Schedule 7 and the case of Muhammad Rabbani: Privacy on trial
The case of Muhammad Rabbani has once again brought focus to the sometimes dichotomous need for police and security services to safeguard society against terrorism, and the rights and privileges of individuals.
Last November, counter-terrorism officers exercising their powers under Schedule 7 stopped Rabbani, the managing director of the British human rights organisation Cage, as he re-entered the UK at Heathrow Airport.
According to Rabbani, he was returning from Doha where he had attended the wedding of the son of a man who had been tortured by the US and whom he was helping prepare for a legal complaint.
Rabbani said he had only gone to Doha for the wedding and had not expected to return with any sensitive documents, something that changed while he was there.
Where we sleep, where we go, what our interests are and our most intimate and personal correspondence with family and friends are now all potentially knowable in the post-Snowden environment
During the stop, Rabbani stated that he was told that he was not the subject of any criminal suspicion, but was nonetheless required to hand over all of his electronic devices for inspection by the authorities. The confiscation of electronic devices as well as the requirement to provide the relevant passwords is authorised under the Schedule 7 powers contained in the Terrorism Act 2000.
Rabbani provided the devices, but refused to hand over the associated passwords. He stated that he felt that his personal privacy as well as Article 8 of the European Convention on Human Rights would be violated. That refusal led to Rabbani’s arrest.
Rabbani was released later that day after six hours of detention and immediately conferred with his attorney. A few days later, his attorney, Gareth Peirce, sent two letters to the authorities offering to share his passwords and allow the contents of his devices to be inspected provided an independent reviewer was utilised to review the material.
Whether ongoing negotiations took place to avoid charges or to discuss who might provide an independent review of Rabbani’s devices was not discussed in court but charges were eventually filed with the Crown Prosecution Service on 17 May this year.Earlier this week, Rabbani was found guilty of “wilful obstruction” for not supplying his passwords on demand of the authorities and was sentenced to £620 in fines and given a 12-month conditional discharge. Immediately following the verdict, Rabbani vowed to appeal the ruling.
Not the first
The Rabbani case is the latest in what has become a series of legal challenges to the Schedule 7 provisions. Previous cases include Beghal v DPP - involving Sophie Beghal, whose husband Djamel Beghal had been convicted of terrorism and who was stopped under Schedule 7 at East Midlands Airport in January 2011 - and Miranda v Secretary of State for the Home Department and Commissioner for the Metropolitan Police, the case brought after David Miranda, who was detained at Heathrow Airport for nine hours in August 2013 and was carrying encrypted files from Edward Snowden, the whistleblower.
Those that advocate against Schedule 7 are quick to state a laundry list of grievances, not the least of which are that the power is too far reaching, there is no requirement of suspicion for individuals to be stopped and detained, that individuals are compelled to answer all questions, and that the data mining of electronic devises is a gross breach of one’s human rights to privacy.
The government’s position is that it is a highly effective deterrent in the fight against terrorism and, even though the information gleaned from an individual’s electronic devices may not be immediately useful, it might provide critical links to individuals and cases in the future.
In Rabbani’s case, the court was provided records showing that he was stopped and detained beyond the initial screening period on seven prior occasions and Rabbani testified that, in total, he has been stopped between 20 to 30 times.
During the Rabbani trial, it was clear that the judge was at least sympathetic to some of those grievances. As this case continues on appeal, it will no doubt further define what information is and is not appropriate for the authorities to access and how additional, if any, safeguards will be implemented.
On the appeal of the Miranda case, although the judges upheld the lower court’s ruling, they simultaneously warned that Schedule 7 appeared too arbitrary, that appropriate safeguards were not put in place, and that the definition of terrorism could not be extended to every case involving national security.
In response, significant changes were made to the Schedule 7 Code of Conduct including: scaling back the time inspecting officers have to conduct the interview; that interviews be recorded, and that information which is stated to be protected under attorney-client privilege; and journalistic material, or any other information that is held in confidence, must not be copied or otherwise inspected by the officers conducting the inspection.
However, although the Schedule 7 Code of Conduct is codified in law, and the authorities are bound to enforce Schedule 7 within those guidelines, the limits of those safeguards, how they are practised, who might be an appropriate authority to review confidential material, and the limits of sharing that information remains largely untested.
Additionally, the limitations only specially mention attorney-client privilege and journalistic material. How other professions such as academics who do sensitive research are treated and what are the limits of one’s personal privacy remain unspecified.
Keeping pace with technology
One of Rabbani’s arguments was that he was afraid that if the material was made available to the inspecting officers, it might then be shared further. As a researcher who does sensitive research, this is and should be a concern.
Unlike the United States where researchers are held to a code of ethics which is codified in law under the National Research Act of 1974, and the authorities would have to first obtain a warrant to inspect an academic's data and would then be prohibited from sharing that data any further, no similar legal mandate exists in Britain.
Another example is found in the case of those who have access to, use, or otherwise handle a person’s medical records, which is codified in law and regulated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
In those instances, individuals must receive authorisation from the individual to view those records. Similar to the National Research Act of 1974, the authorities would be required to obtain a warrant and no further distribution of the information could take place. Although HIPAA is used as a best practice in the UK, it is not reinforced in law.
Specifically, on the issue of one’s individual privacy, given the amount of information that can be obtained from one’s digital footprint, online presence and digital correspondence from mobile phones, computers, and other electronic devices, there may be a similar argument that the appropriate safeguards have not kept pace with the technology available to government and non-governmental groups about the most intimate aspects of our live.
Where we sleep, where we go, who we go there with, who we sleep with, what our interests are, what our sexual preferences are, and our most intimate and personal correspondence with family and friends are now potentially knowable in the post-Snowden environment.
Finding the balance
Currently, there is an interesting case making its way through the US Supreme Court which deals with many of the issues discussed regarding the electronic monitoring of individuals. The case is Carpenter v United States. In brief, Carpenter was under investigation for a string of robberies. The authorities accessed Carpenter’s mobile phone without a warrant and after overlaying Carpenter’s movements with the string of robberies, he was convicted.
Carpenter has since appealed arguing that his 4th Amendment right to privacy was violated. The case will have significant implications far beyond US law enforcement practice, not solely to answer the question about whether the police acted appropriately but what Carpenter, and in fact all of us, should reasonably expect our right of privacy to be in a digital world.
There are clear differences between US and UK law and it would be inappropriate to try and compare the two. That said, both countries appear to be on a similar course of determining what rights and expectations of privacy individuals should have, as well as providing the authorities with the necessary tools to keep society safe in today’s digital world.
Few would argue or otherwise want to constrain the police in their ability to interdict crime, and especially so in an age when terrorism is becoming a daily threat. However, the key is finding the appropriate balance and cases like Rabbani’s and Carpenter will undoubtedly continue to define those boundaries for the public and government alike.
- Dr Douglas Weeks specialises in radicalisation processes and counter-terrorism policy. His research has broadly centred on the convergence of counter-terror policy, delivered by public safety agencies, and how mainstream and radicalised individuals respond. Before entering academia he spent 29 years as a career firefighter and served as his city’s Terrorism Coordinator from 1996 until his retirement in 2009.
The views expressed in this article belong to the author and do not necessarily reflect the editorial policy of Middle East Eye.
Photo: Muhammad Rabbani arrives at Westminster Magistrates' Court in London 25 September 2017, for his trial, after being accused of refusing to reveal his mobile phone password at Heathrow Airport last year (AFP)