Protecting your Facebook password from police could be a criminal offense
Protecting your Facebook password from police could be a criminal offense

How not sharing your Facebook password could lead to prison

What powers do the police in England and Wales have when it comes to your phone, computer and social media passwords?

Anthony Cuthbertson
Friday 31 August 2018 22:14

A suspected murderer has been sent to prison, but not for the crime he was arrested for.

Stephen Nicholson was instead jailed for refusing to share his Facebook password with police, which they claimed obstructed their investigation into the stabbing of 13-year-old Lucy McHugh.

Nicholson had argued that giving police access to his private Facebook messages could expose information relating to cannabis, but the judge described this excuse as "wholly inadequate", considering the severity of the case.

The case once again draws attention to the Regulation Investigatory Powers Act (RIPA), which was introduced in 2000 to give police investigating a crime the power to compel people to disclose a password used to access a phone, computer or any service accessed through an electronic device.

Nicholson pleaded guilty to the RIPA charge, for which he received a 14 month jail term.

Originally intended as an anti-terror measure, London firm Saunders Law explains that it can be used for a much broader range of criminal offences.

"The police are able to request disclosure if the reason is to prevent or detect crime, if it’s in the interests of national security or if it is in the interests of the economic wellbeing of the UK," the firm states on its website.

"This definition can be applied very widely to the extent that it can cover any crime, no matter how minor."

Refusing to comply with RIPA can result in a maximum sentence of two years imprisonment, or five years in cases involving national security or child indecency.

It is not the first time someone has been jailed in the UK for failing to disclose a password. In 2010, Oliver Drage was sentenced to 16 weeks at a young offenders institution after he didn't share a 50-character password with police investigating child sexual exploitation.

Detective Sergeant Neil Fowler form Lancashire police said at the time the custodial sentence demonstrated how serious the offence was.

"Computer systems are constantly advancing and the legislation used here was specifically brought in to deal with those who are using the internet to commit crime," he said. "It sends a robust message out to those intent on trying to mask their online criminal activities that they will be taken before the courts with the ultimate sanction, as in this case, being a custodial sentence."

Saunders Law explains that other laws can also be called upon to compel people to divulge their passwords, such as Schedule 7 of the Terrorism Act 2000.

As the firm points out, criminals may be wiser to not disclose a password and plead guilty to the RIPA offence, rather than face significantly more severe charges brought on by whatever the password-protected data reveals.

"There could be a completely disproportionate result if someone is imprisoned for not providing a password but not the crime they are originally under investigation for, of which they might be innocent," the firm stated.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in