Balkan Insight: Sky ECC data could be inadmissible in court


The police takedown of encrypted communications provider Sky ECC has led to a spate of new arrests across the Balkans, notably that of notorious drug boss Darko Saric and the former head of Montenegro's top court, Balkan Insight said, adding that the evidence has been ruled inadmissible by some European courts.

It recalled that Saric was arrested on April 14 at a his wife’s house in the elite Belgrade suburb of Dedinje where he was under house arrest pending a retrial on charges of smuggling 5.7 tons of cocaine from South America to Europe. He was arrested on suspicion of running his drug smuggling empire and ordering the murder of his former partner Milan Milovac using several mobile phones, two satellite phones and a custom device installed with a subscription-only, encrypted messaging system called Sky ECC allegedly while still in prison.

“When a French and Dutch-led police operation cracked the code to Sky ECC in February 2021, investigators gained access to a treasure trove of real-time evidence against a host of international crime gangs. Thousands of people have been arrested around the world based on the Sky ECC takedown; in the Balkans, Saric is the biggest, but he is far from alone,” Balkan Insight said.

“In Serbia, Bosnia and Herzegovina, Albania, Montenegro and Slovenia, almost 100 people have been arrested and charged as a result of evidence obtained from Sky ECC communications and passed on by the French and Dutch, for crimes involving drug trafficking, murder, and kidnapping. On the same day as Saric was arrested in the Serbian capital, police in neighbouring Croatia rounded up 10 in a joint operation with police in France, Belgium, the Netherlands, Austria and Spain,” it added.

According to the portal, the authorities in various Balkan countries claim they are taking the fight to the organised crime gangs. Behind the headlines, however, experts question whether authorities have the know-how or will to follow the myriad leads exposed by the Sky ECC breach. In only a few of the cases in the Balkans have indictments been confirmed by the courts. And though investigations have revealed links between public officials and crime figures, so far only a few of the former have been indicted.

Legal experts warn of concerns about the legality of how the data – from Sky ECC and a similar breach of EncroChat in 2020 – is handed over and stored, questions that threaten its admissibility in court.
“For the EncroChat case, for example, it was not clear where the raw data exactly came from and if the raw data had been changed in any way after it had been collected from the service,” said Professor Dennis-Kenji Kipker, a board member at the European Academy for Freedom of Information and Data Protection, EAID.

“This is generally a problem when it comes to court trials,” he told BIRN. “When the raw data, digital data is being used, it can be changed and the data authenticity and the data integrity cannot be guaranteed.”

Balkan Insight said that the police in Montenegro arrested two of their own Dalibor Medojevic (commander of the economic crime department) amd Darko Lalovic (in charge of security for the Supreme Court president) both of who used Sky ECC to communicate with the Skaljari crime clan from Kotor.

Earlier this month Montenegrin media published a leaked transcript of a Sky ECC conversation allegedly between Lalovic and Milos Medenica, the son of former Supreme Court President Vesna Medenica who was arrested days after Saric. The transcript appeared to be about cocaine and cigarette smuggling through the port of Bar with Milos saying his mother would provide protection. Milos Medenica is reported to have fled Montenegro.

Sky ECC evidence has played a part in cases against Skaljari members Milo Jovanovic and Radovan Stanisic (charged with forming a criminal organization), alleged rival Kavac crime clan leader Slobodan Kascelan and gang member Petar Djurovic (both charged with murder).

“If the validity of the allegations from Sky communication is proven, i.e. trading in influence in the way described by Milos Medenica, I think that there is a huge space for an investigation against Medenica to be launched in other cases where she was believed to use a similar modus operandi,” Dejan Milovac, director of the anti-graft NGO MANS, told BIRN.

In Bosnia, Sky ECC evidence led to the arrest of 16 people in the area of Zvornik, on Bosnia’s eastern border with Serbia, in April.

In February, N1 TV quoted Dragan Lukac, interior minister of Bosnia’s predominantly Serb-populated Republika Srpska entity, as saying that some police and intelligence officers had Sky ECC installed on their phones.

“Before Saric’s arrest, the Sky ECC takedown’s biggest scalp was that of Veljko Belivuk, the alleged leader of a brutal crime gang that appears to have had associates in public office in Serbia. It had a direct line to state secretary in the interior ministry Dijana Hrkalovic, since dismissed and charged with trading in influence.

Belivuk was arrested in February 2021 with 19 members of his gang on a number of charges. Their Sky ECC communication included messages about the capture of Lazar Vukicevic who was allegedly killed and his body cut up and thrown into the Danube.

The Serbian interior ministry did not reply to questions concerning its involvement in Sky ECC-related investigations. The evidence against Belivuk’s group relies mainly on the Sky ECC crack, which is cited throughout the indictment.

“Evidence obtained through Sky can be important only if the expertise in Serbia has unequivocally determined who communicated, as well as the place and time,” lawyer Nina Nicovic told BIRN. “Otherwise, it can only serve as a clue to other evidence.” “In my experience, there are only a few IT forensic experts that can work on such cases,” Nicovic said. “They are crucial because they have a very difficult job of proving the origin and authenticity of data that may turn out to be crucial in a criminal case.”

A German court has already ruled such evidence admissible, after France sent to Germany data obtained from the hack of EncroChat.

Laure Baudrihaye-Gerard, Europe legal director for Fair Trials, a UK-registered criminal justice watchdog, also voiced concern. “Lack of access to information about how information was obtained, analysed and processed makes it impossible for accused people to challenge the use of the information obtained from the apps as evidence,” Baudrihaye-Gerard told BIRN by email. “It also means courts – who are meant to review the legality and reliability of information before admitting it as evidence – cannot exercise their role and offer judicial protection.”

“By removing the ability to scrutinise evidence derived from operations involving EncroChat and Sky ECC, we are giving law enforcement a blank cheque and setting a dangerous precedent.”

In Belgium, the lawyer of a suspect arrested as a result of the Sky ECC breach appealed to the Court of Cassation, arguing that his right to a fair trial had been violated because he was not given access to all intercepted information. The court ruled, however, that, “in the current state of criminal justice there are no grounds to doubt the regularity of the Sky data”, Belgian newspaper De Tijd said.

“The secret nature of the investigation in the Sky file can currently be invoked in order to not yet disclose all available information to the person concerned,” it said.