ðŸšĻ The AN0M Trap

How Law Enforcement Changed Messages & How To Fight Back

Here's The Problem:

AN0M was supposed to be secure encrypted messaging. But the FBI secretly built a backdoor into every message. They could read, modify, and delete anything you sent - and you would never know. Even worse: by the time evidence reaches court, you can't prove it was changed. BUT - there IS a way to fight back.

ðŸŠĪ The Trap Explained

When you use AN0M, something secret happens. The app creates a hidden copy of every message you send and sends it to a secret FBI bot contact that you can't see. This copy goes to law enforcement servers, not to your friend.

ðŸ“ą Your Phone

I will see you today

✓ You Sent This

ðŸ‘ŧ Secret Copy

I will see you today

⚠ïļ FBI Got This (Hidden)

ðŸ‘Ĩ Your Friend

I will see you today

✓ They Received This

ðŸŽŊ Key Point: Your friend got the real message, YOU got the real message, but FBI also has a secret copy that you don't know about. And FBI can do whatever they want with it.

⚠ïļ Here's The Trap:

1. FBI Has The Secret Copy - While your friend was reading "I will see you today," the FBI's secret bot was also receiving that exact message.
2. FBI Built AN0M - The FBI created this app. They built it with a backdoor. They have the master decryption key.
3. FBI Can Read & Change It - FBI can decrypt that secret copy, change the words, and re-encrypt it.
4. You Can't Prove It - You only have the encrypted form the FBI let you see. You never had access to the form FBI captured.

⚙ïļ How The Tampering Works

This is the technical flow. It's simple but devastating:

Stage What Happens Who Controls It?
1. You Type A Message "I will see you today" You
2. App Creates Secret Copy Hidden ghost bot gets the same message FBI (they built the app)
3. Both Sent Encrypted Message + secret copy both encrypted You (using keys FBI gave you)
4. Your Friend Gets Original Receives: "I will see you today" ✓ Your Friend
5. FBI Gets Secret Copy Ghost bot server in Europe collects it FBI
6. FBI Decrypts It Uses master key to read: "I will see you today" FBI
7. FBI CHANGES IT Modifies to: "I will give you 200kg today" FBI ← THIS IS THE CRIME
8. FBI Re-encrypts It Encrypted with FBI's key FBI
9. Stored In Database The FAKE message is now in FBI's database FBI
10. Goes To Court Evidence presented: "I will give you 200kg today" Police
ðŸ’Ą The Genius Of The Trap: You can't prove it was changed because the only place the original encrypted copy exists is in FBI's hands. You never had access to it.

⚖ïļ Why The Australian Court Made A Mistake

UPDATE: The 2024 court ruling was made OFFICIAL in October 2025 by the High Court. But there's a dark twist - Parliament changed the law AFTER the case was granted special leave to appeal to prevent the courts from potentially ruling against the AFP.

❌ RULE 1: Authentication Requirement

The Law: Evidence must be authenticated to show it is what it claims to be.

Why AN0M Evidence Fails: The prosecution cannot authenticate AN0M messages because:

  • Only the FBI had access to the encrypted BCC message
  • No independent verification of what was originally transmitted
  • The recipient received a DIFFERENT message than what's in the database
  • FBI had motive and opportunity to modify evidence

❌ RULE 2: Hearsay Rule

The Law: A statement made outside of court, offered to prove the truth of the matter, is hearsay and inadmissible (unless an exception applies).

Why AN0M Evidence Is Hearsay:

  • Messages in database are "statements" made outside court
  • Prosecution offers them to prove defendant said X
  • Only "witness" is the FBI-controlled database
  • No way to cross-examine a computer system

❌ RULE 3: Chain of Custody Failure

The Law: Physical or digital evidence must have an unbroken chain of custody showing every person who handled it and what they did.

Why AN0M Evidence Fails Chain of Custody:

  • Messages passed through User Device → XMPP Server → Proxy Server → iBot Server → FBI Database
  • Each point was completely controlled by law enforcement
  • No independent verification at any stage
  • No logs of who accessed messages or what changes were made
  • No way to prove the database entry matches what was originally sent

❌ RULE 4: Right to Confront Witnesses

The Law: Defendants have the constitutional right to confront the witnesses against them.

Why AN0M Evidence Violates This Right:

  • The "witness" is the FBI database - a computer system cannot be cross-examined
  • FBI operators who could testify are not called
  • No way to question them about what messages they may have modified
  • Recipient's testimony (the actual witness to what was sent) is excluded or contradicted
ðŸ’Ĩ THE COURT'S MISTAKE:
The Australian High Court ignored 4 fundamental evidence rules to allow this evidence.
But here's the scandal: Parliament changed the law to make it admissible.

📋 Real-World Example

ðŸ‘Ī John's Actual Message

"I will see you today"

John told his friend Mark he'd meet him.

Mark received this exact message ✓

ðŸ‘Ū FBI Secretly Has

"I will give you 200kg today"

FBI modified the message in their database.

Changed "see you" to "give you 200kg" ⚠ïļ

⚖ïļ What Court Sees

"I will give you 200kg today"

Evidence presented: Drug trafficking conspiracy!

John Gets 15 Years ✗

🎭 What The Defense Looks Like:

DEFENSE ARGUMENT:

"Your Honor, this message is fake. My client said 'I will see you today.' The recipient, Mark Jones, confirms he received 'I will see you today.' The prosecution has no proof beyond their own database.

The FBI built AN0M with a hidden backdoor. They collected secret copies of messages. They can decrypt, modify, and re-encrypt without detection. There is no digital signature. There is no blockchain. There is no independent verification.

The only copy of the 'original' encrypted message is in the FBI's possession. They are the sole source of the evidence against my client. This violates the rules of evidence and the right to confront witnesses."
PROSECUTION RESPONSE:

"Your Honor, the database evidence is reliable. AN0M was the official encrypted communications platform. The messages were intercepted on our servers. The encryption methods are standard. The fact that the defendant's claims of tampering are theoretically possible does not make them true.

The defendant is simply making excuses. Yes, we had access to the system, but that doesn't mean we modified messages. The evidence is admissible."
WHY THE DEFENSE IS RIGHT:

The prosecution's argument fails because:
  • ✓ "Theoretically possible" is not the standard - chain of custody is mandatory
  • ✓ Having access AND motive IS proof of potential tampering
  • ✓ Independent witness (Mark) contradicts FBI's version
  • ✓ No digital signatures, blockchain, or immutable logs
  • ✓ Fails authentication, hearsay, chain of custody, and confrontation clause
ðŸ’Ĩ THE PROBLEM:
The Australian High Court ruled the evidence admissible anyway, ignoring these legal flaws.
✅ THE SOLUTION:
Even though parliament changed the law, you can still fight using reliability and Section 135 & 136.

ðŸ”Ļ The Cellebrite UFED & Device Evidence Problem

⚠ïļ CRITICAL FINDINGS: Devices seized during Operation Ironside (~390 cases) were NEVER forensically examined. All evidence comes from unprotected FBI/AFP servers. Cellebrite UFDR files are prosecution-curated subsets that can be edited undetectably.

When police raid a device, they use Cellebrite UFED (Universal Forensic Extraction Device) to extract data. But here's the smoking gun: Australian police SEIZED devices but performed NO forensic extraction. All evidence comes from FBI servers. Even worse, the Cellebrite UFDR files presented to court are not original device data - they are curated subsets with zero integrity protection.

1

ðŸšĻ THE SMOKING GUN: NO DEVICE EXTRACTION EVER OCCURRED

VERIFIED FACT - This is the single most damaging issue for the prosecution: Australian police seized defendants' devices during raids but NEVER performed forensic extraction on them. All ~390 Operation Ironside cases rely 100% on unverified FBI server records.

  • Devices were seized - Police raided homes and took phones (including cases like CD v TB, South Australian prosecutions)
  • But NEVER examined - No Cellebrite UFED extraction, no forensic imaging, no technical analysis
  • Evidence is ONLY from FBI servers - Everything comes from FBI/AFP iBot servers in Europe
  • No proof devices sent anything - Prosecution has ZERO forensic evidence connecting seized devices to the messages
  • Defense locked out completely - Defendants and defense counsel FORBIDDEN from accessing or examining the seized devices
  • FBI refuses data access - FBI explicitly will NOT provide defendants with original server data or allow independent verification

⚠ïļ This violates the most basic rule of evidence law: Chain of custody. The prosecution cannot link the defendant's DEVICE to the messages in the FBI DATABASE.

2

ðŸšĻ UFDR Files Are NOT Original Data - Prosecution Selectively Curated Evidence

CRITICAL FORENSIC ISSUE: The UFDR files presented to courts are NOT the original device data. They are deliberately curated subsets created by Cellebrite examiner, with prosecution choosing what data to include or exclude:

  • UFED = Raw Hardware Extraction - Connects to physical device, pulls all accessible data
  • Physical Analyzer = Examiner Software - Decodes raw UFED file, shows complete dataset
  • UFDR = CURATED SUBSET - Examiner selects which data categories to include, applies filters, creates "report" file
  • Court Gets UFDR Only - Prosecution provides curated UFDR file, never the complete raw UFED extraction
  • Defense Gets UFDR Only - Defendants cannot access original raw device data or complete UFED file
  • Examiner's Choice Determines Content - What appears in court depends on prosecution's choices about what to include

⚠ïļ THIS IS THE SMOKING GUN: UFDR files are not forensic evidence - they are prosecution-curated reports. Examiner could include messages showing guilt while excluding messages showing innocence. There is zero cryptographic link between the UFDR file content and what was actually on the device. Court has no way to verify the UFDR represents complete or authentic device data.

3

UFDR Files Have Zero Integrity Protection & Can Be Fabricated

VERIFIED FACT: Cellebrite UFDR files are designed as viewable reports, NOT secure forensic evidence. They are completely unprotected and editable:

  • UFDR files are UNENCRYPTED - Stored in plaintext, readable/editable by anyone with basic tools
  • NO CRYPTOGRAPHIC HASHING - No mathematical fingerprints proving file authenticity
  • NO DIGITAL SIGNATURES - No way to verify who created or modified the file
  • NO INTEGRITY CHECKING - No system detects if UFDR file has been altered
  • Can Be Edited & Re-opened - UFDR files can be modified with simple tools and UFDR Reader shows edited data as authentic
  • System Provides ZERO WARNINGS - When UFDR file is opened, viewer has no indication it may have been modified

ðŸ’Ą What Legitimate Forensic Evidence SHOULD Have: Cryptographic hashes, digital signatures, encryption at rest, audit logs, immutable storage. UFDR files have NONE of these. This is why they're designed as viewer reports, NOT as legal evidence. Yet prosecution is using them to convict people.

4

IMEI Numbers Could Have Been Fabricated Post-Extraction

TECHNICAL VULNERABILITY: AN0M platform required device identification. Android 10+ prevents apps from reading actual IMEI. AFP/FBI-controlled servers assigned identification numbers - these could be added AFTER device seizure:

  • Android 10+ Blocks IMEI Access - Standard apps cannot read device IMEI numbers (since 2019)
  • AN0M Needed Device Identification - Platform required some form of unique device identifier
  • AFP/FBI Assigned Identifiers - "Fixed identification number assigned to each user" controlled by law enforcement servers
  • Numbers NOT from Actual Device IMEI - Because Android blocked IMEI access, AN0M identifiers came from AFP/FBI assignment, not device hardware
  • Could Be Added Any Time - Identification numbers could be assigned before device seizure, AFTER extraction, or during database entry
  • No Cryptographic Proof of Origin - No way to verify when or how identification number was assigned to device
  • Prosecution Cannot Prove Link - Cannot prove "device X with AN0M identifier Y" actually existed or was possessed by defendant

⚠ïļ CRITICAL: AN0M platform was imperfect (as police files show GPS location recording sometimes failed). The system could have: assigned wrong identification numbers, linked devices incorrectly, or added identifiers long after devices were seized. There is ZERO way for defense to verify when or how IMEI/identification data was added to the database.

5

Devices Locked Away - Defense Completely Shut Out

VERIFIED FACT: The seized devices remain under exclusive police/prosecution control with ZERO independent oversight. This is fundamentally unfair to defendants:

  • Exclusive police custody - Devices held by prosecution without independent monitoring
  • Defense access DENIED - Defendants and defense counsel FORBIDDEN from examining their own devices
  • No forensic examination - Prosecution refuses to perform (or allow) forensic extraction to prove possession
  • Can't verify device condition - Defense cannot check if devices are operational, intact, or tampered with
  • Can't compare to server records - Defense cannot independently extract and compare device data to FBI's server claims
  • No third-party oversight - Prosecution refuses independent verification of device authenticity or contents
  • No chain of custody - No documented proof of how devices were handled, stored, or protected

⚠ïļ This is the opposite of fair trial: In any fair criminal process, defendants can examine evidence against them. Here, defendants cannot even TOUCH the devices they allegedly used. Prosecution has complete unilateral control and claims they know what's on them. This violates fundamental fairness and Section 136 of the Evidence Act.

6

The Chain of Custody Is COMPLETELY BROKEN

CRITICAL: The prosecution's case rests on assuming seized devices sent messages that appear in FBI's database. But there is ZERO forensic evidence linking device to database:

  • ✗ NO forensic extraction - Police never examined what was actually ON the defendant's device
  • ✗ NO comparison between device and server - Cannot prove device contents match FBI database records
  • ✗ NO proof of device ownership - No evidence defendant actually possessed the seized phone
  • ✗ NO technical link - No metadata, digital signatures, or technical proof device communicated with FBI servers
  • ✗ NO expert evidence - No forensic expert testimony about device condition, functionality, or authenticity
  • ✗ NO chain of custody documentation - No sealed evidence bags, handoff records, or oversight logs
  • ✗ NOTHING BUT FBI'S WORD - Prosecution assumes messages came from defendant's device based ENTIRELY on FBI saying so

ðŸšĻ THIS IS THE FOUNDATION OF THE CASE, AND IT'S COMPLETELY ABSENT: The most basic rule of criminal evidence requires linking a defendant to the alleged conduct through tangible evidence. Here, the prosecution cannot prove defendants' devices were involved in AN0M at all. Without forensic examination of devices, the prosecution cannot prove defendants' devices were involved in AN0M at all. Without access to FBI's original data, defendants cannot verify messages haven't been fabricated. Without integrity protection on the database, the messages could have been inserted at any time. The prosecution's entire case is built on an unverifiable assumption backed by Parliament's retroactive law.

⚠ïļ WHAT ACTUALLY HAPPENED: Real Australian Cases Like CD v TB (2025 High Court)

1. Police Raid (Example: CD v TB Case) - South Australian police raid homes, seize phones believed to be AN0M devices. No video recording. No independent oversight.
2. Devices NEVER Forensically Examined - VERIFIED FACT: Police do NOT perform Cellebrite UFED extraction. No forensic imaging. No technical analysis of what's on the phones.
3. Devices Locked in Evidence Storage - Seized phones stored in police custody. Defendants FORBIDDEN from accessing their own devices. Defense counsel DENIED examination rights.
4. All Evidence from FBI Servers (Not Devices) - VERIFIED FACT: Prosecution relies 100% on FBI's iBot servers in Europe. Zero evidence from the actual devices defendants allegedly used.
5. No Forensic Link Device-to-Server - CRITICAL: There is NO technical proof messages came FROM the defendant's seized device. Prosecution merely ASSUMES based on FBI's database.
6. UFDR File Created by Prosecution (Not Original Device Data) - Police use Cellebrite UFED to extract from device, but they don't provide the raw extraction. Instead, they create a UFDR "report" where the examiner selects which data categories to include. This curated UFDR subset is all the defense ever sees. The original complete device data is never disclosed. Examiner's choices determine what appears in court.
7. UFDR File Has Zero Integrity Protection - The Cellebrite UFDR file provided to court is completely unencrypted. It has no cryptographic hashes, no digital signatures, and no integrity checking mechanisms. The file can be edited with simple tools. When opened in UFDR Reader, edited data displays as authentic without any warning that the file has been modified.
8. IMEI Numbers Could Be Fabricated Post-Extraction - AN0M required device identification. Android 10+ prevents standard apps from reading real IMEI numbers. The platform assigned its own identifier numbers from AFP/FBI servers. These numbers could have been added before seizure, after extraction, or during database entry. There is no cryptographic proof of when or how IMEI identification was assigned. The prosecution cannot prove the seized device matches the AN0M identifier in the database.
9. Court Accepts Police Evidence - Court sees the curated, unprotected, potentially edited UFDR file. Defendant is convicted based on evidence with zero integrity protection, where device identification numbers are unverifiable, and the original device was never forensically examined.
ðŸšĻ THE UFDR FRAUD ðŸšĻ
Cellebrite UFDR files presented in court are NOT secure forensic evidence. They are prosecution-curated reports with ZERO integrity protection. The evidence file examined in court:
  • ✗ Is not the original device data (it's a curated subset)
  • ✗ Was selected/filtered by prosecution examiner's choices
  • ✗ Can be edited with simple tools and then re-opened
  • ✗ Shows NO warnings if file has been modified
  • ✗ Is unencrypted and has no protection mechanisms
  • ✗ Cannot be verified as authentic or complete
  • ✗ Has no cryptographic link to the original device
  • ✗ Contains device identification (IMEI) that may be fabricated
And the original seized devices were NEVER forensically examined, so there is NO proof the device was ever the source of ANY messages.
ðŸšĻ THIS VIOLATES EVERY FUNDAMENTAL RULE OF EVIDENCE ðŸšĻ
VERIFIED FACTS: The prosecution has never examined the defendants' seized devices. They rely 100% on FBI's unprotected, unverified server database. FBI explicitly refuses to allow defendants access to original data. Questions exist about whether original data still exists. The prosecution convicted ~390 people (Operation Ironside) on evidence that has:
  • ✗ No forensic extraction linking device to messages
  • ✗ No chain of custody documentation
  • ✗ No integrity protection on the database
  • ✗ No cryptographic hashes or digital signatures
  • ✗ No audit logs of who accessed/modified records
  • ✗ No independent verification possible
  • ✗ Zero defense access to examine evidence
  • ✗ FBI refusal to provide original data
This isn't evidence. This is an assumption backed by Parliament's intervention to prevent courts from ruling it unlawful.
ðŸ’Ą Why This Destroys The Prosecution's Case:

VERIFIED PRINCIPLE: In ANY fair criminal case, the prosecution must link the defendant to the alleged conduct through physical evidence and forensic examination. Operation Ironside (~390 cases) violates this principle:

WHAT THE PROSECUTION HAS:
  • ✗ Seized devices that were NEVER examined
  • ✗ Curated UFDR files (not original device data)
  • ✗ Server database records with ZERO integrity protection
  • ✗ UFDR files that can be edited undetectably
  • ✗ IMEI numbers that may be fabricated
  • ✗ FBI's EXPLICIT REFUSAL to provide original data
  • ✗ QUESTIONS about whether original data still exists
  • ✗ Parliament's intervention (which proves government knew it was questionable)
WHAT THE PROSECUTION LACKS:
  • ✓ Any forensic evidence proving device sent the messages
  • ✓ Any comparison between device contents and server records
  • ✓ Any chain of custody documentation
  • ✓ Any cryptographic verification of data authenticity
  • ✓ Any independent verification mechanism
  • ✓ Any defense access to examine the evidence
  • ✓ Any way to prove the case at all
THE BOTTOM LINE: Without forensic examination of devices, the prosecution cannot prove defendants' devices were involved in AN0M at all. Without access to FBI's original data, defendants cannot verify messages haven't been fabricated. Without integrity protection on the database, the messages could have been inserted at any time. The prosecution's entire case is built on an unverifiable assumption backed by Parliament's retroactive law.

🏛ïļ The Parliament Scandal: How Government Changed The Law

⚠ïļ UNPRECEDENTED: Parliament passed the Surveillance Legislation (Confirmation of Application) Act 2024 AFTER the High Court had already granted special leave to appeal. This is a fundamental breach of separation of powers.

This is what actually happened in 2025:

1

Courts Begin To Question

Defendants challenged whether AN0M evidence was unlawfully intercepted under the Telecommunications (Interception and Access) Act 1979.

  • Trial judge dismissed the challenge
  • South Australian Court of Appeal also rejected it
  • But defendants were granted special leave to appeal to High Court
  • This meant the High Court agreed the issue was serious enough to hear
2

Government Panics - Parliament Acts

AFTER the High Court granted special leave to appeal, Parliament passed the Surveillance Legislation (Confirmation of Application) Act 2024.

  • This Act "clarified" that AN0M was NOT unlawfully intercepted
  • It retroactively validated the evidence
  • It was passed WHILE the case was before the High Court
  • Extraordinarily, parliament intervened to block judicial review
3

Defendants Challenge Parliament's Law

CD and TB (the defendants) then challenged the validity of the new Act, arguing:

  • Parliament impermissibly exercised judicial power
  • Parliament interfered with institutional integrity of courts
  • This violates separation of powers
  • Parliament should not direct courts how to decide cases
4

High Court Says Parliament Can Do This

In October 2025, the High Court ruled (unanimously) that the Act was valid.

  • Court said Parliament was just amending evidentiary rules
  • Court did NOT rule on whether original conduct was lawful
  • Court avoided the substantive constitutional question
  • Case became "moot" and original appeal was revoked
ðŸšĻ THE SCANDAL ðŸšĻ
Parliament Changed The Law While The Case Was In Court To Prevent Judges From Ruling Against The Government

⚠ïļ Why This Is A Constitutional Crisis

Timeline:
  • 2021: Operation Ironside ends - 390 people arrested using AN0M evidence
  • 2024 Early: Courts begin questioning if evidence was unlawfully intercepted
  • 2024 Mid: Defendants granted special leave to appeal to High Court
  • 2024 Late: Parliament passes law retroactively validating the evidence
  • 2025 October: High Court rules the Parliament's new law is valid (doesn't rule on original conduct)

ðŸ”ī The Constitutional Problem

Separation of Powers Violation: Parliament passed a law specifically designed to prevent courts from potentially ruling against the government. This:

  • Undermines judicial independence
  • Shows government concern about the legality of the operation
  • Creates precedent for future retrospective validation of unlawful conduct
  • Weakens statutory protections against unlawful surveillance
  • Erodes public confidence in institutions

ðŸ”ī Why This Sets A Dangerous Precedent

Future governments now know they can:

  • Conduct surveillance or investigations of questionable legality
  • When courts challenge the legality, pass a law "clarifying" it was always legal
  • Frame it as amendment to evidentiary rules, not direction to courts
  • Avoid substantive judicial review of government conduct
  • Protect large-scale operations from legal scrutiny
ðŸ’Ą Most Disturbing Aspect: We still don't know if the original AN0M operation was actually unlawful under the Telecommunications (Interception and Access) Act. The High Court deliberately avoided answering this substantive question. Parliament blocked the court from ever finding out.
✅ BUT HERE'S THE HOPE:
Even though Parliament changed the law, Section 135 and 136 of the Evidence Act still allow courts to exclude evidence that is unreliable.

⚖ïļ How To Fight Back & Win

💊 GOOD NEWS: Even though Parliament changed the law and the 2025 High Court ruling made AN0M evidence technically admissible, you can still fight using reliability arguments under Australian Evidence Act Section 135 and 136. Here's the blueprint:

ðŸ‡Ķ🇚 AUSTRALIAN EVIDENCE ACT 1995 - YOUR LAST RESORT WEAPON

SECTION 135: EXCLUSION OF UNRELIABLE EVIDENCE

The court MUST exclude evidence that is so unreliable it could harm justice. The court must consider:

  • The nature of the evidence - Is it digital? Was it controlled by one party?
  • How the evidence was created - Was it extracted without integrity protection?
  • How the evidence was adduced - Does it have a chain of custody? Hash verification?
  • The reliability of the evidence - Can it be verified independently?

⚡ THE KEY: AN0M evidence + Cellebrite UFDR evidence fails ALL of these criteria. The court MUST exercise its discretion under s.135 - regardless of what Parliament said.

SECTION 136: GIVING OF EVIDENCE MAY BE LIMITED

The court may limit how evidence is given if it would cause unfairness to the accused. AN0M and Cellebrite evidence causes unfairness because:

  • Defendant cannot access original device for independent verification
  • Defendant cannot test the evidence for integrity
  • Defendant cannot verify files have not been edited
  • Prosecution had sole custody and access to all evidence
  • No hash verification, encryption, or digital signatures
  • Tampering is undetectable through technical means
💞 Critical Precedent: Institutional Integrity Matters

The High Court's 2025 decision acknowledged (even while upholding Parliament's law) that there are "concerns regarding the institutional integrity of courts." This means judges can still refuse to accept evidence that compromises justice, even if technically admissible.

ðŸŽŊ THE RELIABILITY ARGUMENT SURVIVES PARLIAMENT'S INTERFERENCE

Here's the critical point: Parliament changed the law to say AN0M evidence was "lawfully obtained." But Parliament CANNOT change the Evidence Act sections about reliability and unfairness. Section 135 and 136 still apply:

  • Even if Parliament says evidence is "lawfully obtained," courts can exclude it as unreliable
  • Even if Parliament says evidence is admissible, courts can exclude it as causing unfairness
  • Parliament did NOT change Section 135 or 136
  • Courts retain discretion to exclude untrustworthy evidence
1

Demand Access To Original Device

File a discovery request and motion demanding:

  • Access to the original device for independent forensic extraction
  • Right to conduct your own Cellebrite UFED extraction
  • Chain of custody documentation for the device
  • Proof device was sealed/protected when in police custody
  • Video evidence of the raid and device seizure

If police refuse = evidence is ABSOLUTELY INADMISSIBLE under s.135 and s.138A (failure to provide evidence to support chain of custody).

2

Challenge Parliament's Law As Unconstitutional

Argue that even though the High Court upheld it, the law:

  • Demonstrates Parliament's concern about legality
  • Shows government knew the operation was questionable
  • Creates reasonable doubt about institutional integrity
  • Justifies heightened scrutiny of evidence quality
  • Should make courts cautious about reliability
3

File Motion Under Section 135

Motion to exclude evidence as unreliable:

  • AN0M evidence: FBI built the system, had master keys, could edit
  • Cellebrite UFDR evidence: Curated subset, no integrity protection, easily edited
  • Combined evidence: Both unverifiable, both prosecution-controlled
  • Defense cannot independently verify either form of evidence
  • Reliability is in serious doubt
4

Hire Expert Witnesses

You need multiple experts to testify:

  • Cryptography expert: AN0M backdoors, master keys, edit vulnerability
  • Digital forensics expert: Cellebrite UFDR vulnerabilities, curation issues, editing capability
  • Android security expert: IMEI restrictions, device identification vulnerabilities
  • Institutional expert: Parliament's unprecedented intervention, constitutional concerns
  • All should testify about reliability concerns and reasonable doubt
5

Get Recipient To Testify

Call the actual recipient of messages to testify:

  • "What message did the defendant actually send you?"
  • "Does the prosecution's version match what you received?"
  • If different = direct evidence of tampering
  • This contradicts prosecution evidence and creates reasonable doubt
  • Shows evidence reliability is compromised
6

Argue Confirmation Bias & Institutional Failure

Show why courts should be skeptical:

  • Parliament intervened specifically to protect this operation
  • This shows government concern about legality
  • Without cameras, hash verification, or oversight, tampering is undetectable
  • Police had motive and opportunity to falsify
  • Court should apply heightened scrutiny
ðŸŽŊ THE KILLER ARGUMENT - SECTION 135 EXCLUDES THIS EVIDENCE:

"Your Honor, this evidence must be excluded under Section 135 of the Evidence Act because it is so unreliable it could harm the course of justice. The prosecution cannot even prove the defendant's devices were involved:

VERIFIED FACTS (from High Court judgment CD v Commonwealth HCA 37, 2025 and court records):

1. DEVICES NEVER EXAMINED - Police seized the defendant's phones but performed NO forensic extraction, NO imaging, NO technical analysis whatsoever. Zero forensic evidence the device was used for AN0M.

2. NO LINK DEVICE-TO-DATABASE - There is ZERO evidence the messages in FBI's server database came FROM the defendant's seized device. Prosecution merely assumes this based on FBI's word.

3. UFDR FILES ARE CURATED, NOT ORIGINAL - The Cellebrite UFDR files presented to court are NOT the original device data. They are selectively curated subsets where the prosecution examiner chose which data categories to include. There is zero cryptographic link between UFDR content and actual device data.

4. UFDR FILES HAVE ZERO INTEGRITY PROTECTION - The UFDR database has:
  • ✗ No cryptographic hashes proving authenticity
  • ✗ No digital signatures proving who created records
  • ✗ No encryption-at-rest protecting data
  • ✗ No audit logs showing who accessed/modified messages
  • ✗ ZERO technical ability to detect tampering
UFDR files can be edited with simple tools. When reopened, edited data displays as authentic with ZERO warnings.

5. FBI REFUSES DATA ACCESS - FBI explicitly will not allow defendants or defense counsel to access original server data for independent verification. Questions exist about whether original unmodified data still exists.

6. IMEI NUMBERS CANNOT BE VERIFIED - Device identification linking messages to the seized device:
  • Could have been added after device seizure
  • Cannot be verified as legitimate (Android 10+ blocks IMEI access)
  • Was assigned by AFP/FBI servers, not extracted from device
  • Is stored in unprotected database
  • May not match actual device hardware IMEI
7. DEFENSE LOCKED OUT COMPLETELY - Defendants are forbidden from:
  • Examining their own seized devices
  • Accessing FBI's server database
  • Performing independent forensic extraction
  • Verifying message authenticity in ANY way
In effect, only the prosecution can see the evidence and can modify it without detection.

8. PARLIAMENT'S INTERVENTION PROVES GOVERNMENT KNOWS EVIDENCE IS QUESTIONABLE - Parliament passed the Surveillance Legislation (Confirmation of Application) Act 2024 AFTER the High Court granted special leave to appeal. This demonstrates government concern about legality and shows the evidence was known to be on shaky legal ground.

Your Honor, this case rests on evidence that:
  • Cannot be verified as authentic
  • Cannot be linked to the defendant's device
  • Cannot be examined by defense
  • Can be fabricated without detection
  • Is controlled exclusively by the prosecution
  • Is stored without integrity protection
  • Comes in curated form with key data potentially excluded
  • Contains device identification that may be fabricated
This is the definition of unreliable evidence that could harm the course of justice. Section 135 of the Evidence Act mandates exclusion. This evidence must be excluded."
✅ YOU CAN STILL WIN
Parliament changed the law, but they didn't change Section 135 and 136. Courts can still exclude unreliable evidence. Fight the reliability, not the legality.