UK Police Cease Botched Investigation into Stolen UEA Climate Scientists' Emails

“Our Priority is You,” reads the tagline of the Norfolk Constabulary. The rest of the sentence ought to read, “unless you are a climate scientist.”

The Norfolk Constabulary announced today that it has called off its investigation into the criminal hacking of the University of East Anglia's Climatic Research Unit. The November 2009 breach of servers at the University led to the publication of private emails between climate scientists, an event that climate change deniers whipped up into a phony controversy they called “Climategate.” 

As DeSmogBlog has previously reported, the UK police appear to have spent an astonishingly inadequate amount of money and resources on their investigation into the criminal hacking. Now that they've given up entirely on finding the perpetrators, there will be many more questions about who should be held accountable for the failed effort. 

The Norfolk Constabulary confirmed in its announcement that there is no evidence to support the claims made by climate deniers that the stolen information was released from within the university, noting in the statement that the crime was the “result of a sophisticated and carefully orchestrated attack on the CRU’s data files, carried out remotely via the internet.”

But apparently the UK police have no intention of following through to mete out justice for the crime. We will have a lot more to say about this in the coming days, but for now you can read the full statement released by the Norfolk Constabulary below:

Newsroom, Corporate Communications, Operations & Communications Centre, Wymondham, Norfolk, NR18 0WW
Tel: 01953 423666, Fax: 01953 424050
E-Mail: [email protected], Web:

Issue Date: 18/07/2012
N, Police confirm closure of UEA hacking enquiry
Norfolk Constabulary has made the decision to formally close its investigation into the hacking of online data from the Climate Research Centre (CRU) at the University of East Anglia (UEA) in Norwich.
The decision follows a comprehensive investigation by the force’s Major Investigation Team, supported by a number of national specialist services, and is informed by a statutory deadline on criminal proceedings.
While no criminal proceedings will be instigated, the investigation has concluded that the data breach was the result of a ‘sophisticated and carefully orchestrated attack on the CRU’s data files, carried out remotely via the internet’.
Senior Investigating Officer, Detective Chief Superintendant Julian Gregory, said: “Despite detailed and comprehensive enquiries, supported by experts in this field, the complex nature of this investigation means that we do not have a realistic prospect of identifying the offender or offenders and launching criminal proceedings within the time constraints imposed by law.
“The international dimension of investigating the World Wide Web especially has proved extremely challenging.
“However, as a result of our enquiries, we can say that the data breach was the result of a sophisticated and carefully orchestrated attack on the CRU’s data files, carried out remotely via the internet. The offenders used methods common in unlawful internet activity to obstruct enquiries.
“There is no evidence to suggest that anyone working at or associated with the University of East Anglia was involved in the crime.”
The security breach was reported to Norfolk Constabulary on 20 November 2009, following publication of CRU data on the internet from 17 November onwards.
An investigation was launched by the joint Norfolk and Suffolk Major Investigation Team, led by Det Chief Supt Gregory, with some support from the The Met’s Counter Terrorism Command, the National Domestic Extremism Team and the Police Central e-crime Unit, along with consultants in online security and investigation.
The investigation, code-named Operation Cabin, focused on unauthorised access to computer material, an offence under the Computer Misuse Act 1990, which has a three year limit on proceedings from the commission of the original offence. It has been concluded by Norfolk Constabulary, in consultation with The Met, that due to outstanding enquiries this is now an unrealistic prospect.
Norfolk Assistant Chief Constable Charlie Hall, Protective Services lead, said: “Online crime is a global issue. While law enforcement agencies continue to develop our response to emerging threats, it falls upon individuals and organisations to be alert to this and and take steps to mitigate risk as far as is practicable.”

Update: BBC News' Richard Black wrote about the police ending the investigation. Michael Mann is quoted in the story, pointing out the importance of continuing the international investigation to find the culprit(s) now that the UK police have given up: 

Prof Michael Mann from Penn State University in the US, who collaborated with CRU researchers on many projects and led the development of the noted “hockey stick” graph, said it was important that the criminals be brought to justice.

“I hope that the separate investigation underway by the Justice Department in the US will continue undaunted, especially since the British police concluded that the data breach was the result of a 'sophisticated and carefully orchestrated attack',” he told BBC News.


But when you recognize that Norfolk Constabulary spent more than twice as much money investigating the 'theft' of soda pop from their evidence locker by their own staff, you really do have to wonder how much of a 'priority' this hacking investigation was. 

Hopefully the ongoing international investigation will redouble its efforts in the wake of the Norfolk Constabulary's acknowledgement of failure. 

They did prove one very important point- that the hack was definitely external and had nothing to do with UEA personnel. That's a step in the right direction, but the FOIA documents showing that they spent zero resources on the investigation during several months is not indicative of a 'priority' effort. 

See my earlier post re: expenditures:

BBC’s Richard Black reporting:

I am afraid the Climategate meme will remain for a very long time. It “sticks” too well. Analyze it as much as you want, show its idiocy over and over again, I think there is no way around the reality that it was the denialist’s on-two punch against progress, the perfect PR coup, worth a thousand Watts et al.

Time to move on …

At least the Norfolk report discredits the denier idea that it was done by a disgruntled employee inside East Anglia. 

If it was “sophisticated” techniques that were used, international agencies studied the event to identify the techniques used and to find preventions. There are national security implications and you will never hear any details. There is the suspicion that a foreign power was involved. This is a matter taken seriously by outfits with capacities far above the Norfolk police.