The Guardian reports:
Former MI6 worker pleads guilty over official secrets
Daniel Houghton, who faces prison, was arrested in Scotland Yard sting at central London hotel in 2009
* Haroon Siddique and agencies
* guardian.co.uk, Wednesday 14 July 2010 12.26 BST
A former British spy
Working for MI6 / SIS the Secret Intelligence Service does not automatically make you into a "spy". Perhaps Daniel Houghton's computer skills were used as a technician or website developer etc., rather than as an Intelligence Officer, who might analyse or control or participate in foreign spying missions with Covert Human Intelligence Sources or "secret agents" or informers or "intelligence assets" etc.
who tried to sell top secret files to foreign agents admitted two offences under the Official Secrets act today.
He did become a wannabe or failed spy, once he attempted to sell British secrets to what he thought was a foreign intelligence agency
Daniel Houghton, who worked for MI6 between September 2007 and last May, was arrested in a Scotland Yard sting at a central London hotel in March after offering to sell documents to Dutch intelligence agents for £2m.
Was the name of this "central London hotel" really not mentioned during any of the Court proceedings ?
Which one was it ? Any notoriety will soon become history and will bring in tourists.
The information consisted of MI5 files he had accessed while working for MI6
Why did an MI6 employee have access to MI5 files ?
What happened to "air gaps" or "data minimisation" etc ?
and a list of his former colleagues with their home addresses and mobile phone numbers.
Not just a copy of an internal email / office / job title directory then, but home addresses and mobile phone numbers. .
This really could have put their lives at risk of harassment or even physical danger.
Did the "Dutch intelligence agents" get their hands on some or all of this sensitive data ? Can they really be trusted ?
At the very least all the mobile phones listed should have been changed.
They should not just have changed the numbers or SIM cards, but also the mobile phone handsets as well, since the handsets supposedly unique International Mobile Equipment Identifiers can be so easily cross referenced with any Call Data Records made by the MI5 and MI6 people using the old phone numbers.
Appearing at the royal courts of justice,
Presumably that should read the "Royal Courts of Justice".
25-year-old Houghton denied a count of theft but admitted two charges of unlawful disclosure of material relating to security or intelligence contrary to the Official Secrets act.
The MI5 documents concerned specialist techniques developed by spies for gathering intelligence.
MI5 cannot claim exclusive copyright on such techniques, which they may have borrowed or stolen from someone else in the first place.
Houghton burned many of the files onto DVDs and CDs on his office computer before taking them home.
The former MI6 agent, who holds British and Dutch nationality,
One of the hated former Labour government's "nazi" style powers could be used by the Conservative - Liberal Democrat coalition Home Secretary Theresa May, to deprive Daniel Houghton of his British citizenship and right of entry to or abode in the UK, just as she has done in the case of the Russian spy Anna Chapman,
Provided that the Netherlands government does not revoke his citizenship first, the British government would not be making him stateless, by depriving him of his British citizenship, which they are not allowed to do.
Immigration and Nationality Act 2006 section 56 Deprivation of citizenship
(2) The Secretary of State may by order deprive a person of a citizenship status if the Secretary of State is satisfied that deprivation is conducive to the public good."
approached the Netherlands intelligence security and intelligence service offering to sell information in August 2009.
Algemene Inlichtingen- en Veiligheidsdienst(AIVD) (General Intelligence and Security Service)
N.B. an SSL/TLS encrypted website only ! When will MI5 and MI6 and GCHQ move to this ? (hint: it actually makes tracking visitors a bit easier) .
A meeting was arranged for 18 February 2010 but, unknown to Houghton, the Dutch had tipped off MI5. Houghton was secretly videoed and bugged as he used a memory card and laptop computer to show his wares to the Dutch agents.
The former spy said he would throw in two lists containing details of MI6 employees he had worked with.
One contained more than 300 names, while the second had the home addresses and mobile phone numbers of 39 agents.
300 names does sound like an internal email distribution list.
39 names are probably his former work mates and friends who he was willing to betray.
How long before mischief making fake disinformation claiming to be these alleged lists of names of MI5 or MI6 employees, gets published by WikiLleaks.org or cryptome.org or by various conspiracy theory websites ?
After Houghton's initial offer to sell the information for £2m, the price was negotiated down to £900,000 and, in a subsequent phone call, a meeting was set for the handover two weeks later. During negotiations, he revealed he had a second memory card, containing further information, hidden at his mother's home in Devon. This card has never been found.
Why did he put his mother and family at risk in this way ?
Many people would have tortured and killed them all for far less than £900,000, in order to get hold of that memory card.
There has been no mention of encrypted files in any of the reports on this case - why did Daniel Houghton not bother to use anything like PGP or TrueCrypt ?
Why did he not arrange to use a Dead Letter Drop or even a courier service ?
What about electronic funds transfers to foreign bank accounts in tax havens ?
On 1 March, Houghton handed over two memory cards and a computer hard drive after displaying the contents on a laptop.
As he left the London hotel carrying the suitcase, he was arrested by plain clothes officers from Scotland Yard's specialist operations wing after a brief struggle.
Why exactly did the idiot agree to any meetings in London ?
When Houghton handed over the information to supposed Dutch spies, he claimed he had given them "everything".
But officers from Scotland Yard's specialist operations unit found hard copies of classified paperwork, some marked top secret or secret, while searching his shared rented flat in Hoxton, east London.
Another wannabe spy or whistleblower who had paper copies of secret or top secret documents at home !
Why did he not digitally photograph or scan them and then strongly encrypt the files and then destroy the paper copies ?
They also discovered a Sony memory card containing about 7,000 files, some of them deleted, thought to be copies of a list of MI6 agents and the files he tried to sell.
Deleted files can be recovered, especially from flash memory devices which do not always erase data very well due to
a) their local Wastebaskets (actually hidden under some Apple operating system versions !)
b) Many flash memory cards have WIndows FAT filing systems on them, for which there are plenty of "recover deleted photo images" programs available.
c) Their Wear Leveling algorithms which spread used flash memory locations relatively evenly, because at some point flash memory cells become permanently burned into a logical one or zero state, unlike magnetic recording media.
See the section on CD-ROMs and DVDs and USB flash memory media our Hints and Tips for Whistleblowers - Technical Hints and Tips for protecting the anonymity of sources for Whistleblowers, Investigative Journalists, Campaign Activists and Political Bloggers etc.
Maybe the "etc." should include "wannabe spies" - although we suspect that such people will never bother to read it.
Some of the documents held by him have yet to be traced, and security service officials have warned that unauthorised disclosure of the material could have a significant impact on operations to protect Britain.
Houghton is also said to hold potentially valuable experience of security techniques in his memory.
So what ? Most readers of Spy Blog probably know much more dangerous stuff than the incompetent Daniel Houghton !
Is The Guardian advocating the abuse of some sort of Orwellian Labour party style "thought crime" offence like the catch all Terrorism Act 2000 section 58 Collection of information ?
Piers Arnold, prosecuting, told the judge, Mr Justice Bean, that the pleas entered today were acceptable to the prosecution.
He asked for the theft matter to be adjourned until after Houghton had been sentenced "with the prosecution's intention to offer no evidence in respect of that charge".
Presumably they had little or no evidence of actual physical theft of memory device or hard disks etc.
Unless the hard copies of the secret or top secret documents were originals rather than photocopies or computer printouts, then proving an offence under the Theft Act 1968 section 1 would have been difficult.
Surely the Government's lawyers must have known that they cannot use the Theft Act 1968 section 1 for "intellectual property" or "trade secrets" or even "national security secrets" since its wording demands the permanent deprivation of something physical.
Houghton claimed his actions were "directed by voices" and the defence has submitted psychiatric reports in mitigation.
This BBC report claims, however, that
Police sources said Houghton appeared to have been motivated by greed.
One senior source said he was living a "champagne lifestyle on ginger beer wages".
The prosecution is to obtain its own independent report ahead of sentencing at the Old Bailey on 3 September, although Bean warned that custody was "inevitable".
The Official Secrets Act 1989 section 10 Penalties lists a maximum penalty of up to 2 years in prison and / or a fine for each,of the two Section 1 offences that Houghton has plead guilty to. Technically he could be sentenced to 4 years in prison, if the sentences were made to run consecutively.
We suspect that he will not spend that long in prison - remember that it costs the taxpayer about £35,000 a year on average to keep someone in prison, probably more, if Houghton is put into a maximum security Category A prison.