sharing smart location on a smart phone

The Data Most People Don’t Know Exists

Technology has transformed our world, mostly for the better. We can take a road trip without a map in hand, get groceries delivered to our homes and keep track of our physical activity level in real time. But the tradeoff is that the devices we rely on are constantly collecting data about us — including some types of information that we never even think about.

In legal matters, all this collected information has great potential value, as attorneys can use it to establish guilt or innocence in legal matters. Let’s look closer at a few of the different types of data that we may not realize is being retained by our devices:

iPhone data collection

A number of different smartphone apps — Google Maps and Waze, for example — require access to users’ locations in order to be useful. Though some of these apps do continue to track users when they’re not in use, they often offer users an easy way to adjust that if they prefer. However, iPhones also track users using a separate feature that’s set to “on” by default. It’s the reason your phone always magically seems to know what time zone you’re in. (If you want to switch the feature off, you can go to Settings → Privacy → Location Services → System Services.)

One way in which iPhones are unique is that they provide information we need before we even realize we need it. It’s a convenience when my phone tells me the estimated drive time to work as I get into my car in the morning. And how many of us have realized, with great relief, that we can use the Find My feature to locate a missing device? Both of these features use location data, which, in a legal matter, could potentially be used as evidence to help establish either guilt or innocence.

Forensics professionals can extract a phone’s location history and use the data and metadata to place its user at a specific place at a certain time — either providing an alibi or disproving one. Some of this data, by the way, can be viewed with your phone’s System Services menu (tap on Significant Locations for a list of frequently visited places).

Android phones and Google

Android phone users aren’t immune to having their location data secretly collected — it’s just that the data is collected in a slightly different way. Because Android phones require users to create a Gmail account, any information the phones collect goes back to Google. Google also records the activity of people who use Google Maps and the company’s Chrome browser, tying the information to those Gmail accounts. CNBC estimates that there are around 1.5 billion active Gmail accounts in the world — about 40 percent of the total number of email users worldwide.

Google collects about 50 categories of user data in total. A few examples:

  • Web searches and browser history
  • YouTube viewing history
  • Previous locations
  • Credit card numbers and shopping information
  • Health activity provided by connected fitness devices
  • Audio recordings of voice commands used with smart speakers

If you’re interested in seeing the activity that your Android device has stored, go to Settings → Google → Google Account → Data & Personalization → Activity & Timeline → My Activity.

Data on the internet

In addition to the data we leave on our personal devices, we share data on the internet — sometimes intentionally — for instance, on websites that require visitors to agree to some kind of privacy policy — and sometimes not. Take a look back through your Facebook or Twitter timeline and you might be surprised at what you’ve shared with friends or even the public without realizing it. Both of those social media platforms have a 30-day deletion policy, meaning that a deleted user account and all its information are preserved for 30 days before being removed.

Social media content can be tremendously useful in legal matters, but those managing the electronic discovery process must take steps to preserve any relevant information before the 30-day window passes. If too much time passes and the data is removed, a court request or a subpoena might be required to get access to it, assuming that it’s even attainable. However, the action of deleting data could be used in court to help establish knowledge of guilt, leading to a court victory by itself in some circumstances. To have your best chance at using social media data during litigation, try to be aware of the privacy policies of websites where the data could exist.

Advice for attorneys

Forensics professionals are the undisputed experts in tracking down and using data in a legally defensible way, so turn to them with any questions involving digital evidence in legal matters. If you’re an attorney working on a case in the discovery phase, here are four general guidelines to keep in mind:

  1. If it’s connected to the internet, it can be forensically collected: All of us have some amount of personal data on our phones and in the cloud. Even home devices like video doorbells or gaming consoles can contain information about user activity that might be relevant in a legal matter. Don’t automatically assume that this data isn’t retrievable. Make sure to ask a forensics professional about what data sources might be most relevant to your case and what evidence they might contain.
  1. Urgency is key: Just because certain data is available now doesn’t mean it always will be as easily accessible. As soon as you become aware of digital evidence of any kind, be sure to issue a legal hold so that it can’t be deleted. Depending on a device’s settings, data is usually retained for a certain amount of time, then gradually overwritten. A user might choose for their device to auto-delete text messages after 30 days, or even a shorter time period. Some messaging apps allow for irrevocable deletion, so even if a legal team discovers that text messages older than 30 days contain relevant information, they might be out of luck.
  1. Technology is constantly improving: Smartphones didn’t exist until 2007, and fitness trackers are only about 10 years old. Now both are ubiquitous. Fitness devices, in particular, track the location, activity level and health stats of users, providing potentially valuable information in legal matters — a tool that seemed inconceivable 15 years ago. Digital forensics is an evolving field, providing additional capabilities and options with each passing year. So, just because something seems impossible now doesn’t mean it will always be that way.
  1. The professionals know best: Computers and cellphones might be the primary places where data is stored, but they’re not the only sources of relevant material. Forensic investigators are going to be your best source of information about other potentially rich sources that might be out there. They also understand how to collect data in a way that captures any accompanying metadata and, crucially, maintains the integrity of the information so it can be used in a legal matter. Even experts in other areas of technology might not understand the best practices for evidence preservation, potentially making it unusable if a legal matter were to arise.

Because so much of our personal information is in some digital form, it’s essential in any legal matter to comb through all potential data sources to make sure the full story is being told. Sometimes, the data you didn’t know you had is exactly what you need to corroborate your side of the story.

About the Author

Wes Johnson on Email
Wes Johnson
Senior Digital Forensic Examiner at BIA
Wes Johnson is the senior digital forensic examiner at eDiscovery and digital forensics company BIA. He has more than 20 years of experience in forensically retrieving and analyzing computer evidence and providing litigation support. He has analyzed and presented evidence in cases involving theft of intellectual property, theft of trade secrets, fraud, breach of contract, Securities and Exchange Commision investigations, spoliation and destruction of evidence.