New Garda powers Bill must go back to the drawing board

Proposal may be breach of European Convention on Human Rights and Constitution

The proposal does not provide for any safeguards regarding sensitive information such as files held by doctors, journalists, or public representatives. Photograph: iStock

The proposal does not provide for any safeguards regarding sensitive information such as files held by doctors, journalists, or public representatives. Photograph: iStock

 

What do you keep on your mobile? For most people the answer goes beyond just details of telephone calls and text messages – the smart phone is a repository for years’ worth of photographs, personal emails, private files, web-browsing records, location tracking, and health data.

As the US Supreme Court put it in 2014, “adults who own a cell phone keep on their person a digital record of nearly every aspect of their life – from the mundane to the intimate . . . a cell phone search would typically expose to the government far more than the most exhaustive search of a house: a phone not only contains in digital form many sensitive records previously found in the home; it also contains a broad array of private information never found in a home in any form”.

The sensitivity of your phone means that this week’s proposal from the Department of Justice for a new Garda Síochána Powers Bill requires close scrutiny. That proposal would introduce a new power for gardaí, when carrying out search warrants, to demand your password or PIN and require you to biometrically unlock your phone (or tablet, or computer) using your fingerprint or face.

As well as taking a copy of everything on the device itself, gardaí could also use the device to access any other service you use – such as your webmail, cloud storage, or online banking – and then take a copy of that data also.

Very few countries have laws requiring password disclosure and in several jurisdictions, courts have held that mandatory disclosure of passwords is incompatible with the right to silence

The way in which the searches would be carried out is concerning. Failure to comply with the demand there and then (with no right to consult a solicitor) would be an offence exposing you to immediate arrest, punishable by imprisonment for up to five years and a fine of up to €30,000. This power would also apply to the devices of “any person present at the place where the search is carried out”, including for example the parents or siblings of a suspect or someone who shares a house with them.

At the moment there is a similar power only for a narrow set of crimes – mainly dishonesty offences and cybercrime. The significance of this proposal is that it would extend this to every warrant, in relation to every type of crime. Indeed, this power could apply in some cases without any crime at all: the proposal envisages that the Competition and Consumer Protection Authority and the Office of the Director of Corporate Enforcement may seek such warrants even “where no offence is suspected”.

What safeguards would be in place in relation to these searches? Material which might be legally privileged, such as correspondence from your solicitor, must be kept confidential and only inspected following assessment by the High Court. Otherwise, the proposal does not provide for any safeguards regarding sensitive information such as files held by doctors, journalists, or public representatives.

The lack of protection for journalists’ sources is particularly notable as a High Court judgment from 2020 on exactly this issue (seizure of a journalist’s mobile phone) strongly suggests that the failure to provide safeguards is in breach of both the European Convention on Human Rights and the Constitution.

The current proposal would greatly widen the search warrant to permit the search of a person’s entire digital life, but without introducing any corresponding protections

The proposal does little to ensure that irrelevant material will not be seized and searched. Instead, if something “may contain” information within the scope of the warrant and “it is not reasonably practicable” to separate out that information then all the material – such as the entire contents of a device or the whole of an email account – may be seized and searched. In practice, this means that in most cases the entire contents of a phone, an email account, and so on will be copied.

The only limit on the extent of searches is that a code of practice may be adopted which may deal with searches of irrelevant material – but breaches would be a matter for internal disciplinary proceedings only, and would not have any other legal effect. This is particularly worrying given the danger that phones will be trawled for intimate images.

This proposal is also significantly out of line with international standards. Very few countries have laws requiring password disclosure and in several jurisdictions, notably Canada and several US states, courts have held that mandatory disclosure of passwords is incompatible with the right to silence and the privilege against self-incrimination.

Even in those jurisdictions where password demands are permitted, they are usually exceptions to the usual rule and can generally only be made on the basis of some special circumstances.

In the UK, for example, a notice to disclose a password can only be issued where a judge finds that such a notice is proportionate, that there is no other reasonably practicable way to access the relevant information, and that access is necessary for purposes such as national security or the prevention or detection of crime. The current proposal – by providing for password demands indiscriminately, in relation to every search warrant – is unprecedented.

Historically, search warrants were relatively limited documents which permitted the search of a particular place for a physical thing. The current proposal would greatly widen the search warrant to permit the search of a person’s entire digital life, but without introducing any corresponding protections, and without any evidence that this huge extension of powers is necessary. It must go back to the drawing board.

Dr TJ McIntyre is an associate professor in the UCD Sutherland School of Law, consultant solicitor with FP Logue Solicitors and chair of Digital Rights Ireland

The Irish Times Logo
Commenting on The Irish Times has changed. To comment you must now be an Irish Times subscriber.
SUBSCRIBE
GO BACK
Error Image
The account details entered are not currently associated with an Irish Times subscription. Please subscribe to sign in to comment.
Comment Sign In

Forgot password?
The Irish Times Logo
Thank you
You should receive instructions for resetting your password. When you have reset your password, you can Sign In.
The Irish Times Logo
Please choose a screen name. This name will appear beside any comments you post. Your screen name should follow the standards set out in our community standards.
Screen Name Selection

Hello

Please choose a screen name. This name will appear beside any comments you post. Your screen name should follow the standards set out in our community standards.

The Irish Times Logo
Commenting on The Irish Times has changed. To comment you must now be an Irish Times subscriber.
SUBSCRIBE
Forgot Password
Please enter your email address so we can send you a link to reset your password.

Sign In

Your Comments
We reserve the right to remove any content at any time from this Community, including without limitation if it violates the Community Standards. We ask that you report content that you in good faith believe violates the above rules by clicking the Flag link next to the offending comment or by filling out this form. New comments are only accepted for 3 days from the date of publication.