Privacy International Warns About Police Access To Smartphone Data

Metropolitan Police

Police should obtain a warrant to download a person’s data held on a mobile device, campaign group warns

Campaign group Privacy International is increasingly concerned about the use of ‘phone data extraction tools’ by British police.

It warned in a new campaign that these tools enables police forces to download all of the content and data from people’s phones, including suspects, witnesses and even victims, without their knowledge.

It is demanding that police obtain a warrant first before seizing data on a mobile phone, and people to be informed of their rights before police conduct a search of their phone.

Search warrants

Privacy International said it has begun the campaign because there are “no clear policies or guidance on the use of this technology”, and this in turn means that people are unaware of their rights.

These rights can include whether data is only taken when necessary and proportionate; and making sure the police delete this data when there is no legal reason to retain it; and ensuring data is held securely to prevent unintentional exposure of their personal data.

It is understood that 26 police forces in England and Wales are already using phone data extraction tools.

Police using these tools can extract location data, conversations on encrypted apps, call logs, emails, text messages, passwords, internet searches, as well as deleted data, including messages sent to the phone by other people.

The campaign group said because “the use of this technology is unregulated, we don’t know how this data is used, how it is stored and secured, and if it’s ever even deleted.”

To this end, it is calling for the proper regulation of this ‘intrusive technology’, coupled with independent oversight so that abuse and misuse does not go undetected.

Privacy International is also calling for the implementation of a proper warrantry regime, so that the technology cannot be used arbitrarily; and it also wants people to be informed of their rights if the police want to search their phone.

Millie Graham-Wood, a solicitor at the organisation, told the BBC that its research suggested there was “no limit on the volume of data” police could obtain, and “nothing clear” in terms of when it should be deleted.

“The most worrying thing is that this can happen on arrest, even when charges are never even bought,” she added.

However, former Greater Manchester Police Chief Constable Sir Peter Fahy told the BBC that requiring a warrant in each instance was “just not practical”.

“In lots of cases, officers need to be able to access what is on a mobile phone very very quickly and to be able to know whether they can arrest the offender to protect the public and to stop other crimes in action,” he is quoted as saying.

Mobile rights

The issue of people’s right when it comes to the data stored on their mobile devices has been vexing authorities for a number of years now.

Perhaps one of the most famous recent cases happened in early 2016, when Apple refused a request from the FBI to unlock the phone of one of the San Bernardino terrorists, Syed Rizwan Farook.

Farook and his wife Tashfeen Malik had murdered 14 people in San Bernardino, California, on 2 December 2015, in a deadly terrorist attack that shocked America.

But criminals are also getting savvy.

In 2014 a report by the BBC found that some smartphones and tablets seized as evidence by police were being remotely wiped.

Police in Cambridgeshire, Cleveland, Derbyshire, Nottingham and Durham all told the corporation that such incidents had happened in their jurisdiction, while police in Dorset said it had happened six times during one year.

Meanwhile on the other side of the Atlantic, a Washington DC appeals court ruled last year that police must obtain a search warrant before using a device that pinpoints a mobile device’s location, concluding that the device’s use otherwise would violate the US Constitution.

Do you know all about security? Try our quiz!