As the article says, it is probably a reasonable ruling, because it isn't a search.
What you have to watch out for is the legal two-step, where they do something like "install a firmware on the phone", which isn't a search, and then, oh gosh, the firmware just happened to sit there and flash all the contents of the phone on the screen because that's what the firmware does, we didn't actually search the phone, it just voluntarily dumped all its contents to the screen, so that wasn't a search either, so no search occurred.
This makes sense, and I actually believe that it isn’t a search. It is definitely a _seizure_ though and I do wonder how often these two things are distinguished in law.
How often do the police raid a place and confiscate filing cabinets but not look through them.
The seizure was done pursuant to a warrant too. There’s an argument that, once the warrant extensions expired, keeping the device in police custody constituted a continuing seizure. But it doesn’t seem like the defendant made that argument (or at least the court didn’t address that argument)
Does that mean that wiping the firmware or Secure Enclave would not constitute destroying evidence?
How about installing firmware that will wipe the Secure Enclave on boot? Especially if the secondary step of turning on the device is done by the seizing authorities.
I mean, having firmware that securely wipes your phone in case it's used by an unauthorized party is a reasonable and desirable feature. It's not generally illegal to set that up.
Same with destroying documents. Having a retention period and destroying documents which have PII and could be used for identity fraud is a good practice. It's not generally illegal to do that either.
Where you get into trouble with the courts is when you have a specific obligation to retain or transfer information and you destroy it instead.
Intent makes all the difference in the eyes of law.
If a jury of your peers decides that you configured that firmware to protect your data from thieves, then it is not a problem.
But if a jury of your peers doesn't buy your assertion of that, and instead becomes convinced that you applied that (otherwise reasonable and legitimate) feature with the intent to destroy evidence of a crime so that it doesn't reach the court, then setting it up was a felony.
It is illegal to intentionally destroy something that you suspect could be evidence in a future criminal case against you. Say you operate an illegal drug network from a specific phone that you've intentionally setup to self-destruct at reboot. Both you and the cops know there is likely evidence on there that would implicate you. Then, if you either intentionally reboot the phone or maybe the battery dies while in police custody before they can access it and the phone is wiped, you could be liable for destruction of evidence. However, if it's just a standard smartphone and you accidentally drop it in the toilet, unintentionally destroying all evidence, you may not be liable.
Basically, if you intentionally destroy evidence, either actively passively, you're liable.
It is kind of a broad law and is difficult to prosecute in many cases. The cops have to know that you did the crime and prove that the evidence existed. If you murdered someone and made it look like a suicide, the cops would have to not only suspect you but also know that you left fingerprints and DNA behind that are no longer present.
I guess that is the question. If the police are confident that they will have a warrant in 30 minutes, can they have a locksmith unlock the door while they wait?
I would say no, because the whole point of the warrant is to remove the police's judgement from the equation. If they're taking action based on their expectation that they'll get it, that's kind of an end-run around the stated purpose.
Ah, but standard firmware doesn't do that; the agency performing the action would need to have developed custom firmware which "just happened" to show the information when installed. Courts tend to see through those kinds of shams.
Breaking down the door of a house isn’t a search. Activating an autonomous drone in front of the house which then enters through the door of its own volition and records everything it sees in the house isn’t a search. And if I make a chomping motion in the air near a donut and it decides to enter my mouth while I’m chomping then I haven’t illegally taken a bite of the donut.
I dunno if irony is exactly the right word (but that's a complex discussion and probably any call would be category-error-ish anyway) but I was aiming for a Simpsons reference. :D
Whether or not it is a "search", it is trespassing, and they should make the constitution to protect against that too (I don't know whether or not it already means that or whether or not it is intended to mean that). Protecting against "unreasonable search and seizures" should also include protecting against trespassing.
The government is here deliberately planning to take advantage of a seizure to damage someone's personal possessions. The right of that person to be secure in their possessions therefore should require a higher standard from the government than is required for mere temporary adverse possession after a seizure.
The government had a warrant to seize the device. It got multiple warrant extensions trying to get into the device. They determined it needed a logic board replacement. The warrant extensions expired while that was being done. But the government got a warrant to then actually access the data.
I fail to see how this doesn’t satisfy even a high standard of reasonableness.
Why do you feel that info is relevant? If my driver's license expired yesterday and then I get pulled over while I'm driving to the DMV today to get it renewed, should I not get a citation?
Just because they had permission before and after their actions took place doesn't make it ok if they didn't have permission at the time of the action. To say otherwise seems to be begging for abuse of a loophole. I guess that's why they had to claim the action wasn't one a warrant was required for...
It’s relevant for the same reason it’s relevant in your driver’s license example. You drive somewhere while your license is valid. Then you replace the car battery, which has died. Then you renew your license, and drive somewhere else. Have you done anything wrong? No, because you need a license to drive the car, not to repair the car.
Same thing here. The government needs a warrant to seize the device or search for information on the device. Does it need a warrant to repair a broken device that it has properly seized, before then getting a warrant to search the device?
It's not relevant for the same reason that it isn't relevant in the driver's license example.
If you don't have a license, then get a friend to drive you. Or get an Uber. But you can't drive yourself. If you do, no matter how reasonable you feel your case was, you'll be in trouble.
In this case, they had an inoperable device, and they had a judge. Absolutely nothing stopped them from filing for yet another warrant and then proceeding only when they actually had it. But no. They wanted to skip their paperwork. They shouldn't get to.
The paperwork exists for a reason. That reason is why we shouldn't retroactively hand out warrants. And that's why we shouldn't do it here. The fruit of the tree and all that. The government knows how to do it right, and absolutely shouldn't. They don't get to beg a friendly judge for forgiveness later. They had no excuse for not simply doing it completely right.
The repair is a repair, not a search. No data was obtained.
I do have a problem with this, but only because of the time. The cops shouldn't get to take ages to examine stuff unless there's a huge amount of stuff to examine.
But they did not simply "repair" it. They added something that leaves the device more vulnerable. Not just to the government, but to anyone with access to the toolkit that the police are trying to use. Which includes foreign actors and random hackers.
No, attempting to create a damaged version should not count as repair. Nor should we be lightly OKing the government's desire to do so.
I agree with this perspective, but think we're going to hit tension between right to repair and hardening devices against threat actors who have physical access to your device. Apple's move with the inactivity reboot timer is a step in the right direction, but a mode or option to wipe or otherwise destroy all my data if tampering is detected (device is opened) would be welcome (even if it means one is then unable to repair the device). Replacing one's device will always be cheaper than any prolonged interaction with US law enforcement or the US judicial system.
What you have to watch out for is the legal two-step, where they do something like "install a firmware on the phone", which isn't a search, and then, oh gosh, the firmware just happened to sit there and flash all the contents of the phone on the screen because that's what the firmware does, we didn't actually search the phone, it just voluntarily dumped all its contents to the screen, so that wasn't a search either, so no search occurred.