Cellphones continue to be sources of new court decisions. An issue now winding its way through the courts relates to destroying evidence by wiping a phone.
Police believed a Schenectady, NY woman, Juelle L. Grant, was the driver of a car involved in a shooting. They interviewed her, took her iPhone as evidence, and told her why they were taking it. They later arrested her after discovering that the phone had been remotely wiped, charging her with tampering with evidence. This is a felony, falling under the wonderfully named category spoliation of evidence.
However, she not only claims she did not do a remote wipe, but that she didn’t even know it was possible. She did get a new phone to replace the seized unit; some have suggested that the wipe happened accidentally or deliberately as part of activating the new phone. And that’s not unreasonable: it’s easy to imagine going to buy a new phone, explaining that your old one is lost, and the clerk helpfully initiating the restore from iCloud and at the same time wiping the lost unit. If this is what happened, things are even fuzzier: did Grant explicitly tell the clerk to wipe the phone? Did the clerk say “I’ll restore your data and delete it from the lost unit”, and if so, did Grant understand what the second part of this sentence meant, and was her acquiescence even required? On such nuances are convictions made or lost, but whether a store clerk would remember the conversation clearly enough to be probative seems doubtful.
It’s also unclear why the police did not isolate the phone after seizing it. Doing so is as simple as putting it into airplane mode, or wrapping the evidence bag in a layer or two of aluminum foil (try it: put your phone in a plastic bag, then wrap it in foil, and try to call it). Readily available commercial Faraday bags are used by most police forces to protect seized devices.
The Seo decision discussed here previously is also trenchant. In Seo, the court held that data in some sense does not exist while encrypted. Given that wiping the phone need not decrypt it, was data then actually destroyed?
Finally, it’s also unclear whether wiping an iPhone actually erases the data, or merely destroys the encryption keys used to protect that data and resets usage markers (sources provide conflicting data). If the latter, then while the intent and net effect are the same, one could argue that the actual data has not been destroyed, and thus that the charge is not applicable.
This is another seemingly minor case that may be quite important in the privacy wars—stay tuned!
Data security and encryption