Security News > 2021 > February > EncroChat hack case: RAM, bam... what? Data in transit is data at rest, rules UK Court of Appeal
British prosecutors can make use of evidence gathered by the French and Dutch police from encrypted messaging service EncroChat's servers thanks to a legal interpretation of whether RAM counts as data storage, the Court of Appeal has ruled.
Multiple reporting restriction orders are in force on most EncroChat cases currently before the criminal courts - though those restrictions are not being applied to police forces and the National Crime Agency, both of which have been boasting since last year about EncroChat-linked arrests and convictions, and even the contents of EncroChat messages.
The NCA obtained a TEI warrant, as previously reported, arguing that the data harvested from EncroChat was being stored at the time that European police forces accessed it.
The Court of Appeal explained that in a previous judgment about EncroChat evidence, a Crown court had held that messages in a device's RAM were to be treated as being stored for legal purposes.
The Court of Appeal said: "It is not known when or how the malware extracted the messages. There was no evidence about this. No one who gave evidence knew exactly how the malware works, and the French authorities were concerned that this should continue to be the case."
Why would a British police force need to bother with TI warrants in future when even messages in the act of being transmitted are, legally, "In storage" and can therefore be hacked from abroad by foreign police or intelligence agencies with impunity provided UK police get a TEI warrant?
News URL
https://go.theregister.com/feed/www.theregister.com/2021/02/08/encrochat_court_appeal_ruling/