Adam M. Gershowitz of the University of Houston Law Center has an article in a forthcoming issue of the Iowa Law Review, “Password Protected? Can a Password Save Your Cell Phone from the Search Incident to Arrest Doctrine?” Here’s the abstract:
Over the last few years, dozens of courts have authorized police to conduct warrantless searches of cell phones when arresting individuals. Under the so-called search incident to arrest doctrine, police are free to search text messages, call histories, photos, voicemails, and a host of other data if they arrest an individual and remove a cell phone from his pocket. Given that courts have offered little protection against cell phone searches, this article explores whether individuals can protect themselves by password protecting their phones. The article concludes, unfortunately, that password protecting a cell phone offers minimal legal protection. In conducting a search incident to arrest, police may attempt to hack or bypass a password. Because cell phones are often found in arrestees’ pockets, police may take the phones to the police station where computer savvy officers will have the time and technology to unlock the phone’s contents. And if police are themselves unable to decipher the password, they may request or even demand that an arrestee turn over his password without any significant risk of the evidence on the phone being suppressed under the Miranda doctrine or as a Fifth Amendment violation. In short, while password protecting a cell phone may make it more challenging for police to find evidence, the password itself offers very little legal protection. Accordingly, legislative or judicial action is needed to narrow the search incident to arrest doctrine with respect to cell phones.
You can read the full article on SSRN.