A “Call” For Cell Phone Security

Ars Technica recently ran an article on the need for securing one’s cell phone. Against identity theft or having the device stolen, right? Nope. In this case, the “bad guys” are law enforcement. More specifically, a string of recent court decisions (the most recent being People v. Diaz (PDF) in the California Supreme Court) have begun to shift the legal view of a cell phone as no different from any other item eligible for warrantless searches.

The question, then, is what to do in light of this shift in privacy considerations for cell phones (which carry more and more of our personal lives on them). Would you want your entire email, call log, and texting history to be revealed because you owed money for an overdue parking ticket? Legally, such a warrantless search would be permissible. And while the chances of such an eventuality are probably slim for any one individual, it’s a stark reminder that data security and privacy concerns with relatively new and emerging technologies are unexplored territories in the legal world.

What does this mean for how we use our digital devices? Well, as the Ars Technica article suggests, put a password on your phone and enable disk encryption on your phone if it supports that technology. Can’t the police make you give them the password to get into the phone? Nope:

That’s because the Fifth Amendment’s protection against self-incrimination bars the government from compelling an individual to divulge any information or engage in any action considered to be “testimonial”—that is, predicated on potentially incriminating knowledge contained solely within the suspect’s mind.

Disk encryption is usually an option on some more popular smartphones such as the iPhone, Blackberry, and Windows Phone 7 (sorry, Android users) support at least some form of full-disk encryption. This usually prevents access to the data stored on the phone in the event that the data is forcibly retrieved from the device (bypassing the password). If you have the option, it’s worth enabling for additional security.

So what’s the upshot of all this? Well, for one thing, the recent court decisions will probably spur many users into password-protecting their phones or even enabling disk encryption that otherwise wouldn’t have, which will also prevent against identity theft should their phones be stolen. The downside is that the law seems to think of a cell phone as no different than a wallet or pocket knife, when in fact our cell phones are becoming more deeply intertwined with our personal lives and identities every day.