Passwords and prosecutions

The curious case of Oliver Drage.

When the news broke last week that a teenager had been given a custodial sentence for failing to provide his password to the police, the details of the story appeared incomplete.

The essentials of what had happened were as follows: Oliver Drage, 19 (and so only just a teenager), did not give a password to the police when formally requested to do so. He was prosecuted under the Regulation of Investigatory Powers Act 2000 and given a custodial sentence of 16 weeks in a young offenders institution (which may or not be regarded as the same as being "jailed").

However, the widespread media coverage of this conviction seemed problematic. Some things did not add up.

Let's start with the press release from Lancashire police.

Teen jailed for four months after failing to give up computer password

A TEEN who refused to give police officers an encryption password for his computer has been jailed for four months.

The case is believed to be the first of its kind in Lancashire.

Oliver Drage, 19, formerly of Naze Lane, Freckleton, was arrested in May 2009.

Drage's computer was seized but officers could not access material stored on it as it was protected by a 50-character encryption password. Drage was then formerly requested to disclose the password, which he failed to do.

Appearing at Preston Crown Court, Drage pleaded not guilty to failing to disclose an encryption key -- an offence covered by the Regulation of Investigatory Powers Act 2000. At his trial in September a jury took less than 15 minutes to find him guilty of the offence. Yesterday (Monday Oct 4), Drage was sentenced to 16 weeks in a Young Offenders Institution.

Detective Sergeant Neil Fowler, Blackpool Police, said: "Drage was previously of good character so the immediate custodial sentence handed down by the Judge in this case shows just how seriously the courts take this kind of offence.

Computer systems are constantly advancing and the legislation used here was specifically brought in to deal with those who are using the internet to commit crime. It sends a robust message out to those intent on trying to mask their on-line criminal activities that they will be taken before the courts with the ultimate sanction, as in this case, being a custodial sentence.

This press release is troubling for both what it does and what it does not say.

It is written in a tabloid-like and sensationalised way (for example, "TEEN" in screaming capitals), which seems to me to be deeply inappropriate for an official communication about a serious matter. It also refers to "those using the internet to commit crime...those intent on trying to mask their on-line criminal activities" when, on the face of it, no such charge had been made against this particular defendant and no prosecution carried out.

But when this press release was picked up by the newspapers, certain further information about Drage was published.

From the Guardian: "Oliver Drage, 19, of Freckleton, Lancs, had originally been arrested in May last year by a team of officers from Blackpool tackling child sexual exploitation."

And from the Daily Mail: "Teenager jailed for refusing to give computer password to police investigating child sex crimes"

But the press release did not mention child sex exploitation, nor did it mention the type of police officers who arrested him. Whatever Drage may or may not have stored on his computer, he had not been either charged for or convicted of any sexual offence.

However, his (distinctive) name was now associated with the investigation of serious sex offences by several newspapers on the back of a sensationalist press release which itself mentioned nothing about any sexual offences.

So I asked for further information about this from the press office of Lancashire police. First, I received information about the police team which had arrested Drage:

The Awaken Project is a very close working partnership between Blackpool Council and Lancashire Police and other.

The team is responsible for using an intelligence led and pro active approach to protect children in Blackpool who may be at risk of sexual exploitation. Police officers and social workers on the team are responsible for jointly investigating cases and targeting suspected offenders. Staff from health and education departments supplement the team in an effort to impact upon the behaviour of young and potentially vulnerable persons.

I was also told on the telephone the nature of the offence on suspicion of which Drage was arrested (even though he was not charged nor convicted). I asked why Lancashire police thought it appropriate to link the defendant's name with child sex allegations when he was neither charged nor convicted in respect of such serious matters. The response:

You will notice that that aspect was not mentioned in the official press release and was given to you as guidance over the telephone when you rang. It is therefore your decision if you wish to make that link in print.

I then pointed out the the child sex abuse aspects had been mentioned in many newspapers, and gave the examples of the Guardian and Mail above. Was I correct in my assumption that Lancashire police was their source for this extra information? The response:

The information was given as guidance to all journalists who rang and asked why Drage had originally been arrested. As previously mentioned, it is not included in the press release - so was not in the 'brief' we gave the press - and it is down to the individual publication if they chose to print that information.

Hope this helps.

I reverted, now asking why Lancashire police believed it was appropriate to mention it as guidance. After all, the defendant was now publicly and widely associated with child sex investigations (perhaps the most serious investigations one can be associated with) when he was neither charged nor convicted of any sex offence.

I will refer you back to my previous answer. The information was given as guidance (and was not included in the press release) to assist journalists in their reporting of the matter, by clarifying why Drage was arrested and his computer seized. Failure to give this guidance could have resulted in inaccurate assumptions and reporting of the case.

All journalists were pointed to the fact that this information was not in the press release and that it was their decision should they chose to publish the information that was given to them as guidance.

In contrast, the Crown Prosecution Service responded to my queries without any reference at all to the sexual offences for which Drage had been arrested. Indeed, for the CPS the prosecution was explicable on the straightforward facts of this particular offence:

Oliver Drage was found guilty on October 5, at Preston Crown court of failing to provide his computer's password contrary to section 53 of the Regulation of Investigatory Powers Act 2000.

The CPS received a file of evidence from Lancashire Police after he was served with a court order in December 2009 section 49 of RIPA 2000, requiring him to disclose the password.

He failed to do so within the three weeks' period specified on the order. After a thorough review of the evidence, we decided that there was sufficient evidence and it was in the public interest to prosecute Oliver Drage for this offence as his failure to disclose the password has obstructed an ongoing police investigation.

Evidence showed that the defendant admitted in police interviews that he had set an encrypted password of between 40 and 50 characters containing both letters and numbers using an encryption software programme and that he had had originally relied on his memory to recall it but could not recall it when he was served with the notice.

The jury heard both the prosecution and defence case and accepted the prosecution case that the defendant must have kept a record of this very complex password, rather than relying on memory, and that he had deliberately failed to disclose it to the police. They returned a guilty verdict after 15 minutes deliberation.

As the defendant claimed to have forgotten a password that he had previously memorised, it was for the prosecution to rebut this and to prove beyond all reasonable doubt that this was not the reason for the defendant failing to disclose it.

I also asked the CPS for what guidance it had for those who also may forget passwords, and their response was:

Part III of the Regulation of Investigatory Powers Act 2000 (the Act) and Investigation of Protected Electronic Information Code of Practice came into force on the 1st October 2007. The Code of Practice provides guidance to be followed when exercising powers under the Act to require disclosure of protected electronic data in an intelligible form or to acquire the means by which protected electronic data maybe accessed or put in an intelligible form.

Overall, there are two issues about this curious case.

First, there is the narrow issue of the prosecution and conviction. On the basis of the CPS statement, one can see why a claim to have forgotten a previously memorised encrypted password of between 40 and 50 characters, and not to have written it down elsewhere, would rather strain credulity.

Second, there is the worrying way in which highly prejudicial information is provided and published about an individual charged for and convicted of an offence very different for the one for which he was arrested on being on suspicion of having committed.

It may well be that Lancashire police break the encryption code.It could be that there is sordid material yet to be revealed which may have warranted a charge and even conviction of a serious sexual offence. We simply do not know. And neither do the Lancashire police.

However, in the meantime, an individual is now publicly associated with a serious investigation in respect of which was neither charged nor convicted; a police force publishes press releases as if they were tabloid stories and also furnishes highly-prejudicial information, but passes the buck if the press publishes it (which, of course, they will do); and the rest of us are really none the wiser whether a four month custodial sentence in this case was because of the gravity of the original suspicions or just for the implausibility of not knowing or noting down a 40 to 50 character password.

There is something not right here.

 

David Allen Green is a lawyer and a writer. He was shortlisted for the George Orwell blogging prize in 2010. He blogs for the New Statesman on legal and policy matters.

David Allen Green is legal correspondent of the New Statesman and author of the Jack of Kent blog.

His legal journalism has included popularising the Simon Singh libel case and discrediting the Julian Assange myths about his extradition case.  His uncovering of the Nightjack email hack by the Times was described as "masterly analysis" by Lord Justice Leveson.

David is also a solicitor and was successful in the "Twitterjoketrial" appeal at the High Court.

(Nothing on this blog constitutes legal advice.)

Getty
Show Hide image

The 8 bits of good news about integration buried in the Casey Review

It's not all Trojan Horses.

The government-commissioned Casey Review on integration tackles serious subjects, from honour crimes to discrimination and hate crime.

It outlines how deprivation, discrimination, segregated schools and unenlightened traditions can drag certain British-Pakistani and Bangladeshi communities into isolation. 

It shines a light on nepotistic local politics, which only entrench religious and gender segregation. It also charts the hurdles faced by ethnic minorities from school, to university and the workplace. There is no doubt it makes uncomfortable reading. 

But at a time when the negative consequences of immigration are dominating headlines, it’s easy to miss some of the more optimistic trends the Casey Report uncovered:

1. You can always have more friends

For all the talk of segregation, 82 per cent of us socialise at least once a month with people from a different ethnic and religious background, according to the Citizenship Survey 2010-11.

More than half of first generation migrants had friends of a different ethnicity. As for their children, nearly three quarters were friends with people from other ethnic backgrounds. Younger people with higher levels of education and better wages are most likely to have close inter-ethnic friendships. 

Brits from Black African and Mixed ethnic backgrounds are the most sociable it seems, as they are most likely to have friends from outside their neighbourhood. White British and Irish ethnic groups, on the other hand, are least likely to have ethnically-mixed social networks. 

Moving away from home seemed to be a key factor in diversifying your friendship group –18 to 34s were the most ethnically integrated age group. 

2. Integrated schools help

The Casey Review tells the story of how schools can distort a community’s view of the world, such as the mostly Asian high school where pupils thought 90 per cent of Brits were Asian (the actual figure is 7 per cent), and the Trojan Horse affair, where hardline Muslims were accused of dominating the curriculum of a state school (the exact facts have never come to light). 

But on the other hand, schools that are integrated, can change a whole community’s perspective. A study in Oldham found that when two schools were merged to create a more balanced pupil population between White Brits and British Asians, the level of anxiety both groups felt diminished. 

3. And kids are doing better at school

The Casey Report notes: “In recent years there has been a general improvement in educational attainment in schools, with a narrowing in the gap between White pupils and pupils from Pakistani, Bangladeshi and African/Caribbean/Black ethnic backgrounds.”

A number of ethnic minority groups, including pupils of Chinese, Indian, Irish and Bangladeshi ethnicity, outperformed White British pupils (but not White Gypsy and Roma pupils, who had the lowest attainment levels of all). 

4. Most people feel part of a community

Despite the talk of a divided society, in 2015-16, 89 per cent of people thought their community was cohesive, according to the Community Life Survey, and agreed their local area is a place where people from different backgrounds get on well together. This feeling of cohesiveness is actually higher than in 2003, at the height of New Labour multiculturalism, when the figure stood at 80 per cent. 

5. Muslims are sticklers for the law

Much of the Casey Report dealt with the divisions between British Muslims and other communities, on matters of culture, religious extremism and equality. It also looked at the Islamophobia and discrimination Muslims face in the UK. 

However, while the cultural and ideological clashes may be real, a ComRes/BBC poll in 2015 found that 95 per cent of British Muslims felt loyal to Britain and 93 per cent believed Muslims in Britain should always obey British laws. 

6. Employment prospects are improving

The Casey Review rightly notes the discrimination faced by jobseekers, such as study which found CVs with white-sounding names had a better rate of reply. Brits from Black, Pakistani or Bangladeshi backgrounds are more likely to be unemployed than Whites. 

However, the employment gap between ethnic minorities and White Brits has narrowed over the last decade, from 15.6 per cent in 2004 to 12.8 per cent in 2015. 

In October 2015, public and private sector employers responsible for employing 1.8m people signed a pledge to operate recruitment on a “name blind” basis. 

7. Pretty much everyone understand this

According to the 2011 census, 91.6 per cent of adults in England and Wales had English as their main language. And 98.2 per cent of them could speak English. 

Since 2008-2009, most non-European migrants coming to the UK have to meet English requirements as part of the immigration process. 

8. Oh, and there’s a British Muslim Mayor ready to tackle integration head on

The Casey Review criticised British Asian community leaders in northern towns for preventing proper discussion of equality and in some cases preventing women from launching rival bids for a council seat.

But it also quoted Sadiq Khan, the Mayor of London, and a British Muslim. Khan criticised religious families that force children to adopt a certain lifestyle, and he concluded:

"There is no other city in the world where I would want to raise my daughters than London.

"They have rights, they have protection, the right to wear what they like, think what they like, to meet who they like, to study what they like, more than they would in any other country.”

 

Julia Rampen is the editor of The Staggers, The New Statesman's online rolling politics blog. She was previously deputy editor at Mirror Money Online and has worked as a financial journalist for several trade magazines.