non-nonsense teacher claiming that for him intercepting a call, only the first 3 seconds of a phone conversation are safe.
    He does this by placing an antenna, playing Operator, and decrypting the call with a simple Linux cluster which he happens to own.

  2. Dave Birch says:

    “”It raises the question of the very buoyant market for confidential information in this country and the biggest buyers are the media.”"
    And the government, of course…
    http://www.dofonline.co.uk/tax/hmrc-admits-paying-for-stolen-data.html

  3. Mike says:

    good article on this is here http://www.theregister.co.uk/2009/07/14/notw_privacy_scandal_opinion/. Neither the phone nor the network were hacked, those involved were able to access voice mailboxes.
    By default most voicemail boxes are easy to access, more so than internet email even (which can be very easy in the new world of open social networks – as Sarah Palin found out).
    Most operators use default pin codes for mailboxes, which many people don’t bother to change (they’re probably not even aware of the pin since they don’t normally need to use it when accessing vmail from your own phone).
    what are the lessons from this? existing mobile networks are probably secure enough, if you are concerned about security then make sure that you take steps to protect your assets, which can vary from the minimum (change your voicemail PIN) to the more paranoid such as service like cellcrypt