Tech
Spanish court acquits suspects denied access to ‘raw’ Sky ECC intercepts in landmark decision | Computer Weekly
A Spanish court has raised questions about the validity and reliability of intercepted phone data, acquitting multiple defendants of drug trafficking charges in a case that relied solely on intercepted evidence from the encrypted phone network Sky ECC.
The case is the most significant rejection by a court of the validity of electronic evidence intercepted during an international police hacking operation against an encrypted phone network used by criminal groups.
The provincial court in València found that prosecutors could not rely on digital evidence to prove their case when defendants had been refused access to the raw data harvested from Sky ECC – denying experts the ability to test the reliability and authenticity of the data.
The decision, released on 23 January, will have implications for future prosecutions that rely on interception from police hacking operations into the Sky ECC and EncroChat encrypted phone networks, where there is no other evidence to prove criminal behaviour.
Julio Sánchez, a lead defence lawyer on the case, told Computer Weekly that the court decision will set a new benchmark for future prosecutions based on intercepted phone data.
The court had recognised that “the right to a fair trial requires that the defence has access to the original data in order to adequately exercise their right to [challenge the evidence] and defence,” he said. “I know that there are already judges, police officers and prosecutors studying how to act right now. They certainly did not expect this.”
Defendants denied access to raw intercept material
Defendants in EncroChat and Sky ECC cases have been routinely denied access to the raw data intercepted by joint French and Dutch investigators from the phone network services hosted in the OVH datacentre in France. The French government has also refused to disclose details of how investigators obtained data from the network, citing French military secrecy.
Police investigators have been able to identify the users of Sky ECC and EncroChat phones by mapping their phone movements, placing suspects under surveillance, or using automatic number plate recognition (ANPR) to identify vehicles. In some cases, suspects posted “selfies” of themselves or colleagues, which allowed police to identify them as owners of anonymous “handles” assigned to each phone encrypted user.
However, there have also been a significant number of prosecutions brought in which the only evidence of a crime came from intercepted messages themselves, with no supporting evidence from drug seizures or recovered firearms. Many of the people charged in the UK have pleaded guilty to avoid longer sentences.
The València court ruling will make prosecutions based on intercept evidence alone more difficult and will put pressure on police to make the raw intercept data available to defendants so that they can independently assess the reliability of the intercept material – something that prosecutors have so far resisted.
Cocaine discovered in shipping container
The police investigation in València began in August 2020, when Spanish police and customs surveillance officers found an open shipping container at the APM container terminal in the city’s port. They discovered three black bags holding more than 100 tablets of high-purity cocaine among the cargo.
Spanish police were unable to identify who was responsible for the drug smuggling operation and dropped the investigation. But just over a year later, prosecutors applied to France for copies of phone messages intercepted by French investigators from the Sky ECC mobile phone network, which they used to identify and arrest suspects.
Electronic evidence lacked digital signature
The 44-page judgment reveals that the French authorities sent Spanish police an email containing a URL to a zip file containing intercepted messages from Sky ECC relevant to the Spanish investigation. Spanish investigators downloaded the files to a USB stick presented to the court.
Defence lawyers argued that the files had been downloaded without using a digital signature to record a hash value that would ensure the integrity and authenticity of the messages.
The court agreed that the digital evidence obtained from Sky ECC was the product of at least two filtering and selection processes, by French and Spanish law enforcement authorities, that lacked “intrinsic elements that guarantee their authenticity and integrity”.
“For this reason, the electronic evidence provided lacked the only elements capable of guaranteeing the integrity and authenticity of digital evidence,” the judgment added.
Only evidence from intercepted chats
Most importantly, the court said that digital evidence from chat messages on Sky ECC provided was the only evidence supporting the prosecutor’s claims that most of the defendants were involved in criminal acts.
Although the police had produced reports on security camera recordings, which prosecutors said implicated some of the defendants as possible participants in the removal of drugs, defence lawyers raised “serious and very reasonable doubts” about the report which the court said “cannot be ignored”.
The Sky ECC intercepts “were the only evidence that could prove the participation of each and every one of the defendants”, it said.
Defence should be given ‘raw’ intercept data
In the absence of any other evidence against them, the defendants should have been provided with access to the raw data intercepted by the French, so that independent experts could test its reliability and challenge the evidence, the court found.
The European Court of Human Rights (ECHR) established in the case of Yüksel Yalçinkaya v. Türkiye that defendants must be allowed to access the raw data obtained from the interception of encrypted communications systems.
“The unavailability of such raw data, of such original digital evidence, in these proceedings…means that the digital evidence provided against them is not sufficient to rebut the presumption of innocence of the accused,” the court found.
Court had no choice but to acquit
The defence did not dispute the discovery of cocaine in a container at the Port of València. But the court found that in the absence of any valid evidence beyond Sky ECC that the defendants were involved in a drug trafficking operation, “there is no choice but to acquit them of the crimes of which they were accused”.
Julio Sánchez told Computer Weekly that the case was the first trial in Spain in which there was no other evidence apart from the decrypted intercepts from Sky ECC.
“The court also recognises that the digital evidence provided lacked intrinsic elements that would guarantee its authenticity and integrity, such as a digital signature or hash value,” he added. “Furthermore, the court considers that, according to the doctrine of the ECHR, when digital evidence constitutes the only incriminating evidence, the right to a fair trial requires that the defence has access to the original data in order to adequately exercise their right to contradiction and defence.”
He said that the case will set a benchmark for other Sky ECC cases regarding the value of digital evidence and the “necessity for it to be original, authentic and integral. In short, it must be reliable to be used in court. This will be crucial.”
The Spanish decision follows a ruling by an Antwerp court last year to adjourn a prosecution after unexplained changes were found in evidence files containing intercept material from Sky ECC. Two Italian courts last week also raised questions about the reliability of Sky ECC evidence.
Man-in-the-middle attack
Dutch and Belgium police began an investigation into the Canadian company Sky Global, which provided mobile phone encryption software, known as Sky ECC, after seizing encrypted phones during a drug trafficking investigation in 2016. Belgian investigators were subsequently able to buy a Sky ECC cryptophone from a distributor they met at the back of a “seedy” café, who insisted on receiving cash and refused to provide a receipt.
Investigators later established that the Sky ECC network was hosted on two BlackBerry Business Enterprise Servers at the OVH SAS datacentre in Roubaix, France.
In May 2019, Belgium, Dutch and French investigators met at Europol in the Hague to discuss a joint investigation into the criminal use of Sky ECC phones, while the US agreed to pause its own investigation into Sky Global.
Dutch developed decryption technique
French investigators obtained a warrant to install a “data capture device” on a Sky ECC which allowed them to intercept and decrypt messages posted in group discussions by intercepting the encryption keys shared by the group owner.
A team of Dutch researchers subsequently developed a technique to decrypt individual messages by installing a man-in-the-middle (MITM) server to intercept Sky ECC traffic before passing it on to the legitimate Sky ECC server.
The MITM server sent out a specially designed “push notification” to prompt Sky ECC handsets to transmit the cryptographic data needed to decrypt individual messages, allowing police to intercept and decrypt messages in “real time”.
Spanish police issued a European Investigation Order to France requesting Sky ECC data to assist in identify suspects connected to the cocaine discovered at the Port of València in 2021.
The court acquitted all defendants last week. It found that the only issue that remained unresolved is the lack of legal recourse for people accused of crimes outside of France to challenge the lawfulness of the French judicial operation against Sky ECC’s servers in France.
The judges said it was not necessary to consider the issue as none of the defendants had attempted to bring a legal challenge in the French courts. Prosecutors have 10 days from the date of the judgment to file an appeal.
The 14 individuals acquitted were: Daniel Serrano Ramos, Fernando Moreno Sorní, Quintín Martínez Albalate, Jokin Larraona Ariño, Iván Torrijo Ríos, Onofre Garrido Rufino, Andrés Doménech Mocholí, Norman Pérez Galdón, Manuel Garrido Magdaleno, Javier Cutillas Riaza, Borja Manzano Ribes, and Lázaro Antonio Caparrós, Horatiu Armanca and Enrique Blanch Caparrós.
As passengers return to the US from the cruise that saw a rare hantavirus outbreak, much of the country is lacking a basic public health tool: a test to diagnose the illness in the earliest stages of infection. Nebraska may be the first state with the ability to do so.
In just a few days, a lab at the University of Nebraska Medical Center in Omaha developed its own diagnostic test for the Andes virus in anticipation of receiving 16 American passengers from the ship.
“I believe we might be the only lab in the nation that has this test available at the moment,” Peter Iwen, director of the Nebraska Public Health Laboratory tells WIRED, referring to polymerase chain reaction (PCR) testing, which was important during the Covid-19 pandemic. Its ability to detect tiny quantities of the virus before patients have full-blown symptoms makes it crucial for identifying cases quickly, getting patients prompt medical treatment, and preventing the spread of disease.
The university’s medical center is home to a highly specialized biocontainment unit designed to care for patients with severe infectious diseases that lack vaccines or treatments. Staff members previously treated patients during the 2014 Ebola outbreak and cared for some of the first Americans diagnosed with Covid in 2020.
When Nebraska was notified that it would be receiving some of the passengers, Iwen contacted the US Centers for Disease Control and Prevention to see if it had tests on hand. He learned that the CDC has the ability to run a serological test, which looks for the presence of hantavirus antibodies. But people don’t develop antibodies until they are actively sick and their body has had time to mount an immune response.
Andrew Nixon, a spokesperson for the US Department of Health and Human Services, told WIRED that the CDC has a PCR test for the Andes virus but that it’s a research test that cannot be used for patient management. Research tests are used in scientific experiments, while diagnostic tests that are meant to confirm or rule out a disease in patients need to be rigorously tested, or validated, to make sure they are capable of producing consistent results. Nixon said the agency is working on validating its PCR test.
Iwen’s lab mobilized quickly to track down the materials needed to build and validate a PCR test from scratch. They called a lab in California—a state that has previously seen hantavirus cases—but their test was for a specific strain found in the US. Andes virus has previously only been detected in South America and isn’t found in rodents native to the US.
“Tests that we have available in the US will not detect that virus that’s found in South America,” he says, noting that the Andes virus is very different genetically from the primary hantavirus strain found in the US, known as the Sin Nombre virus.
The Nebraska team reached out to Steven Bradfute, a hantavirus scientist at the University of New Mexico. Frannie Twohig, a graduate student in Bradfute’s lab, had developed an Andes virus PCR test for research purposes as part of her PhD work. Bradfute’s lab also has genetic material of the Andes virus that’s not capable of causing disease which the Nebraska lab would need to validate its test.
On Friday, Bradfute shipped the genetic material and a box of chemical reagents needed to detect the virus in blood samples overnight to Nebraska. By Saturday morning, Iwen’s team had what it needed to start assembling and validating its test.
It was enough to run about 300 tests, which took all day Saturday and Sunday, Iwen says. His team added Andes genetic material in various concentrations to samples of healthy human blood to see if their test could detect it. Then, they compared the results to control samples. The team used up about a third of its tests on the validation process and now has the capacity to conduct a few hundred tests on patient samples.
A subsea infrastructure project, Via Africa, has been unveiled to strengthen connectivity between Europe and Africa, aiming to enhance the resilience and diversity of West Africa’s international communications.
The Via Africa project will comprise a submarine cable system that will connect Europe to Africa along the Atlantic coast, and provide a subsea route alongside existing infrastructure at a time when, says the consortium, demand for cloud services, artificial intelligence (AI) workloads and international traffic is rapidly increasing across the continent.
The communications system aims to connect Europe to South Africa – including landing points in the UK, France and Portugal – with destinations along the Atlantic coastline such as the Canary Islands, Mauritania, Senegal, Guinea, Côte d’Ivoire and Nigeria. Including extensions further south, the net result will be to contribute to greater diversity and resilience of international connectivity serving Africa, by providing a different subsea route than existing infrastructure and strengthening the robustness of regional connectivity.
It will operate under a consortium model, and participating operators will be able to co-invest in the infrastructure and play a direct role in governance, deployment and future operation. By being managed as a consortium, the project is seen as enabling participating partners seeking autonomy and sovereignty to co-invest in the infrastructure and take part in its governance.
They add that such a “robust and proven” model allows investors to participate directly in the decisions regarding the design, deployment and exploitation of the system, and contribute to decisions that best meet their needs.
Major investors that have a signed a memorandum of understanding to initiate the scheme include major European telcos Vodafone and Orange Group, as well as Guilab, International Mauritania Telecom, Orange Côte d’Ivoire, Silverlinks, Senegalese operator Sonatel, and Canalink, whose business connects Africa, the Canary Islands and Europe.
The partners say they have a shared ambition to develop international connectivity, to support traffic growth and to strengthen the resilience of networks across the African continent. The initial telco and digital player partners say they are open to additional partners potentially joining the project in the future.
As part of the initial phase of the project, consortium members will jointly finance a cable route study to identify the optimal cable route that balances resilience, technical feasibility and overall economic efficiency. In parallel, the consortium is preparing the procurement process for selecting a cable supplier, marking the next step in the development of the system.
On behalf of Orange, Via Africa adds to the Medusa Submarine Cable System, designed to transform infrastructure in the Mediterranean region. Owned by African infrastructure and telecoms operator AFR-IX Telecom, and which made its first landing on European soil in October 2025, Medusa is 8,760km long, and will be the first and longest subsea cable to connect the main Mediterranean countries, providing access to telecommunications infrastructure and 16 landing points around the Mediterranean Sea.
Operationally, Medusa has two main regions: Europe and North Africa. In Europe, it has local operational branches in Ireland, Portugal, Spain, France, Italy, Greece and Cyprus. These branches hold licenses and permits. The Network Operations Centre is based in Europe. In North Africa, Medusa has agreements with local licensed operators for landing parties.
Medusa is seen as being crucial for developing the digital ecosystem of populations in North African countries, taking a significant step towards closing the digital divide between Europe and North Africa, connecting countries such as Morocco, Tunisia, Libya, Algeria and Egypt with high-capacity fibre-optic links to six European Union member states: Portugal, Spain, France, Italy, Greece and Cyprus.
While it has enabled many exciting discoveries, the Curiosity Rover has also encountered its share of setbacks. The latest left NASA engineers speechless.
On April 25, Curiosity drilled into a rock nicknamed “Atacama” to collect a sample. When the rover retracted the robotic arm after drilling, the entire rock unexpectedly lifted off the Martian surface—all 28.6 pounds of it. While other Curiosity drilling operations have caused cracks or breaks in the upper layers of Martian rocks during the rover’s nearly 14-year mission, this is the first time one has remained stuck to the sleeve that surrounds the drill’s rotating tip.
As the space agency itself recounts, it was the black-and-white obstacle-detection cameras mounted on the front of the rover’s chassis that captured this peculiar “accident” in a sequence of images that allowed engineers to get to work immediately to free it, moving its robotic arm and operating the drill repeatedly over several days.
Engineers initially tried to remove the rock by vibrating the drill, to no avail. On April 29, they adjusted the position of the robotic arm and tried vibration again, but only managed to knock some sand off the rock. On May 1, the team gave it another try by tilting the drill more, rotating and vibrating it, and spinning the drill bit. The team expected to have to repeat these operations several times, but instead the rock broke loose on the first attempt, shattering into a multitude of pieces when it hit the Martian soil.
NASA’s Curiosity rover was developed by the Jet Propulsion Laboratory and landed on Mars in August 2012 with the purpose of looking for evidence that the Red Planet might have once had conditions that could support microbial life. In 2020, it conducted an experiment in the Glen Torridon region within Gale Crater, an area rich in clay minerals that strongly indicate the presence of water in the past and that it collected using onboard instruments known as Sample Analysis on Mars.
This story originally appeared in WIRED Italia and has been translated from Italian.
Christopher Nolan explained Travis Scott casting in ‘The Odyssey’
Geena Davis on “The Boroughs” and why she’s drawn to supernatural projects
Cricket legend Shahid Afridi conferred Hilal-e-Imtiaz
A new frontier: Identity stack evolves for agentic systems | Computer Weekly
‘Orbs,’ ‘Saucers,’ and ‘Flashes’ on the Moon: Pentagon Drops New UFO Files
India among most resilient large EMs, better placed for future global shocks; policy reforms & strong buffers help: Moody’s – The Times of India
-
Tech5 days agoA new frontier: Identity stack evolves for agentic systems | Computer Weekly
-
Tech5 days ago‘Orbs,’ ‘Saucers,’ and ‘Flashes’ on the Moon: Pentagon Drops New UFO Files
-
Business1 week ago
India among most resilient large EMs, better placed for future global shocks; policy reforms & strong buffers help: Moody’s – The Times of India
-
Tech5 days agoNick Bostrom Has a Plan for Humanity’s ‘Big Retirement’
-
Tech6 days agoWhat Microsoft Executives Really Thought About OpenAI in 2018
-
Sports5 days agoShaheen Afridi achieves landmark feat during opening Test against Bangladesh
-
Fashion5 days agoNew orders in German manufacturing up 5% MoM in Mar 2026: Destatis
-
Tech5 days agoThe Canvas Hack Is a New Kind of Ransomware Debacle