Technology and Self-Incrimination

BY ANDY KAY

In my career, there have been many times we have downloaded car, phone, and other electronic data for our clients. This is a legal practice that has been going on for years. Onboard computers will divulge absolutely all the information gathered from your car. Cell towers track and record where a phone was being used. Most new cars have GPS built into them, and many of these GPS systems in the new cars are attached to the onboard computer. Hundreds of everyday electronic tattle tales are watching our every move. As we well know, technology gives us a lot of useful information to find out what happened during a certain event or time period, but is it always accurate and should it all be legal? 

 

The new data pull

There was an article recently published in CNet magazine titled “Witness for the Prosecution” where the author explores ‘what happens when our digital devices testify against us’. The story opens up with the case of a man named Compton who was charged with arson and insurance fraud. What was unique about Compton’s conviction was the use of data they pulled from his pacemaker during the time of the fire. The pacemaker’s data, along with other direct physical evidence was actually a key factor in Compton’s conviction. So much for HIPPA protection!

 

Devices can be hacked

Most hackable cars include specific model and years of Toyota Prius, Jeep Grand Cherokee, Chrysler 300, Range Rover, Cadillac Escalade, BMW X3, and Ford Fusion. 

Just a few years ago Chrysler had a major recall (and by major, I mean 1.4 million vehicles) because a group of hackers demonstrated to Wired how they could remotely hijack the digital systems in Jeeps via the internet. That’s a pretty big chink in the armor of devices that can convict you in a court of law.

Here’s my point with that case: if an onboard computer can be hacked, we cannot trust that information cannot be downloaded to the device. This includes the scenario of false information designed to frame an innocent person. Because of hacking or inaccurate data collection, digital evidence alone should not be used as the guilt-defining moment. Digital evidence and even the printed mediums that they help create can only be used as circumstantial evidence.

Here’s a list of the 9 most hackable cars and what makes them vulnerable. Do you own one?...

 

Technology is imperfect

Law enforcement and private investigators are using information from your phone, fit watches, utility meters, smart home appliances, Alexa, and even data from a person’s pacemaker. Where is the line to be drawn? In my opinion, these tools are great for investigation but NOT for prosecution. They may lead to discovering evidence and maybe even corroborate evidence, but they, themselves, are only circumstantial evidence. The information obtained from devices should not be taken as gospel.

 
 Where is the line drawn for "self-incrimination" when it comes to personal data?  photo by  @igorson

Where is the line drawn for "self-incrimination" when it comes to personal data?

photo by @igorson

 

For example, there are multiple explanations for data taken from smart watches. It does not suffice to say “203 steps were recorded so that means the person in question walked from point A to point B and then stopped.” There are so many ways those 203 steps could have been recorded, and many reasons all steps may not have registered (i.e. lost signal, etc).

It is a fact that technology often has glitches. Everyone reading this blog has had problems with their technology or devices malfunctioning. That in itself is reason enough for the point I am making.

 

Constitutionally speaking, there are some major arguments

4th Amendment and 5th Amendment rights are in the hot seat. The 4th Amendment, which protects our right to privacy is the obvious push back. But what about when a person has data pulled from their pacemaker in a case brought against them? Where do HIPPA regulations fall? A device a person must use to stay alive may be used in a court of law to prove their guilt. Does that not compete with the 5th Amendment, the right of a person to not self-incriminate?

 

 

In another strange case, a person had the information stored on their smart water tank leveraged against them to disprove their alibi in a criminal case. People argue, "is that any different than pulling data from a car’s onboard computer?" Yes it is, because utility meters belong to the utility companies. You may own your car which makes it your property, not subjected to a third party. But what about Fitbit watches that are open territory for police to access? Is this is violation of a person’s health privacy or the 4th or 5th Amendments?

There is an argument in favor of using personal electronics. The grounds for the argument cites the "Third Party Doctrine",  stating that data shared with a 3rd party (i.e. Alexa) is no longer private. In my opinion that is heavily infringing upon our 4th Amendment rights. A research paper recently published in the Southern University Law Review argues "the key to protecting the privacy of Alexa owners will be through the 1st Amendment rather than the 4th" by forcing the government to show there are no reasonable alternative actions.

10 years ago, data pulling was a lot less gray than it is today. As tech becomes more and more personalized and on-the-body, questions of where the line is drawn for constitutional rights is blurring. I am all for using data to get the bad guys. But we must be aware of how and how much access we allow to our body and private in-home data.

Andy Kay

K&A Investigations