ELL Hone Orensics: Reference Manual Volume No. 12-006

CELL PHONE
FORENSICS
Reference Manual
Volume No. 12-006
Ohio State Bar Association Continuing Legal Education

is a division of the Ohio State Bar Association.
Ohio State Bar Association CLE is a Books and seminar materials are
division of the Ohio State Bar published as part of the Ohio State
Association. CLE speakers are Bar Association’s educational services.
volunteers serving the legal profession Authors are given the opportunity to
in its highest and best tradition and as express their individual interpretations
recommended by the Ohio Rules of and opinions. These do not reflect in
Professional Conduct. any way a position of CLE, the Ohio
State Bar Association or its
CLE supports gender neutral governing board. Chapters written
language. Unless used to illustrate a by employees of state or federal
specific case, all references to gender agencies are not necessarily statements
should be understood to refer, without of governmental policies.
bias, to male and female.
© 2012 by Ohio State Bar Association CLE. All Rights Reserved.
Ohio State Bar Association CLE publications, oral presentations, video, audio
and electronic media programs are provided with the understanding that the
Ohio State Bar Association and OSBA CLE do not render any legal,
accounting, or other professional advice or service. Attorneys using OSBA CLE
publications or orally, visually or electronically conveyed information in
dealing with a specific client’s or their own legal matters should also research
original sources of authority.
The CLE office is located at 1700 Lake Shore Drive, Columbus, Ohio 43204
Mail may be addressed to:

P.O. Box 16562
Columbus, Ohio 43216-6562
CLE telephone numbers are:

614-487-8585
800-232-7124
OHIO STATE BAR ASSOCIATION
CONTINUING LEGAL EDUCATION
The Ohio State Bar THE CLE STAFF
Association Mission Fran Wellington

Director
Statement fwellington@ohiobar.org
Nick Campbell
Our Core Purpose Printing and Fulfillment Assistant
ncampbell@ohiobar.org
To advance the professional Stephen P. Cianca
interests of members of the Ohio Assistant Director
scianca@ohiobar.org
State Bar Association. Deanna Freeman
Administrative Assistant
dfreeman@ohiobar.org
Our Core Values Dave Gore
Fulfillment and Mailing Assistant
Member satisfaction, dgore@ohiobar.org
professionalism, foresight, and Jim Hogan
Printing Manager
quality services and products. jhogan@ohiobar.org
Angela D. Howard
Data Coordinator
Our Goal ahoward@ohiobar.org
Betsy Metzger
To make membership in the Ohio Administrative Assistant
State Bar Association bmetzger@ohiobar.org
Lynda Morris
indispensable to Ohio Lawyers. Administrative/Conference Assistant
lmorris@ohiobar.org
Jan R. Rose
Meeting/Video Coordinator
jrose@ohiobar.org
Jeff Ross
Printer
Rick Slee
Assistant Director
rslee@ohiobar.org
Mark Springer
Studio Manager
mspringer@ohiobar.org
PUBLICATIONS EDITORS
Dan Beckley
Publications/Website Editor
dbeckley@ohiobar.org
Kerschie Byerly
Senior Publications Editor
kbyerly@ohiobar.org
John Hocter
Publications Editor
jhocter@ohiobar.org
CELL PHONE FORENSICS Vol. # 12-006
6.0 CLE CREDIT HOURS
Monday, October 22, 2012
Columbus
(Live and via Webcast)
Live via Simulcast to:

Cleveland
Fairfield
Perrysburg
Featuring:
Detective Christine Roberts;
President, Cellular Recovery Information Specialist, LLC;
Columbus Police Department; Columbus
This presentation is a live simulcast. If you have a question for the speaker
during the presentation, please feel free to submit your inquiry to
questions@ohiobar.org with “Cell Phone Forensics” in the subject line or
call 1-800-232-7124, and let the operator know that you have a question for
the seminar speaker.
The Supreme Court Commission on CLE has requested that we advise you
that during this seminar, all electronic devices should be muted or turned off. If
you must take a call during the presentations, please take the call outside of the
room.
Out of respect for your colleagues and speakers, the Commission asks that you not
read the paper or engage in other activities that may be distracting to your fellow
colleagues.
Please note scheduled breaks will be offered during the seminar.
The amount of CLE credit you are eligible to receive may be reduced if you are
absent during the seminar. If you need to leave during the seminar, please make
the appropriate deduction from your request for CLE credit.
CLE regulations require that we submit requests for credit within 30 days of the
date of the seminar or be assessed a late fee. If you leave without completing the
appropriate paperwork, your credit will not be reported.
8:00am Registration
8:30 CELL PHONE EVIDENCE AND FORENSICS
10:00 Break
10:15 CRIMINAL/CIVIL EVIDENCE ON A CELLULAR PHONE
11:45 Lunch (on your own)
1:00 CRIMINAL/CIVIL EVIDENCE ON A CELLULAR PHONE

(CONTINUED)
2:00 RETRIEVING THE EVIDENCE
2:30 Break
2:45 RETAINED DATA EVIDENCE
3:30 LEGAL ISSUS
4:15pm Adjourn
Please note that any materials that are not included in
this publication or are unavailable as a separate
handout at the seminar may be available for download
on the OSBA website. To download any available
electronic handouts, please visit
www.ohiobar.org/handouts.
2013 Attorney
New Members:
Membership Application Join now for 2013
January 1 — December 31, 2013 and get the rest of
Please type or print responses clearly. 2012 for FREE
Title: c Mr. c Mrs. c Miss c Ms. c Judge c Professor c Military Officer:
First name: Middle: Last name:
Prior last name: Ohio Supreme Court Attorney Registration Number (7-digit):
Company or firm name: Position:
Business street address:
P.O. Box City State Zip County Country
Home street address:
P.O. Box City State Zip County Country
Indicate where you want all OSBA information sent: c Business c Home
E-mail address (required for access to member areas of the website):
The OSBA may use my e-mail address to advise me of product and service announcements: c yes c no
Main office telephone: ( ____ ) ______________ Direct line/ext.( ____ ) _____________ Fax number: ( ____ ) ______________
Home telephone: ( ____ ) _______________ Cell phone: ( ____ ) ______________
About You and Your Practice

Nickname (if any): ____________________ Law school: ____________________________________ Year: ________
Race (optional): This information is used for statistical purposes only.
c American Indian or Alaska Native c Asian c Black or African American c Hispanic or Latino
c Native Hawaiian or Other Pacific Islander c White c Other: ______________________________________
Ohio registration status: c Active c Inactive c Corporate c Retired c Registered out-of-state only
Date first admitted to any state bar: _________ Which bar: _______________________ If admitted in Ohio, when: ___________
Gender: c M c F Birth date: _____ / _____ / _____
Type of practice currently involved in (full-time): What is your primary reason for
Law firm: Government: Other: joining the OSBA?
c Access to website/
c Sole practitioner c Federal c Education
c Partnership c State c Banking/Acct. Casemaker
c LPA, LLC, LLP c Local c Corporate c Discount on OSBA CLE
c Other: ________________ c Legal aid c Judicial programs
c Other: ________________ c Other: ________________ c Networking opportunities
Current area(s) of practice (limit 5): c Prestige
c Publications/information
c Administrative c Dispute Resolution c Legal Aid
c Recommendation from
c Admiralty c Elder Law c Litigation
c Agricultural c Energy c Medical Malpractice colleagues
c Antitrust c Environmental c Patent, Trademark & c Other:__________________
c Aviation c Estate Planning, Trust & Copyright
c Banking Probate c Personal Injury Language Fluency
c Bankruptcy c Family Law/Domestic Rels. c Product Liability Fluency in a language means you
c Civil Rights c General Practice c Public Utilities have the ability to speak, read and
c Collections c Government c Real Property
write the language with sufficient
c Commercial c Health Care c School Law
proficiency to understand and
c Communication c Immigration c Securities
c Computer Law c Insurance c Social Security
communicate basic legal concepts
c Construction Law c International c Sports/Entertainment and circumstances.
c Corporate/Business c Judicial Administration c Taxation
Under this definition, I am
c Criminal c Juvenile c Workers’ Compensation
c Disability c Labor & Employment c Other: _________________
fluent in the following lan-
guages (other than English):
Are you a certified specialist in any of these areas? c yes c no _________________________
If yes, which area(s)? _____________________________________________________________ _________________________
Membership Dues Categories Section Dues
Please indicate your category: Dues To join an OSBA section, check the proper
Active Attorneys/Judges: box and indicate the total section dues in the
c First admitted to practice law in any state in 2007 or earlier . ................................. $305 "Total Dues and Payment" box below.
c First admitted to practice law in any state from 2008-2012..................................... $155
c Practicing outside of Ohio and admitted in 2007 or earlier..................................... $240 c Antitrust Law.................................. $10
c Corporate Counsel............................$3
Government Attorneys*:
c Estate Planning, Trust
c First admitted to practice law in any state in 2007 or earlier . ................................. $240
c First admitted to practice law in any state from 2008-2012..................................... $120
& Probate Law................................ $10
c Intellectual Property Law..................$4
c Practicing outside of Ohio and admitted in 2007 or earlier..................................... $185
c Labor & Employment Law............. $10
* Must be employed by a local, state or federal government agency; a legal aid society or non-profit legal assistance
c Litigation........................................ $10
program; or a public defender’s office. Member must certify that the position is the only source of earned income.
( Judges, federal magistrates, elected officials or persons appointed to elected office are excluded from this c Real Property Law............................$6
definition.) c Senior Lawyers................................ $10
c Solo, Small Firms & General
Retired/Inactive Attorney:
Practice............................................ $10
c Attorney registered inactive or retired with the Supreme Court of Ohio,
c Women in the Profession................ $10
or registered out-of-state only.................................................................................. $185
c Young Lawyers................................ $10
Committees - free
I wish to join the following OSBA committees (free):
c Access to Justice c Elder & Special Needs Law c Media Law
c Administrative Law c Environmental Law c Military and Veterans' Affairs
c Agricultural Law c Family Law c Natural Resources Law
c Animal Law c Federal Courts & Practice c Negligence Law
c Aviation Law c Health Care Law c Paralegals
c Banking, Commercial & Bankruptcy Law c Insurance Law c Public Utilities Law
c Construction Law c Insurance Staff Counsel c Taxation Law
c Corporation Law c International Law c Traffic Law
c Criminal Justice c Judicial Administration & Legal Reform c Workers’ Compensation Law
c Education Law c Juvenile Law
Total Dues and Payment

2013 Dues $
Total section dues $
**Ohio LAWPAC (optional) 15.00
$
Total amount enclosed $ Return application with payment to:
c Check enclosed made payable to the OSBA. Ohio State Bar Association
c Pay by credit card: c MasterCard c VISA c Am. Express P.O. Box 16562
Columbus, Ohio 43216-6562
Account number:
Exp. Date Signature Fax credit card payments to:
Your dues include a subscription to the Ohio State Bar Association Report and Ohio Lawyer magazine, as (614) 487-8808
well as access to Casemaker. You will also receive the OSBA Report Online via e-mail once your applica-
tion has been processed. Dues for membership in the OSBA and OSBA sections are not deductible as
charitable contributions for federal income tax purposes; however, such dues may be deducted as a busi- For more information, contact:
ness expense. Check with your financial advisor.
OSBA Member Service Center
** Ohio LAWPAC: A political action committee. Contributions are discretionary and in addition to (800) 232-7124 or (614) 487-8585
your dues. By law, only contributions from individuals, partnerships, LPAs, LLCs and LLPs should be
remitted. Corporations, not-for-profit corporations and labor unions may not make contributions to
political action committees. Members of such entities may contribute on their own. Contributions to Website:
LAWPAC are not deductible for federal income tax purposes.
www.ohiobar.org
Once your application is processed, you will receive in the mail information on all of the benefits of
membership in the OSBA. This information is also available on the OSBA website at www.ohiobar.org.
Membership in the Ohio State Bar Association does not constitute permission to use the logo or
marks of the Ohio State Bar Association.
OhioDocs
Automated Legal Documents
Buried in legal documents?

Let OhioDocs fill in the blanks
Introducing OhioDocs, the OSBA’s state-of-the-art document automation tool

featuring an extensive library of legal document templates. Free yourself from
hours of filling out form after form and watch as OhioDocs automatically creates
finished, customized documents using the information you provide. It’s called
document assembly, and once you try it, you will never want to cut, paste or
reformat a legal document again.
For more information or to subscribe,
visit www.ohiobar.org/ohiodocs.
Documents included:
· General practice documents (client intake, engagement letters, etc.)
· Durable power of attorney forms for health care
· Business documents from the Ohio Secretary of State’s Office
· TOD Designation Affidavits and TOD Affidavits
· Probate documents
· Domestic relations documents from all 88 counties
· And more...
OhioDocs
Automated Legal Documents
Order Form
Name OSBA member and/or Supreme Court number
Firm
Address
City State Zip
Phone E-mail
Subscriptions to OhioDocs are available only to members of the Ohio State Bar Association. Annual subscriptions include access
to the entire document library (including updates), plus HotDocs Player. The OSBA may add new forms and updates throughout
the year. All subscribers will receive notice of these changes to the library with instructions on how to download the new library,
at no additional charge.
Annual subscriptions are prorated quarterly:

• April 1 to June 31: full price • Oct. 1 to Dec. 31: 50 percent off
• July 1 to Sept. 30: 25 percent off • Jan. 1 to March 31: 75 percent off
Subscriptions must be renewed annually prior to April 1, and subscribers will receive courtesy notices to renew beginning
15 days in advance of the termination date. Subscriptions that have not been renewed by April 1 will be terminated and the
document library will cease to work.
Subscription & Payment

Please choose the correct subscription price based on the number of attorneys in your �irm:
Attorneys Subscription Attorneys Subscription Attorneys Subscription
in the �irm price in the �irm price in the �irm price
❏ 1 $195 ❏ 6-9 $545 ❏ 31-40 $1,550
❏ 2-3 $295 ❏ 10-20 $940 ❏ 41-50 $1,810
❏ 4-5 $385 ❏ 21-30 $1,260 ❏ 51+ $2,040
Minus prorated amount, if applicable (see above): __________________
In addition, HotDocs requires payment of an additional $15 licensing fee per computer on which the library will be installed:
Number of users:___________ x $15 = ____________
Subtotal = _____________
Tax @ 6.75% = _____________
Total Amount: $___________________________________
❏ Check or ❏ Credit Card

❏ Mastercard ❏ Visa ❏AMEX
Acct. # Exp. Date
Signature
Not able to get to a
live seminar at the OSBA?
Attend via the Internet! Our live Webcast option allows you to watch
CLE seminars conducted at OSBA Headquarters from your office, home
or anywhere you have access to the Internet!
Live Webcasts are classified as self-study by the Supreme Court, allowing

you to earn up to six hours per reporting period for credit just like our
online seminars. The difference... you don’t wait for the courses, you get
them real time via streaming media!
To view our schedule of upcoming live Webcasts, go to

www.ohiobar.org/webcasts
Ohio State Bar Association

FEATURED SPEAKER
Detective Christine Roberts
President
Cellular Recovery Information Specialist, LLC
Columbus Police Department
Columbus, Ohio
Detective Roberts is a 28-year veteran with the Columbus Police Department. She has over
19 years of experience in narcotics, interdiction, and organized crime cases. Detective Roberts
has been conducting cell phone forensics since 2006, and has become one of the preeminent law
enforcement experts on cell phone forensics. She has testified in both state and federal court as
an expert witness in cell phone forensics and cell tower analysis. Detective Roberts is currently a
member of a state and federal task force. She regularly conducts cell phone forensics and
instructs law enforcement and attorneys in this area.
Cell Phone Forensics
By Detective Christine Roberts
Vol. # 12-006
Cell Phones Analysis for the Legal Profession
Introduction ........................................................................................................................................... 1
Evidence Found on Cell Phones ........................................................................................................... 1
Electronic Evidence .................................................................................................................. 2
Electronic Evidence Found on a Cell Phone ........................................................................... 2
Address Book ............................................................................................................................ 2
Call History .............................................................................................................................. 3
Text Messages .......................................................................................................................... 3
Cell Phone Companies Don’t Store Messages ........................................................................ 3
Calendar ................................................................................................................................... 3
Voicemail .................................................................................................................................. 3
Pictures and Videos.................................................................................................................. 4
Expansion Cards ...................................................................................................................... 4
Remote Wipe ............................................................................................................................. 5
Why We Preserve it.................................................................................................................. 5
Criminal/Civil Evidence on a Cellular Phone ..................................................................................... 5
YouTube .................................................................................................................................... 5
Fatal Accidents ......................................................................................................................... 5
Ohio’s New Texting Ban ............................................................................................. 5
When Should You Order Phone Records? ................................................................. 6
Cell Phones, Text Messaging, and Car Accident Information for All Drivers ........ 6
Can “Texting While Driving” Lead to a Manslaughter Charge? ............................. 6
Ohio .............................................................................................................................. 7
Federal Ban on Texting for Truck and Bus Drivers ................................................. 7
Sexting/Cyberbullying ............................................................................................................. 8
What Is Sexting? ......................................................................................................... 8
What Is Cyberbullying? .............................................................................................. 8
Similarities/Differences .............................................................................................. 8
Why Are Teens Sexting? ........................................................................................... 10
Why Do Kids Cyberbully? ......................................................................................... 10
Legal Issues ............................................................................................................... 10
Sexting Laws ................................................................................................ 10
Sexting Offenses ........................................................................................... 11
Ohio Law....................................................................................................... 11
House Bill 473 .............................................................................................. 11
Ohio Rev. Code § 2907.324 .......................................................................... 12
Bullying/Cyberbullying Laws ................................................................................... 12
What Does the Law Require Schools to Do? ............................................................ 13
Ohio Rev. Code § 2917.21 Telecommunications Harassment ................................ 14
Jessica Logan Act ...................................................................................................... 14
The “Shaq Shield” ..................................................................................................... 15
Sextortion ............................................................................................................................... 15
Sex Trafficking ....................................................................................................................... 16
Damaged Phone ..................................................................................................................... 16
Financial Cases ...................................................................................................................... 16
Banking...................................................................................................................... 16
Mobile Peer-to-Peer (P2P) ........................................................................................ 17
Mobile Wallet ............................................................................................................ 17
Airline Tickets ........................................................................................................... 18
Hotel Keys ................................................................................................................. 18
Cloud Storage ..........................................................................................................................18
How It Works .............................................................................................................18
iCloud .........................................................................................................................19
Domestic, Divorce, and Child Custody Cases .......................................................................19
Cyberstalking .............................................................................................................19
Geotagging .................................................................................................................20
Spy Software ..............................................................................................................21
GPS forensics .............................................................................................................22
Detection of Spyware .................................................................................................23
Legalities of Spyware ................................................................................................24
Phone Examiner ........................................................................................................24
Retrieving the Evidence ......................................................................................................................24
Retained Data Evidence ......................................................................................................................24
Cell Phone Tracking ...............................................................................................................25
Why Is This Information Important? .......................................................................25
Carrier Records ..........................................................................................................25
Acquiring Cell Phone Carrier Evidence ...................................................................26
Forensic Expert ..........................................................................................................26
How Tracking Is Done ............................................................................................................26
Cell Phone Towers .....................................................................................................26
Per-Call Measurement Data .....................................................................................27
Cell Phone Tracking Disadvantages ........................................................................27
Legal Issues..........................................................................................................................................28
Searching a Cell Phone ..........................................................................................................28
When Do You Need a Court Order or Subpoena? .................................................................29
Spyware ...................................................................................................................................29
GPS ..........................................................................................................................................29
Cell Site Data ..........................................................................................................................29
Record Retention Times ......................................................................................................................31
Order Requesting Cell Phone Information ........................................................................................33
Cell Phone Contact List.......................................................................................................................35
Cell Phones Analysis for the
Legal Profession
Detective Christine Roberts
President
Cellular Recovery Information Specialist, LLC
Columbus Police Department
Columbus, Ohio
INTRODUCTION
Mobile phones are one of the most important developments in technology in
the courtroom in the last five years.
Don’t overlook the importance of using cell phone evidence in your cases!
EVIDENCE FOUND ON CELL PHONES

When a person types and sends an e-mail or text message, he or she creates a
piece of evidence that can be used for or against that person.
Cellular records can also be used in court to show exactly where someone was
or wasn’t and to whom he or she was talking at a particular time.
If you decide to use cell phone evidence in your cases, then you must first
determine exactly what kind of evidence can be found on the phone.
There are two types of evidence that can be retrieved from mobile phones:
A. Electronic evidence; and
B. Retained data evidence.
Electronic evidence includes the user’s call history, contacts or phonebook,

calendar information, and the additional information that is found on the
SIM card.
© 2012 by Christine Roberts. All rights reserved. The material appearing here are copyrighted and
owned by Christine Roberts. The works that follow was created to provide seminar attendees
examples to use for their own personal use and these materials may not be reproduced without the
express written permission of Christine Roberts. No license has been granted to a seminar attendee
or third party and these materials shall not be sold, redistributed, given, lent, rented, leased,
sublicensed, or otherwise transferred without the prior written permission of Christine Roberts.
Cell Phones Analysis for the Legal Profession • 1
Retained data evidence is telecommunication records involving the details of
calls made and received and geographical location of the mobile phone when
a call is made.
Electronic evidence is, by its very nature, fragile. It can be altered, damaged,
or destroyed by improper handling or improper examination.
A. Electronic evidence.
Electronic evidence is information and data of investigative value that

is stored on or transmitted by an electronic device.
Electronic evidence is, by its very nature, fragile. It can be altered,

damaged, or destroyed by improper handling or improper examination.
B. Electronic evidence found on a cell phone:
1. Messages (SMS—short message service);
2. Photo/multimedia messages (multimedia messaging service);
3. Pictures and images;
4. Video and audio recordings;
5. Call history logs (received calls, missed calls, and dialed calls);
6. Phonebook and contacts;
7. Calendar and task list entries;
8. E-mails stored on handset;
9. Internet browsing history;
10. Social networking artifacts (Facebook, Twitter, and IM); and
11. Application artifacts (data from programs installed on

Smartphone devices).
C. Address book.
The address book stores different contact information. With the help of
the address book, it is possible to gain an insight in the social network
of the suspect. It can be used, for example, to link a suspect to a victim.
Beware the address book can store more than just a name and phone
numbers (e-mail addresses and physical addresses).
2 • Cell Phones Analysis for the Legal Profession
D. Call history.
The call history offers a deeper insight into the activities of the owner
before the acquisition of the mobile phone occurs. One can see the last
incoming and outgoing calls, as well as their duration. This
information can be used to draw indirect conclusions as well.
Remember to check the duration; it will tell you if someone actually

talked or if voicemail answered.
E. Text messages.
Text messages are becoming more and more important in domestic

proceedings. Text messaging is one of the top most common forms of
electronic evidence.
Text messages, as well as e-mail, offer concrete information in contrast

to the call history and the address book, which only offer indirect
information. They can contain actual words written by the owner or
intended for the owner that can serve as evidence in court.
F. Cell phone companies don’t store messages.
AT&T Wireless states that they know of no way to save a text

message, other than just not deleting it from the hand set. AT&T
stores text messages for 48 hours to ensure they are delivered and then
deletes them.
Verizon Wireless agreed that the only way to keep a message is to keep
it on the handset. Verizon keeps text messages on their servers for
three days.
The best chance to get any text message information is by searching

the handset. But if the text messages have been deleted, then that is
when a forensics specialist comes into play. But getting access to the
text messages, especially when they have been deleted, can be
complicated. If someone deletes his or her text messages, a mobile
forensics specialist can try to retrieve the messages.
G. Calendar.
The calendar gives an overview of past and planned activities of the

owner. It can be used to link the owner to certain location and times,
as well as indicate possible witness.
H. Voicemail.
Voicemail could potentially be more damaging than text message

communications. Text messages do not indicate the tone of voice or
sincerity, but voicemail reveals more of a person’s intentions. Make
sure to copy voicemail as soon as possible. Most service providers do
not store voicemail longer than 30 days. Voicemail is not stored on the
handset; it is stored by the service provider. Therefore, you can
retrieve voicemail from any phone. You can use your office to copy
voicemail.
I. Pictures and videos.
Picture data sometimes can be used to determine the exact date and
time a picture was taken, and in some cases, even location.
J. Expansion cards.
Mobile phones use a wide array of memory cards, ranging from the size
of a contact lens to that of a matchbook. Removable media extends the
storage capacity of mobile phones, allowing individuals to store
additional files beyond the device’s built-in capacity and to share data
between compatible devices.
When faced with evidence from expansion cards, verify that the picture
was taken with the cellular device. Almost all digital cameras and
smart phones save JPEG files with EXIF (exchangeable image file)
data.
1. Date;
2. Time; and
3. Type of camera or phone.
How many photos can your memory card hold?
Photos—fine mode:
1. 2 GB—770 photos;
4. 16 GB—6160 photos; and
5. 32 GB—12,320 photos.

K. Remote wipe.
Many of the major cell phone companies are starting to offer the lost
phone tool, where if you lose your phone, you can log onto the website
and send a command out to erase all the information in the phone,
including your phone book, recent calls, and text messages.
It’s important that you identify and contact the carrier to lock down
the user account so as not to allow the remote wipe feature to be
enabled. Most carriers will respond to a court order.
L. Why we preserve it.
Protect it from incoming/outgoing data, Kill Signal, and to make sure

that no one accidently accesses voicemail, e-mail, Internet browsing
history, or other data that may be stored on the service provider’s
network rather than on the phone itself.
CRIMINAL/CIVIL EVIDENCE ON A CELLULAR PHONE

A. YouTube.
Most mobile phones will allow you to watch videos from the popular
website YouTube on their handsets. YouTube keeps copies of all videos
placed on YouTube indefinitely. A subpoena will allow you to obtain
copies of the videos. All you need is the user ID that posted the video.
Use Realplayer to capture Internet videos.
B. Fatal accidents.
1. Ohio’s new texting ban.
Drivers in Ohio are banned from reading, writing, and sending

text messages from behind the wheel. The law makes texting
with handheld devices a secondary offense for adults.
The measure bans drivers under age 18 from using cell phones,
iPads, laptops, or other electronic devices. They can’t make calls
or browse the Web while driving. Texting or using an electronic
device is a primary offense for minors.
Ohio’s law makes texting a misdemeanor for drivers, with

possible fines of $150. Minors can be fined $150 for the first
offense and have their license suspended for 60 days. Repeat
teen offenders can be fined $300 and have their license taken
away for a year.

2. When should you order phone records?
After a serious crash to see whether a cell phone may have

contributed to the crash or witness statements.
Data from a cell phone or carrier can be the critical piece of

evidence that determines the outcome of your case.
3. Cell phones, text messaging, and car accident information for all
drivers.
Talking on a cell phone causes nearly 25 percent of car

accidents.
Four out of every five accidents (80 percent) are attributed to

distracted drivers. In contrast, drunk drivers account for
roughly one out of three (33 percent) of all accidents nationally.
Talking on a cell phone while driving can make a young driver’s

reaction time as slow as that of a 70-year-old.
Each year, 21 percent of fatal car crashes involving teenagers

between the ages of 16 and 19 were the result of cell phone
usage. This result has been expected to grow as much as
4 percent every year
4. Can “texting while driving” lead to a manslaughter charge?
The answer is yes.
Currently, alleged “texting while driving” has formed the basis

for manslaughter and other very serious charges in various
states.
Even if not texting at the exact moment of collision, having

texted near the time of the accident can be part of a larger
question: were you distracted while driving?
Evidence of extreme distraction (which might include having

been texting, talking on the cell phone, etc.) can lead not only to
a negligence charge, but all the way to a manslaughter charge.
It was reported that the 42-year-old driver was focusing on his

cell phone the morning of the incident and failed to slow down or
stop as he drew near a crosswalk. Records from his mobile
carrier show he sent four text messages and received three
messages minutes before the accident occurred. He
unfortunately ran over a 32-year-old woman, who was
pronounced dead at the scene of the accident due to fatal
injuries to her head, torso, and extremities. The driver admitted
to the Newport Beach Police that he never saw the woman
crossing the street.
5. Ohio.
Mount Vernon, Ohio—A Knox County teen faces charges after

investigators on Thursday accused of her of texting at the time
of a fatal crash.
In Washington County, the prosecutor got a felony indictment

from a grand jury in July after a man crossed the center line
while texting and hit another car. No deaths or disabling
injuries resulted from that accident.
In Lucas County, a woman was convicted of a felony after she

killed a kindergartner getting off a school bus while groping on
the floor of her car for her phone. She appealed that conviction,
but she lost.
This would apply also to states where no specific bans on texting

while driving have been put in place. The totality of what’s going
on while someone is behind the wheel determines whether or not
he or she was negligent or grossly negligent in an accident.
Even if you put the phone down after texting while driving, that
text may still be evidence that you had been driving in a
distracted state, which too often has life-ending consequences.
5. Federal ban on texting for truck and bus drivers.
As of January 26, 2010, all commercial vehicle drivers in the

United States are banned using handheld cell phones while
driving.
The Department of Transportation (DOT) defines a commercial

motor vehicle (CMV) as any vehicle that is:
a. At least 10,001 pounds or more;
b. Transporting hazardous materials;
c. Designed or used to carry nine or more people, including

the driver, for compensation; and
d. Designed or used to carry 16 or more people, including the

driver, not for compensation.

Drivers who violate the restriction will face federal civil
penalties of up to $2750 for each offense, and disqualification
from operating a commercial motor vehicle for multiple offenses.
Additionally, states will suspend a driver’s commercial driver’s
license (CDL) after two or more serious traffic violations.
Commercial truck and bus companies that allow their drivers to

use handheld cell phones while driving will face a maximum
penalty of $11,000.
Hands-free devices can be wired or wireless headsets or

speakerphone functions built into a cab’s audio system and
operated with steering wheel controls.
Troopers who specialize in patrolling state roads for commercial

vehicles will have the authority to issue these federal citations,
the same as any other state law.
Truck drivers who text message while on the road are 23 times
more likely to get into an accident.
C. Sexting/cyberbullying.
As technology has advanced, new issues have moved to the forefront.

In many states, laws have been slow to adapt to the quickly changing
electronic environment.
New cell phones, computers, and the Internet are capable of connecting
people instantly. This has created the issues we face today regarding
sexting and cyberbullying.
1. What is sexting?
Sexting is the act of sending or forwarding nude or sexually

explicit/suggestive pictures, messages, or videos via text
message, instant messenger, or e-mail.
2. What is cyberbullying?
Cyberbullying is the act of using any form of digital

communication to send, post, or forward messages, videos, texts,
or e-mails that are meant to threaten, harass, demean, or
intimidate another person.
3. Similarities/differences.
Both involve the use of electronic communication:
a. Sexting.
i. Texts (SMS);

ii. Multimedia messages (MMS);
iii. E-mail;
iv. Instant messenger programs; and
v. BBM.
Most commonly done with a cell phone.
b. Cyberbullying.
i. Social networking sites;
ii. Tweets;
iii. Chat rooms/forums/blogs;
iv. Dedicated websites/polls;
v. Interactive game sites;
vi. Virtual worlds (avatars);
vii. Taking unflattering pictures; and
viii. Hacking.
Can be done with cell phone, computer
The main difference between the two has to do with content and
intent.
Cyberbullying is typically done with the intent to hurt or

intimidate the receiver or the targeted person. (It doesn’t
necessarily have to involve sexually explicit material.)
Sexting often starts off innocent and voluntary. The motivation

behind the sending of a nude or sexually suggestive image could
simply be a teen trying to impress a potential boyfriend or
girlfriend, or it could be related to peer pressure.
A situation may start out as sexting between consenting parties

and end up as a cyberbullying case as other students get
involved (i.e., other girls become angry their boyfriend has a
nude image of another girl that was forwarded to him).
This could lead to a sext picture going viral, being posted on

websites or social networking sites, and forwarded via mass
texts/e-mails.
4. Why are teens sexting?
a. The primary reason teenagers sext is to look cool and sexy
to someone they find attractive.
b. Peer pressure (by friends or a potential boy or girlfriend).
c. In response to a sexual text message they’ve received.
d. They are not aware of the potential future implications it
can have.
5. Why do kids cyberbully?
a. Convenience. Cyberbullying can occur anytime, anywhere,
even while a potential victim or bully is at home or with
parents. It doesn’t have to be face to face.
b. Anonimity. Cyberbullies can easily hide behind a fake
identity, screen name, or nickname. No witnesses make
finding the originator difficult.
c. Efficiency. E-mail and text messages sent by a cyberbully
can be easily and quickly distributed to a wide audience,
increasing the victim’s suffering.
d. Permanence. When a cyberbully publishes offensive
content on the Internet, it does not “go away”; it can
resurface at any time.
e. Less confrontational. Using electronic means to bully
gives someone more courage to send out material. He or
she is not physically confronting the intended victim.
6. Legal isues.
a. Sexting laws.
i. Federal and state laws are pretty clear. Child
pornography is a crime. So if you take a photo of
someone under 18 where he or she is nude or
partially nude or that is sexually explicit, and you
are the one who either produced, distributed, or
possessed that photo, you are breaking the law.
ii. Disseminating nude images of a person under the
age of 18 is considered distribution of child
pornography, even if the person disseminating the
images is a minor himself or herself.
With child pornography charges comes mandatory
sentencing guidelines, which may include imprisonment
and mandatory registration as a sex offender.
b. Sexting offenses.
Types of criminal charges that can result from sexting

include felony and misdemeanor offenses, such as:
i. Child pornography;
ii. Distributing or possessing a sexually explicit photos;
iii. Communicating with a minor with the intent of a

lewd act;
iv. Internet sex crimes; and
v. Sending harmful matter with the intent of

seduction.
c. Ohio law.
Right now in Ohio, minors who send, possess, or

distribute pornographic messages could be charged with
child-porn related offenses and be forced to register as a
sex offender.
Potential new legislation may change that. The new law

will make it a misdemeanor if a minor is convicted of
sending pornographic pictures without permission, which
would keep kids from being labeled offenders for life.
d. House Bill 473.
i. On May 26, 2010, the Ohio House passed a bill that

would punish teenagers for “sexting” but ensure
that they do not face harsh punishment or be put
on the sex-offender registry normally associated
with transmitting nude pictures of minors.
ii. House Bill 473 creates the new offense of sexting

and applies it only to minors, classifying the
sending of a nude photo of oneself as an unruly act
and the sending of a photo of another as a
misdemeanor.
iii. The Bill now moves to the Ohio Senate for

consideration.

e. Ohio Rev. Code § 2907.324.
Sec. 2907.324. (A) No minor, by use of a

telecommunications device, shall recklessly
create, receive, exchange, send, or possess a
photograph, video, or other material that shows a
minor in a state of nudity.
(B) It is no defense to a charge under this section

that the minor creates, receives, exchanges,
sends, or possesses a photograph, video, or other
material that shows themselves in a state of
nudity.
(C) Whoever violates this section is guilty of

illegal use of a telecommunications device
involving a minor in a state of nudity, a
delinquent act that would be a misdemeanor of
the first degree if it could be committed as an
adult.
i. First offenders would be charged with a third-

degree misdemeanor, punishable up to a maximum
of 60 days in jail and a $500 fine.
ii. Repeat offenders would face a first-degree

misdemeanor charge, with a maximum penalty of
six months in jail and a $1000 fine.
iii. Minors who engaged in sexting would not be

required to register as sex offenders.
iv. Minors who forwarded sexually explicit photos of

others would face harsher penalties than those
sending explicit photos of themselves.
v. Prosecutors would still have the option of pressing

felony charges in more egregious cases involving
minors.
f. Bullying/cyberbullying laws.
Bullying in Ohio schools is defined in law by Ohio Rev.

Code § 3313.666 as any intentional written, verbal,
graphic, or physical act that a student or group of
students exhibits toward another particular student more
than once, and that behavior both:
i. Causes mental or physical harm to the other

student; and
ii. Is sufficiently severe, persistent, or pervasive that
it creates an intimidating, threatening, or abusive
educational environment for the other student.
It took effect in March 2007.
g. What does the law require schools to do?
The law requires all public school districts to establish a

policy prohibiting harassment, intimidation, or bullying.
The policy must be developed in consultation with
parents, students, school employees, and community
members. The policy must include the following:
i. A statement prohibiting bullying of any student on

school property or at school-sponsored events;
ii. A definition of bullying that includes the definition

listed above (in other words, schools cannot decide
to define bullying to only include physically hurting
another student—they must include physical and
mental harm);
iii. A procedure for reporting bullying;
iv. A requirement that school employees and

volunteers must report bullying to the school
principal;
v. A requirement that parents or guardians of

students who are involved in any bullying be
notified and have access to any written reports
about bullying incidents;
vi. A procedure for documenting or keeping track of

any reported bullying;
vii. A procedure for responding to and investigating

any reported bullying;
viii. A strategy for protecting a victim from additional

bullying and from retaliation for reporting bullying;
and
ix. A disciplinary procedure for a student guilty of

bullying another student.
Bullying includes physically beating up or attacking a
child or verbally abusing with threats, taunts, etc. One
does not have to be physically harmed to be a victim of
bullying.
The law also requires schools to post a summary of

bullying incidents on its webpage twice a year.
h. Ohio Rev. Code § 2917.21 telecommunications harassment.

(A) No person shall knowingly make or cause to
be made a telecommunication, or knowingly
permit a telecommunication to be made from a
telecommunications device under the person’s
control, to another, if the caller does any of the
following:
(1) Fails to identify the caller to the recipient of

the telecommunication and makes the
telecommunication with purpose to harass or
abuse any person at the premises to which the
telecommunication is made, whether or not
actual communication takes place between the
caller and a recipient.
(C)(1) Whoever violates this section is guilty of

telecommunications harassment.
(2) A violation of division (A)(1), (2), (3), or (5) or

(B) of this section is a misdemeanor of the first
degree on a first offense, and a felony of the fifth
degree on each subsequent offense.
i. Jessica Logan Act.
Signed into law February 2012.
Key components are: schools will include bullying and

harassment sent electronically in their anti-bullying and
punishment standards.
This bullying policy will extend off school grounds and on

school buses.
Every year, parents will be informed of a school’s

anti-bullying policy and punishment and will be notified
when their student is found to be involved in bullying
incidents.
The law will allow for anonymous reporting of bullying

incidents for those who fear retaliation.
The law will establish a statewide standard and mandate.

j. The “Shaq shield.”
Shaq Shield is a free iPhone app that provides parents

with the tools and knowledge they need to protect their
children from online predators.
Features of the app include:
i. A sex offender registry search;
ii. Internet safety tips;
iii. Glossary of Internet terminology;
iv. Lingo used by children online; and
v. Pledges by parents and children for shared Internet

responsibility.
D. Sextortion.
Online “sextortion” of teens is on the rise. It’s the biggest growing trend
on the Internet.
Sextortion: a practice of coercing an individual into sending sexually

explicit images/videos and then using those images as leverage to
compel the originator to send additional images/videos or even engage
in sexual conduct.
How does this happen?
The suspect creates a fake profile or chat posing as someone else who
then makes a request to “friend” or otherwise have contact with the
individual. The suspect sends a picture or video depicting the fake
persona and requests return pictures/videos. Believing that he or she is
sending a picture to a known friend, the victim snaps a few revealing
images and hits send.
The suspect then begins to threaten the victim. The victim is told to
send more compromising pictures or the suspect will post the previous
images on a porn site. The suspect will often send links to the porn site
in order prove that he or she is serious about the threat. In an effort to
further control the victim, the suspect often gathers information from
social networking sites, and then threatens to send the compromising
pictures to parents, friends, etc.

E. Sex trafficking.
The recruitment, harboring, transportation, provision, or obtaining of a

person for the purpose of a commercial sex act in which a commercial
sex act is induced by force, fraud, or coercion, or in which the person
forced to perform such an act is under the age of 18 years.
Trafficker/pimp tactics.
The current trend is to use younger, “junior” pimps. They assist with
recruiting young girls. They may get paid a finder’s fee. They pose
themselves as potential boyfriends, possibly with an older brother or
uncle who has connections to modeling, singing, dancing, etc.
F. Damaged phone.
Don’t let a damaged phone stop you from obtaining your evidence. The
majority of all damaged cell phones can be repaired and processed.
G. Financial cases.
Technology has spawned a new addition to the high-level money

launderer’s inventory—the cellular telephone. A cellular phone enables
money launderers, as well as other criminal potentates, to conduct
their business at all times, in all locations.
The number of consumers paying for items via their mobile devices will
shoot past 141 million this year.
That figure is a 38.2 percent increase over 2010, when mobile payment
users hit 102.1 million.
The amount of money generated via mobile payments is expected to

reach $86.1 billion this year, up almost 76 percent from the $48.9
million seen last year.
1. Banking.
Today almost all banks make banking easy on your cell phone.
You can check account balances, pay bills, and transfer money
using a smart phone.
Anytime you seize a smart phone you should check to see if

there is a bank app on the phone.
Instead of driving to the bank, you can deposit your check with
your bank account. Just snap a picture of the front and back of
your endorsed check and send it using your mobile app.

You can now send money to anyone or pay back an IOU ASAP—
without mailing cash or checks.
Person-to-Person Quickpay lets you send money to nearly

anyone with an e-mail address.
Customers of Bank of America, JPMorgan Chase, and Wells

Fargo will be able to move funds directly from their existing
checking accounts using an e-mail address or mobile number—
instead of providing checking account and routing numbers.
2. Mobile peer-to-peer (P2P).
You can now transfer payments to friends with the bump of a

cell phone—no account numbers needed. You can transfer
payments between phones by tapping them together.
Peer-to-peer payments, as with other peer-to-peer services, like

music sharing, are informal transactions made between two
people. Paying the babysitter and reimbursing a friend for your
share in a lunch tab fall into this category.
Bumping allows consumers to use phones that are equipped

with accelerometers to make peer-to-peer payments and share
images or contact details.
Mobile P2P payments to total $7 billion in 2010.
Smart phone owners and consumers between the ages of 18 and

34 are both the most active users of mobile banking and are
prime targets for mobile P2P use.
Almost 4 in every 10 mobile bankers initiated a mobile P2P

transfer in the past 12 months.
Most consumers who make mobile P2P payments do that for

domestic transfers and not for international remittances.
3. Mobile wallet.
One in every six mobile subscribers worldwide will own a device

enabled with near-field communications capabilities by 2014.
Apple’s upcoming iPhone 5 comes with a near-field

communications (NFC) chip.
iPhone will use Passbook, an app for storing and using things
like credit cards, tickets, and boarding passes. It doesn’t require
NFC capability to function, but it is thought that the feature will
be added in for the iPhone 5.

4. Airline tickets.
So the paper ticket is dead, and a new move by Continental

Airlines could mean that paper boarding passes may be the next
to go. The airline is currently testing out digital boarding passes
that let you use your cell phone as a ticket.
5. Hotel keys.
Chicago—a new Technology will encrypt a mobile phone to

double-up as a hotel room key.
A code is transferred through text message by a hotel to a

mobile phone. It is activated at a certain time of the day,
enabling the cell phone to be an encrypted room key simply by
passing it in the vicinity of a special electronic door lock.
Guests can have access to their rooms without having to stop at

the front desk upon arrival.
Guests will securely receive their room number and room key on
any phone type or carrier network prior to arriving at the hotel.
After proceeding directly to their room, they can open the door.
H. Cloud storage.
Cloud storage is the saving of data to an off-site storage system

maintained by a third party. The Internet provides the connection
between the computer and the database.
1. How it works.
A client (e.g., a computer user subscribing to a cloud storage

service) sends copies of files over the Internet to the data server,
which then records the information.
When the client wishes to retrieve the information, he or she

accesses the data server through a Web-based interface. The
server then either sends the files back to the client or allows the
client to access and manipulate the files on the server itself.
If you store your data on a cloud storage system, you’ll be able to

get to that data from any location that has Internet access. You
wouldn’t need to carry around a physical storage device or use
the same computer to save and retrieve your information. With
the right storage system, you could even allow other people to
access your files.
2. iCloud.
With iCloud you can use it to back up and restore data on your
Apple iOS devices. iCloud is capable of taking daily backups of
your iPhone, iPad, or iPod Touch when it’s connected to the
Internet using Wifi.
a. Your personal device settings, like screen brightness or

call volume.
b. Your app arrangement on the screen.
c. Ringtones and text messages.
d. Apps, music, and books you’ve purchased from iTunes.
e. App data, like an account setup or game scoreboard.
f. Photos and video associated with the Camera Roll feauter

in iOS.
g. You can authorize up to 10 devices to access and use

iCloud with your Apple ID.
I. Domestic, divorce, and child custody cases.
1. Cyberstalking.
Stalking today is not only easier, it’s virtual—which

dramatically lessens the chance of getting caught in the act.
a. Stalking by cell phone.
i. Of individuals being stalked, 83 percent received

unwanted e-mail or text messages and 35 percent
received unwanted instant messages.
ii. One in thirteen victims knew that the stalker used

electronic monitoring, and of these:
(a) Forty-six percent used video or digital

cameras;
(b) Forty two percent used listening devices or

bugs; and
(c) About one-tenth used GPS technology to

monitor them.

Remember that someone only needs your name, cell
phone number, and the last four digits of your Social
Security number to access your phone records, either with
a live rep on the phone or by logging into an online
account manager. Make sure a password is put on all
accounts.
If the harasser is someone that is on the account—

meaning his or her name is also on the account—then the
victim will always be in danger until the victim gets an
account of his or her own. Even with all precautions
taken, the harasser can walk into any cell store or
customer service location, present his or her
identification, and if the harasser is an account user or his
or her name is on the account, the harasser can still get
access to the account. He or she can change the passwords
and retrieve information about whom the victim is calling
and the general location of where the victim is calling
from!
b. Tips to reduce the possibility that someone can obtain

your cell phone records.
Contact your cell phone carrier and request that call

details be removed from your bills. Place a password on
the account. When selecting a password, do not use
commonly known information, such as your birth date,
mother’s maiden name, or numbers from your driver’s
license or Social Security number. Do not reuse the same
password for other sites. The best password has at least
eight characters and includes numbers and letters.
Instruct the phone carrier not to provide password

reminders. If you forget your password, you will need to
visit your local store to show identification.
2. Geotagging.
So you take pictures with your smartphone and then post them
online. What’s the worst thing that could happen? What
personal information could possibly be exposed? Where’s the
threat?
Most people don’t realize that the action of automatic geotagging

takes place on their smartphones.
As a result, individuals often share too much information about

their location, right down to the exact latitude and longitude
when snapping photos with their smartphone and posting them
online.

For example, Apple’s iPhone by default embeds high-precision
geo-coordinates within all photos and videos taken within the
internal camera unless it is explicitly switched off in the phone’s
settings.
The danger is that some users aren’t aware that their

information is being geotagged.
Geotagging is the process of adding geographical identification

to photographs and videos.
How to protect youself.
Consider turning off geotagging in your camera and mobile.

Certainly if it asks, “Can I use location data?” don’t do so at
home or other places you consider “private.”
Talk to the kids. Make them aware of the danger of this.
If you like this feature, then just don’t upload to any social
network sites (Flickr, Facebook, etc.) without first stripping the
metadata out of the photo.
Consider how people are interacting with you and whether or

not they might be a risk.
“Geotag Security,” which deletes geotag information from your

computer’s hard disk. The software is free of cost and can easily
be downloaded (www.geotagsecurity.com).
3. Spy software.
We are familiar with the idea that house phones can be tapped.
However, cell phones are not exempt. In fact, your cell phone
can act like a blazing hot trail for the mischievous to follow.
Cellular spyware is becoming more and more popular—mainly

with stalkers and domestic situations (cheating spouses or
monitoring your kids).
Spyware is usually installed on phones by physical access to the

phone by somebody you know. It could be your spouse, friend,
family member, coworker, or work adversary who happens to
find your phone sitting around when you take a bathroom or
coffee break. It only takes a minute or so to install the spyware
on newer phones that have Internet access.

No longer does the stalker have to sneak out in the middle of the
night to check the car’s odometer; the GPS (viewed live on a cell
phone) tells the stalker exactly where the car has been.
Cell phone providers offer programs to help track one’s children.

Signing up for one of these programs is as simple as entering the
account number on the website and designating which phones a
person would like to be located.
Sprint and AT&T phones will send out a notification that the
phone is able to be located. The account holder can specify
whether the notification comes every time the phone is located
or whether the phone receives a notification periodically.
Did you know that GPS enables very precise tracking, down to
as little as one meter (roughly 39 inches)?
4. GPS forensics.
Logical acquisitions of all or selected data from Garmin,

Magellan, and TomTom Serial and USB GPS devices are
available and should not be overlooked.
Depending on the manufacturer and model, GPS devices may

contain some or all the following information:
a. Track logs;
b. Trackpoints;
c. Waypoints;
d. Routes;
e. Stored location; home, office, etc.;
f. Security location;
g. Recent addresses;
g. Call logs (missed, dialed, and received);
h. Paired device history;
i. Incoming/outgoing text messages; and
j. Videos, photos, and audio.

5. Detection of spyware.
Installing anti-virus and anti-spyware software on

Smartphones. If you’re reasonably sure your phone has been
hacked and loaded with spyware, take it to your cell phone
service provider and ask them to reflash it with the latest
firmware.
Some of the best steps may be among the simplest. Enable the
password feature on your phone, and set it to lock your phone
after a short delay. Contact your cell phone service provider and
ask them to put a password on your account so that nobody who
does not know the password can change the account.
6. Legalities of spyware.
In Florida, a wife, using the Spector program, secretly installed

the spyware on her husband’s computer and was able to capture
entire conversations the husband had had with another woman.
The husband discovered the program and asked the court to
prevent the wife from using the evidence. The trial court ruled,
and the appellate court agreed, that although the state and
federal wiretapping statute did not have an exclusionary rule,
the court had the discretion to exclude the evidence because it
was obtained illegally.
Whether the evidence will come before the court comes down to
the facts surrounding how the evidence was obtained.
a. Was the spyware installed before or after the separation?
b. Was the spyware on a family computer that both spouses

used or had access to?
c. Arguably, evidence obtained from spyware installed by an

“authorized user” onto a family computer prior to a
separation would be admissible. However, installing
spyware onto a spouse’s workplace computer would
probably produce evidence that would be excluded
because it was obtained illegally.
GPS trackers, on the other hand, are not covered by a specific

law, such as the wiretapping or spyware statutes.
However, some law enforcement agencies have taken the

position that placing a GPS tracker on a spouse or ex-spouse’s
vehicle is stalking and have brought criminal charges against
the tracker installer.
The police recently charged a man with misdemeanor stalking
after he installed a GPS tracker on his estranged wife’s vehicle
and used the information to follow her to various locations.
Whether the police would prosecute and the court would allow
the information to be used as evidence would come down to the
specific facts of the case, including how the information gleaned
from the tracker is used and who owns the vehicle.
7. Phone examiner.
a. Make sure they are qualified to conduct the exam.
b. Always ask for the forensic report.
c. Always ask for the examiner’s curriculum vitae.
d. Currently there are no standards for cellular phone

examiners.
RETREIVING THE EVIDENCE

Find a qualified examiner to process the phone.
If no qualified examiner is available, then take complete screen shots of the

evidence along with the front of the phone, back of phone, main menu, phone
information, and the IMEI or ESN.
Preserve the phone as evidence, if possible. Have your client sign a consent to
search form.
Remember: if you take the pictures of the evidence and those pictures are
used in court, then you may be called as a witness.
Find a qualified examiner to process the phone.
If no qualified examiner is available, then take complete screen shots of the

evidence along with the front of the phone, back of phone, and the IMEI or
ESN.
RETAINED DATA EVIDENCE

Retained data evidence is telecommunication records involving the details of
calls made and received and geographical location of the mobile phone when
a call is made.
Carrier records.
Cell phone records can be used in court to show exactly where someone was
and whom the person was talking with at a particular time.

It is very difficult to challenge one’s ability to subpoena retained data
evidence in its entirety because the information that resides with the
telecommunication carrier is not protected by a heightened expectation of
privacy.
Attorneys in civil, divorce, and child custody cases can get court orders for
cell tower records, with which wireless companies must comply.
A. Cell phone tracking.
Cell site analysis is the science of reconstructing the physical

movements of a mobile telephone or communication device. The
evidence produced from such advanced investigations can be especially
powerful in attributing contact between individuals, proximity to the
scene of a crime, suspect movement patterns, and the testing of alibi
evidence.
Cellular records can also be used in court to show exactly where

someone was and whom the person was talking with at a particular
time.
Attorneys in civil, divorce, and child custody cases can get court orders
for cell tower records, with which wireless companies must comply.
It is very difficult to challenge one’s ability to subpoena retained data

evidence in its entirety because the information that resides with the
telecommunication carrier is not protected by a heightened expectation
of privacy.
1. Why is this information important?
You can use this data to compare to other investigative facts,

beliefs, or theories. This can identify discrepancies or make
confirmations.
You can use these records to help you find people, confirm and/or
refute statements/beliefs in the investigation, and put cell
phones in approximate geographic areas during certain dates
and times.
2. Carrier records.
Cell phone records can be used in court to show exactly where

someone was and whom the person was talking with at a
particular time. Given the nature of cell phone technology—in
which the signal is constantly being routed to the nearest cell
tower—someone’s location can be pinpointed very closely. And
there will also be a record of who was on the other end of the
conversation.

3. Acquiring cell phone carrier evidence.
The four-step procedure should be followed when deciding to

pursue cell phone carrier records.
a. Step 1—determine the evidence target or decide what

may be important to learn from evidence.
b. Step 2—determine the cell phone carrier to whom the cell

phone number is subscribed.
c. Step 3—contact the cell phone carrier’s legal compliance

department for verification.
d. Step 4—immediately pursue a subpoena or court order,

depending on what evidence types you are seeking.
Useful websites.
a. www.nanpa.com.
b. www.wirelessamberalerts.com.
c. www.searchbug.com.
4. Forensic expert.
A cell forensics expert should be engaged at the earliest stages of

a case and should be capable of providing guidance in the
evidence determination and preservation request stages.
The expert should also able to assist in obtaining the court order
request by providing both the technical language and the
testimonial support to gain judicial approval for the request.
B. How tracking is done.
You may already know this, but your cell phone happens to be a
miniature tracking device that can be used to monitor your location
from afar.
Cell phone tracking records should become a more common piece of

evidence in a range of personal injury cases and other civil and
criminal cases.
1. Cell phone towers.
A cell phone tower is typically a steel pole or lattice structure

that rises hundreds of feet into the air.

As a cell phone call is placed, it is received on one particular
antenna on an individual tower. Each cell tower typically
contains three directional antennas. A cell phone call will only
be on one tower and in a certain section of the tower.
Tower data reveals whether the device was in motion or

stationary. A person dialing from one location will hit the same
side of the same tower, but a person on the go will hit different
towers and different sides. A long call may make it difficult to
tell where a subject went between two towers, but short
messages paint a clearer picture of a travel path.
2. Per-call measurement data.
a. Sprint (PCMD)—specific to CDMA phones, it narrows

down the position of the handset within the tower’s radius
(tenth of a mile). Providers keep the data for only 5 to 14
days. Not historical GPS. Can be affected by the handset’s
range to tower, attenuation, geography, and lack of other
towers in the area.
b. Verizon—the PCMD report with Verizon is called RTT

and this data can be provided if only an SMS was sent.
c. AT&T—states they do not have the capability to obtain

PCMD.
d. T-Mobile—has additional ranging data called timing

advance.
3. Cell phone tracking disadvantages.
While cell phone tracking can be very effective, it does have a

couple of limitations. GPS enabled cell phones cannot be located
if your phone is not turned on. A person can also disable the
phone by setting what is sometimes called the “hide” feature.
Some may even have the option to allow tracking only in 911
situations. Another problem is that cell phones can have
reception problems. Signals can be lost in particular locations,
like among tall building or in heavily forested terrain.
Keep in mind that tracking a cell phone tells you where the cell
phone is or has been; it does not identify the person carrying the
phone.
One challenge attorneys will face is identifying the specific user

of a phone. The only way to positively identify a user is through
personal statement, direct observation, or audio identification.

LEGAL ISSUES
Search warrant to recover data from a suspect cell phone.
The Supreme Court of Ohio has order that if a police officer wants to look at a
suspect’s cell phone, then the police officer will need a search warrant unless
there are exigent circumstances. The ruling comes from State of Ohio v.
Smith. See the case below.
THE STATE OF OHIO, APPELLEE, v. SMITH, APPELLANT
[Cite as State v. Smith, 124 Ohio St.3d 163, 2009-Ohio-6426.]
Search and seizure—search incident to arrest—data stored in cell

phone carried by arrestee.
(Dec. 15, 2009) The Supreme Court of Ohio ruled that the Fourth
Amendment prohibition against unreasonable searches and seizures
requires police to obtain a warrant before searching data stored in a
cell phone that has been seized from its owner in the course of a lawful
arrest when the search is not necessary to protect the safety of law
enforcement officers and there are no exigent circumstances.
“Although cell phones cannot be equated with laptop computers, their

ability to store large amounts of private data gives their users a
reasonable and justifiable expectation of a higher level of privacy in
the information they contain,” wrote Justice Lanzinger. “Once the cell
phone is in police custody, the state has satisfied its immediate
interest in collecting and preserving evidence and can take preventive
steps to ensure that the data found on the phone is neither lost nor
erased. But because a person has a high expectation of privacy in a
cell phone’s contents, police must then obtain a warrant before
intruding into the phone’s contents.”
A. Searching a cell phone.
Under certain circumstances, it is illegal to go through someone’s cell

phone. And the act of snooping may also make the information
inadmissible in court.
The general rule of thumb is that if someone has a pin number as a

block to directly accessing his or her cell phone, then it is unlawful to
snoop.
It’s like the difference between an open briefcase and one that is
locked. There is a greater expectation of privacy if the phone is locked.

B. When do you need a court order or subpoena?
Basic subscriber records can be obtained with a subpoena. Historical

files relating to cell phone location can be had with an articulable facts
order. Reading e-mail or locating a person in real time requires a
search warrant.
C. Spyware.
The general rule is that someone who creates a password (outside of

the work environment, where the employer has a right to monitor such
conduct) has created an expectation of privacy and denied authorized
access to anyone (including a spouse) who has not been given the
password.
D. GPS.
Secretly planting a GPS system requires a very fact-sensitive analysis.

Like checking a spouse’s e-mail, the legality of secretly planting a GPS
tracker depends on who owns the vehicle. In a purely technical sense,
if you own the vehicle or have joint ownership of it, then it is perfectly
legal to use a GPS system to monitor it. Spouses can legally access
their spouse’s e-mail in scenarios where there is a jointly owned
computer or a computer that is used by the entire family. The key
issue in the planting of a GPS system is whether the spouse who was
tracked had a reasonable expectation of privacy.
Ohio Rev. Code § 2933.65.
Illegal interceptions are felonies and also carry potential civil liability
for the greater of actual damages, $200 per day of violation or $10,000,
along with punitive damages, attorney fees, and litigation expenses.
There is a two-year statute of limitations to bring a civil action.
E. Cell site data.
Cell site data is not a wire communication because it does not involve
the transfer of the human voice at any point along the path between
the cell phone and the cell tower. United States v. Forest, 355 F.3d 942,
949 (6th Cir. 2004) (“cell site data clearly does not fall within the
definitions of wire or oral communication”). Although voice
communications obviously do take place over a cell phone, this is
accomplished on a channel or frequency entirely separate from the
control channel that transmits the cell site data necessary to set up the
call.
Tracking device information, such as cell site data, is plainly not a

form of electronic communication at all.
“Electronic communication” is defined as follows:
[A]ny transfer of signs, signals, writing, images, sounds, data,

or intelligence of any nature transmitted in whole or in part by
a wire, radio, electromagnetic, photo electronic or photo optical
system that affects interstate or foreign commerce, but does not
include...(C) any communication from a tracking device (as
defined in section 3117 of this title);....
18 U.S.C. § 2510(12)(C) (emphasis supplied). By virtue of this tracking

device exclusion, no communication from a tracking device can be an
electronic communication. Real-time location monitoring effectively
converts a cell phone into a tracking device, and therefore cell site data
communicated from a cell phone is not an electronic communication
under the Electronic Communications Privacy Act of 1986.

RECORD RETENTION TIMES
VERIZON
Cell Site 1 year from current date
Cell Sector 1 year from current date
SMS 3 days
IP History 30 days, if a computer sent the text message 5 - 10 days.
E-mail No storage
CDR’s 1 year
CINGULAR/AT&T
Cell Site 30 days
Cell Sector 30 days
SMS No storage
IP History No storage
Email No storage
CDR’s 5 - 7 years
T-MOBILE
Cell Site 30 days
Cell Sector 30 days
SMS No storage
E-mail 30 days
CDR’s 2 years on prepaid accounts and longer for monthly accounts
SPRINT
Cell Site 18 months
Cell Sector 18 months
SMS No storage
IP History 7 - 14 days or any saved SMS
E-mail 7 - 14 days or any saved SMS
CDR’s 18 months
NEXTEL
Cell Site 18 months
Cell Sector 18 months
SMS No storage
IP History 7 - 14 days or any saved SMS
E-mail 7 - 14 days or any saved SMS
CDR’s 18 months

IN THE COURT OF COMMON PLEAS, FRANKLIN COUNTY, OHIO
CRIMINAL DIVISION
IN THE MATTER OF THE

APPLICATION OF THE STATE
OF OHIO FOR AN ORDER
AUTHORIZING THE RELEASE OF CASE NO. ________________
CELLULAR RECORDS WITH CALL
DETAIL, INCLUDING CALLER
IDENTIFICATION RECORDS, DIRECT
CONNECT, AND CELLULAR SITE
INFORMATION--HISTORICAL
ORDER REQUESTING CELL PHONE INFORMATION
This matter comes before this Court pursuant to the Certification of (Name) of the
(Name of Law Office) which application requests that an Order be issued as follows:
That, in as much as (WIRELESS COMPANY NAME)and/or any other

telecommunications/communications provider/carrier who may possess the request
information such as a roaming carrier, will furnish all information, records, and
necessary to release cellular phone records on telephone number (CELL PHONE
NUMBER). It is hereby ordered that (Wireless COMPANY NAME) be provided with
a copy of this order ordering and ratifying compliance with Ohio Revised Code
2933.76, 2933.77 and Rule 41 (B) of the Ohio Rules of Criminal Procedure and, in
accordance with, Title 18, United States Code(U.S.C.), 2703(d.)
That (Wireless COMPANY NAME), and/or any other telecommunications/

communications provider/carrier who may possess the request information such as
a roaming carrier, provide call detail records, with cellular site information, for the
provided cellular phone numbers for the dates of (Date) (or the beginning of
account/whichever is latest) through (Date).
That (Wireless COMPANY NAME), and/or any other telecommunications/

communications provider/carrier who may possess the request information such as
a roaming carrier, provide to (Name of Law Office) upon their specific request(s),
the following; call detail(s), and cellular site record(s) for the listed date(s)[if
available], up to the date and time of the issuance of this order pertaining to
cellular phone numbers (PHONE NUMBER), or, any telephone/pager/
telecommunications device number(s) revealed from the original target number(s)’
record(s):
1.) Call Detail records showing all incoming and outgoing numbers that was
received or dialed.
2.) Call origination/termination location, A list of any and all applicable cellular
site(s)’ number(s), location(s), address (es), and/or latitude and longitude of any said
site(s.) along with the azimuth and bandwidth. Also, that cellular site(s)’ list(s),
latitude(s) and longitude(s), be provided, via electronic mail, in an electronic format,
if available and/or possible.
3.) That, any so ordered provider(s) provide any required information on

demand, if possible and upon the specific request(s) of the designee(s.) Further, that
any so ordered provider(s) provide, upon the specific request(s) of the designee(s),
any historical geo-location service(s)/global positioning system (GPS) data/record(s)
which may be available to any involved provider(s.)
4.) Any PCMD, RTT or Timing Advantage which may be available.
5.) Further, that any data provided pursuant to this Order shall be provided in a
commercially reasonable electronic format specified by the designee; and that those
records be delivered forthwith via electronic mail, and/or designee that is authorized
to receive and analyze all information and records provided pursuant to this Order.
If e-mail is not available/possible, that the provider(s) provide the required data
electronically on a common storage medium, such as CD-ROM (compact disc read
only memory) disc(s), Also, that all provider(s) provide, when possible and so
requested, all requested data in ASCII, comma separated values (.csv). Only where
this is not possible, to provide information in dark, clean typeface, machine-
scanable/Optical Character Recognition (OCR) interpretable hardcopy. This
includes the faxing of any necessary requested records at the highest possible
quality setting. Further, that upon the specific request of designee(s), that any
provided data be provided by the necessary provider(s) in a business records
affidavit format that complies with the laws of the State of Ohio. The concerned
communications carriers are also ordered to retain, indefinitely, hard and soft
copies of all records and/or data provided as a result of this order.
IT IS SO ORDERED
__________________________________
Judge - Franklin County Court of Common Pleas
___________________________________
Date / Time
CELL PHONE CONTACT LIST

Boost Mobile, LLC NET10/STRAIGHT TALK Virgin Mobile
Address Sprint Nextel Corporation Address TracFone Wireless, Inc. Address Virgin Mobile USA, LP
Corporate Security - Subpoena Compliance Subpoena Compliance
Subpoena Compliance
Custodian of Records Custodian of Records Custodian of Records
6480 Sprint Parkw ay 9700 N.W. 112th Ave. 10 Independence Blvd.
KSOPHM0206 Miami, FL 33178 Warren, NJ 07059
Overland Park, KS 66251 Special Instructions Contact: Customer support. Call Special Instructions Bryan Watkinson. Ask for
Detail records retained 1 yr. Charges. Toll records
Electronic response avail. retained 2 yrs. Maximum
Special Instructions Send email to L- Phone 800-820-8632 Phone 40 phones per Ext
908-607-4119 subpoena.
2
Site@sprint.com for On-
line Submittal information.
Charges if > 25
Phone 800-877-7330 Ext 3 Emergency Phone 800-820-8632 Ext 1 Emergency Phone 866-868-6622
Emergency Phone 800-877-7330 Ext 1 Fax 305-715-6932 Fax 908-607-4205
Fax 816-600-3111 Contact Email subpoenacompliance@tracfone.com Contact Email law enforcement@virginm
Contact Email thomas.koch@sprint.com Subpoena Email subpoenacompliance@tracfone.com Subpoena Email obileusa.com
(Not available)
Subpoena Email (Not available) Delivery Methods Mail, Fax, Hand Delivery, Email Delivery Methods Mail, Fax, Hand Delivery
Page Plus, Inc. TracFone Wireless, Cleveland Unlimited,

Inc. a/k/a Topp Inc. d/b/a Revol f/k/a
Telecom, Inc. Northcoast PCS
Address Page Plus, Inc. Address TracFone Wireless, Inc. Address Cleveland Unlimited, Inc.
d/b/a Revol f/k/a
Northcoast PCS
Subpoena Compliance Subpoena Compliance Subpoena Compliance
Custodian of Records Custodian of Records Custodian of Records
10222 E. 41st Street 9700 N.W. 112th Ave. 7165 E. Pleasant Valley
Road
Tulsa, OK 74146 Miami, FL 33178 Independence, OH 44131
Special Instructions Prelim data. Handles only Special Instructions Contact: Customer support. Call Special Instructions Contact: Faneia Creagh.
2 Oklahoma Area Codes: Detail records retained 1 yr. Toll records retained 3
405 and 918 Electronic response avail. yrs. Electronic response
avail.
Phone 918-665-6700 Phone 800-820-8632 Phone 216-525-1118
Emergency Phone (Not Available) Emergency Phone 800-820-8632 Ext 1 Emergency Phone (Not Available)
Fax (Not available) Fax 305-715-6932 Fax 216-525-1170
Contact Email (Not available) Contact Email subpoenacompliance@tracfone.com Contact Email (Not available)
Subpoena Email (Not available) Subpoena Email subpoenacompliance@tracfone.com Subpoena Email (Not available)
Delivery Methods Mail, Hand Delivery Delivery Methods Mail, Fax, Hand Delivery

NOTES

ELL Hone Orensics: Reference Manual Volume No. 12-006

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ELL Hone Orensics: Reference Manual Volume No. 12-006

Uploaded by

Copyright:

Available Formats

CELL PHONE

Ohio State Bar Association Continuing Legal Education

© 2012 by Ohio State Bar Association CLE. All Rights Reserved.

Mail may be addressed to:

CLE telephone numbers are:

The Ohio State Bar THE CLE STAFF

Association Mission Fran Wellington

6.0 CLE CREDIT HOURS

Monday, October 22, 2012

Live via Simulcast to:

8:30 CELL PHONE EVIDENCE AND FORENSICS

10:15 CRIMINAL/CIVIL EVIDENCE ON A CELLULAR PHONE

11:45 Lunch (on your own)

1:00 CRIMINAL/CIVIL EVIDENCE ON A CELLULAR PHONE

2:00 RETRIEVING THE EVIDENCE

2:45 RETAINED DATA EVIDENCE

3:30 LEGAL ISSUS

About You and Your Practice

Total Dues and Payment

Buried in legal documents?

Introducing OhioDocs, the OSBA’s state-of-the-art document automation tool

Name OSBA member and/or Supreme Court number

City State Zip

Annual subscriptions are prorated quarterly:

Subscription & Payment

Minus prorated amount, if applicable (see above): __________________

Tax @ 6.75% = _____________

Total Amount: $___________________________________

❏ Check or ❏ Credit Card

Acct. # Exp. Date

Live Webcasts are classified as self-study by the Supreme Court, allowing

To view our schedule of upcoming live Webcasts, go to

Ohio State Bar Association

Cell Phones Analysis for the Legal Profession

EVIDENCE FOUND ON CELL PHONES

A. Electronic evidence; and

B. Retained data evidence.

Electronic evidence includes the user’s call history, contacts or phonebook,

Electronic evidence is information and data of investigative value that

Electronic evidence is, by its very nature, fragile. It can be altered,

B. Electronic evidence found on a cell phone:

1. Messages (SMS—short message service);

2. Photo/multimedia messages (multimedia messaging service);

3. Pictures and images;

4. Video and audio recordings;

6. Phonebook and contacts;

7. Calendar and task list entries;

8. E-mails stored on handset;

9. Internet browsing history;

10. Social networking artifacts (Facebook, Twitter, and IM); and

11. Application artifacts (data from programs installed on

Remember to check the duration; it will tell you if someone actually

Text messages are becoming more and more important in domestic

Text messages, as well as e-mail, offer concrete information in contrast

F. Cell phone companies don’t store messages.

AT&T Wireless states that they know of no way to save a text

The best chance to get any text message information is by searching

The calendar gives an overview of past and planned activities of the

Voicemail could potentially be more damaging than text message

I. Pictures and videos.

3. Type of camera or phone.

How many photos can your memory card hold?

4. 16 GB—6160 photos; and