We’ve had Sony, Talk Talk, Tesco Bank and the Democratic Party. Now, David Beckham is the latest individual to have his emails hacked with embarrassing revelations being made about his communications with advisers expressing his disappointment at being passed over for a knighthood in, seemingly, quite forceful terms.
So what does this tell us? Well, firstly, that the risk of being hacked exists for celebrities every bit as much as it does for business. Potentially there will be scores of other celebrities and high-profile public figures who could be vulnerable to this kind of attack.
Liam McMonagle, Intellectual property Solicitor and Partner at Thorntons provides insight into the news of David Beckham being blackmailed over emails.
It was not Beckham personally who was hacked, but his advisers. Lawyers, agents, managers and other representatives, the list is endless. Potentially anyone who has shared correspondence with that individual will be vulnerable. They will all need to ensure their systems are as secure as possible and that everyone in their organisations is aware of the scrutiny and security they face. It is unlikely, of course, that those working with Beckham would have been unaware of this already but we may now see high-profile figures insisting on the highest standards of security before going into a relationship.
In many ways, it’s surprising that this doesn’t happen more often. Most modern celebrities don’t live completely private lives. They are surrounded by agents, managers, advisers, close and more distant relatives, personal assistants, sponsors and others. Plenty people in these circles appreciate that their proximity to fame and money comes with a need for complete discretion. But they have never been completely impregnable. We’ve had indiscreet royal butlers, personal assistants burning through the credit cards of their celebrity employers, embarrassing courtroom evidence as well as almost constant anonymous gossip and rumour with varying degrees of authenticity recounting how the rich and famous behave when their guard is dropped.
Hacking is a more dangerous, example of this because it seems increasingly difficult to prevent. Just ask Hillary Clinton. There are various elements of the Beckham hack which might well be concerning to many high profile or wealthy individuals.
Firstly, that the hackers were able to infiltrate confidential communications between David Beckham personally and his advisers and then use these to attempt blackmail. Pay up or we’ll embarrass you. Wisely, his advisers didn’t give in to this. That decision may have been made easier by the fact the information gleaned seems to be embarrassing, rather than create any serious legal problems but it’s difficult to see how giving in to demands like that could ever be the correct approach.
Secondly, privacy law is proving of limited value in preventing information getting out there. This is the latest example of the limits of using injunctions to suppress information because the injunction obtained in the UK preventing publication of the story was rendered pointless very quickly. The big problems in using injunctions are that the UK courts can only control what happens here in the UK. Indeed, the English courts don’t even control what can be published in Scotland – as Beckham could have found out from his former team mate, Ryan Giggs. And while hacking is illegal, it is increasingly difficult to prevent given that hackers can be based almost anywhere in the world, might well be protected by certain foreign governments and have a skillset that helps them avoid detection.
Thirdly, this can have a cost. There is no suggestion that anything Beckham has done is unlawful. However, Beckham is a bankable ambassador for brands, products and charitable causes because of his good image, and because people like him. Anything which diminishes his standing or reputation, could affect this. According to Beckham’s advisers, the hacked correspondence has been doctored and edited to add swear words and generally make it more embarrassing.
Maybe one consequence of this will be a ditching of technology altogether for some of the most sensitive conversations or discussions which will happen face to face although this is unlikely to be possible all the time.
The biggest risk might be that if, as time passes, this incident is seen to have affected “Brand Beckham” in a serious way, it motivates other hackers to do the same.
What further complications are at hand when hackers are based in a different country to their victim?
The problem is that, even if you can find out how a hack occurred and who was behind it, it isn’t always easy to do anything about it. Obtaining redress depends on three main things: the laws of the country in which they are based; the willingness of the authorities there to enforce them, and the UK’s relationship with that country in terms of whether any joined-up cross-border enforcement is possible.
Working through this can take time and in many cases is simply fruitless and, by the time this has happened, the harm to the victim has occurred and is largely irreversible. Once information is widely known and no longer secret, it can’t be hidden again.
Do you think legislation needs to be tighter for hackers, in order to gain better justice?
Almost all types of hacking are currently illegal: changes in the law would not necessarily make hacking easier to prevent though there might be some changes which could make detection and prosecution of hackers a bit more practical or require others involved in the handling and distribution of information to take more exacting steps to prevent it – though this would be difficult to do.
Even then, changes in the law will only apply to what happens in the UK without carefully brokered international co-operation, which in the current climate would be challenging, putting it mildly.
On a larger scale, do you think the digital economy bill could help prevent such cases?
No, I don’t think it will change things very much. Actually to the extent the digital economy bill enables greater information-sharing between public authorities which can include personal information.
It could, if anything, increase the risk of hacking or misuse of information despite the various safeguards which may be applied.
What do you think is the most effective way to protect brand names post-hacking?
David Beckham’s experience is evidence that brands need to think about this. If there is a difference between how a brand or person wishes to be perceived and how they actually behave or operate, and evidence of that accumulates, then we know it is the sort of material hackers are interested in. Politicians learned that years ago.
This risk could well be overstated, though, where the information is just embarrassing: most people are fair-minded enough to realise that there is a difference between the public and private sphere.