Encrochat Lawyers Say Clients Haven't Had Fair Trials

An international group of lawyers have published an open letter to members of the European Parliament saying that because of the continued secrecy around the law enforcement hack of encrypted phone network Encrochat, their clients have not been able to have fair trials.

The lawyers also ask the European Commission and European Parliament to stop new prosecutions of Encrochat suspects until more evidence about the hacking is disclosed.

The news shows how around a year and a half after French military police pushed malware to thousands of Encrochat devices, defense lawyers say they are still facing issues getting all the details around what exactly happened in the massive hacking operation.

“The manner of the infiltration has been suppressed under the shroud of a claim of national defense secrecy by the French authorities. This has made it impossible for those accused of crimes, to check the accuracy, authenticity, reliability and even the legality of the evidence used against them,” the letter reads. The lawyers add that they believe this is unprecedented in their collective experience, and that it breaches European Court of Human Rights case law.

“An emerging picture of inconsistent, even completely contradicting information has been provided by various law enforcement agencies across Europe, accompanied by an overall refusal by law enforcement agencies to liaise with each other in the ongoing disclosure process in current prosecutions. This raises serious concerns about the integrity and reliability of the evidence on which prosecutions across Europe are based,” the letter adds.

Beyond asking for a freeze on new prosecutions, the lawyers also ask for the requirement for Europol to explain its role in processing and analyzing the Encrochat data, as well as sharing it; demand that the European Parliament create a formal inquiry committee to look into breaches of EU law by the Encrochat investigation; and for lawmakers to adopt safeguards that mean that data cannot be subject to a blanket assertion of national defense secrecy, as the French authorities did here.

The letter is signed by a group of lawyers from Belgium, France, Germany, the Netherlands, Norway, Sweden, and the United Kingdom. Criminal justice watchdog organization Fair Trials also signed the letter.

Christian Lödden, one of the lawyers, told Motherboard that Fair Trials will send the letter to European Parliament committees and delegates.

Encrochat was a part of the encrypted phone industry, where various companies offer devices that typically come pre-loaded with a particular end-to-end encrypted messaging app and sometimes their own operating system. Encrochat specifically offered a remote wipe feature to remove data if the phone fell into the hands of someone else other than the owner, and a dual-boot operating system, where users could pull up an innocuous looking side of the phone if they were under durres while hiding their sensitive communications stored elsewhere.

The phones were popular among serious organized criminals, including hitmen in the United Kingdom and drug traffickers across Europe. A slice of the user base was non-criminal, however, with French prosecutors estimating that chunk made up about 10 percent of Encrochat’s customers. 

In 2020 French authorities managed to push a piece of malware to Encrochat devices by leveraging the company’s update server. From here, investigators exfiltrated messages from the Encrochat phones themselves, eventually amassing around hundred million communications. The malware could harvest the phones’ GPS coordinates, users’ messages, passwords, and more data, according to a document previously obtained by Motherboard. The hack was unprecedented in its scope, being the largest law enforcement hacking operation to date.

When Encrochat’s owners became aware of suspicious activity on their customers' phones, they sent a message to users advising them to dispose of their devices. In a statement at the time, someone in control of an Encrochat email address positioned the company as a legitimate firm. 

"We are [a] commercial company offering services to secure communication over mobile devices," the statement provided to Motherboard read. "We set out to find the best technology on the market to provide a reliable and secure service for any organization or individual that want to secure their information." Encrochat shut itself down after the hack.

The owners operated Encrochat through a network of overseas companies and bank accounts, Motherboard previously reported.

“In the EU legal framework, it is recognised that the fundamental rights of all people, including suspects and accused persons, must be upheld and protected. We are very concerned that the current handling of the EncroChat issue threatens the Rule of Law and fundamental rights protected by EU law that, if it is allowed to pass unchecked, this sets a worrying precedent,” the letter concludes.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.