• Investment World
• eWorld
• Brand Line
• Mentor
• Life
• Brand Quest
• The New Manager
• BL Club
• Smartbuy
• Books
• Gallery

Stocks

• Quotes
• SE Diary
• Scoreboard
• Open-End Mutual Fund

Cross Currency

• Rates
  
  

Shipping

• Ports
  
  

Archives

• Yesterday
• Datewise
• Resources
• In Focus
• In Depth
• Events 2007

Group Sites

• The Hindu
• The Hindu ePaper
• Business Line
• Business Line ePaper
• Sportstar
• Frontline
• The Hindu eBooks
• The Hindu Images

R.K.Raghavan

We in India often complain about the aggression of our media and the questionable tactics that they allegedly use sometimes to ferret out information that may be adverse to those holding public office. We do not know how much more aggressive are their counterparts in the UK, especially those in the print media.

An instance in point is the current controversy in that country over leakage to the press of information on a large number of dubious claims made by some Members of Parliament as reimbursement of expenses. Incidentally, one of the claims related to the Home Secretary’s husband renting adult films! The leakage has caused great embarrassment to the MPs involved because it has showed them in poor light. Most of the claims relate to expenses incurred by them on a second house they are allowed to maintain in London for attending Parliament.

Investigation of the leak has revealed that the damaging information was collected from the Fees Office in Parliament that processes the MPs’ claims. It is further learnt that the information appearing in some newspapers, particularly Daily Telegraph, was purchased for a price from a vendor who could smuggle the information through an external hard disk attached to a protected computer. The middleman has been identified as one John Wick, formerly of the SAS, an elite wing of the UK Army, and who now heads a corporate intelligence company that specialises in negotiations for the release of hostages in combat zones. (Interestingly, the company is named International Security Solutions Limited!)

He is unrepentant and believes his action was in public interest. Most importantly, he has taken the position that the data was not stolen, but constituted “an unregistered copy” that was obtained “as a result of lax and unprofessional security procedure.” The Metropolitan Police is known to have taken the stand that Wick’s action is not liable for investigation, as the information leaked did not pose any threat to public safety and was in public interest.

The whole incident raises many security issues although how the leakage was actually committed is still not clear. It is possible that the computer that had stored the information was physically left unprotected so that even an unauthorised person could access it. Or was it that several employees of the office were using it and accountability could not therefore be easily fixed. Also, was the use of an external hard disk authorised or irregular and had been smuggled in to facilitate the copying? All these are relevant questions to any office that handles sensitive information. The episode should throw up some ideas to SOCA (Serious and Organised Crime Agency), the UK equivalent of the FBI and our CBI, which handles electronic crime in the country, apart from other crime. I presume SOCA now understands that electronic data is stolen not merely by criminals but by respected members of the society who demand transparency in public administration. This adds a new dimension to investigative work.

Last year, Sharon Lemon, head of SOCA’s e-crime wing, had said that electronic crime was all-pervasive and that all police forces in the UK had to work intensely to control it. She was particularly concerned over how the Internet was spawning credit card frauds all over the globe. She further believed that technology played an important part in most of the serious crime reported to the police. Such crime included human trafficking, drug smuggling and major frauds.

SOCA’s annual report released a few weeks ago revealed how the agency was fighting a major battle with ingenious online criminals with the assistance of the FBI. A notable success was the closing down of an online forum called DarkMarket which was trading in credit card and banking information. SOCA managed to secure 60 arrests and recovered nearly 16,000 compromised credit cards. To its credit, it also foiled a major attempt of a gang to transfer more than £200 million from a London-based bank.

SOCA is hopeful that it would be able to step up the offensive against online crime. But then, experience of investigators reveals that there are many obstacles to success. These include submitting themselves to Court procedures that can sometimes be unimaginative.

An instance in point is the controversy presently centring round the stand taken by the Chief Constable of Avon and Somerset Police in the UK.

His force had seized, in September 2008, a few hard-drive clones, printed material and more than 80 hard drives, all containing pornographic material, especially child abuse images.

The seizures were made from the possession of one Jim Bates, a cyber forensic expert of long years.

While the police conceded that the search made in this connection was unauthorised and therefore unlawful, they believed that possession of images by an expert for duration longer than justified on professional grounds was actionable.

They maintained that the seized material could not be returned to the expert, even if the Court desired it, because they could form part of an ongoing investigation and such possession by the expert could amount to a criminal offence.

The opinion of one expert, Professor Peter Sommer, is worth recording here: “Case law means that individuals — even those for whom a statutory exemption exists — must wipe indecent images at the end of an instruction.

Otherwise, statutory exemption would be a cover — a loophole — behind which anyone with an inappropriate interest in this sort of material could hide.” The Court, in the Bates case, ordered that the hard material should be returned to the expert. But it did not say anything about the cloned drives.

The Chief Constable says that on no account will he return any material back to the expert. This obviously puts him on a collision course with the Courts. What happens next is anybody’s guess.

The point is investigation of electronic crime is complicated and procedure-ridden. The law and procedure in the area are evolving very slowly, and it is necessary for investigators to keep themselves abreast of all developments.

The writer is a former CBI Director who is currently Adviser (Security) to TCS Ltd.

More Stories on : Security | Security Musings

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Copyright © 2009, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line