NGO director guilty of denying police his device passwords

Muhammad Rabbani refused to divulge iPhone and MacBook passwords at Heathrow airport

The international director of Cage, an advocacy organisation that fights anti-terror laws, was yesterday found guilty of wilfully obstructing the police by failing to hand over his device passwords after being detained at Heathrow airport.

Muhammad Rabbani, 36, was stopped under Schedule 7 of the Terrorism Act 2000 after landing at Heathrow airport on 20 November 2016. He was returning from a wedding in Qatar, where he met a man who allegedly had been tortured in the US, according to The Guardian. It said Rabbani had downloaded evidence pertaining to the allegations and planned to bring it to the UK to give to British lawyers.

Upon landing in Britain, the police arrested Rabbani for refusing to disclose passwords to his iPhone 6s, a Macbook Air and a USB device, all of which police then confiscated.

In line with Cage's policy on client confidentiality, Rabbani refused to hand over his passwords to protect sensitive data. However, the judge at Westminster magistrates court ruled that this wasn't a legal defence, according to the BBC - only journalists and lawyers have some legal protections regarding privileged material.

Advertisement - Article continues below
Advertisement - Article continues below

Rabbani was found guilty of "wilful obstruction or sought to frustrate, an examination or search under Schedule 7 of the Terrorism Act 2000, contrary to paragraph 18(1)(c) of that Schedule". The judge gave him a 12-month conditional discharge and ordered him to pay 620 in costs.

But Rabbani said the judge expressed that the case was complicated, and she reportedly said that "the importance of passwords and privacy cannot be overstated in the 21st century".

"Today's judgement based on the judge's and prosecution's acceptance that I am of good character and worthy of belief, highlights the absurdity of the schedule 7 law," argued Rabbani, in a statement on Cage's website.

"They accept that at no point was I under suspicion, and that ultimately this was a matter of having been profiled at a port. There are important implications for our collective privacy as s.7 acts as a digital strip search."

He used his conviction to argue that the Schedule 7 legislation must be challenged, saying: "If privacy and confidentiality are crimes, then the law stands condemned. Cage and I are glad we brought this case, and the result indicates that our only option is to change the law. Schedule 7 actively discriminates, and this will hopefully be the start of a number of legal challenges as more people take courage to come forward."

The director had reportedly been stopped more than 20 times on previous occasions. On two previous occasions he had been asked for passwords to his devices, and he responded that he would prefer not to disclose them, and the police did not pursue the matter.

Advertisement - Article continues below

The Guardian reported that Rabbani's lawyers plan to appeal to the high court, arguing that existing police powers don't do enough to protect privacy or legally privileged material.

Jim Killock, executive director of Open Rights Group, said: "These powers are blanket and do not require suspicion. They have been employed against journalists and others to compel them to provide information which could breach professional privilege and confidentiality.

"If Muhammad Rabbani is suspected of a crime, there are separate routes under RIPA which can be employed, which at least require a genuine reason to be specified before they are investigated."

In the US, the Trump administration considered adopting new measures back in April to force visitors to hand over their phones and passwords. Foreigners may have been expected to reveal mobile phone contacts, social media passwords and financial data to enter the country.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020