The exponential growth of cell phone usage in the United
States, coupled with the fact that many users insure their handhelds, store personal
information on them (e.g., notes, pictures, text messages, etc.), and subscribe
to mobile backup or redundancy services clearly evidences that society is
prepared to objectively recognize a
reasonable expectation of the right to privacy in electronically stored
information (“ESI”) stored on one’s mobile device (12). Text messages — and their
associated data — have been treated as private, and therefore deserving Fourth
Amendment protection. The entire technological mechanism by which text messages
operate between cell phone subscribers to the service is through the telephone
number associated with the user.
The subjectivity prong of Katz is not so clear cut when it
comes to historical cell phone data seized from the defendant. For example, in Commonwealth v. Pitt, a Massachusetts Superior Court judge recently
ruled that historical cell site location
data is the kind of information society is ready to adopt as being private, and therefore, protected
from unlawful encroachment under the Fourth Amendment (13). In other words,
individuals do not expect their
whereabouts to be logged simply based on the phone calls they make.
According to Flores-Lopez, a cell phone user arguably does not have a privacy
interest requiring Fourth Amendment protection in the cell phone numbers on
records of text message exchanges. In other words, has Flores- Lopez raised the
issue of “virtual curtilage” associated with a cell phone?
Due to the various models of cell phones on the market, it
is unrealistic that the government will be
able to search only for the
number assigned to it without risking a privacy violation. Moreover, since the
Fourth Amendment protects people and not property, it is an extremely
precarious proposition to permit the government to open one’s cell phone and
risk searching content that would
violate a defendant’s legal and/or statutory right to privacy concerning the
ESI either stored on a cell phone itself or in the “cloud” (i.e., email,
contacts, calendars, etc.) (14) For example, if an iPhone user subscribes to
Apple’s “iCloud,” many data files are stored both in the “cloud” as well as on the iPhone
itself. When an iPhone user adds a contact or calendar event via Apple’s
website (www.icloud.com), the cloud-based service automatically synchronizes
the iPhone and vice-versa with the iCloud website. To log into iCloud online,
one must provide a user name and password. Therefore, ESI stored in iCloud is
arguably protected by the Stored Communications
Act, and therefore, so would the same information on the mobile device
itself on which the telephone
number resides. Notably, such
data would only be accessible by the government with a warrant under applicable
federal wiretap statutes. (15)
Certainly, the subject cell phone in each case will not
always be an iPhone. Nevertheless, how can the court safely make the
distinction as to what stored content is
protected under the Electronic Communications
Privacy Act (ECPA) and related wiretap laws, and what information stored on
the phone is merely “trivial”?
The distinction that needs to be made is that the task may be ministerial, but
matching a key to a mailbox does not run the risk of violating the ECPA. The
risk of intrusion is too substantial.
One cannot analogize all cell phones to a traditional
bounded paper diary or a mailbox associated with an apartment. The procedural
prerequisites the government must satisfy to access ESI under ECPA are much
greater — where judicial process is mandated
by statute — than accessing narcotics hidden
in between pages of a book, which
may be minimally intrusive or permissible pursuant to a well-founded legal
exception to the Fourth Amendment.
In addition to holding that searching for a cell phone
number on the device itself is
“trivial,” the Seventh Circuit also accepted the prosecution’s argument that
mobile phones are simply “container(s)” of information subject to search
without reason specific to the
container itself. Therefore,
relying on the U.S. Supreme Court case of United
States v. Robinson, a cell phone may
be searched for certain content such as the number assigned to it without
justification specific to the mobile phone (“container”) itself (16).
The Seventh Circuit analogized a cell phone containing electronically
stored information to a defendant’s diary, which could also contain data on the
pages of the hard copy book. According to the court, both a cell phone and
diary contain information, and
therefore both can be opened and searched for identifiable information without
a warrant. Flores-Lopez points to
various examples of wiping software and other remote manipulation tools to
justify the presence of exigent circumstances to search for a telephone number
on a cell phone.
The discussion in Flores-Lopez
as to “exigency” and “triviality” neglects to balance the risk of violating a
defendant’s statutory privacy
rights. However, the court acknowledges
there is an unresolved issue concerning what should be
the tolerable breadth of warrantless cell phone
searches. Since legally protected ESI is inextricably tied into the cell
phone itself, one cannot practically analogize a cell phone to the lock and key
in Concepcion or the container in Robinson.
A few questions come to mind. What if the recent calls
directory on the cell phone contains the user’s telephone number on the screen
of the telephone, but a text message from the suspect’s physician or attorney
pops up when the search is being conducted? What if the number searched is
virtual and used for incoming calls (e.g., Google Voice) requiring an online password for access? What if the
phone opened by the governmental official was seconds from entering a self-lock
mode? What about GPS data and the fact that the government is required to have
a warrant before accessing it? Nearly all cell phones double as GPS devices, so
what makes accessing them trivial? (17)
It may be impractical to require that law enforcement
officials carry around mobile forensics hardware. Exigency is fact-based,
however, and it should not be assumed that a suspect has arranged for a remote
wipe of his cell phone. There is a serious
collision between wiretap
law and the Fourth Amendment that remains unresolved. The situation is
further complicated by Flores-Lopez. The major distinction between accessing an electronic device versus
a physical object such as a plastic container is that the risk of intrusion
into statutorily protected data is extraordinarily greater
when a device is involved, whereas
one can reasonably determine where hard copy evidence physically resides.
Preserving cell phone content forensically in order to apply
for a warrant to search the phone may not be ideal for the government; however,
it is
the most rational and
constitutionally sound mechanism to protect society’s expectation of
cell phone privacy. There are
portable digital forensics tools available that are not unduly burdensome for
law enforcement to use. Requiring law enforcement officers to use these forensics
tools is a smaller price to pay than compromising a suspect’s constitutional
right to privacy.18 If a defendant chooses to arrange for a remote wipe of a
cell phone upon being arrested, then the forensic image will yield evidence of
consciousness of guilt. There are less intrusive and more constitutionally sound mechanisms to ensure justice is served.
Flores-Lopez has
paved the way for numerous legal arguments
concerning cell phone evidence and its related ESI. There are many
different kinds of cell phones containing a multitude
of features and applications with varying levels of privacy settings.
Arguably, cell phones are more like the
telephone booth in Katz, except the phone booth now resides
inside the telephone. (19). Unlike a paper bound diary with contraband
stored inside of it, a cell phone is vulnerable to manipulation, spoliation of
evidence, and doubling as the government’s gateway to ESI protected by the
Fourth Amendment and by state and federal statutes.
(con't).
by