Here’s What Law Enforcement Can Recover From A Seized iPhone

Here’s What Law Enforcement Can Recover From A
Seized iPhone

The call log
of a seized iPhone, with numbers redacted.

You may think of your iPhone as a friendly personal
assistant. But once it’s alone in a room full of law enforcement
officials, you might be surprised at the revealing things it will
say about you.

On Tuesday the American Civil
Liberties Union published
a report
it obtained from a drug investigation by the
Immigration and Customs Enforcement (ICE) agency, documenting the
seizure and search of a suspect’s iPhone from her bedroom. While
it’s no surprise that a phone carries plenty of secrets, the
document presents in stark detail a list of that personal
information, including call logs, photos, videos, text messages,
Web history, eight different passwords for various services, and
perhaps most importantly, 659 previous locations of the phone
invisibly gathered from Wifi networks and cell towers.

“We know the police have started using tools that can do
this. We’ve known the iPhone retains records of the cell towers it
contacts. But we’ve never before seen the huge amount of data
police can obtain,” says ACLU technology lead Chris Soghoian, who
found the report in a court filing. “It shouldn’t be shocking. But
it’s one thing to know that they’re using it. It’s another to see
exactly what they get.”

In this case, ICE was able to extract the iPhone’s details
with the help of the forensics firm Cellebrite. The suspect doesn’t
seem to have enabled a PIN or passcode. But even when those login
safeguards are set up in other cases, law enforcement
have still
often been able to use tools to bypass or brute-force a phone’s
security measures
. Google in some cases helps
law enforcement to get past Android phones’ lockscreens
,
and if law enforcement can’t crack a seized iPhone, officers will
in some cases mail the phone to Apple, who extract
the data and return it stored on a DVD along with the locked
phone
.

The phone search and seizure
described in the documented case required a warrant. But the
legality of warrantless phone searches remains an open issue. At
U.S. borders or when arresting a suspect, for instance, police and
government officials have argued that no such warrant is
required.

Failing legal protections, the ACLU’s
Soghoian says those who’d like to keep prying eyes away from their
handsets’ data should
use long, complex passcodes and encrypt their phone’s storage
disk
. “While the law does not sufficiently protect the
private data on smartphones, technology can at least provide some
protection,” Soghoian writes.

Here’s the full court document detailing the iPhone’s
forensic search.


Follow me on Twitter, and
check out my new book, This Machine
Kills Secrets: How WikiLeakers, Cypherpunks and Hacktivists Aim To
Free The World’s
Information
.