Police intercept proof from Sky ECC cryptophone community ‘unreliable’, Antwerp court docket advised
A court docket in Belgium has refused to permit defence legal professionals in a high-profile medication case additional time after a forensic knowledgeable discovered that digital proof obtained by police in a hacking operation towards the Sky ECC encrypted cellphone community and relied on by prosecutors was “unreliable”.
The Antwerp Regional Court docket heard proof from a British forensic knowledgeable that raised new doubts over the digital proof provided by Belgian police to prosecute a number of legal circumstances linked to a high-profile medication kingpin, Nordin El Hajjioui, who’s accused of importing narcotics by way of Antwerp.
Defence legal professionals introduced proof from forensic knowledgeable Duncan Campbell that discovered errors and inconsistencies in information analysed by Belgian investigators that had not been defined or highlighted to the court docket. His report urged the info was processed by individuals who could not have understood easy methods to course of it accurately.
‘Equivalent’ datasets weren’t an identical
The court docket heard that there have been important variations between datasets submitted in 2022 and 2025 that prosecutors had claimed have been “an identical”. It discovered that 108,000 messages had been added to the latest dataset.
Prosecution claims that the brand new messages had solely not too long ago been decrypted didn’t stand as much as scrutiny, because the unencrypted variations of the brand new messages didn’t exist within the authentic information, and a big proportion of the brand new messages had but to be decrypted.
The court docket was advised that the processes used to offer Sky ECC information to the court docket weren’t clear or verifiable, and that there was no indication that police information evaluation conformed with internationally accepted forensic requirements.
The info recordsdata weren’t licensed by digital fingerprints, file hashes or digital signatures that are used to confirm that no unintentional or deliberate modifications may have been made to digital proof.
Belgium developed internet device to analyse information
The Belgian police used beforehand undisclosed internet software program, often known as Edge, developed by Belgium’s directorate for the struggle towards severe and organised crime (DJSOC) as a platform to analyse information from Sky ECC, it emerged.
In keeping with Reisinger, Campbell’s evaluation confirmed that the Edge device was not match for goal, had produced important errors, and didn’t produce proof to the usual required for legal trials.
Proof introduced in spreadsheets had gone by way of filtering processes, which had led to messages being duplicated or modified, or being linked to totally different Sky ECC identities or totally different occasions and content material.
Defence refused uncooked intercept information
Defence legal professionals stated that to finish their investigation into the reliability of the info, they would want entry to the uncooked intercepted information from Sky ECC and details about the chain of custody of the info, which has not been disclosed to the court docket by police.
“There are issues and we have to set up the reliability of the info. We requested for the uncooked information and an evidence from the police of the chain of proof, however ultimately, the court docket determined to not do it,” stated Reisinger.
Prosecutors claimed that Campbell, who acted as an knowledgeable witness in trials towards drug gangs that used the EncroChat encrypted cellphone community and produced joint stories with a forensic knowledgeable from the UK’s Nationwide Crime Company, was not impartial.
The court docket stated it might take Campbell’s findings into consideration, however wouldn’t postpone the trial to permit additional knowledgeable evaluation of the reliability of the info.
French interception operation
The prosecution towards El Hajjioui, often known as Dikke Nordin, depends on messages intercepted by French, Dutch and Belgian police from a hacking operation into the Vancouver-based encrypted cellphone community, Sky ECC, in 2020.
The operation supplied police with “real-time” entry to messages exchanged between members of organised legal teams, after they connected a “man-in-the-middle” server to the Sky ECC infrastructure on the OVH Datacentre in Roubaix, France (pictured above), to intercept messages and encryption keys.
Some 1,600 Belgian legislation enforcement officers took half in raids in March 2021 on premises linked to medication, cash laundering and bribery, after police infiltrated Sky ECC’s servers in France and decrypted “a whole bunch of thousands and thousands” of supposedly encrypted messages.
Spain and Italy query Sky ECC reliability
The reliability of Sky ECC proof was known as into query final week by courts in Italy and Spain. The provincial court docket in València acquitted 14 folks after discovering that prosecutors couldn’t depend on digital proof to show their case, until the defence was supplied with entry to the uncooked intercepted Sky ECC information.
An Italian court docket individually ordered prosecutors to make uncooked intercept information obtainable to defendants to permit them to conduct impartial checks into the reliability of the proof.
The case towards Nordin El Hajjioui is because of resume tomorrow.
