January 07, 2011, 11:13 AM — The California Supreme Court has ruled that the police do not need a warrant to search the cell phone of an individual during arrest, a verdict that sent shivers down the spine of civil liberties campaigners.
The ruling follows an appeal by a drug dealer who was arrested after selling Ecstasy tablets to an undercover officer. During arrest the dealer's cell phone was seized and, following an interview at the station, the arresting officer looked at the phone's text messages. He uncovered one text seemingly placing an order for drugs and when the dealer saw it, he admitted the crime.
Essentially, the ruling says that searching a cell phone is just like searching any other property the defendant might have at the time, such as clothing or a cigarette package. This is based on precedents set in the 1970s.
In a dissenting comment, Associate Justice Kathryn Werdegar pointed out how absurd this is: "The potential intrusion on informational privacy involved in a police search of a person's mobile phone, smartphone or handheld computer is unique among searches of an arrestee's person and effects... Never before has it been possible to carry so much personal or business information in one's pocket or purse."
From a civil liberties view, the issue whether a warrantless search of a personal electronic device is justified bearing in mind the Fourth Amendment.
However, from the standpoint of an IT professional it's merely a reminder that businesses need to both create and enforce policies regarding data storage on personal electronic devices. With the ability to work highly effectively from modern smartphones and tablets--something users of primitive handsets couldn't do just a few years ago--mobile data security has become a critical issue that can no longer be ignored.
Employees need to be aware that just because data is contained in electronic form on their phone, it is no less confidential and should be treated no less carefully than that on paper. Ideally, this should be written into employment contracts.
From a user's point of view, there's an easy solution to the problem if confidential data appears in text messages: Delete them after reading (and empty the trash folder, if necessary). Alas, we're not used to doing this and mobile phones don't encourage us to do so, making the procedure clumsy.