Leiden Law Blog

A warrant requirement for analysing data stored on smartphones?

A warrant requirement for analysing data stored on smartphones?

On 22 April 2015, the Dutch high court of Arnhem-Leeuwarden possibly set a precedent with far-reaching consequences. In this particular criminal case, a law enforcement official seized a smartphone and subsequently read and copied WhatsApp messages stored on the smartphone. The defence successfully argued that the investigation method was in violation of the right to privacy as articulated in art. 8 ECHR. The high court of Arnhem-Leeuwarden agreed and deemed the current regulations not foreseeable.

Currently, as explained in my previous blog post, law enforcement officials can seize a smartphone and examine all data stored on it in the context of a criminal investigation to obtain evidence without any notable legal thresholds. However, the high court points out that smartphones contain “not only access to traffic data, but also the contents of communications and private information of a smartphone user” . Because the analysis of such data severely infringes in the right to privacy, the current regulations for seizing and analysing data stored on smartphones are not adequately regulated according to the court.

Right to privacy and analysis of information on smartphones

Indeed, the European Court of Human Rights (ECtHR) recently decided in the case of Prezhdarovi v Bulgaria that (1) a judicial warrant requirement and (2) a limitation of the scope of the sought after data on computers is preferable when law enforcement authorities seize computers and analyse data stored on computers. Considering the serious privacy infringement that takes place when personal data that is stored on computers is analysed by law enforcement authorities, adequate safeguards in the domestic laws of States should protect the involved individuals against arbitrary interferences of State in their personal lives according to the ECtHR.

The decisions of the high court of Arnhem-Leeuwarden and ECtHR indicate that the Dutch regulations for the seizure of computers such as smartphones require amendments in order to adequately protect the right to privacy. In June 2014, the Dutch Ministry of Security and Justice already suggested that amendments were required for analysing data on computer systems. Yet these amendments only suggested the legal thresholds of an order of a public prosecutor, whereas the ECtHR seems to prefer a prior review of an investigating judge - i.e. basically a warrant requirement - to analyse data on computer systems.

International trend?

Interestingly, almost a year ago, the U.S. Supreme Court decided in the landmark case of Riley v. California that a judge’s warrant is required in order to seize a smartphone and analyse data stored on a smartphone. The protection of the warrant requirement was deemed appropriate, because: “Modern cell phones are not just another technological convenience. With all they contain and all they may reveal, they hold for many Americans “the privacies of life”.

Obviously, modern cell phones do not contain the ‘privacies of life’ only for Americans. So tell me, does your domestic State law require a warrant to seize computers and analyse data stored on those devices? 

2 Comments

Jan-Jaap
Posted by Jan-Jaap on May 28, 2015 at 22:22

Thanks for your comment Luc! The Belgium case is very interesting, because Belgium has a similar Code of Criminal Procedural law with similar regulations for the seizure of devices and analysis of data stored on those devices. That provides a for a nice legal comparison with the Netherlands!

Luc Van Caneghem
Posted by Luc Van Caneghem on May 28, 2015 at 17:38

A decision of February 11 of this year of the Belgian cassatie court concerned a case very similar to the case before the Arnhem-Leeuwarden court. Art. 8 ECHR was also discussed. The Belgian criminal procedures act requires judicial authorisation for networked searches, i.e. searches on other devices than the one seized through network access from the seized device (the standard procedure is very similar to the one you described in your post of June ‘14). The court held that in this case there was no networked search since only the memory of the seized telephone was read. On this ground the court thought there was no infringement of art. 8 ECHR and the Belgian law. The court has said nothing on the compatibility of Belgian law with the ECHR and there was no reference to the Prezhdarovi case.

Add a Comment

Name (required)

E-mail (required)

Please enter the word you see in the image below (required)

Your own avatar? Go to www.gravatar.com

Remember me
Notify me by e-mail about comments