Not only is the use of this technology controversial, the companies that dominate the market have also been accused of neglecting their human rights responsibilities internationally.Ĭellebrite, a market leader in the production of mobile data extraction technologies, have been accused of selling their technologies to Hong Kong and Belarus and enabling authorities to clamp down on dissent. The decision followed a report published by Big Brother Watch that showed 100% of rape cases were dropped when the victim refused to hand over their phones between 2018-19. The use of mobile data extraction technologies made the headlines earlier this year after the Crown Prosecution Service and police were forced to stop using the technology on victims during investigations of rape. Our findings also reveal a growth in the number of unconventional agencies acquiring these tools, including the Competition and Markets Authority – a non-ministerial department that works to “promote competition for the benefit of consumers, both within and outside the UK.” Įven the Food Standards Agency is looking to acquire “digital forensic technicians and services to extract data from electronic media.”
A contract published on 3 March, 2020, shows the East Midlands Strategic Commercial Unit spent over £30,000 on “Cellebrite premium iOS and Android extraction software for Nottinghamshire Police.” Similarly, in 2017 Nottinghamshire Police told Privacy International that they do not use mobile phone extraction technologies. However, this contract shows they renewed their licenses for Cellebrite’s digital forensics software in July 2020 at a cost of nearly £90,000. The UK’s Ministry of Defence, for example, previously refused to disclose whether or not they had received any services from Cellebrite in response to this Freedom of Information request. Since then, a number of new agencies appear to have acquired the technology. In 2018, Privacy International discovered that at least 26 police forces nationwide were using mobile data extraction technologies. The Metropolitan Police also acknowledged that the current process of mobile data extraction “creates a data protection risk.” ĭespite these alarming privacy concerns, the technology is widespread among police forces in the UK. “Current mobile phone extraction practices and rules risk negatively affecting public confidence in our criminal justice system with excessive amounts of personal data often being extracted, stored, and made available to others, without an appropriate basis in existing data protection law.” – Information Commissioner’s Office In June 2020, the UK’s data protection regulator, the Information Commissioner’s Office, published a damning report on the police’s use of mobile data extraction technologies. However, questions regarding their proportionality and privacy implications remain. There’s little doubt these “digital stop and searches” have proved useful for law enforcement agencies.
The majority of this report will focus on mobile data extraction solutions which allow authorities to access data from mobile phones, principally to assist in criminal investigations.Ĭellebrite’s UFED Premium mobile data extraction tool, one of many on the market, allows authorities to “gain access to 3rd party app data, chat conversations, downloaded emails and email attachments, deleted content and more,” according to their website. Public records released since January 2019 reveal the scale of the UK’s digital forensics spending, with several new public bodies acquiring the tools and millions being invested to modernise data storage systems, train officials, and renew software licenses.ĭigital forensics encompasses a variety of technologies designed to identify, preserve, and extract data from electronic devices.