Advertisement

The latest Supreme Court ruling requires training, policy, and technology for the proper handling of mobile device evidence.The latest Supreme Court ruling requires training, policy, and technology for the proper handling of mobile device evidence.

The United States Supreme Court’s ruling in Riley v. US (573 U.S. ____ [2014]) may not have been much of a surprise to American law enforcement. Many agencies were already requiring officers to obtain search warrants before searching mobile devices.

Some state supreme courts had already ruled in favor of warrants for mobile device searches incident to arrest. While some SCOTUS analysts believed, following oral arguments in April, that the Court might set a “middle ground” rule, prosecutors, supervisors, and forensic lab examiners were preparing for a brighter line by requiring officers to seek warrants to be on the safe side

An old saying in firearms training, “Speed is fine; accuracy is finer,” applies to mobile forensics, too. No one—including the Supreme Court—disputes the importance of speedy access to critical evidence, especially in emergencies. As many officers know, mobile device searches can net important evidence that can provide new leads and possibly even put an offender behind bars within the first few hours of an investigation.

ENTRIES OPEN:
Establish your company as a technology leader. For 50 years, the R&D 100 Awards, widely recognized as the “Oscars of Invention,” have showcased products of technological significance. Learn more.

Many state and local jurisdictions had already facilitated warrants for searches incident to arrest by implementing electronic or telephonic systems. These allow judges to return warrants much more expeditiously—often within minutes—than officers applying in person, especially when in between business hours. Thus, even a roadside search incident to arrest can take place in a timely fashion.

To that end, the patrol officer or investigator who can articulate probable cause to search a device—whether seeking a warrant or justifying a warrantless search in exigent circumstances—is in a much better position to contribute valuable data to an investigation than the officer who asked a forensic examiner to “give me everything on the device,” a veritable fishing expedition.

Ultimately, rather than limiting law enforcement, the Riley decision frees agencies to deploy mobile data extraction capabilities across a much wider field of officers. By using policy and training as levers for the kinds of judgment calls that Chief Justice John Roberts envisioned in his opinion,1these agencies can reap a number of benefits:

  1. It would reduce the amount of backlog that many labs are experiencing. Many cases involve more than one digital device, and the storage space—hence the amount of data—found on modern mobile devices is increasing. Using Riley as leverage to get more officers conducting basic data analysis on “low hanging fruit” would free lab examiners to focus on more serious cases and technical forensic issues.
  2. First responders and investigators in the field would markedly improve their access to actionable evidence in the time they need to complete their investigations. This would be particularly true when a search doesn’t meet the exigency requirement as outlined in Riley, but officers still don’t have the luxury of waiting days or weeks to obtain the evidence they need.
  3. First responders and investigators would be able to leverage their own knowledge of a case, including physical evidence and interviews they conduct, to find the relevant mobile data.
  4. Over the long term, more officers with basic mobile forensics skills will be better equipped to respond to “cyber” crimes and evidence. They can communicate more effectively with forensic specialists and even be in a position to move more easily into specialist roles in the future. Improving officer professional development in this way enhances a law enforcement agency’s effectiveness.

Establishing a Practical Model for Mobile Device Search Incident to Arrest
The cornerstone of the Court’s ruling is that unlike other property that can be subject to warrantless search incident to arrest, absent exigency, mobile device data cannot constitute an immediate threat to officer or public safety, and can be preserved without being searched.

To ensure that first responders and investigators make the proper judgment calls when seizing a subject’s mobile device, a mix of training, policy, and equipment is needed.

Training informs law enforcement professionals about the wide variances in mobile device platforms, operating systems, chipsets, security, and other issues. Officers learn how to protect the device from the network and, in doing so, preserve the data from being remotely wiped or otherwise altered. Training also teaches them how to document each action they take, serving as a foundation for the forensic search.

Policy, including an agency’s own standard operating procedures or guidelines, supports training by providing guidance that is consistent with local and state laws and processes. It helps to prevent abuse and enforces standard evidence collection practices. It also enables investigators to provide testimony and evidence that meets legal standards and that is admissible in criminal proceedings.

Policy should empower investigators to judge when to seek a search warrant, when to perform a basic search for themselves, and finally, when to escalate a device to a forensic specialist for further analysis. Investigators and first responders should be able to use their first-hand case knowledge to make critical decisions regarding mobile device evidence.

Policy should also be backed up by the technological ability to enforce it. Forensic specialists should be able to administer data extraction capabilities to frontline personnel, including the ability to grant data extraction privileges that can limit the extent to which first responders or investigators can search device data—even apart from the particularity outlined in a warrant.

Finally, the technology that agencies supply to their officers must be flexible and easy to use, with a clear and simple enough interface that can be deployed in as little time as possible following legal authorization. The extraction equipment needs to support extraction from a large variety of mobile devices, operating systems, and apps in order to be effective.

Arguably, the Riley warrant requirement validates the importance of mobile forensics to law enforcement investigations and safeguards law enforcement. By having to show the device and its data as a nexus to a crime, police can build a much more solid case against a suspect. “Fishing expeditions” don’t just pose legal challenges: on a practical level, they only add to the glut of information that investigators must sift through as they establish facts, follow up on leads, and seek suspects. By contrast, having enforceable policy and clear training, with technology to support both, ensures the proper balance between government investigation and citizen privacy interests.

References
1. http://www.supremecourt.gov/opinions/13pdf/13-132_8l9c.pdf

Christa M. Miller is the Director of Mobile Forensics Marketing at Cellebrite. She has worked for more than ten years as a journalist, specializing in digital forensics and other high-tech topics for public safety trade magazines. Miller has a B.A. in Economics from Whittemore School of Business and Economics at the University of New Hampshire, and is based in South Carolina. christa@cellebriteusa.com; www.cellebrite.com

Advertisement
Advertisement