The law relating to phone hacking |
10. Before turning to a discussion of Parliamentary
privilege, we summarise our understanding of the law as it relates
to phone hacking, in order that we may reach conclusions about
the extent to which the law offers a remedy for MPs who believe
their phones may have been hacked. We are grateful to Speaker's
Counsel for his helpful note on legal remedies for phone hacking,
which is reproduced in full at Appendix 1.
The criminal law
11. It is only recently that mobile telephones
have become an essential tool of modern life. This means that,
although there is a body of legislation which deals with unauthorised
interception of mobile phone calls or messages, there is little
12. The House of Commons Home Affairs Select
Committee announced on 7 September 2010 that it would carry out
an inquiry into the law relating to unauthorised tapping into
or hacking of mobile communications.
On 4 February 2011, the Committee published the evidence received
to date. At the time
of preparing this Report, the Home Affairs Committee had yet to
announce a timetable for completion of its inquiry. It will be
for that Committee, not this, to recommend any changes to the
criminal law that appear to it to be necessary or desirable and
we have not sought in this Report to anticipate what our colleagues'
conclusions may be.
REGULATION OF INVESTIGATORY POWERS
13. The Regulation of Investigatory Powers Act
2000 (RIPA) is the main statute bearing on hacking. Section 1
of the Act creates the offence of unlawful interception of a communication.
In summary, the offence under section 1 is committed by a person
who, intentionally and without lawful authority, intercepts any
communication "in the course of its transmission" by
means of a public (or private) telecommunications system.
An offender may be sentenced on indictment to a term of imprisonment
of up to two years.
14. The phrase "in the course of transmission"
as used in the Act has attracted a good deal of attention. In
its Report on Press standards, privacy and libel, published in
February 2010, the Select Committee on Culture, Media and Sport
The police ... told us that under section 1 of the
Regulation of Investigatory Powers Act (RIPA) it is only a criminal
offence to access someone else's voicemail message if they have
not already listened to it themselves. This means that to prove
a criminal offence has taken place it has to be proved that the
intended recipient had not already listened to the message. This
means that the hacking of messages that have already been opened
is not a criminal offence and the only action the victim can take
is to pursue a breach of privacy, which we find a strange position
Evidence given to the Culture, Media and Sport Committee
by the Metropolitan Police had suggested that a message was in
the course of transmission until it reached its intended recipient.
Once the recipient had listened to the message, the transmission
had ceased. The Committee called on the Government to amend section
1 of RIPA to cover all hacking of phone messages.
15. Evidence since presented to the Home Affairs
Committee has cast doubt on this interpretation. Specifically,
it has been pointed out that a voicemail message is stored on
a mobile phone service provider's server, not on the handset.
This means that it is necessary for a hacker to communicate with
the server in order to listen to the message, irrespective of
whether it has been listened to previously. Witnesses to the Home
Affairs Committee have argued that this means that a voicemail
message is "in the course of transmission" each time
it is listened to and that the provisions of section 1 of RIPA
therefore apply to the hacking of such a message on each occasion
it takes place. In
a memorandum to the Home Affairs Committee in October 2010, the
Director of Public Prosecutions noted that this interpretation
had yet to be tested in the courts.
16. The Government did not reply to the Report
of the Culture, Media and Sport Committee and the legal position
on hacking of mobile phone voicemail messages which have already
been listened to remains untested. But there appears to be little
if any room for doubt that the hacking of a message that has not
yet been listened to by the intended recipient is a criminal offence.
COMPUTER MISUSE ACT
17. Under section 1 of the Computer Misuse Act
1990, it is an offence for a person knowingly to cause a computer
to perform any function with intent to secure unauthorised access
to any program or data held in any computer, or to enable any
such access to be secured.
A modern mobile telephone can fairly be described as a computer,
as can the servers on which voicemail messages are stored. It
appears, however, that the Computer Misuse Act has not yet been
used as the basis for a prosecution in relation to hacking.
As with the offence under RIPA, conviction may lead to a maximum
penalty of two years' imprisonment.
DATA PROTECTION ACT
18. Under section 55 of the Data Protection Act
1998 it is an offence knowingly or recklessly to obtain or disclose
personal data without the consent of the data controller. In the
case of a mobile phone voicemail message, the 'data controller'
may be the sender of the message or its intended recipient. The
maximum penalty for an offence is a fine.
19. A number of defences are available under
the Act, including for the person obtaining the data to show that
the obtaining or disclosing was justified as being in the public
interest. Such defences
are commonly used by journalists. The usefulness of the Data Protection
Act as a means to seek redress against hacking therefore appears
to be limited.
20. Possible civil remedies for hacking include
actions for breach of confidence (also known as breach of privacy);
breach of data protection; and copyright violation.
Of these, the first appears to offer the best chance of success,
it being well established that where the nature of a communication
implies that it is private, the obtaining or publication of it
without consent may give rise to an action for breach of confidence.
The standard of proof in civil cases (balance of probabilities)
is lower than that which applies in criminal trials (beyond reasonable
21. It is clear that hacking of mobile phone
voicemail messages can be a criminal offence and that options
exist for seeking redress in the civil courts. It is not the role
of this Committee to comment on whether the law is deficient in
this regardin that connection, we look forward to the Report
of the Home Affairs Committee. All the remedies available to any
person within the jurisdiction of the United Kingdom's courts
are of course available to Members of Parliament as individuals.
But how should Parliament as an institution deal with hacking?
Does Parliament need additional or distinct remedies that are
not available to others? It is to those questions that we turn
6 Full text available at www.parliament.uk/homeaffairscom Back
See www.parliament.uk/documents/commons-committees/home-affairs/Memoranda.pdf Back
Appendix, paragraph 3 Back
Second Report from the Culture, Media and Sport Committee, Session
2009-10, HC362, paragraph 465 Back
Second Report from the Culture, Media and Sport Committee, Session
2009-10, HC362, paragraph 466 Back
For a more detailed discussion of this point, see Appendix, paragraphs
4 to 11. See also oral evidence by Lord Macdonald of River Glaven
QC to the Committee on the Protection of Freedoms Bill, 22 March
2011 (morning sitting), col 33. Back
Appendix, paragraph 12 Back
Memorandum submitted to the Home Affairs Committee by Keir Starmer
QC, Director of Public Prosecutions, October 2010 Back
Appendix, paragraph 17 Back
Appendix, paragraph 18 Back
Appendix, paragraphs 19 to 27 Back