Posted on 15 Jul 2011 at 14:20
Stewart Mitchell reveals how forensic experts use smartphone data to place suspects at the scene of the crime - or in someone else's bed
Where you’ve been, who you’ve talked to, who you’ve been sleeping with – secrets that people wouldn’t even share with their closest friends are being spilled into a device that knows you better than any confidant.
Apple may have publicly denied that it’s tracking people via their iPhones, but the police and private forensic experts have no compunction about unlocking the secrets stored in smartphones.
Last year, the National Policing Improvement Agency placed mobile phone evidence in the top tier of training requirements for officers, teaching them how to secure evidence gleaned from handsets, with 3,500 officers a year expected to take the course.
The police and private forensic experts have no compunction about unlocking the secrets stored in smartphones
On top of in-house expertise, a huge number of handsets are sent to forensic specialists for analysis to discover where they’ve been and what they contain. “From what we see, 18 months or two years ago the proportion of smartphones we were seeing compared to PCs was very small,” said Phil Ridley, a mobile phone analyst with CCL-Forensics. “Now it’s well over half the devices that we see. We see both prosecution and defence – as well as private cases.”
Your smartphone could place you at the scene of a crime, destroy an alibi or maybe even provide one – which is why one of the first things police now do at the scene of a crime is take away a suspect’s mobile. “There’s so much in there,” said Ridley. “Pictures, notations, communications records, location information from cell records and Wi-Fi. You have navigation information in there from satnav software – the list goes on.”
Access all areas
With so much potentially incriminating evidence available to the police, you might think that there would be privacy protection in place to stop authorities probing your handset – but you’d be wrong.
According to legal experts, police have wide-ranging powers to search mobile phones providing they have a “reasonable suspicion” that a crime may have been committed. Once inside a handset, they could well stumble across other evidence, which could also be used in court.
Find out moreCan you really wipe a smartphone?
“The baseline rule has to be that there is a reasonable suspicion that an offence has been committed for a phone to be inspected and to do an on-the-spot search,” said Tracey Stretton, legal consultant for data-recovery specialist Kroll Ontrack. “If you see a man after a car accident, you wouldn’t need a warrant because you could have a reasonable suspicion that a traffic offence had been committed.
“If you’re looking into one crime and find something else on the phone, then I guess the police would follow that line of inquiry. They wouldn’t stop to get a warrant because they now have suspicion of a further offence.”
No wonder the Police Central e-crime Unit dedicates significant space in its guidance notes on how to secure and retain data from mobiles, which is considered more difficult than PCs.
Or if you are planning a crime, you do like they did in the Bourne movies.buy up cheap mobile phones with sim cards. make the calls to setup the robberies/assassinations/etc with the crew or Mr Big. then just ditch/destroy the phones.Maybe buy 20/30 phones at £15 each just to make several calls and just ditch the phones.
There's a lot to be learned from Spy Movie's.The script writers have already though of it.
By Jaberwocky on 16 Jul 2011
Um...Flash memory isn't volatile
That's kinda the point of flash memory.
As for the actually RAM-like memory in the phone, yeah...having a battery running is important.
But most smart phones store everything in flash so that you don't lose it when there are no more electrons around...
By profshadow on 17 Jul 2011
Surely a GPS location record is not enough to prove presence (or absence) from a scene of a crime -it only proves the phone was there, not the alleged user. Extra evidence is needed to prove the person was there at the time.
By jbarnett on 18 Jul 2011
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on firstname.lastname@example.org
- More than 100 Britons hit by CryptoLocker
- BlackBerry says "we're still alive" as sales hit new low
- Apple buys Twitter search startup Topsy
- Next wave of Windows updates codenamed "Threshold"
- Surface 2 owners locked out due to BitLocker bug
- Bitcoin-mining software hidden in "sneaky" programs
- Surface 2 bug makes screen go dark during games
- Nokia Lumia 2520 tablet goes on sale Wednesday
- HTC One dual SIM coming to the UK
- Microsoft investigates zero-day attacks on Windows XP
- Tech City: Easy to score when you move the goalposts
- How to remove SkyDrive from the Windows 8.1 Explorer
- Switching from iPhone to Android? Switch off iMessage
- Why is Google pumping more money into Firefox?
- Sky Broadband Shield review
- Samsung Galaxy S4: how to double your battery life
- Motorola Moto G review: first look
- IBM Watson meets Willy Wonka
- Google’s support policies shove users towards Chrome
- Lenovo Yoga Tablet review: first look
- Don't rely on Chrome's password vault
- Facebook Graph Search: don't panic
- Gmail drafts and Pastebin: could they evade the email snoops?
- Applying for a job at GCHQ? Here's your plain-text password
- Google two-step verification: a must for business email
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet