Police forces across the United Kingdom attempted to buy powerful surveillance technology from cybersecurity firm Hacking Team, leaked emails show.
London's Metropolitan Police Service and the National Crime Agency (NCA) — the UK's answer to the FBI — both tried, and apparently failed, to cut deals, according to emails released as part of a huge cache of sensitive documents that were leaked from the offensive security company by a hacker on July 5.
But the emails also disclose that one regional police force — Staffordshire Police in England's Midlands — enquired about the purchase of intrusive surveillance products.
The dealings with Staffordshire Police will raise concerns among civil liberties campaigners about the surveillance technology available to ordinary police units.
In June last year, the force enquired about the capabilities and cost of a piece of technology that appeared to allow police to hack into WiFi and retrieve user data from connected devices.
Staffordshire Police's Head of Intelligence confirmed to VICE News that the emails were genuine. The contact was "simply an initial inquiry and did not progress any further," Detective Chief Inspector Rich Finlow said in a statement.
Finlow added, however, that his force makes "regular enquiries to various companies to understand the functionality and capabilities of products on the market."
"The force is at the forefront nationally in terms of developing its capability to combat cyber crime and we do have a dedicated team to exploit digital technology," he said.
Britain's police forces have only recently formed regional surveillance units with the power to carry out covert and intrusive investigations, which were previously overseen by the now-dissolved Serious Organised Crime Agency.
A leaked email from 2011, first disclosed by The Intercept, suggests that dealings with Hacking Team were affected by concerns about the legality of the company's technology. A UK-based corporate partner relayed the Metropolitan Police's concerns to Hacking Team: their equipment was "just so good that it crosses a number of issues re Lawful Inception [sic] in the UK."
Those concerns seem to have been relieved by September 2013, when the Metropolitan Police told Hacking Team it was "ready to progress the trial" of a spying tool. A confidential "Statement of Requirements" listed everything they wanted the tool to do: it would be secretly introduced to a phone or computer operating system, and would then "receive, record and playback the 'Product' retrieved from the third party."
The tool's exact capabilities are unclear, but the deal was worth 385,000 pounds ($596,000) to Hacking Team.
But the Met broke off the deal in May 2014 following "internal reviews on how we wished to move this area of technology forward."
The police force declined to discuss the deal with VICE News. "We are aware of media reports and are making inquiries," a spokesperson said.
Hacking Team seemed to impress the NCA. A demonstration in January this year was "extremely well received and proved to be a real eye opener for what can be achieved."
A follow up email in April shows the NCA attempting to build a business case for the keystroke-logging software. The NCA declined to confirm or deny to VICE News whether the deal ever went through, however.
"The NCA deals with the most serious criminals who are doing the worst things," the spokesperson said. "In order to disrupt their criminal activity effectively we look at all the tools and technology that might be available to us. We don't discuss which ones we end up using."
Follow Ben Bryant on Twitter: @benbryant
Photo via Flickr