Appeal Court holds indecent photographs of children recovered from online storage could be used as evidence in trial
A 20-year-old man charged with having possession of indecent photographs of children has lost an appeal against a trial sheriff’s decision that images recovered from a cloud storage website based in New Zealand accessed using a password found on his smartphone could be led as evidence.
About this case:
- Citation:[2023] HCJAC 51
- Judgment:
- Court:Appeal Court of the High Court of Justiciary
- Judge:Lord Doherty
The man had lodged a preliminary issue minute objecting to the admission of indecent photographs recovered from a cloud storage account bearing his name. The Crown maintained that recovery of the photographs was within the scope of the original warrant.
The appeal was heard by Lady Paton, Lord Doherty, and Lord Matthews. Gravelle, solicitor advocate, appeared for the appellant and Campbell AD for the Crown.
Law has to adapt
The appellant was prosecuted on indictment in Glasgow Sheriff Court for an alleged contravention of section 52A(1) of the Civic Government (Scotland) Act 1982. On 5 March 2021 police officers attended his home to conduct a search in terms of a search warrant, and recovered a laptop and iPhone, to which the appellant provided the password.
Police cybercrime officers who examined the seized items found 100 still images of child sexual exploitation in deleted space on the laptop. In the settings for the iPhone they found login credentials for an account with the cloud storage website Mega.NZ. When one of the officers accessed the website using those credentials, he found an account that contained images both of the appellant and of child sexual exploitation, 123 of which were still and 119 were moving.
At an evidential hearing, the defence submitted that the recovery of the Mega.NZ images were not authorised by the warrant as they had not been at the premises or on any device found at the premises. Moreover, while the credentials were stored on the iPhone, it was not possible to say whether it had been used to access those images. The sheriff held that the search of the Mega account had not been irregular and fell within the scope of the original warrant.
It was submitted for the appellant that the warrant authorised the seizing of the iPhone and data or data processing software found on it. A Mega.NZ app might be data processing software, but there was no such app on the iPhone. For the Crown it was submitted that the scope of the search warrant was sufficiently wide to allow the search of the account, and the law had to adapt to changes in the way that people stored data.
The Crown further submitted that the office who accessed the account had acted in good faith. He had clarified with a senior officer that he was indeed authorised to conduct the search, and it was not unreasonable for him to conclude that the search was within the scope of the warrant.
Very serious offences
Lord Doherty, delivering the opinion of the court, began: “We agree with the sheriff that the law requires to have regard to advances in information and electronic communications technology and to changes in the ways that data is commonly stored by the users of such technology. We also agree with him that the court should be cautious about drawing analogies with physical items or data stored in premises not specified in a search warrant.”
He continued: “It is clear that the recovery of the iPhone and its further examination were authorised, as was the recovery of the Mega.NZ log in credentials from the iPhone. The primary question for the court is whether the search of the … account was authorised by the warrant. That turns on a proper construction of the warrant’s terms.”
Addressing the scope of the warrant, Lord Doherty said: “Giving those terms their natural and ordinary meaning, we are satisfied that they did not authorise the police to use the log in credentials to log in to Mega.NZ or to search the account to which the credentials gave access. The Mega.UK website was not peripheral equipment such as ‘data’ or a ‘data storage device’ on the premises, nor was it ‘other articles’ or ‘other things whatsoever’ found in the premises which the police had authority to examine. It follows that we disagree with the sheriff as to the warrant’s scope.”
Noting that it was open to the prosecution to persuade the court to excuse the irregularity in the search, he added: “In the whole circumstances we have no difficulty in concluding that it should. The search carried out was a very specific one. The offences being investigated were extremely serious and the data recovered was very important evidence.”
Lord Doherty concluded: “The cybercrime officer acted in good faith. He clarified with a senior officer that he was indeed authorised to conduct the search. The officer’s belief that the search was within its scope was not an unreasonably held one having regard to the apparent width of the powers of search in the warrant and the advice given to him.”
The appeal was therefore refused.