Privilege: Hacking of Members' mobile phones - Standards and Privileges Committee Contents

The law relating to phone hacking

10.  Before turning to a discussion of Parliamentary privilege, we summarise our understanding of the law as it relates to phone hacking, in order that we may reach conclusions about the extent to which the law offers a remedy for MPs who believe their phones may have been hacked. We are grateful to Speaker's Counsel for his helpful note on legal remedies for phone hacking, which is reproduced in full at Appendix 1.

The criminal law

11.  It is only recently that mobile telephones have become an essential tool of modern life. This means that, although there is a body of legislation which deals with unauthorised interception of mobile phone calls or messages, there is little case law.

12.  The House of Commons Home Affairs Select Committee announced on 7 September 2010 that it would carry out an inquiry into the law relating to unauthorised tapping into or hacking of mobile communications.[6] On 4 February 2011, the Committee published the evidence received to date.[7] At the time of preparing this Report, the Home Affairs Committee had yet to announce a timetable for completion of its inquiry. It will be for that Committee, not this, to recommend any changes to the criminal law that appear to it to be necessary or desirable and we have not sought in this Report to anticipate what our colleagues' conclusions may be.


13.  The Regulation of Investigatory Powers Act 2000 (RIPA) is the main statute bearing on hacking. Section 1 of the Act creates the offence of unlawful interception of a communication. In summary, the offence under section 1 is committed by a person who, intentionally and without lawful authority, intercepts any communication "in the course of its transmission" by means of a public (or private) telecommunications system.[8] An offender may be sentenced on indictment to a term of imprisonment of up to two years.

14.  The phrase "in the course of transmission" as used in the Act has attracted a good deal of attention. In its Report on Press standards, privacy and libel, published in February 2010, the Select Committee on Culture, Media and Sport reported that:

The police ... told us that under section 1 of the Regulation of Investigatory Powers Act (RIPA) it is only a criminal offence to access someone else's voicemail message if they have not already listened to it themselves. This means that to prove a criminal offence has taken place it has to be proved that the intended recipient had not already listened to the message. This means that the hacking of messages that have already been opened is not a criminal offence and the only action the victim can take is to pursue a breach of privacy, which we find a strange position in law.[9]

Evidence given to the Culture, Media and Sport Committee by the Metropolitan Police had suggested that a message was in the course of transmission until it reached its intended recipient. Once the recipient had listened to the message, the transmission had ceased. The Committee called on the Government to amend section 1 of RIPA to cover all hacking of phone messages.[10]

15.  Evidence since presented to the Home Affairs Committee has cast doubt on this interpretation. Specifically, it has been pointed out that a voicemail message is stored on a mobile phone service provider's server, not on the handset. This means that it is necessary for a hacker to communicate with the server in order to listen to the message, irrespective of whether it has been listened to previously. Witnesses to the Home Affairs Committee have argued that this means that a voicemail message is "in the course of transmission" each time it is listened to and that the provisions of section 1 of RIPA therefore apply to the hacking of such a message on each occasion it takes place.[11] In a memorandum to the Home Affairs Committee in October 2010, the Director of Public Prosecutions noted that this interpretation had yet to be tested in the courts.[12]

16.  The Government did not reply to the Report of the Culture, Media and Sport Committee and the legal position on hacking of mobile phone voicemail messages which have already been listened to remains untested. But there appears to be little if any room for doubt that the hacking of a message that has not yet been listened to by the intended recipient is a criminal offence.


17.  Under section 1 of the Computer Misuse Act 1990, it is an offence for a person knowingly to cause a computer to perform any function with intent to secure unauthorised access to any program or data held in any computer, or to enable any such access to be secured.[13] A modern mobile telephone can fairly be described as a computer, as can the servers on which voicemail messages are stored. It appears, however, that the Computer Misuse Act has not yet been used as the basis for a prosecution in relation to hacking.[14] As with the offence under RIPA, conviction may lead to a maximum penalty of two years' imprisonment.


18.  Under section 55 of the Data Protection Act 1998 it is an offence knowingly or recklessly to obtain or disclose personal data without the consent of the data controller. In the case of a mobile phone voicemail message, the 'data controller' may be the sender of the message or its intended recipient. The maximum penalty for an offence is a fine.[15]

19.  A number of defences are available under the Act, including for the person obtaining the data to show that the obtaining or disclosing was justified as being in the public interest.[16] Such defences are commonly used by journalists. The usefulness of the Data Protection Act as a means to seek redress against hacking therefore appears to be limited.

Civil remedies

20.  Possible civil remedies for hacking include actions for breach of confidence (also known as breach of privacy); breach of data protection; and copyright violation.[17] Of these, the first appears to offer the best chance of success, it being well established that where the nature of a communication implies that it is private, the obtaining or publication of it without consent may give rise to an action for breach of confidence. The standard of proof in civil cases (balance of probabilities) is lower than that which applies in criminal trials (beyond reasonable doubt).


21.  It is clear that hacking of mobile phone voicemail messages can be a criminal offence and that options exist for seeking redress in the civil courts. It is not the role of this Committee to comment on whether the law is deficient in this regard—in that connection, we look forward to the Report of the Home Affairs Committee. All the remedies available to any person within the jurisdiction of the United Kingdom's courts are of course available to Members of Parliament as individuals. But how should Parliament as an institution deal with hacking? Does Parliament need additional or distinct remedies that are not available to others? It is to those questions that we turn next.

6   Full text available at Back

7   See Back

8   Appendix, paragraph 3 Back

9   Second Report from the Culture, Media and Sport Committee, Session 2009-10, HC362, paragraph 465 Back

10   Second Report from the Culture, Media and Sport Committee, Session 2009-10, HC362, paragraph 466 Back

11 Back

12   For a more detailed discussion of this point, see Appendix, paragraphs 4 to 11. See also oral evidence by Lord Macdonald of River Glaven QC to the Committee on the Protection of Freedoms Bill, 22 March 2011 (morning sitting), col 33.  Back

13   Appendix, paragraph 12 Back

14   Memorandum submitted to the Home Affairs Committee by Keir Starmer QC, Director of Public Prosecutions, October 2010 Back

15   Appendix, paragraph 17 Back

16   Appendix, paragraph 18 Back

17   Appendix, paragraphs 19 to 27 Back

previous page contents next page

House of Commons home page Parliament home page House of Lords home page search page enquiries index

© Parliamentary copyright 2011
Prepared 31 March 2011