Smartphones and the Law

In October, I attended an Ontario Bar Association professional development session on Smartphones and the Law (and sat beside preeminent constitutional scholar Professor Peter Hogg). Though it was geared to criminal lawyers, I found the topic fascinating and thought it worth writing about. What follows are some of the highlights of how police in Ontario investigate crimes that have a link to technology and how the Crown, defence, and complainants’ counsel deal with difficult issues that arise. As I am writing most of this from memory, any errors here are my own and not of the people who presented, and this should not be taken as legal advice.

The Ontario Provincial Police's Technological Crimes Unit
To start, a member of the OPP's Technological Crimes Unit gave a presentation on the breadth of their work, such as:
  • The types of ‘computers’ they are tasked with retrieving information from now include devices such as digital thermostats and refrigerators.
    • The police are not interested in what temperature the house was set at, but from a change in the thermostat, they can tell that someone was in the house and that that change was not done remotely via a smartphone app. This could place a particular suspect in the house at a particular time.
  • As law enforcement technology evolves, so too do smartphone apps and features:
    • Encryption and self-wiping passcode protection such as the one that the Federal Bureau of Investigation had difficulty with after the San Bernardino shooting.
    • Decoy / duress passcodes: when the true passcode is entered, the entire phone is unlocked, but when the decoy passcode is entered (such as if the person is under duress) only a portion of the phone or another dataset is unlocked.
    • In iOS 11, Apple introduced a feature being dubbed Apple’s ‘Cop Button’ – rapidly press the power button five times and Touch ID is disabled so that the user’s fingerprint can no longer be used to unlock the phone (this feature also allows quick access to 911).
    • Apps that hide data, such as Private Photo Vault (password protected photos) and others that appear to be innocuous apps (such as a calculator) but are in fact apps that take and store photos and videos.
    • Data stored in the cloud (more on this below regarding search warrants).
  • These issues are of course against the backdrop of financial limits on resources (the police cannot dive deeply into every digital device when dealing with minor infractions), as well as issues around the extent to which their legal authority to search exists.
The Crown's View
Next up was a Crown prosecutor who has litigated these issues several times at the Supreme Court of Canada and has an impressive background in prosecuting cybercrimes perpetrated children. Some issues she highlighted were:
  • The difficulty of the law and law enforcement in keeping pace with technology.
  • The increased difficulty of finding and prosecuting crimes whose evidence may exist entirely online and where the victim and perpetrator may never meet in person.
  • The changing culture around children, bullying, and technology. Where a generation ago, kids could go home, shut their bedroom door and be free from whatever bullying was going on, the same cannot necessarily be said today. The same tool that allows children to do their homework and connect with people all around the world, can also bring bullying and things more sinister into what were previously private spaces – in our homes and bedrooms, making escape all but impossible.
  • On the legal issues, she unsurprisingly takes a view diametrically opposed to her colleagues in the defence bar. In essence, she says that the laws that have served us well in the past will continue to provide a balance between an individual’s constitutional right to be secure against unreasonable search and seizure and society’s need to investigate and prosecute crimes.
  • There is caselaw that provides that if the police have a validly executed search warrant for digital information (as opposed to a warrant that authorizes the search of a house that happens to have a computer) and the data sought are consistent with the objectives of the warrant, police may seize information that is on the cloud provided the computer remains connected to it in the residence. Once the computer is taken to another location, the police are not permitted to connect to the cloud at a later time.
  • One topical issue is whether people have a reasonable expectation of privacy regarding text messages. There are conflicting appellate decisions on the issue (specifically in British Columbia and Ontario) that will soon be heard by the Supreme Court of Canada (SCC).
  • The issue is this: if the police wanted to wiretap a telephone conversation between two people, they would need a warrant, however, some courts have held that a person does not enjoy the same protections regarding text messages. The reason being that they liken them to letters that have been sent to another person – once sent, they are out of your control and you no longer have, in law, a reasonable expectation of privacy. Note, this is one view and not necessarily the view that will prevail at the SCC.
    • The defence bar is particularly concerned about the situation where it would be unconstitutional to search an accused’s phone without a warrant, but there would no such prohibition against searching a co-accused’s phone and using that information as evidence against the first accused person.
  • The defence bar says: this is the way people now communicate, it makes no sense not to protect text messaging the same way we did phone calls. 
The View from the Defence
A similarly experienced member of the defence bar then presented. He was often on the other side of the issues the Crown presented on both at the SCC and at this session. He discussed many of the same issues as the Crown attorney, but obviously took a different view of how the issues should be resolved. In particular, noting that today’s digital devices can hold an unparalleled amount of information compared to when the current laws around search and seizure were created: we should not treat a cell phone like a briefcase. Moreover, there is a significant risk of finding far more than the information initially sought since all aspects of our lives are now captured on smartphones. Some current issues:
  • The standard required for the police to obtain a wiretap (reasonable and probable cause) is not what is used for the police to obtain a warrant for “transmission data” (metadata) and tracking (location). That lower standard is ‘reasonable suspicion’ and was initially used for less invasive searches such as dog sniffs and investigative detentions) and it may not be enough to protect the privacy interest inherent in this kind of information.
The Complainant's View
A phenomenally interesting perspective was provided by a lawyer who now represents complainants in sexual assault matters. You may recall that Ontario recently passed legislation that provides complainants with legal counsel – a first in Canada. Some issues she presented on include:
  • As accused are constitutionally entitled to know the case against them, smartphone data from complainants are finding their way into Crown disclosure more and more, and she is now seeing disclosure requests from defence counsel.
    • As an example, she suggests that a complainant texting, “Fine” to her mother’s inquiry of “How was last night’s party?” is not probative and need not be disclosed, whereas defence counsel will clearly say it goes to the issue of whether an assault took place at the party.
  • There is a potential concern for self-incrimination of complainants from turning their phones over to the police. While there is some protection in s. 278 of the Criminal Code of Canada, there is the potential for the police to request a complainant’s smartphone (to obtain any evidence that may pertain to the sexual assault charges) and then find incriminating evidence as against the complainant for an unrelated crime, due to the fact that smartphones contain such a vast amount of information.
  • Of course, unless the crime that was incidentally found was sufficiently serious, this concern is unlikely to become a reality, but it remains a consideration.
  • As data can be copied and kept indefinitely, how long are these data being kept?
All in all, I found these issues fascinating and it will be interesting to see where things end up.

Comments

  1. I like the idea of the decoy password. I think that's a great idea.

    ReplyDelete

Post a Comment

Popular Posts