Watch what data you keep on your phone, because this could end up happening to you if the police go rifling through it (Photo by Tom Johnson)
To be honest, if a GCHQ operative wanted to get into your smartphone, they probably already have. When it comes to digital surveillance, comparing us to the Yanks might still be a bit like comparing Heartbeat to The Wire, but our boys sat in their Doughnut in Cheltenham still know plenty enough to turn your phone data into a prison sentence.
And if faceless international spy agencies weren't enough to worry about, now the British police are at it, too. Sure, they're not as technically adept as Her Majesty's army of spooks, and it's harder for them to get away with flagrantly breaking the law, but in an increasing number of cases phones have been confiscated by the cops and then used to incriminate their owners.
With this in mind, I spoke to several experts at the UK’s Open Rights Group about the current reach the police have to search your phone. They gave me some tips on how exactly you can avoid all the data on it sending you away to live with a guy who stabbed his wife for hogging the bedsheets in the room the size of a Transit van for years and years of your life.
SET A PASSCODE
This should be pretty obvious, but the best way to lock people out of your phone is to put a lock on your phone. It’s your first line of defence against any kind of infiltrator, whether they're rogue flatmates trying to Facebook chat a bunch of PornHub links at your dad, or police officers swiping through your WhatsApp while their colleague uses his knee to gently force your face into the pavement.
According to Open Rights Group, most of the time the police can’t legally ask you to unlock your phone during a stop and search. They can go through your wallet and your bag, and scour your body for any hidden gak or guns, but there’s no way they can justify making you unlock your phone. Or at least not without prior consent – thanks to the Police and Criminal Evidence Act, which was signed into law a decade before any regular person even had the internet, if police already have reasonable grounds to believe that your phone contains evidence of a crime, they can ask for it to be unlocked.
So, if you’re the type to routinely fill your phone with videos of yourself stealing from PC World and glassing men outside pubs, you should stop doing that. However, if that's not an option, there’s a little trick you can use to make it much harder for the police to access that material. As Lee Maguire, Open Rights Group’s technical officer, points out, “If your phone supports ‘wipe on ten incorrect passcode attempts’ [hint: your iPhone does] then enable this. Then incorrectly enter your passcode nine times before leaving the house.”
Following that logic, if the police then enter the wrong passcode even once, all the contents of the phone will be deleted. Of course, as Maguire points out, “This is wildly impractical as general advice, but may be appropriate for someone.”
LOG OUT OF YOUR APPS
Many apps track your location for targeted advertising purposes. Yeah, it’s creepy as fuck – the world is quite literally turning into a 1990s hacker film, bar the amazing drugs and leather trench coats – but what can you do about it?
Well, for starters, you can log out of the apps you only use occasionally (Uber, Google Maps, etc) and delete the apps you never use (MyFitnessPal, RunKeeper, etc). Signing out will (usually) stop your location data from being delivered to that app’s server. If the police then get a warrant that forces the app maker to hand over your data from their server, they’ll have nothing to give them.
If you need a quick cheat sheet, the worst offenders for location tracking are exactly who you’d expect: Facebook and any app made by Google.
SWITCH OFF LOCATION SETTINGS
If you’re worried about your mobile privacy and haven’t already done this, you’ve fucked it, basically. You may as well give up on the whole charade right now, scan your birth certificate and bank details into Find My Friends and accept that your life is effectively a very dull version of The Truman Show for any GCHQ operative who feels like checking in on you whenever they please.
Depending on your phone’s operating system (iOS or Android), there are ways you can tell your phone not to track you at all. Shutting these off will basically make your expensive device about as useful as a talking rock, but the upside is that it can keep you out of jail if you ever decide to go joyriding/bank-robbing/basically want to commit any kind of crime and not have your location tracked by cops.
On iOS, go to Settings > Privacy > Location Services and toggle the primary switch to “off”. If you have an Android phone, go to Settings > Location access (or "Location and security”) > Google Wi-Fi & mobile network location (or "Use wireless networks”) and uncheck the setting. That said, it can be beneficial to keep location data on as it can prove your innocence just as much as your guilt.
A stop and search being carried out at Brixton Station. There are a number of measures you can take to stop the cops seeing what's on your phone if they apprehend you. Photo by Tom Johnson
DON'T ASSUME YOUR DATA IS SAFE IN THE CLOUD
Even if the police can justify searching your phone, there’s still a lot of debate over whether they have a right to access the data you store in the cloud. (Most of the time, "the cloud" means files you store in Dropbox or similar services, which technically aren’t on your phone but can be downloaded instantly with the tap of a button via the cloud service’s app.)
The Open Rights Group say that police could probably legally go through any files in your cloud storage app that you have already downloaded locally (AKA: onto your phone), but that they couldn’t touch the cloud files that are linked to in the app but not already downloaded to your phone.
The problem is that many of these apps make distinguishing which files are local and which are in the cloud virtually impossible, so the police could easily say they had no practical way of differentiating between the two types, therefore had reason to believe all the files were already stored locally on your device.
USE ENCRYPTION APPS FOR TEXT MESSAGING
There are a number of apps for iOS and Android that allow you to encrypt your text messages. These apps hide behind an extra passcode that you’ll need to decrypt the messages, so if someone tries to pull the text messages out without the code they’ll all be encrypted gibberish. A good text encryption app for Android is ChatSecure, and its iOS equivalent can be found here.
MINIMISE THE AMOUNT OF DATA YOU CARRY ON YOUR PHONE
Another way to avoid incrimination is to minimise the amount of data you carry on your phone, according to Open Rights Group. They say you shouldn’t carry a full address book or calendar on your smartphone, as these would be the first things the police would mine for evidence. (A quick related tip: instead of naming your drug dealer “Cocaine Adam” in your contacts, try something less conspicuous, like “Adam”.)
Another way to minimise your data is by using two email accounts. If you like to keep your email archives online then consider getting an additional email account. Have the primary account forward a small subset of emails to the second account. Use this second account on your mobile devices and be more aggressive about deleting old mail, knowing the archive is on a different account and inaccessible from your smartphone.
WIPING YOUR PHONE REMOTELY WILL MAKE YOU LOOK REALLY GUILTY
If any modern smartphone is stolen, the user can generally wipe it remotely from a computer by using technology like Find My iPhone (Android has similar remote-wipe features). This is great if you’ve drunk too much to remember how to hold an inanimate object and dropped it on the night bus home, but using this feature after police have confiscated your phone is essentially the same as trying to set fire to your victim’s blood-soaked clothes after the cops have bagged them as evidence.
In other words, wiping your phone remotely after the police have legally seized it is a whole new offence and won’t help you convince the judge that you didn’t commit the first crime.
Wiping your iPhone remotely after the police have seized it will also most likely be completely impossible. As the Association of Chief Police Officers Good Practice guide states: “If [the seized smartphone] is switched on, power it off. It is important to isolate the device from receiving signals from a network to avoid changes being made to the data it contains.” In other words, the police know people try to pull shit like this so they just shut the phone off or drop it in a Faraday bag.
MAYBE JUST DON'T BE A CRIMINAL
While all the tips above are handy steps to follow if you want to minimise the risk of incriminating yourself via your smartphone, I asked Maguire to give me his absolute best bit of advice.
“Don’t use your phone’s to-do list for organising criminal acts, maybe?” he replied.
So there you have it: don’t ask Siri to remind you to burglarise the local off-license at 8PM next Tuesday and you’re golden. Better yet, just don’t commit any crimes at all.
More stories about snooping authorities: