Law Enforcement Bulletin

Sign up for newsletters and other news
Media > Newsletters > Law Enforcement Bulletin > June 2012 > Cell phones: A ‘gold mine’ for criminal investigations

Law Enforcement Bulletin RSS feeds

Cell phones: A ‘gold mine’ for criminal investigations

6/14/2012
It’s easy to understand why cell phones are commonly used in drug-related offenses. But with technology advancing so quickly, criminals are able to use smart phones to commit more complex crimes such as elaborate money laundering and human trafficking schemes. And, of course, they’re the primary tool used in sexting and cyber stalking.
 
It only makes sense for law enforcement to take advantage of these “gold mines” when investigating a crime, and the Ohio Peace Officer Training Academy can help.
 
OPOTA offers a free advanced course that teaches officers to use seized cell phones as a criminal investigative tool. The course details what information can be obtained from a suspect’s phone and how to preserve it. For example, two types of evidence can be collected from cell phones: electronic and retained data. 
 
Electronic evidence can be found on the phone itself, subscriber identity module (SIM) cards, and memory cards. To collect this type of evidence, an officer should check a cell phone’s call history, contacts, text messages, e-mails, voicemails, and audio recordings. You also might find valuable information by looking at the suspect’s calendar appointments, pictures, Internet usage history, task entries, and social networking applications.
 
This information can give you valuable leads about criminal activity, such as if a crime occurred, the nature of the crime, when it occurred, and who was involved. But remember, collecting this evidence requires either a search warrant or exigent circumstances, even if the phone was lawfully seized. 
 
Electronic evidence can be easily lost or destroyed, though, so law enforcement should take precautions to preserve the information. For instance, cell phone providers don’t keep a lengthy record of the phone’s text messages. To prevent losing those messages, you should send a preservation letter to the service provider, if known. That should preserve the phone’s last 48 hours of text messages for an additional 90 days. During this time, you should follow up the preservation letter with a court order for the texts. However, you still need a search warrant for the phone’s contents.
 
Service providers now offer their customers a “remote wipe” of lost cell phones, which erases all the electronic data stored on the phone and can further complicate officers’ efforts to preserve electronic evidence. A peace officer should try to avoid this problem by turning off the seized phone, wrapping it in three to five layers of aluminum foil, or placing it in “airplane mode.” If you find a phone that’s already turned off, keep it off to prevent a remote wipe. Then try to identify the cell phone provider and get a court order to have the account locked down.
 
If the phone appears to be damaged or inoperable, law enforcement still can recover all the electronic data by using the phone’s serial number or international mobile equipment identity (IMEI) number, located behind the phone battery. With this number, you can recover basic records for the owner’s account. You need only a subpoena to collect this information, and from there you can get a search warrant to search the phone’s contents.
 
Retained data also can be collected from a cell phone. It includes service provider records and cell phone tracking. The data reveals the owner’s past calls, duration of the calls, and geographic location when the calls were made. This information can help tie a suspect to a crime, but officers must get a court order, based on reasonable suspicion, before a service provider will turn over that information. 
 
This kind of data also allows service providers to set up live tracking of a cell phone, giving peace officers the suspect’s current geographic locations, commonly called “pings.” A search warrant is needed for this type of tracking.
 
Like electronic evidence, retained data evidence has some drawbacks. For example, the live tracking “pings” can be obtained only every 15 minutes, which may present a problem with a suspect who is a flight risk. The live tracking also may not work if the suspect has his cell phone turned off, is in an area with poor service, or has switched off the phone’s GPS.
 
However, despite the problems sometimes associated with electronic and retained data evidence, cell phone analysis can prove invaluable in law enforcement investigations.
 
Morgan A. Linn
Assistant Attorney General and Legal Analyst
 
Important Resources
 
For your convenience, a template preservation letter has been provided for your department’s use. To access it, visit www.OhioAttorneyGeneral.gov/LawEnforcementBulletin/PreservationLetter.
 
For information on OPOTA online and regional courses covering cell phone investigative analysis, visit www.OhioAttorneyGeneral.gov/OPOTA or e-mail askOPOTA@OhioAttorneyGeneral.gov.