Operation Weeting: Voicemail Interception Confusion

by @edent | # # # # # | 2 comments | Read ~161 times.

I don't usually get involved in legal blogging. I am not a lawyer, and I find the finicky details somewhat hard to follow. That said, I do appreciate how (most) judges in the UK write their judgements in a relatively clear and unambiguous manner.

Jack of Kent today pointed out the recent judgement on Operation Weeting - which is looking into the alleged illegal interception of voicemail messages.

The full text of the judgement is fairly simple to understand - although one curious part caught my eye.

Systems used to transmit voicemail messages

8. The provisions of sections 1 and 2 RIPA are intended to apply to a number of different technologies. In this appeal we are concerned only with voicemail messages left for an identifiable recipient on the voicemail facility of his or her private mobile telephone which is operated by a cellular network service provider and is part of a public telecommunication system to which the phone is connected.

9. For present purposes, it is convenient to adopt the description of such a system provided by the Crown and with which the appellants have not taken issue.

(1) The mobile handset operates as a radio transmitter/receiver.
...
(7) The relevant interception conduct ("hacking") involves remotely accessing the voicemail box by dialling, from another telephone, the telephone number relating to it and bypassing any security feature, so as to be able to listen to the content of the message, without the knowledge or consent of the subscriber, at a time when the recorded message is stored there, not yet having been deleted.

(8) It may be the case that the message either has or has not previously been heard in whole or in part by the subscriber. This will not be known by the hacker when the hack takes place and is outside his control.

(9) The hacker therefore achieves access to the message by "impersonating" the intended recipient. If the message is inaccessible to the intended recipient, it cannot be hacked. Whether before or after it has been listened to by the intended recipient, it will only be capable of being intercepted if it is stored in the system in a manner which means that the intended recipient has access to it.

I am loath to give ammunition to those who stand accused, but (8) appears to be factually incorrect to me

Here's a recording of me accessing my own voicemail:

"You have a new message and four saved messages."

Every voicemail system I've ever used will tell me if a message has previously been listened to or is brand new. Unlike with email, I'm not aware of any voicemail system in the UK which allows you to mark an old message as new. It is possible to save messages so they don't get deleted - but that's about it.

If a "hacker" were to access someone else's voicemail box - they wouldn't know if a message had been heard and then deleted, obviously, but they would instantly know which messages had been heard and which had not yet been heard.

Or have I fundamentally misunderstood something?

2 thoughts on “Operation Weeting: Voicemail Interception Confusion

  1. ˈthē-ˈˈärd-ˌvärk (@theaardvark) says:

    If you hang up before the end of a new message does it not remain a new message? (I only have experience with Orange & EE) So you could listen to it without altering its status.

  2. Neil says:

    It perhaps depends on what is considered to be "the hack" — this information is only available *after* someone has gained access to the system. It might thus be true to say that, at the point at which someone gained access to the account on the voicemail server, that person would not know whether any messages relating to that account had been listened to or not.

    Immediately after access — perhaps before any individual message is played — a user is likely to know, given functionality of the type you posted here.

    I have not read the judgement, so this is purely my speculation!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.