Law-enforcement technologySupreme Court cites NIST guidelines in ruling on cell phone searches
As digital technology transforms twenty-first century life, questions about privacy rights abound. The U.S. Supreme Court ruled on one such question in late June: if you are arrested, can the police search your cell phone without first obtaining a warrant? No, according to the 25 June 2014 ruling in Riley v. California. “Modern cell phones are not just another technological convenience. With all they contain and all they may reveal, they hold for many Americans ‘the privacies of life,’ … The fact that technology now allows an individual to carry such information in his hand does not make the information any less worthy of the protection for which the Founders fought,” Chief Justice John Roberts wrote for the majority.
As digital technology transforms twenty-first century life, questions about privacy rights abound. The U.S. Supreme Court ruled on one such question in late June: if you are arrested, can the police search your cell phone without first obtaining a warrant?
No, according to the 25 June 2014 ruling in Riley v. California (see “Supreme Court: police must obtain a warrant to search suspect’s cellphone,” HSNW, 27 June 2014). In considering the question, the court had to mesh established policy on search warrants together with an understanding of cell phone technology.
A NIST release reports that to help with that challenge, the justices turned to a variety of sources, among them the NIST Guidelines on Mobile Device Forensics. The unanimous court opinion, written by Chief Justice John Roberts, cites this document three times.
The ruling focuses on two separate cases in which police arrested suspects and searched their cell phones without first obtaining a search warrant. In both cases, state and federal prosecutors argued that the searches were justified to prevent the suspects from destroying evidence. Courts have long allowed that police can search an area within the suspect’s immediate reach without a warrant.
The prosecutors argued that information on a cell phone may be vulnerable to two types of evidence destruction unique to digital data — remote wiping and encryption. The Supreme Court opinion cites the NIST Guidelines on Mobile Device Forensics to explain remote wiping.
“Remote wiping occurs when a phone connected to a wireless network receives a signal that erases stored data. This can happen when a third party sends a remote signal or when a phone is preprogrammed to delete data upon entering or leaving certain geographic areas (so-called ‘geofencing’),” the opinion explains, citing the NIST guidelines authored by Rick Ayers of NIST, Sam Brothers of the Department of Homeland Security, and Wayne Jansen of Booz Allen Hamilton.
The justices ruled that neither the remote-wiping nor encryption concerns were relevant. The arresting officers can turn the phone off or remove its battery to prevent remote wiping, the opinion says.
They cited the NIST guide two more times in elaborating on the technical issues. “If they are concerned about encryption or other potential problems, they can leave a phone powered on and place it in an enclosure that isolates the phone from radio waves. See Ayers 30-31,” the opinion says. It also notes, however, that such enclosures “may not be a complete answer to the problem. See Ayers 32.”
After digesting these and other technical and societal issues, the opinion concludes that police officers need a warrant to search a cell phone. “Modern cell phones are not just another technological convenience. With all they contain and all they may reveal, they hold for many Americans ‘the privacies of life,’ … The fact that technology now allows an individual to carry such information in his hand does not make the information any less worthy of the protection for which the Founders fought,” the opinion concludes.
NIST developed its Guidelines on Mobile Device Forensics to help investigators make decisions about the best ways to gather, preserve and report on data from cell phones and other mobile devices.
“As this ruling illustrates, it is important that policy decisions are based on a sound understanding of technological issues,” says Barbara Guttman, manager of the Software Quality Group in NIST’s Information Technology Laboratory. “We’re glad the Supreme Court found our guidelines helpful in answering this important question.”
— Read more in NIST Guidelines on Mobile Device Forensics SP-800-101; and Riley v. California Supreme Court Opinion