Recently, there was a unanimous US Supreme Court ruling that now makes it a legal requirement for law enforcement officers to acquire a search warrant before looking at the contents of cell phones seized from people they arrest.
What Led to the Ruling?
In the US Supreme Court’s court case No. 13–132, the court ruled on the legal events surrounding one David Leon Riley. Riley had been stopped for a traffic violation and was found in possession of a concealed and loaded firearm. He was arrested, and everything on his person, including his wireless phone, was seized. Based on the information that was found on the cell phone, Riley was further charged based on gang affiliation. Following this, Riley attempted to have all evidence retrieved from his cellular phone supressed. However, this motion was denied by the court.
A very different outcome came about for a similar (and related) case. Brima Wurie’s smartphone was similarly seized and searched following arrest for an alleged drug sale. Data on his phone was used to find his apartment, where police found drugs, firearms, ammunition, and cash – all of which was used to obtain a conviction against him. Wurie, like Riley, tried to supress the evidence retrieved from his cell phone but he too was denied this right.
Wurie appealed, raising the legal question of “whether the police may, without a warrant, search digital information on a cell phone seized from an individual who has been arrested.” The outcome of the case on June 25, 2014 was that officers “must generally secure a warrant before conducting such a search” of information stored on a mobile phone. Consequently, Wurie’s conviction was overturned.
The Changing Role of Mobile Phones
The court ruled in favor of the warrant requirement as it recognized that large amounts of sensitive data are now stored on cell phones and that this information requires a heightened level of protection. Over the years, mobile phones have transformed from being large brick-like things that barely made proper telephone calls into pocket-sized computers that are essential parts of most individuals’ lives.
In fact, the Pew Research Center’s Internet & American Life Project has shown that the number of adults who owned and operate mobile phones surpassed 90% in 2013. Additionally, Pew Internet reported that smartphone ownership has reached 56% among American adults, implying that there are now more smartphone users than regular cell phone users and non-users combined.
This Supreme Court ruling was well received by digital privacy supporters and could have a major impact on the future of digital privacy. Although many see this ruling as a major victory for data protection, it could have additional implications. The most obviously immediate impact would be that governments will have to change the way(s) in which they conduct electronic and cyber reconnaissance activities. From our perspective as businesspeople, the heightened value placed on personal privacy means that the way companies interact with employees with regards to proprietary electronic information must be revisited.
How Will Businesses be Affected by the Ruling?
As we’ve written before, the trend of employees transporting “Bring-Your-Own-Device (BYOD)" implements into the office is both fairly entrenched and gaining further momentum. Consequently, the extent to which an employer has control over employee devices brought to work will be cause for much uncertainty.
With this sudden change in digital privacy protection, businesses need to be concerned about how they (and their customers and partners) deal with the personal information of employees in the context of a BYOD device. The ruling has made digital privacy more in favor of employees, making it increasingly difficult for employers to ensure the security of proprietary information.
Because there is now a precedent regarding the matter in the US, many jurisdictions elsewhere in the world will likely follow suit. This means that someone accused of committing a crime has the right to shield their cellphone’s digital content from warrantless searches. The barriers to getting warrants aren’t necessarily very high, but they do represent at least one more painstaking step in securing important proprietary information from abuse. Basically, we have to wonder the extent to which the privacy protection rights of employees will cause major issues for employers trying to protect confidential information.
Protecting Proprietary Information
In the case of protecting one’s business, a corporate owned device policy (COPE) offers organizations much more control. This in turn enables better security and could mitigate the impact of privacy protection laws. Now, I don’t want to give off the impression that I am against privacy protection; I’m not – personal information must and should be secured against inappropriate prying. However, this right must be balanced against business owners’ needs to protect themselves as well (Learn more about BYOD and COPE! Download our “BYOD vs COPE" epaper).
Impact on BYOD
Due to the obvious impacts that this ruling has on BYOD policies (along with the dawning realization that BYOD carries heavy hidden costs), CIOs have to mull their stances on the matter. Given the potential for BYOD to leak sensitive information, CIOs need to design and implement policies to minimize this risk. Part of this means having to address employees’ love of BYOD; this affection can’t be ignored. For a high-level view of this particular aspect, we invite you to read The BYOD Debate – The Employee VS. The IT Department. Regardless of your ultimate stance, it’s critical to have an informed position on this matter.
Of course, becoming informed can be daunting. That’s why Cimpl created “A Practical Guide to BYOD”, a comprehensive but easy-to-read manual to help IT managers make the most informed and optimal BYOD policies for their companies! If you would like to learn more or have any questions regarding the implementation of a BYOD policy, feel free to contact us here at Cimpl!
Written by: Scott Oliel