By now, anyone who watches the news knows that British tabloid News of the World, subsidiary of News International and ultimately Rupert Murdoch’s News Corporation, closed its doors after 168 years due to the infamous and growing scandal over phone hacking. Although not yet headlining e-discovery blogs, the parallels of this story to the data and technological hurdles encountered by the e-discovery community are clear. Does phone hacking primarily raise issues of electronic evidence tampering? Keeping pace with new technologies? Spoliation? Privacy? Ethics? All of the above? If nothing else, such pervasive and illegal access to other peoples’ information in any form should act as a wake-up call to anyone in the legal world not yet paying close attention to the acquisition, handling or sharing of data. So let’s take a closer look at this week’s news:
The controversy began in 2006 when London’s Metropolitan Police Service (responsible in part for protection of the British Royal Family) accused News of the World’s former royal editor Clive Goodman and private investigator Glenn Mulcaire of illegally intercepting voicemail messages of Princes William and Harry. Both men were tried and jailed in 2007. A number of additional phone interception allegations arose in subsequent years, including the hacking of numerous celebrities’ and politicians’ phones, as well as phones belonging to victims of the 2005 London suicide bombings and relatives of deceased British soldiers. As if to add insult to injury, the latest allegation involves the hacking of messages from the cell phone of 13-year old murder victim Milly Dowler, all in the interest of beating other papers to the latest scoop.
Several methods of acquiring data from another person’s phone have existed for some time. Forensic technologies used by law enforcement, or by a company conducting an internal investigation or civil discovery, allow an investigator to collect and analyze data from almost any type of mobile phone (see, for example, Mobile Phone Examiner Plus (MPE+)). Methods of illegally intercepting calls, on the other hand, might include: (1) software physically downloaded to a phone that transmits recordings of messages to a website; (2) network decryption of the actual broadcast within a certain radio range of the phone; (3) imaging or “cloning” a phone, which, when the phone is off, allows a second phone to retrieve messages and calls in its place; and (4) the practice of using a known, default or reset PIN to check another person’s messages simply by calling into their voicemail. Some methods require specialized training and kits, but some, like breaking into a person’s voicemail with a default PIN, simply require some ingenuity and compromised ethical boundaries. This last and least technical example is reportedly the method used by News of the World staff.
The voicemail messages sought by News of the World from Milly Dowler’s phone were left in the months between her disappearance and the discovery of her body in September of 2002. Of particular interest at the time was the theory that Milly knew her abductor, making any saved messages or calls potentially useful to the police. While it is unclear whether any of those messages actually became evidence at trial, reports of the phone hacking include the allegation that News of the World reporters not only listened to Milly’s messages, but also deleted messages in order to make room for new ones. These actions undeniably constitute (in American terminology) willful spoliation of relevant electronic evidence.
The legality of intercepting calls, texts or messages predictably depends on who is doing the snooping and why. The United Kingdom’s well-known Data Protection Act is actually inapplicable to phone hacking, as it specifically governs the treatment and distribution of lawfully obtained personal information (for example, customer or employee data stored within company systems). Rather, members of the News of the World staff committed unlawful interception under section 1 of The Regulation of Investigatory Powers Act of 2000 (RIPA). RIPA generally regulates the ability of public bodies (i.e., the government) to conduct surveillance and investigation, including interception of communications, for public safety, public health and national security reasons. A newspaper’s usual “public interest defense” to privacy issues would fail under RIPA due to the unauthorized nature of the interception.
A brief perusal of news coverage reveals some interesting ethical themes in this case, namely, the sentiment that (1) invasive practices have always existed in the news world, making technology the only real difference here, and (2) the editors were correct to turn a blind eye, because such “plausible deniability” protects both the editor and the newspaper as a whole. Both themes carry an important message for the legal community. The former addresses traditional, albeit questionable, practices that not only survive but are emboldened by modern technologies. A reporter who once peered through celebrity windows can now record private phone calls and messages from a remote location. Lawyers who once scoured any documentation for a hint into opposing counsel’s strategy or weak points must now consider regional ethics rules governing the sending, seeking out or viewing of inadvertently disclosed information. It may be true – in both publication and law – that technology is the only difference, but it’s certainly a big difference. Not so many years ago, a reporter would have to break into a person’s home to listen to voicemail messages. Likewise, before the advent of metadata, a lawyer would have to break into someone’s office to read the redlining on a contract. Accepted practices or habits, in any field, require reexamination in light of current capabilities.
The latter theme of plausible deniability – the current and seeming only defense of both former and standing editors of Rupert Murdoch’s news organization – would hardly fly in electronic discovery circles. Take for example the Qualcomm case, in which severe discovery violations by both internal and outside counsel inspired the court to invoke the rules of professional conduct and refer six lawyers to the California State Bar for disciplinary proceedings. Or consider the recent Legal Ethics Opinion issued by the San Diego County Bar Association, prohibiting counsel from sending a “friend request” to opposing parties through social media sites.
With the advent of the UK Bribery Act (making corporations and senior executives personally liable for acts of bribery occurring on their watch) among other examples, the “ignorance” defense to unethical practices in any industry may now be a thing of the past. Either way, the outcome of the News of the World prosecutions will no doubt provide food for thought for those of us who work with the legalities of data every day.