Intelligence Crimes — Legalised Hacking & The Scottish Ministers

Legal & Editorial Notice

This page is lawful political and civic-education commentary. Statutory quotations are taken from the publicly published Equipment Interference Code of Practice issued under the Investigatory Powers Act 2016. Polling figures are from public reporting. The page does not incite, glorify, instruct or recruit for any criminal offence, including violence, harassment, sedition or any unlawful act against any person or institution. Criticism of named public officials — including Scottish Ministers and the First Minister — is expressed on matters of public interest and is protected speech under Article 10 ECHR and the common-law right of fair comment.

1. The Statutory Architecture — Who Authorises State Hacking

"Equipment interference" is the polite UK term for state hacking: kernel-level access to a computer or phone, keylogger installation, data exfiltration, remote command. The Investigatory Powers Act 2016 (IPA 2016) put it on a statutory footing for the first time, and the accompanying Equipment Interference Code of Practice spells out who can sign off on it.

Equipment Interference Code of Practice · scope

"This Code of Practice is primarily intended for use by the public authorities able to authorise equipment interference activity under the Act, namely the intelligence services (Security Service, Secret Intelligence Service ('SIS'), and Government Communications Head Quarters ('GCHQ'))."

Equipment Interference Code of Practice · authorisation

"The decision to issue a warrant must be made personally by a Secretary of State or the Scottish Ministers in the case of an intelligence service, and by a Secretary of State in the case of the Ministry of Defence (Defence Intelligence). The decision to issue an equipment interference warrant for law enforcement agencies must be made by a law enforcement chief (or an appropriate delegate in urgent circumstances), listed in Schedule 6 of the Act."

The Scottish Ministers point, in plain English

For warrants relating to operations whose authorisation falls within devolved Scottish competence, Scottish Ministers themselves sign the paperwork that licences MI5, SIS or GCHQ to break into a UK citizen's device. The signature is not symbolic. It is the operative legal act that converts what would otherwise be a Computer Misuse Act offence into "authorised activity."

2. What The State Is Authorising — Examples From The Code Itself

The Code doesn't talk in abstractions. It gives worked examples of the conduct being licensed. Two of them, quoted directly:

Equipment Interference Code of Practice · "Example 1"

"An equipment interference authority covertly downloads data from a device (such as a smart phone or laptop) either through direct access to the device itself (for example by access to USB ports) or by remotely installing software which enables material to be extracted."

Equipment Interference Code of Practice · "Example 2"

"Key logging software is installed on a device by an equipment interference authority, making it possible to track every keystroke entered by users. The equipment interference authority uses the key logger to track the keystrokes used when logging into a relevant website."

Equipment Interference Code of Practice · complexity

"Equipment interference operations vary in complexity. At the lower end of the complexity scale, an equipment interference authority may covertly download data from a mobile device when it is left unattended, or an equipment interference authority may use someone's login credentials to gain access to data held on a computer. More complex equipment interference operations may involve exploiting existing vulnerabilities in software in order to gain control of devices or networks in order to remotely extract material or to monitor the user of the device."

If a private citizen did any of the above — covertly downloaded another person's smartphone data, installed a keylogger to capture login credentials, or exploited a software vulnerability to gain control of someone else's device — they would be charged under the Computer Misuse Act 1990 (s.1, s.2, s.3, s.3ZA) with offences carrying up to life imprisonment in the most serious cases.

3. The "No Offence" Clause — Legalised Crime

Equipment Interference regime · statutory immunity

"Where an equipment interference authority has obtained an appropriate authorisation, no offence will be committed by virtue of the CMA."

In plain language

The same act — installing a keylogger, exfiltrating a phone's data, exploiting a vulnerability — is a criminal offence with a prison sentence attached when an ordinary person does it, and no offence at all when a state operator does it with a piece of paper signed by a minister. The statute reaches the result by the simple expedient of stating that the Computer Misuse Act does not apply. The conduct is identical; only the signature is different.

4. The Human Rights Layer — Words On Paper

The Code makes the appropriate gestures toward the Human Rights Act 1998 and the ECHR:

EI Code · paragraphs 3.4 & 3.5

"The Human Rights Act 1998 gives effect in UK law to the rights set out in the ECHR. Some of these rights are absolute, such as the prohibition on torture … Amongst the qualified rights is a person's right to respect for their private and family life, home and correspondence, as provided for by Article 8 of the ECHR. It is Article 8 that is most likely to be engaged when the equipment interference authorities seek to obtain personal information about a person by means of equipment interference. Such conduct may also engage Article 1 of the First Protocol, the right to peaceful enjoyment of possessions, (which could include any equipment subject to interference) and Article 10, freedom of expression, which is another qualified right."

Article 8 — private and family life, home and correspondence. The whole point of equipment interference is to read what is in a person's correspondence, see what is in their home through their camera, and follow their family life through their device. The right is "qualified," which in practice means "balanced against national security in a courtroom the subject is never told about."
Article 1 of the First Protocol — peaceful enjoyment of possessions. The Code itself concedes the device subject to interference is a possession. Installing malware on it is not peaceful enjoyment by any plain reading.
Article 10 — freedom of expression. Capturing what a person writes, types, says or shares is precisely the chilling effect Article 10 was drafted to prevent.
Article 3 — absolute prohibition on inhuman or degrading treatment. Equipment interference combined with the other techniques described on this site (psychological pressure, family targeting, swatting) can cross into Article 3 territory. Article 3 admits no qualification. The Code does not engage with that.

5. Scottish Ministers, Prestwick, and the Politics of the Signature

The signature on an equipment-interference warrant is not abstract bureaucracy. It is signed by a named, accountable, elected (or appointed) minister. In Scotland's case, by Scottish Ministers. The same political class is currently making other signed decisions affecting Scottish sovereignty — including the use of Prestwick Airport, which is owned by the Scottish Government, as a transit hub for US military flights linked to operations in the Middle East.

56%

of Scots opposed US Air Force use of Prestwick for Iran-conflict operations

60%

opposed the broader US / Israeli military action in the Middle East

~25%

expressed support

Hundreds

of US military flights through Prestwick in recent months

Prestwick is owned by the Scottish Government. First Minister John Swinney has reportedly sought UK-level talks on the matter and faced pressure from anti-war groups to restrict access. The polling is unambiguous: the Scottish public, by a substantial majority, does not want their state-owned airport used as a refuelling station for foreign military operations they did not vote for.

Personal opinion · protected commentary

The Scottish Ministers signing equipment-interference warrants are, in many cases, the same political class deciding whether to challenge the use of a Scottish-Government-owned airport for foreign military operations the Scottish public has clearly told them it does not support. On both files the pattern looks the same to me: spineless, deferential to Westminster and Washington, and shameless about the gap between the polling and the policy.

If, as has been alleged in public reporting, US military flights from Prestwick have contributed to operations producing civilian casualties — including civilian children — then the moral weight of every Prestwick refuelling decision falls partly on Scotland's elected leaders. The majority of Scots do not want these wars. That majority is on the public record. The ministers signing the paperwork are also on the public record.

This is a personal opinion offered as protected political speech. It is not a call to any unlawful action. It is a call for ministers who hold a public mandate to behave in accordance with the mandate they were given.

6. Why It Matters — The Signature Joins Up Two Stories

Cynics will say "the warrants and the airport are different files, signed by different people, in different teams." Strictly true. But the political culture that produces both is one culture — a culture in which a minister's signature on a document affecting somebody else's rights is treated as a routine clerical act, and the substantive accountability for what flows from that signature is deferred indefinitely to inquiries, tribunals, and inspector-general reports that arrive years after the harm has been done. See Complaints & Suggestions.

7. What "Equipment Interference" Looks Like In Practice — On Me

I describe in detail elsewhere on this site (My Experience, Spyware Capabilities, Digital Wiretap) the operational pattern I have lived through:

Direct device access

Consistent with EI Code Example 1 — covert downloads from a smartphone, including periods when the device was unattended.

Keystroke capture

Consistent with EI Code Example 2 — behaviour suggestive of keylogger-style capture across login flows.

Exploited vulnerabilities

Consistent with the Code's "more complex" tier — remote control of devices via existing software vulnerabilities. See also Pegasus / BLASTPASS in Spyware Capabilities.

Network & account access

Patterns consistent with use of stolen credentials and account-level access — email rerouting, session anomalies, platform-level interference.

Lateral spread

Anomalies on devices belonging to close family members consistent with deliberate lateral access through contact relationships.

Persistence beneath protections

Continuation of anomalies even with iOS Lockdown Mode enabled — suggestive of either pre-existing persistence or higher-tier exploitation.

The legal point

Each of the items above corresponds to conduct the Equipment Interference Code expressly describes as the kind of activity it is intended to govern. That does not mean the conduct I have experienced was lawfully authorised. It means that if any of it was, the only body that could confirm it is the Investigatory Powers Tribunal — whose limits are described in Complaints & Suggestions — and if none of it was, the conduct falls outside the statutory immunity entirely and is back inside the Computer Misuse Act offences I described above.

8. The Bottom Line

A country that lets its ministers sign keylogger-installation warrants in the morning, refuels foreign bombers at a state-owned airport in the afternoon, and tells the citizens whose devices were keylogged and whose airport was used that none of this can be discussed in open court — has not abolished the rule of law. It has simply moved most of it indoors, behind a single signature, with no door the public is allowed through.

Lawful remedies only

Concerns described on this page should be pursued through lawful channels: the Investigatory Powers Tribunal (with its acknowledged limits), the Investigatory Powers Commissioner's Office, the Scottish Parliament, the UK Parliament, Members of the Scottish Parliament and Westminster MPs, qualified journalists, and human-rights NGOs (Liberty, Big Brother Watch, Privacy International, Amnesty International, Common Weal Scotland). Nothing on this page is, or should be read as, encouragement of any unlawful response to any person, public official, or institution.

Primary Sources & Further Reading

Investigatory Powers Act 2016 — Part 5 (Equipment Interference)
Equipment Interference Code of Practice (Home Office, statutory code under IPA 2016)
Computer Misuse Act 1990 — s.1, s.2, s.3, s.3ZA
Human Rights Act 1998 — incorporating ECHR Articles 3, 8, 10 and Protocol 1 Article 1
Investigatory Powers Tribunal — published judgments
Big Brother Watch v United Kingdom, Grand Chamber, ECtHR (2021)
Public polling on Prestwick / US military flights and Middle East policy
Reporting on First Minister John Swinney's engagement with UK government on Prestwick
Citizen Lab and Amnesty Tech publications on Pegasus and similar mercenary spyware
European Parliament PEGA Committee — report and recommendations on commercial spyware