Modern cell phones do a great deal more than simply send and receive calls. They’re sophisticated personal computers with the same capabilities, and more, of a laptop PC. You can use them to send and receive e-mail and instant messages, browse the Internet, keep track of your appointments, take photos and videos, etc.
If you think that any of this information is “private” in the sense that it’s legally protected, think again. In most cases, it’s not, especially if you’re arrested. And even if you’re not under arrest, police in numerous states have claimed the authority to seize and search your cell phone without your consent. And, at U.S. border crossings, customs authorities have carte blanche to copy all data on your cell phone, your laptop, etc.
Nearly all state and federal courts that have considered this question have ruled that data on your cell phone has “no expectation of privacy.” Their decisions have derived mainly from two Supreme Court rulings decided many years before cell phones were invented.
Under the “search incident to arrest doctrine,” the Supreme Court has held that police can search someone they are arresting. Police may open any “containers” the person being arrested has in their pockets or otherwise is carrying. This is true even if no probable cause exists that the containers contain anything illegal. In cases involving cell phone searches, courts have held that by analogy, a cell phone is likewise a “container.” Any information on your cell phone can be used against you in a subsequent criminal case.
The Supreme Court has also declared that you have no expectation of privacy in the telephone numbers you dial. When you dial a telephone number, you must reveal that number to your telephone company. Since you voluntarily convey that information, you assume the risk that it might be revealed to police.
Even if the courts wake up to the privacy threats that uncontrolled searches of cell phones pose, you won’t be able to count on legal protection for your cell phone data. That’s because of a legal doctrine called “exigent circumstances.” In the context of cell phone searches, in some cases, the data on a cell phone may be altered or deleted by an incoming call or simply by turning off the power. So you can probably anticipate lots of “exigent searches” of cell phones.
How can you protect yourself? First, you could try to get along without a cell phone or other portable electronic device. If you need to carry a cell phone, activate the password feature. In some cases, this may create a legal expectation of privacy that prevents a warrantless search. It may also prevent someone who steals your cell phone from being able to use it or retrieve data from it.
Also, use only the features you really need. In my case, that means I use my cell phone only to make and receive calls. I rarely send or receive text messages and never use it to take photos, send e-mail, or browse the Internet. And I delete all data regularly.
But even this may not be enough. Just like a personal computer, data you delete on your cell phone can be recovered until it’s overwritten. To protect yourself, periodically reformat your cell phone to make it impossible for anyone to retrieve “not quite deleted” data. To learn more, click here.
Finally, consider cell phone encryption. You can encrypt data on an I-Phone, although I’ve read that the way Apple has implemented this feature has major security weaknesses. If you have a smart phone that uses the Windows Mobile operating system, you can protect the data on it using a new product from PGP: PGP Mobile. I haven’t used this software, but I’d welcome feedback from anyone who has.
With cell phones becoming ever more sophisticated, the risk of your data being compromised will only increase in the future. Protect yourself now, not later!
Copyright © 2010 by Mark Nestmann
(An earlier version of this post was published by The Sovereign Society, http://www.sovereignsociety.com)