Hacking law doesn't protect mail once it's read

Unread spam email enjoys greater protection under UK law than the most confidential messages in your email or voicemail inbox, if you’ve already accessed them.

That was the opinion given by Metropolitan Police Assistant Commissioner John Yates to a hearing of the House of Commons’ Home Affairs Select Committee last week.

Yates was receiving a grilling from MPs over the legal protection given to individuals from hacking into voicemail, email and other messaging services in the wake of the controversy surrounding mobile hacking at the News Of The World in 2006, under the editorship of Andy Coulson, now PM David Cameron’s chief spin doctor.

Offences concerning the interception of communications are defined in the Regulation of Investigative Powers Act 2000 (RIPA). But as Yates revealed, RIPA has proved "very prescriptive", making prosecutions difficult to obtain.

In response to a question about a lack of prosecutions for hacking, Yates told MPs:

“There are very few offences that we are able to actually prove that have been hacked. That is, intercepting the voicemail prior to the owner of that voicemail intercepting it him or herself”.

Legal blog Hawktalk elucidates the thorny issue in a blog post, noting that Sections 2(2) and 2(4) of RIPA define interception of a communication as occurring when it is accessed “in the course of its transmission” or “while being transmitted”.

According to Yates, the legal advice from the Met is that once you’ve read an email or accessed a voicemail message, it “has been transmitted” – so no offence of interception under RIPA can be committed.

The option to prosecute under Section 55 of the Data Protection Act still exists – but rather than the stiff custodial sentences, most prosecutions under this statute result in relatively meagre fines. Hardly a deterrent to the kind of wholesale surveillance alleged to have occurred at the News Of The World.

The distinction between read and unread messages also brings into question the level of protection that RIPA provides against the abuse of regulatory powers by police and other investigating authorities.

Yates's evidence suggests that you're protected from the authorities snooping on email or phone messages you've already accessed only by the less effectual Data Protection Act, rather than the more robust provisions of RIPA – which was one of the reasons that RIPA was put there for in the first place.

The big issue in Coulsongate is no longer whether one editor may or may not have known about phone or email hacking - but why the British public remains unprotected against it.