It appears that my emails were illegally hacked by the Metropolitan Police, probably some time in the 2000s.
The Guardian ran an article on Tuesday about how the Met, in cooperation with Indian police, used Indian hackers to illegally access the email accounts of hundreds of activists, and were regularly reading their emails. This was revealed in information sent by a whistleblower to Jenny Jones, a Green Party member of the House of Lords (Britain's unelected Upper House of Parliament). The information will be submitted to the ongoing Pitchford Undercover Police Enquiry, which resulted from revelations about police spies forming long-term relationships with women they were spying on. (Who were unaware of their true identities).
In particular, the information included a list of ten names with associated passwords. The article says that lawyers from Bindmans, a leading UK human rights law partnership, had contacted 6 of the people on the list, who had all provided passwords that matched exactly, or in one case almost exactly, the ones on the list.
I was one of the four who had not yet been contacted at the time the article was written. I got an email from a Bindmans lawyer on Tuesday, (which at first I took for spam - this was before I saw the Guardian article), informing me that I may have been the target of illegal hacking.
My main problem was, I have had a lot of email accounts and a lot of different passwords. It seems the list just had names and passwords, no details of the email accounts in question or the time they were hacked. But after some emails back and forward, he sent me a set of eleven dashes, corresponding to the length of the password he had for me, with two of them filled in. This fit one of the passwords I have used in the past (and will not be using again for anything!), so I sent him that one, and this was indeed the one he had on the list.
(Obviously it would not be nearly so strong evidence if he had just told me the password and I had confirmed it.)
The password in question is one I did not use before 2003. As I left the UK for Sweden in late 2007, and soon stopped being active in the UK activist scene (beyond the odd letter to MP or online petition, etc.), I would guess that the hacking can't have taken place too long after that. My best guess is that it related to my involvement with Campaign Against Arms Trade, in particular as a member of their Steering Committee from I think 2004-2007. We know, after all, that BAE was spying on our emails around that time. But there are other possibilities.
So our email correspondence will be going into the Pitchford inquiry. The Bindmans guy will be getting in touch at some stage to discuss next steps, whatever this might involve.
I can't say I am massively surprised. When you're involved in left-wing, environmentalist, trade union, or peace activism, etc. etc., you pretty much expect that the government may well be spying on you in some way, while wondering if you are just being paranoid or self-important.
You are not being paranoid or self-important. If you are involved to any significant extent in activities that fundamentally challenge the government, then the government probably are spying on you in some way, and not just the bulk meta-data collection by which they are passively spying on just about everyone.
The police are not, and never have been, neutral, apolitical upholders of the law and protectors of the public. They are, and always have been, first and foremost the protectors of the rich and powerful, and upholders of the established order. This should not be news to anyone who is paying attention. (I'm not saying that there are not plenty of police officers who are decent people who are seeking to serve the public, or that the police do not also provide an important public service. But as an institution, their raison d'être is fundamentally politically reactionary).
So I am not surprised, but I am certainly angry that the police were illegally reading my emails: potentially my personal correspondence with friends and family as well as my political activities, professional correspondence, Buffy fandom exchanges, and whatever else. (I am not completely sure which accounts they hacked; I can't remember which accounts I used this passwords for when. So I don't know for certain if my personal email was one of the ones hacked). The fact that this sort of behaviour by the police is normal (and that they have done much worse) does not make it acceptable or right.
I hope that Pitchford will succeed in digging out some of the truth of all this and that there will be some sort of consequences, although I can't say I'm optimistic that the state will stop spying activists who oppose them; a unit may be disbanded, and declared to have been a Very Bad Thing, and not at all in keeping with our values, and we do things differently now; but other ways will be found. It is the nature of the beast.
(For those who do correspond with me: I am confident that this password is one that I have not used for my main personal email account for at least, oh, 7 years or so. I am going to start shifting away from that account, however, which is not with the world's most secure provider).