Go to Top

It’s 2012, Do You Know Where Your Mobile Devices Are?

Smart Phones Can Leave Behind an Indisputable Digital Trail

They are Ubiquitous

mobile_tThink about it…we are with our laptops or computers for 6 or 7 hours per day, but we are with our mobile devices nearly 24 hours per day.  Everywhere we look we see people pecking away at their smart phone keypads.  It is becoming clear that Electronically Stored Information (ESI) from these devices can be a goldmine for those attempting to discover critical evidence. Consider this:

  • Apple sold over five Million iPhone 5 devices since their roll-out in September
  • Analysts predict over 1.2 billion new smart phones will be sold in the next 5 years [1]
  • 67 Million iPads have been sold since hitting the market just a few short years ago
  • Text messaging has over-taken email as the new communication method of choice
  • Voice over Internet Protocol, (VoIP) digital phone systems have become the new standard and are often accessed by hand-held devices, creating new sources of ESI.

Users are Often Naïve

Detroit Mayor Kwame Kilpatrick is facing federal racketeering charges related to his alleged abuse of power as mayor.  The source of much of the evidence related to his initial fall from grace? Text messages.  Remember Representative Mark Foley?  He was shamed out of office in 2006 after sexually-charged emails he had exchanged with House Pages were recovered. [2] And who can forget Representative Anthony Weiner. Enough said.  Let’s just say lots of people are naive about the kinds of things they text about and the sites they visit on mobile devices.  Mobile devices contain lots of sensitive data. [3]

  • 34% of users store sensitive data on their mobile devices
  • 55% of users admit sending work emails and company data to their personal email accounts using a mobile device
  • 89% have mobile devices connected to their company networks
  • Many smart phones are in use outside the control of corporate IT security policies

It is a Mistake to Ignore this Discoverable Data

Any source of ESI can become a case-winning piece of evidence, and the often “casual” nature of text messages and emails sent hurriedly from a smart phone can increase the value such messages can have on a case. The message to attorneys?  Do not overlook this important source of ESI when searching for the smoking gun.  Always consider the potential value of data that can be recovered from handhelds, and make them a part of your discovery scope when crafting requests for Electronically Stored Information or when filing motions.

New Smart Phone Technology Creates an Indisputable Record

A wide array of new computer forensics software and tools are making the recovery and extraction of important digital data from smart phones possible and affordable….with often dramatic results.  Consider the value of the production of a damaging text message containing confidential information sent carelessly by an employee to his new employer in a trade secret case.  Or how about a calendar entry documenting a meeting with a competitor that a defendant denies ever took place. Imagine how compelling a photograph recovered from a cell phone could be in certain types of cases.  Eye-opening electronic evidence recovered from handsets is causing a stir at deposition tables in attorney’s offices with increasing frequency.

A Digital Time-Line…

Did you ever consider the digital trail created by a smart phone user on a typical day?  Consider this…

  • 7:00AM: User accesses his Facebook account from his iPhone and complains about spending another painful day at work….”wish these guys would hurry up and sell this miserable company…everyone knows it’s going to happen”.
  • 8:00AM:  Logging on to company email.  Sending and receiving email for two hours
  • 10:00AM:  Using a smart phone to “Swipe” at a point of sale terminal at a coffee shop to purchase coffee.  (places the user at a particular place at a certain time)
  • 11:00AM:  Smart Phone GPS system is used to locate the address of an appointment
  • 12:00PM:  Individual accesses his bank account via his smart phone and checks his balance.  Accesses his brokerage account and sells a stock
  • 1:00PM:  An Outlook calendar entry verifies the user had a meeting with the hiring manager at a competing company.
  • 2:00PM.  User Tweets, creating a digital record of comments and location
  • 3:00PM:  User logs onto his company email and forwards an email containing a confidential PowerPoint presentation to his personal email account.
  • 4:00PM:  User sends a text message to “Mary” saying…”I am running late, see you in a few”.
  • 7:00PM:  User takes a photo of the Wrigley Field scoreboard and sends it to a friend with a comment.  The smart phone camera metadata creates a record of users location and time

Top 15 Types of Evidence Potentially Recoverable From Hand-held Devices

  1. Company Email
  2. Web mail activity
  3. Text Messages
  4. Geographical location history
  5. User Documents copied from computers
  6. Internet History
  7. Social Network activity
  8. Call Logs and Contacts
  9. Bank Transactions
  10. Calendar entries
  11. “To-Do” lists and other tasks
  12. Photographs
  13. Videos
  14. Dates and times that computer files were accessed or copied
  15. Voicemail Messages
[box type=”info”] Data stored on a smart phone can be unique, relevant to your case, and compelling.[/box]

[1] “The Latest InfoGraphics, Mobile Business Statistics for 2012”.  Forbes.  Mark Fidelman, May 5, 2012

[2] “Fall of a Preditor”.  Newsweek Magazine.  October, 2006.   Page 28

[3] “The Latest InfoGraphics, Mobile Business Statistics for 2012”.  Forbes.  Mark Fidelman, May 5, 2012

, , , , , , , , , , , , , , , , , ,

About Jeff Hartman

Jeff is a 30 year veteran of the corporate security, computer forensics, and eDiscovery community and a co-founder and partner at 4Discovery. 4Discovery is a leading provider of computer incident response and computer forensics services to attorneys, corporate security executives, and the information protection community.