As UK Criminals Jailed ‘Mist of Secrecy’ Remains About French EncroChat Data Hack

As UK Criminals Jailed ‘Mist of Secrecy’ Remains About French EncroChat Data Hack
Paul Fontaine (left) and Frankie Sinclair, pictured in police mugshots taken in November 2020. Metropolitan Police
Chris Summers
Updated:

LONDON—Two British men have been jailed for conspiracy to murder and a number of other crimes after a prosecution that was made possible only when French police hacked into the EncroChat network.

Paul Fontaine, 36, from Hackney, east London, and Frankie Sinclair, 34, from Cardiff, Wales, were jailed for life, with a minimum term of 18 years, on Friday for conspiracy to murder after a trial at the Old Bailey in London.

Judge John Hillen said they were both part of a “nationwide criminal network” which used EncroChat.

The trial was one of a number in the last year involving evidence from a hack of the EncroChat encrypted phone network, which at one time included 50,000 users, more than 5,000 of which were reportedly in Britain.
Lawyers and civil rights groups across Europe are challenging the secret operation that hacked EncroChat in spring 2020.

Convictions Could Be Quashed

Britain’s Investigatory Powers Tribunal is set to deliver a final ruling later this year in response to various challenges over the legality of the hack, which could mean dozens of EncroChat convictions, like that of Sinclair and Fontaine, could be quashed.

A Belgium-based NGO, Fair Trials, has called for a moratorium on EncroChat prosecutions and wants a European parliamentary inquiry into the use of Pegasus, the Israeli-made spyware, to be extended to include EncroChat.

Laure Baudrihaye-Gérard, legal director (Europe) of Fair Trials, said the EncroChat hack was a massive fishing expedition by the French police and she told The Epoch Times: “This was just a massive trawl. Mass police surveillance which was contrary to any form of EU rules on privacy and data protection.”

Some time in March 2020 French police, using malware in the form of a software update, managed to hack into EncroChat’s network which was hosted on a server in the town of Roubaix in northern France, and infiltrated tens of thousands of encrypted messages between individuals who used EncroChat phones.

In June 2020 EncroChat cottoned on to the fact its server had been compromised and sent a message to all users warning them to stop using their phones and dispose of them immediately.

French Police Shared Data With Forces All Over Europe

But French police were already sharing the information they had harvested with law enforcement agencies across Europe via Europol.
National security journalist Duncan Campbell told a Fair Trials webinar in March 2021 the British police could have used the data simply as intelligence, like they would have done for phone tapping evidence, but they clearly felt like “Christmas had come early” and decided to get around the Investigatory Powers Act so they could use it in prosecutions.
An undated handout photo issued by the Police Service of Northern Ireland of police during a raid in Operation Venetic, an investigation into EncroChat, an encrypted phone network. (PA Media/Police Service of Northern Ireland)
An undated handout photo issued by the Police Service of Northern Ireland of police during a raid in Operation Venetic, an investigation into EncroChat, an encrypted phone network. PA Media/Police Service of Northern Ireland

Britain’s National Crime Agency took the data it had been given by Europol and immediately launched Operation Venetic, passing information to local forces which swooped on suspects all over the country.

Computer Weekly reported that Campbell gave evidence as an expert witness at the trial of Fontaine and Sinclair and said: “None of us in the field have ever seen a case where there is no possibility of checking original data. And that is creating a problem for everyone. You have the real-world data but also have data that has emerged from behind a wall of complete secrecy. The situation is unprecedented.”

The Identities Behind Usualwolf and NudeTrain

Fontaine—whose EncroChat handle was Usualwolf—was said to have supplied a 9 mm Makarov self-loading pistol used to murder Abdullahi Mahamoud in Enfield, north London, on March 19 2020.

He later sourced a Walther PPK pistol in Newcastle for Sinclair—whose EncroChat handle was NudeTrain—to murder rival Keiron Hassan, but that attack was thwarted when Hassan was arrested, and later jailed for 20 years, for an unconnected crime in Cardiff.

Two men — Chris Dixon and Elliott Hopewell — who supplied Sinclair with the gun are still awaiting sentencing in Newcastle while another gun supplier, known only by his EncroChat handle, Chestbridge, remains at large.

Acting Detective Inspector John Cowell, an EncroChat expert in the Metropolitan Police, testified in December 2021 at the trial of Anis Hemissi, a Swedish assassin who was jailed for life in February 2022 for murdering gangster Alex Beqiri on the doostep of his London home on Christmas Eve 2019.

Cowell told the trial at Southwark Crown Court, “Between March and June 2020 communications on EncroChat were captured by law enforcement.”

He said EncroChat, which used specially designed Android smartphones, was “highly secure” and this had been its unique selling point in adverts aimed at criminals.

“They said it was like two people in an enclosed room. They guaranteed nobody would find your messages,” said Cowell.

He said EncroChat phones had settings which allowed the user to set a “burn time” of between one second and 14 days, which meant you could not only delete messages on your handset after you had sent them, but you could also wipe them from the handset of the person who received them.

EncroChat Phones Had ‘Panic Wipe’

Prosecutor Peter Ratliff QC asked him, “Was there a panic wipe feature?”

“Yes. If you were stopped by law enforcement you could give them a PIN code which would wipe the device,” replied Cowell.

It was suggested during the trial that Hemissi had done just that when police asked him for the PIN number to his own EncroChat phone.

Cowell said: “If you turned the phone on it would look like a normal smartphone. But if you turned it on in a certain sequence it would turn on the secure system.”

He said: “They weren’t widely available in the UK. You couldn’t buy them in Carphone Warehouse or wherever. You had to buy them on the EncroChat website or from a reseller.”

Gwen Jansen, a Dutch defence lawyer and member of the advisory board of the European Criminal Bar Association, said there had been a “mist of secrecy” surrounding the EncroChat hack which had made it hard for people to get a fair trial.

She said lawyers for EncroChat clients in a number of countries were hoping to get their cases looked at by the European Court of Justice and she said she would fight it to the “bitter end.”

Jansen said there had been a “huge breach of privacy” with EncroChat and she told The Epoch Times: “What worries me is there are no rules on when it should stop. You can say EncroChat is said to be used by many criminals but the next question is Telegram, look people use Telegram, are we going to collect all their data? And then the next thing is we collect all the phone data?”

Setting a Dangerous Precedent?

Baudrihaye-Gérard agreed: “What sort of precedent does it set? What if they decide to go after WhatsApp next?”

“It’s about transparency and accountability. It’s a massively dangerous precedence and dangerous path they’re going down,” Baudrihaye-Gérard added.

In Britain there has already been one attempt to challenge an EncroChat conviction in the Court of Appeal.

Lawyers for a group of anonymous defendants claimed EncroChat data was the same as evidence obtained by phone tapping, which is inadmissible in English and Welsh courts.

But the prosecution claimed it should be treated in the same way as messages on mobile phones, which are admissible in court.

The key was whether, at the point the data was intercepted, it was being “stored in or by” the system by which they were transmitted, or were “being transmitted.”

A group of people who were targeted by the EncroChat investigation have taken their cases to the Investigatory Powers Tribunal, a secretive body which supervises warrants for phone tapping and data interception by the police and intelligence services.

The Investigatory Powers Tribunal is set to deliver a final ruling in September.

Since the EncroChat operation, two other encrypted networks have been broken, Sky ECC and AN0M.

The Epoch Times reached out to the UK’s National Crime Agency, which said it could not comment while there were “ongoing proceedings.”

Chris Summers
Chris Summers
Author
Chris Summers is a UK-based journalist covering a wide range of national stories, with a particular interest in crime, policing and the law.
Related Topics