The decisions to call in Verrimus and initiate a PI
- GSOC were faced with the near certainty that parties unknown had compromised the mobile phones of two officers who happened to be working on the Boylan affair.
- A particular phrase used in an internal meeting was repeated back to them during a meeting with a senior Garda. This might perhaps have been coincidence – depending on the particular phrase – but it would prompt a thought that the parties in (1) were associated with AGS.
- Other information was possibly getting out.
No matter who the suspect(s) might be, any organisation that did not call in specialist advice in the circumstances would be grossly incompetent.
In fact, Cooke in his Recommendation 13.3 says:
GSOC should more frequently carry out a thorough and suitable counter-surveillance examination of its offices, communication and IT equipment and data storage facilities to ensure that its protection remains adequate and that the risk of new surveillance techniques being deployed against the Commission or its personnel is reduced as much as possible. Similarly, it is obviously necessary that staff are trained and updated regularly in the procedures and strategies needed to mimimise the risk of their being personally compromised in the use of communications equipment.Note that this applies even in the absence of indications of compromise. It should be done anyway.
On the face of it, the mobiles of two officers working on the Boylan matter had almost certainly been compromised.
The prime suspects in this might be elements of AGS involved with the matter.
Given the history of AGS/GSOC and particularly the resistance of AGS to cooperate in the GSOC investigation of Boylan, it would seem completely appropriate for GSOC to initiate a formal investigation.
As alternatives, GSOC had a choice of doing nothing or handing to AGS a criminal matter in which elements of AGS were obvious suspects. Investigating possible wrongdoing within AGS is what GSOC is meant to be doing. Investigating possible wrongdoing within AGS is what AGS clearly suck at. e.g O’Mahoney investigation into whistleblower issues.
Cooke writes in Conclusion 11 – Page 50
It is also clear, however, that the investigating officers and the members of the Commission acted in good faith in taking the steps in question once presented with the TSCM Report. Indeed it is understandable that, presented with the existence of two apparently serious threats to their security, their primary concern was to move quickly to take the steps necessary to investigate and, if necessary, counter those threats. They were possibly unduly alarmed by the language used and perfunctory exposé of the findings presented in that report. It is unfortunate that further elucidation and advice from Verrimus or a second opinion was not sought before the P.I. investigation was commenced. That said and as indicated above, Mr …. has remained adamant that his survey results prove that some form of covert surveillance had taken place.
Cooke considers that two of the “three anomalies” were benignly explained and that the third was simply an unexplained mystery.
He appears to be under the illusion that “further elucidation and advice from Verrimus” would have resulted in advice to the same effect. This is clearly not the case.
What Verrimus stand over is their final report. They consider that GSOC was under technical surveillance. They didn’t write the Sunday Times article. They wrote reports that we have not seen.
Cooke also totally ignores the meaning of 9.7.
Even before Verrimus, GSOC had strong indications that they had been bugged.
Second opinion?
GSOC already had their own opinion of the mobile phones issue and the repeated phrase. The Verrimus scan was in effect a form of second opinion and a wider view.
OK. Third opinion. Call in …..Rits?
Cooke seems to set great store by the Rits analysis. Mr …. does not share that view. There is an interesting line in a quote from a recorded telephone conversation at the bottom of page 61
“MR …. : And, you know, the problem that we have when we go to the see the judge is that the judge isn’t a technical man so his… Because the likes of his understanding is probably as little as Minister Shatter or Rits.
Cooke writes in Conclusion.12 – Page 50
“They had carefully chosen and then relied upon expert advices from a reliably recommended specialist firm”
Yes indeed they had. In 9.11 – Page 22:
One of the designated officers was asked to undertake discreet enquiries as to which specialist firm might be appropriate to carry out the sweep. It was quickly discovered that the firm which had conducted the original sweep of the building in 2007 was no longer available. Following enquiries with the equivalent UK authority, the IPCC, contact was made with the firm Verrimus Ltd
GSOC were looking for a *specialist* firm. They were not looking for a UK firm in particular. They presumably would have been happy to use the Irish firm used in 2007.
Did they consider and reject Rits as a candidate in the course of their “discrete inquories”? Rits do work on general IT systems security, but nowhere on their website do they even mention Technical Surveillance Counter-Measures . They are not TSCM specialists.
Cooke’s Conclusion.12 is delusional
Imagine if Rits had been magically parachuted into the situation.GSOC would be hearing “Relax lads” from the non-specialist firm.
They would be hearing “Problems” from the “reliably recommended specialist firm”
They would also see the elephant.
That PI was going to go ahead, with good reason, regardless of Cooke’s delusions.
The investigation was not going to get very far - because of the particular circumstances in the “somewhat febrile world of covert surveillance and counter-surveillance techniques”. The whole point of “covert” is that it is …well..covert. It goes away and can leave little or no traces.
Additionally, a large section of the investigative ground would be blue-walled. (“blue-walled” - Did I just create a ‘thing’ there?).
A PI would provide a formal framework for any actions and expenditure.
How far was the investigation allowed to proceed?
It is worth bearing in mind that Verrimus' brief was purely to identify possible technical surveillance vulnerabilities.
It was entirely up to GSOC to decide what to do about anything discovered or warned of.
It would be wise for Verrimus to stick religiously to that brief. This would apply in any normal businees. It would be even more so in this particular case. Like it or not, the prime suspects would be people that GSOC investigates. The sensitivities involved in that exceed any that might be involved in straight industrial espionage by a quantum amount.
Were Verrimus to go beyond their brief and start to play 'cops and robbers' with what might very well be the local police, things could get out of control very quickly.
For GSOC, like any other organisation/business, there is always a question of cost-benefit analysis.
This particular investigation would be uniquely off-message in terms of what they usually investigate. They may have taken the view that the most important action was to close off possibilities for any further surveillance. There is a thought that initiating the investigation would be a form of “burning” the opposition – which might help to discourage further attempts. Whatever amount of surveillance had been achieved would have to be water under the bridge.
Next:
Extent of bugging and Observations on the “three anomalies” - some invalid assumptions made in the report
Other pages:
- Bottle of Genie
- Your 5-minute guide to the reliability of the Cooke Report findings - Bugging of GSOC mobile phones – an elephant in the room
- The Boylan affair as a trigger for surveillance of GSOCand context arising from the Morris Tribunal findings
- Security Branch - Cooke unwittingly brings another elephant into the room
No comments:
Post a Comment