Starting on January 20, 2020, Scotland police will begin using "cyber kiosks" to extract and examine the contents of smartphones — including iPhones — that have data relevant to investigations or accidents.
The kiosks are desktop computers located in police stations that allow security officers to look through the contents of a mobile device rapidly. The data that can be extracted includes, but is not limited to, contacts, text messages, pictures, videos, plus text and application files.
These kiosks are highly scrutinized by several individuals and agencies for accountability of data and hardware. The devices of victims, suspects, and witnesses could all be extracted through these kiosks, regardless if the device has been volunteered or seized in the course of an investigation.
Scotland law already allows for law enforcement to take the smartphones of those involved in crimes and hold them indefinitely. Deputy Chief Constable Malcolm Graham has said that the kiosks will ideally speed up the process.
"By quickly identifying devices which do and do not contain evidence, we can minimise the intrusion on people's lives and provide a better service to the public," reads a statement on the Police Scotland website.
The kiosks draw a parallel to similar situations in the U.S., where law enforcement has increasingly tried to access digital data from smartphones, despite public wariness.
On January 13, the FBI and Attorney General William Barr demanded that Apple help unlock two iPhones believed to be owned by Mohammed Saeed Alshamrami. Alshamrani is suspected to be the shooter at an attack on the Naval Air Station in Pensacola, Florida.
The FBI has been granted permission to search the devices but has sought Apple's assistance in unlocking the smartphones, including one that was reportedly shot by its owner, in a bid to find more evidence. Apple declined to provide more help beyond what it has already given the investigation, as it would effectively undermine the security of its hardware and software.
Barr has claimed that Apple had provided no "substantive assistance" to the investigation. Apple had provided access to data from Alshamrami's iCloud account within 24 hours of the request, but nothing from the device's local storage, as it was not privy to that information.
The FBI and other security agencies have previously sought the assistance of third-party firms in earlier investigations involving iPhones. Most famously, this includes when the FBI hired Cellebrite to unlock the iPhone of the gunman involved in the San Bernardino case. The agency was reported to have spent $900,000 on the extraction, and said nothing about what it obtained.
However, separate law enforcement sources later said that the iPhone had yielded no pertinent information.
Since the San Bernardino case, Apple has created a page on its website specifically for law enforcement officials to request what data the company has.
24 Comments
Worth watching the 3 minute video. It appears that Scotland is trying to do the right thing in being transparent and minimizing violation of privacy. No hint at how they are able to crack encrypted devices, but that's not the point of the video. I find it amusing that the end of the video says "for more information visit the Scotland Police website" without providing a domain name, let alone a URL. I suppose that's what search engines are for. https://www.scotland.police.uk/about-us/police-scotland/specialistcrime-division/cybercrime-investigations-digital-forensics/cyber-kiosks
Based on that link, they do acknowledge that they won't be able to access all phones:
"If it's not Scottish is crap". My question is what if the phone doesn't turn on can the information still be extracted?
If Apple has in its possession a hack that allows an older iPhone to be decrypted, can they honestly say it is not possible for them to unlock or extract data from that iPhone?