How much data can police swipe from suspects' phones without a warrant? (Hint: A lot)

A clearer picture has emerged as to just how much data is swiped by U.S. law enforcement when a cell phone is plugged in and its data is downloaded with forensic tools.
Written by Zack Whittaker, Contributor

Call logs, text messages, geo-locations and even data relating to proprietary technologies, such as Apple's iMessage service: All of these can be downloaded by U.S. law enforcement when a suspect's phone is plugged in and the data harvested for intelligence purposes.

Up until now, most had no idea exactly what was collected or how it could be used, though it was believed this data could be acquired.

Discovered by the U.S.-based privacy group, the American Civil Liberties Union (ACLU), we now have a much clearer image of how much data from a seized cell phone or smartphone the U.S. government gets when a suspect's phone is plugged into a data collection device. 

Screen Shot 2013-02-27 at 07.31.23
A court document detailing the data collected from a seized iPhone (Credit: ACLU)

A court document submitted in connection with a drugs investigation shows that even Web history, data files, wireless networks and the user's custom dictionary are downloaded when advanced forensic tools are connected to a suspect's device.

Also collected were the device's geo-location points, including cell towers, allowing authorities to pinpoint roughly where the device—and therefore the suspect—may have been geographically.

And because many use their cell phones and smartphones to access email on the move, it could allow authorities access to a goldmine of data—whether it's used in the investigation or otherwise. This ultimately may allow authorities to bypass the need to submit subpoenas or search warrants -- under the Stored Communications Act -- to Apple, Google, Microsoft and others who provide email services, because the email data is already stored on the suspects' device.

On to the back story, according to the ACLU: U.S. Immigration and Customs Enforcement (ICE) officers seized an iPhone from the bedroom of a suspect in a drugs-related investigation. In just one data extraction session, a substantial amount of private and personally sensitive data was collected from the device, including passwords, pictures, videos and stored voicemails. 

In this case, ICE searched the suspect's house under a search warrant and obtained another warrant based on "probable cause" before conducting a search of the device. The ACLU notes that "even though ICE obtained a warrant for this cell phone search, courts are divided about whether a warrant is necessary in these circumstances, and no statute requires one."

For those who are at the border, for instance—ICE conducts most of its activities at the border and ports of entry—warrants are not required to search a device from a person entering the United States, including those who are forced to go through Secondary Security Screening Selection (SSSS).

Those at the border waiting to arrive on U.S. soil are therefore not yet subject to U.S. law and do not enjoy Fourth Amendment rights. Those who refuse may be disallowed entry to the country, even if they travel on a valid U.S. visa.

The privacy group sums up their concern:

We would have never carried around several years’ worth of correspondence [on our person], for example—but today, five-year-old emails are just a few clicks away using the smartphone in your pocket. The fact that we now carry this much private, sensitive information around with us means that the government is able to get this information, too.

Editorial standards