On the subject of remote wiping of cell phones, it is sad to see that the SCOTUS used a source referred to in the opinion that they viewed as "anecdotal examples of remote wiping triggered by an arrest." Perhaps they should have had staffers consult with real practitioners who have seen actual remote wiping happen on real cases. During a recent consultation with a local law enforcement agency in South Florida, I was informed that not only was an iPhone remotely wiped after arrest, but a message of "F the police" was displayed on it as well - how anecdotal is that?
As a solution to the remote wiping threat, SCOTUS mentioned that officers can either power off the device or pull the battery - sure, this works. They also mention the use of faraday bags to secure mobile devices from the network. Although this may work in some situations, they are not foolproof. In every class I teach regarding mobile forensics, I talk about these faraday bags and also demonstrate how, depending on a variety of environmental factors, they do not work properly - yes, I carry one with me to every class.
Speaking of anecdotal, I have to point out another part of this opinion which is quite interesting on how it was used. The opinion states:
Remote wiping occurs when a phone, connected to a wireless network, receives a signal that erases stored data. This can happen when a third party sends a remote signal or when a phone is preprogrammed to delete data upon entering or leaving certain geographic areas (so-called “geofencing”)
Hmmm... I have not found many references to this other than an enterprise solution for policy administration on iOS devices. According to the Citrix site I found with reference to this, it states: "Geo-fencing in Device Manager allows you to define a geographic perimeter for an iOS device. You can then perform a selective or full wipe upon the breach of the perimeter you set. The policy also notifies Device Manager and the device user when the device has moved beyond the defined radius of the policy. You have the option of setting a delay before the device is wiped, which can give the user time to return to the allowed GPS location perimeter." Please tell me SCOTUS, just how is an average user that gets arrested going to have this ability?
Again, the search warrant requirement was not a surprise in the least. I fully expected it. However, I wished that the justices would have considered how technology has, and will always be ahead of the law of the land. A forward-thinking decision to enable law enforcement to seize the contents of the device, much like what is done using a mere preservation letter to a cell phone carrier or internet service provider, would have been extraordinary. Unfortunately, we must live with what Chief Justice John Roberts stated in the opinion, "It is true that this decision will have some impact on the ability of law enforcement to combat crime." - what an understatement!
PS... SCOTUS referred to a DRAFT document by NIST instead of the final version which was available to them since last month at http://dx.doi.org/10.6028/NIST.SP.800-101r1.
The full opinion can be downloaded at http://www.supremecourt.gov/opinions/13pdf/13-132_8l9c.pdf
RE: U.S. v. Wurie (13-212) and Riley v. California (13-132)