|Police 'encouraged' to hack more
BBC News | January 5, 2009
The Home Office has signed up to an EU strategy against cybercrime that
"encourages" police across Europe to remotely access personal computers
UK police already do a "small number" of such operations under existing law.
However, the Home Office stated that the EU agreement will not affect police behaviour.
The plan, drawn up by the Council of the European Union, makes broad statements on how to improve European cyber crime-fighting, including inviting countries to introduce remote searches if they are already provided for under national law.
In a statement regarding the agreement, the Council stated that "the new strategy encourages [the police and the private sector] to…resort to remote searches."
British law already allows police to remotely access computers under the Regulation of Investigatory Powers Act 2000, which allows surveillance to "prevent or detect serious crime".
A spokesman for the Association of Chief Police Officers (Acpo) told The Times newspaper that police were already carrying out a small number of these operations among the 194 clandestine searches last year of people's homes, offices, and hotel rooms.
"The UK has agreed to a strategic approach to tackling cybercrime with other EU member states, but this is separate from existing UK laws," the Home Office said in a statement, adding that the plan is not legally binding and there is no timescale for implementing the strategy.
Jacques Barrot, Vice-President of the European Commission, said in a statement that the goal is to ensure EU countries are committed to the fight against computer crime.
Professor Peter Sommer, a cybercrime expert at the London School of Economics, doubts that the strategy will increase the amount of police hacking.
"The products are out there, they've been available for quite a long time and they are pretty sophisticated, however they probably aren't going to get used very much," he told BBC News.
Most anti-virus programs and firewalls will detect surveillance attempts because they are designed to stop the remote access software or Trojan-type viruses that hackers - even police hackers - usually use, he explained.
Prof Sommer also pointed out that evidence gathered from hacking is difficult to defend in court, because prosecutors must prove that it has not been tampered with.
"Normally, when computers are examined forensically, a great deal of care is taken to ensure that nothing is written to the computer when the examination is taking place," said Prof Sommer. "Once you start looking at a computer remotely, all of those controls vanish."