The numbers of technology and smartphone users continues to explode at an unprecedented rate. As shown in Figure 1, key statistics indicate the enormous volume of users.
What’s on your smartphone?
Well, just about everything! Mobile devices (i.e. smartphones), as noted by Chief Justice John Roberts in the Riley v. California matter, are “such a pervasive and insistent
part of daily life that the proverbial visitor from Mars might conclude they were an important feature of human anatomy.”
Image source: HootSuite. Data sources: Population: United Nations; U.S. Census Bureau. Internet: InternetWorldStats; ITU; Eurostat; InternetLiveStats; CIA World Factbook; mideastmedia.org; Facebook; Government Officials; Regulatory Authorities; Reputable Media. Social Media and Mobile Social Media: Facebook; Tencent; VKonTakte; Kakao; Naver; Ding; Techrasa; SimilarWeb; Kepios Analysis. Mobile: GSMA Intelligence; Google; Ericsson; Kepios Analysis. Note: Penetration figures are for total population (all ages).
Types of data found on smartphones include:
This data, from the eyes of a digital forensics expert, might be described as likely recoverable and potentially evidence. It is similar to any other type of electronically stored information (ESI), whereby:
In fact, two recent amendments to the Federal Rules of Evidence address the increasing prevalence ESI, allowing for the self-authentication of electronic evidence in legal proceedings. Rule 902(13) covers records “generated by an electronic process or system that produces an accurate result such as a system registry report showing that a device was connected to a computer, or showing how software obtains GPS coordinates.” Rule 902(14) establishes that electronic data recovered “by a process of identification” is to be self-authenticating, thereby not routinely necessitating the trial testimony of a forensic or technical expert where best practices are employed, as certified through a written affidavit by a “qualified person” that complies with the certification requirements of Rule 902(11) or (12).
We know that smartphones leave behind an indisputable digital trail that can lead to many types of security risks. Most employers have surrendered to the pressures of the marketplace and are allowing employees to BYOD (bring your own device), which connects to their account and company applications, as well as to their personal iCloud or Dropbox accounts and much, much more. Issues related to device control and company trade information, including trade secret misappropriation, abide.
Users admit that:
Should individuals (and companies) be concerned? What needs to be done to address this proliferation of technology, smartphones, and associated data to counter the risks?
For starters, companies need to have in place basic protections in terms of agreements and policies with employees. These protections include the following:
In addition, companies need to proactively manage BYOD policies in a systematic manner, with best practices, such as:
The proliferation of smartphone usage and the availability of data is at an all-time high. The practice of BYOD is now common at many companies, providing both risks and opportunities. When developing an ESI strategy with applications and associated policy and usage guidelines, companies should keep in mind that data from employees’ smartphones likely can be recovered and potentially used as evidence.
Chad Gough, CISSP
Founder – 4Discovery, LLC
This article was adapted from the CLE presentation “Mobile Discovery: Outsmarting the Smartphone.”
Chad Gough is the founding partner of 4Discovery and has managed aspects of computer forensics and electronic discovery, including expert witness testimony, for more than 20 years. He is a frequent speaker on these topics and currently teaches a course on computer security. 4Discovery specializes on investigations that involve: trade secrets theft, employee misconduct, corporate espionage, insider trading, fraud and/or embezzlement and software piracy.