Skip Navigation
Archive

Once Searched, Forever Seized: Why Cell Phone Searches Need a Warrant

When the Supreme Court decides whether cell phones are protected under the Fourth Amendment, they will also be deciding whether your personal data ends up in government databases.

  • Michael Price
  • Amos Toh
May 5, 2014

Cross­pos­ted from The Huff­ing­ton Post.

How private is the data on your cell phone? That was the big ques­tion before the Supreme Court last week in a pair of cases, Riley v. Cali­for­nia and United States v. Wurie, with the poten­tial for huge consequences for the future of inform­a­tion privacy.

The cases involve a long­stand­ing excep­tion to the Fourth Amend­ment that permits the police to search items on or near someone they have arres­ted, no warrant required. The rule was inten­ded to keep officers safe and prevent the destruc­tion of evid­ence. In recent years, however, the rule has given police free rein to seize and search the devices that store our calls, text messages, e-mails, and troves of other personal data such as our finan­cial history, medical inform­a­tion, and daily move­ments.

Many of the Justices expressed concern over the dispro­por­tion­ate inva­sion of privacy, suggest­ing that a warrant should be required for a cell phone search. But there was another ques­tion that caught the Court’s atten­tion: What happens to all that data once the police have it?

It is common prac­tice to copy the contents of device before search­ing it. But if the police don’t need a warrant to do that, then there is also no judi­cial check on what happens to that inform­a­tion, how it’s used, or who gets to see it. A warrant require­ment would serve two purposes. It would be a bulwark against highly invas­ive fish­ing exped­i­tions resem­bling the “general warrants” so abhorred by the nation’s Found­ing Fath­ers. And it would provide a way to limit the sens­it­ive inform­a­tion that the govern­ment is allowed to keep and share about you.

The reten­tion of cell phone data raises extraordin­ary privacy concerns above and beyond whatever visual inspec­tion a police officer might need to conduct on the spot. In the Riley case, for example, a San Diego detect­ive admit­ted to down­load­ing “a lot of stuff” from the cell phone at a regional computer forensics lab run by the FBI. The lab gave local police access to soph­ist­ic­ated forensics tech­no­logy capable of making mirror copies of data stored on elec­tronic devices.

An amicus brief filed by the Bren­nan Center for Justice points out that this kind of soph­ist­ic­ated data extrac­tion is not unusual. It is a law enforce­ment tactic that has become increas­ingly popu­lar around the coun­try. Since 1999, the FBI has partnered with local law enforce­ment agen­cies to estab­lish a network of forensic computer labs in 19 states. When it comes to cell phone data, these labor­at­or­ies provide local police access to “Cell Phone Invest­ig­at­ive Kiosks,” which allow officers to “extract data from a cell phone, put it into a report, and burn the report to a CD or DVD in as little as 30 minutes.” In other words, the police can pull data off your cell phone about your ‘whole life’ in the time it takes you to upload pictures of your vaca­tion to Face­book.

Local police policies vary from place to place, but the FBI’s proced­ures for hand­ling digital evid­ence provides a glimpse into how highly personal inform­a­tion can wind up on govern­ment data­bases for decades. All cell phone data seized by the FBI feeds into a cent­ral­ized data­base set up for crim­inal and coun­terter­ror­ism purposes. The data is widely shared — about 12,000 govern­ment employ­ees have access to it — and there are few limits on how long the data can be kept. This massive cent­ral­iz­a­tion of Amer­ic­ans’ data creates an enorm­ous poten­tial for abuse. Indeed, FBI agents were recently caught look­ing up the Bureau’s data­bases about friends work­ing as exotic dancers or celebrit­ies they thought were “hot.”

More than 12 million people are arres­ted each year, the vast major­ity for misde­mean­ors. Many of those arres­ted were likely carry­ing cell phones and other elec­tronic devices. A warrant to search those cell phones will not make every privacy concern disap­pear, but it will at least help ensure that highly personal data does not end up on govern­ment data­bases without adequate justi­fic­a­tion. Unlike an officer in the heat of an invest­ig­a­tion, a court has the capa­city to design the search so it meets law enforce­ment needs in a partic­u­lar case, but does not need­lessly expose Amer­ic­ans’ private inform­a­tion. Courts can and should impose restric­tions on what police can do with the data they seize, includ­ing proced­ures that segreg­ate and purge irrel­ev­ant inform­a­tion.

The law must keep pace as tech­no­logy evolves and the thirst for data grows. The old rules simply do not account for the volumes of personal inform­a­tion on modern cell phones, or the role such devices play in soci­ety. Requir­ing a warrant for cell phone searches related to an arrest will prevent our personal data from being searched need­lessly, kept indef­in­itely, and used improp­erly.

Photo by Pieter Ouwerkerk.