Police “Legally” Robs a Suspect to Access Encrypted iPhone Data
Apple’s refusal to create a backdoor in iOS to weaken security measures is pushing the intelligence agencies to look for more creative solutions. The UK police have developed a new strategy to be able to recover data from encrypted phones – stage a street robbery to steal the suspect’s iPhone while it’s in their hands!
UK police mug suspect to get iPhone data
Scotland Yard’s cybercrime unit has devised a new way to get access to data without having to push Apple for weakening user security. Investigating a fraud credit card scheme, the department realized that crucial evidence was stored in the suspect’s iPhone. A covert team then “legally” seized the iPhone in the street while the suspect was on a call, getting instant access to data.
Gabriel Yew was suspected of manufacturing fake cards that were being used across Europe to buy luxury goods. Scotland Yard found out that he was using an iPhone to communicate with other members of the network. However, they knew they couldn’t force him to unlock the iPhone without enough evidence. The team then covertly staged a street robbery in June, trailing Yew and waiting for him to unlock his phone to make a call.
Right when Yew did that, the department seized his iPhone, which was now unlocked giving access to encrypted data. One officer was responsible for continually swiping to prevent the device from locking again until they could retrieve the data.
The chief inspector of the operation, Andrew Gould, later said that the evidence was “crucial to the prosecution,” leading to information on Yew’s practices, his associates, and a further 100 potential suspects.
Yew pleaded guilty to fraud and weapons offenses and was sentenced to five years behind the bars last week. The department also uncovered a “factory” of thousands of blank credit cards that were ready to be programmed.
The UK’s Regulation of Investigatory Powers Act 2000 (RIPA)
prevents investigators from forcing suspects to give up the password requires to give up the password or biometric information to government representatives without a court order. Failure to comply with RIPA allows for a sentence of up to two years in jail; Yew was given a 5-year sentence as a result of this conviction. In the US, suspects are protected against the forced sharing of passwords by the Fifth Amendment. However, a court order in Virginia recently allowed law enforcement to force a suspect to give up biometric information to unlock an iPhone.