Content note: This post includes references to sexual violence

In our project we are exploring the potential for responsible digital tools to assist with the examination of mobile phone data in the investigation of crimes. Data from a phone belonging to a suspect, complainant or witness can provide crucial evidence to resolve a case, however there are well-publicised concerns regarding the potential privacy invasion of phone owners and the occurrence of backlogs due to the large amounts of time required for police to collect and examine digital data. Can digital tools optimise Mobile Phone Extraction (MPE) by making the process more efficient and also ensuring privacy protection?

To help us answer this question, we have been doing a deep dive into the MPE ecosystem. We’ve conducted a legal review, literature review and several interviews and workshops with stakeholders to generate a rounded understanding of how MPE is conducted, how it is experienced, and the tensions and constraints around it. This is very timely as the Police Crime Sentencing and Courts Act sets out new expectations for MPE: data from a phone belonging to a complainant or witness must meet tests of strict necessity and proportionality, with selective rather full extraction of phone data the assumed default, and consent from the phone owner must be genuinely consensual. Further initiatives such as the Operation Soteria project on the investigation of sexual violence cases, and the Odyssey workflow for MPE provide guidance on how this can be done effectively. In addition, several police forces across the UK have purchased mobile digital forensics vehicles, digivans, which can speed up the process of acquiring phone data.

Despite these developments, our deep dive has revealed various pressure points across the MPE ecosystem. Different actors in the process face constraints or tensions. From the police perspective, criticisms over past failures to adequately disclose evidence can lead to a more cautious approach that favours full rather then selective extraction of phone data. Defence teams often advise their clients not to agree to hand their phones or PINs over to police. Whilst police may pursue avenues to access phone data without suspect compliance, this refusal does may cause extra focus to be placed on the data from complainants’ and witnesses’ phones. Complainants themselves can feel very wary of handing over their phones; they may worry that information on it could incriminate others and fear that contents could be twisted against them. As an example, it is not uncommon for victims of sexual assault to wonder whether they were somehow responsible for what happened to them as part of processing their experiences. If these thoughts are captured in the mobile phone data, for instance as text messages sent to a friend, they will be reviewed by police and disclosed to the defence team. Victims may then fear that they will be presented in court in a different context to which they were intended, undermining the case.

These pressure points are the result of various entrenched organisational, procedural and cultural dynamics. They create a highly complex situation which problematises the MPE process and has no simple solutions. This is important for us to keep in mind as we move futher into the project and seek to develop  a digital tool for MPE. We should not underestimate these pressure points and how difficult they are to address. We should also not overestimate the capacity of a tool by itself to overcome all the known problems with MPE.

You can read more about this project here.