Ever since news emerged that the British Pregnancy Advisory Service (BPAS), a charity which provides young women with pregnancy advice and services – including information and assistance with abortion – had been subject to thousands of hacking attempts from addresses in the USA, there’s been a fair bit of discussion about the US/UK ‘special relationship’ and its attendant extradition treaties.
Most people are becoming increasingly aware of the UK situation with regards to extradition – in that it pretty much appals the majority of the reasonable public, whatever their political orientation. Perhaps unsurprisingly in today’s internet age – where the web throws up constant challenges for the judiciary and law enforcement – it is with regard to various online crimes that the shortcomings of the UK’s current laws and treaties are being most critically exposed.
Gary MacKinnon, the autistic computer engineer from Scotland who hacked into NASA and US military systems, is controversially facing up to 60 years in jail if extradited to the US – despite the fact he made no profit from his crimes and claims he was initially seeking evidence of ‘UFO cover-ups’. Meanwhile, Richard O’Dwyer, the British student creator of tvshack.com, which provided links to externally-hosted but copyrighted content, is facing imminent extradition and a potential sentence of 10 years in a US high-security prison.
Public opinion is pretty strongly against either of these extraditions (neither man would face a fair trial in the US considering how much legal expenses would amount to – and the fact is that most similar cases never even make it to trial; most defendants are worn down to some sort of plea bargain after years spent in limbo in the system). In addition, both of the likely jail terms seem absolutely draconian (10 and 60 years respectively, in a high security prison) and completely inappropriate considering the circumstances of the two men (US high-security prisons are not exactly humane environments for disabled inmates for example).
Contrast this with the case of the radical muslim cleric Abu Qatada, currently fighting extradition to Jordan on terrorism charges, whom it seems the UK government is increasingly unable to deport (despite the fact he has known links to Al-Qaeda, including providing the spiritual propaganda for 9/11, advocated the killing of non-muslims, Jews, Americans and pretty much anyone who doesn’t follow his extreme fundamentalist take on Islam).
Suffice it to say that there is no public sympathy for this man and that most people are outraged that it is apparently so difficult to get rid of him, while a harmless student, who effectively built a search engine tool but, in observance of existing laws, did not host any illegal content – is imminently facing 10 years in a US high security prison. (N.B. I’m not saying that O’Dwyer or McKinnon do not have a case to answer – just that they must be treated fairly, which in this country means ‘innocent until proven guilty’ – and not the other way around).
Or take for example the fact that we still have not been able to prosecute anybody for the murder Litvinenko, despite having clearly identified suspects, simply because our current arrangement with Russia doesn’t allow us to have access to them. These kinds of examples could go on and on – but the point is simple: people we actually want to prosecute here, for crimes they have committed here, are often not available to us because our inbound treaties are inadequate. Meanwhile people we generally feel shouldn’t be deported are facing lengthy and punishing battles to fight extradition (usually to the US), while when we actually do want to get rid off someone, we often can’t.
So, as I said earlier, the UK’s current extradition treaties are completely unfit for purpose at the moment – a fact which is being highlighted on a regular basis, often by cases that involve some sort of internet activity. Which brings me to this week’s news, in which BPAS announced that, following an earlier hack of their database (for which a man from the Midlands has now been jailed) they have now suffered around 2,500 further attacks on their systems in the 5 weeks since his arrest. Around a third of these have come from the US.
Not surprisingly, many of you have since wondered if those responsible for these attacks will also be expediently extradited on account of the aforementioned US/UK ‘special relationship’. Unfortunately, for the time being, the answer is ‘no’ – for a few reasons:
1. Just because many of the attacks came from IP addresses in the US doesn’t necessarily mean that those responsible do too. Modern hacking is a little more advanced than that, and it is possible that these US computers are simply part of an unwittingly infected botnet being controlled from elsewhere. If time and resources are devoted to investigating this however, answers to this question are probably available.
2. Even if the attackers did come from the US, there could be hundreds of them, and we have only received a total of 40 people from the US via extradition requests in the 7 year period of 2004-2011 for example (out of 57 requests made). It is a resource-intensive activity and would probably be unfeasable to attempt in larger numbers.
3. Finally, as many people are now increasingly realising, the US/UK arrangement is not exactly balanced 50-50 in terms of power, but is actually a little more one sided than that (a recent report found that extradited British citizens’ rights are not respected in the same way that US citizens’ are). The UK also has to provide much more justification in order to pursue a request than would be the case going in the other direction.
The bottom line is that pursuing justice for international crimes is still far more difficult than it should be considering the staggering levels of economic co-operation between most of the world’s countries – and especially those involved in the cases mentioned here (I’m not even going to touch cases like state-sponsored hacking of Google by Chinese hackers). Even though some political lip-service is being paid here in the UK to the need to reform some of these treaties, little has thus far been achieved. The fact remains that, in cases of web-related crime, extradition treaties can only function – at best – as well as other local laws around the internet, which remain in many cases worryingly unclear in the UK.
Sadly, it is only once these issues are addressed that we might contemplate justice for crimes such as the attempted hacking of the the BPAS database, which sadly represents yet another act of religious fundamentalists seeking to violate the rights and privacy of law-abiding citizens – something which understandably disturbs the vast majority of the British public judging by this week’s reactions to the news.