Michigan State Police Say It'll Cost $545k To Discover What Info It's Copying Off Mobile Phones During Traffic Stops [Updated]

from the that-sounds-like-extortion dept

Apparently, the state police in Michigan are using devices that allow them to slurp all sorts of data off your mobile phone. Various courts over the years have taken up the question of whether or not it’s okay for police to search your mobile phone during a traffic stop without a warrant, and the rulings are quite mixed. What is allowed is for police to search through your physical belongings, but “digital” belongings is a bit more of a gray area, and it seems to depend on the court. Most recently, the California Supreme Court said that such searches are fine.

The reason many of us are troubled by this is that, like laptops, the contents on your mobile phone are both a lot more expansive these days than, say, a bag you’re carrying — and can be a lot more private. So it’s a bit troubling that at least some courts have said there’s really no difference between searching a bag that you’re holding and the full contents of your mobile phone at a traffic stop.

The situation in Michigan is potentially more troubling, because the police are apparently using technology that lets them gather all sorts of info off your phone quite quickly — and can even get around some password protections:

A US Department of Justice test of the CelleBrite UFED used by Michigan police found the device could grab all of the photos and video off of an iPhone within one-and-a-half minutes. The device works with 3000 different phone models and can even defeat password protections.

“Complete extraction of existing, hidden, and deleted phone data, including call history, text messages, contacts, images, and geotags,” a CelleBrite brochure explains regarding the device’s capabilities. “The Physical Analyzer allows visualization of both existing and deleted locations on Google Earth. In addition, location information from GPS devices and image geotags can be mapped on Google Maps.”

It’s not at all clear if the police in Michigan are using the full extent of these tools, and that’s what the ACLU was curious about. So, it filed a Freedom of Information Act request on the matter… and was told that it would cost $544,680 to get that information. That doesn’t sound like “freedom” of information, now does it? While the folks over at Techland suggest a Kickstarter project, I think the ACLU is hoping that it can pressure the police into changing their position on this without having to resort to such measures.

Update: The Michigan State Police got in touch (via Twitter, believe it or not) to claim that the story is not accurate. According to them, they only use these devices with a warrant, “or if the person possessing the mobile device gives consent” (which, admittedly, opens up some questions, since under stressful circumstances, faced with a police officer, people may feel pressured to “give consent.”). They don’t explain the $545k bit, other than to say they’ve been working with the ACLU to “reduce” the cost.

Filed Under: , , , ,
Companies: aclu

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Michigan State Police Say It'll Cost $545k To Discover What Info It's Copying Off Mobile Phones During Traffic Stops [Updated]”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Re: Re: Re:3 phone snooping

First, the commenter is not declaring that the commenter will do anything. The commenter is, at most, advocating a certain action. Even that is unlikely. Further, this comment does not advocate imminent lawless action, and thus is most likely not a criminal act. See Brandenburg v. Ohio. Additionally, it seems obvious that they were not serious.

Chris Rhodes (profile) says:

Re: phone snooping

It’s a physical connection. They attach your cellphone to their device and it grabs all data on board. Full disk encryption of the phone would stop this, unless they are slurping it from a a part of RAM that’s already been de-encrypted by the OS.

Not that there are many phones that offer full disk encryption . . .

Nastybutler77 (profile) says:

Re: Re: phone snooping

So why don’t people who are pulled over just refuse to hand over their cell phones? What law can a cop cite that trumps the 4th Amendment?

If it was me, I’d politely tell the officer he could search my phone as soon as I see a warrent. If he forcibly took my phone or arrested me because I wouldn’t hand it over, I’d be sure to call the ACLU post haste.

pixelpusher220 (profile) says:

Re: Re: Re: phone snooping

And you’ll forever have an interesting conversation for any job that asks if you’ve ever been arrested…

I have a security clearance and actions as you described would put that in jeopardy.

The officer is *well* within his authority to search your possessions once he has suspicion of something. This is just extended that authority to include a digital device.

Now the password circumvention aspect is interesting as that would violate the DMCA wouldn’t it? I certainly don’t have to give an officer the combination to a locked container during a stop, so having a device that ‘picks the lock’ on my digitally protected info would be quite troubling.

taoareyou (profile) says:

Re: Re: Re:2 phone snooping

Police officers cannot search you without a warrant based on a suspicion. You do not have to give them permission to search your car so they can see if they can find anything illegal. You do not have to let them into your home. Both require a warrant.

Many people give up their rights because they don’t know them.

Here is one of many educational videos that can be found:


Chronno S. Trigger (profile) says:

Re: Re: Re:3 phone snooping

You are legally allowed to deny access to a locked compartment (glove box, trunk) in your car if the officer does not produce a warrant. They even said it on the TV show COPS several years back. A guy was pulled over on suspicion of trafficking marijuana. They asked if they could get into the trunk and he said yes. They pulled several garbage bags full out of the trunk and went out of their way to let him know that he could have legally refused since it was locked.

I see absolutely no reason why this can’t extend to a locked phone in the car.

This does not extend to preventing them from looking into the passenger compartment, nor does this extend to the trunks of SUVs that are open to the passenger compartment.

lostalaska (profile) says:

Re: Re: Re:4 phone snooping

Yeah, my understanding was the extended search is done under the argument that the officer is making sure you don’t have knives, guns or anything that could be used as deadly force against an officer. Locked compartments like trunk or glovebox means the pulled over driver couldn’t easily grab a weapon from them.

I’m still unsure of the point of searching a phone is beyond the cops going on a fishing expedition to arrest you for something completely unrelated to the traffic stop.

rick says:

Re: Re: Re:2 phone snooping

You most likely don’t have a security clearance. Refusing consent to a search will absolutely not conflict with your clearance if you have one as it is your RIGHT to not consent. The officer is not well within his authority to search, its a gray area, hence why we have a structure dedicated to ILLEGAL SEARCHES AND SEIZURES.

No it wouldn’t violate DMCA as that is media, it would however violate numerous state passed data breach bills most likely.

pixelpusher220 (profile) says:

Re: Re: Re:3 phone snooping

and to respond to your point, I do have a security clearance. DOD Secret to be exact.

It’s certainly not exceptionally intensive but they do ask you about quite a bit of stuff going back 7 years. For TS it’s 10 years and much more in depth; those they actually do follow up on all your references.

Secret is more of a computer check, if you don’t show up on their searches you pass. Hence why being arrested can make that ‘interesting’.

btr1701 (profile) says:

Re: Re: Re:2 phone snooping

> The officer is *well* within his authority to
> search your possessions once he has suspicion
> of something.

Not hardly. Merely being suspicious of “something” doesn’t come anywhere near satisfying the legal requirements for a warrantless search.

And even when those requirements *are* met, there are places in a car where the cops still can’t go without a warrant. Locked containers, the trunk, etc. And much of their latitude for searching comes from safety concerns and the threat of hidden weapons. You’re going to have to make one hell of an amazing argument to convince any sane jurist that you had to search that iPhone because you were in fear of your life from the data contained in it.

I honestly can’t see any logical reason why a password-protected iPhone is any different legally from a locked container in the trunk of a car.

anymouse (profile) says:

Re: Re: Re:3 phone snooping

I can just see the cop explaining this one:

But..But..But… He had an iTaser app on his iphone, I had to confiscate it to keep from being tased by the somewhat irate individual who just kept cringing and shouting, “Don’t tase me bro!” as I stole, er pirated, er borrowed, er yeah stole his iPhone… like I was supposed to know what that means….

Anonymous Coward says:

Re: Re: Re: phone snooping

Unfortunately courts have ruled a warrant is not always necessary to satisfy the 4th amendment requirements (whether that is right or wrong is a discussion of r another time). Many local bar associations have resources that allow a person to speak to a criminal lawyer about these issues and get some guidance, and it is always wise to speak to a lawyer about these complicated things.

ShellMG says:

Re: Re:

It’s always a good idea to avoid driving in Michigan. Our roads are so bad they’ll knock your dental work lose.

This FOIA cost is just an excuse to money grab. The City of Detroit has been doing it for years in their court document copy department. Our government has gone from looking under their chair cushions for extra bucks to sticking a vacuum under yours.

Gwiz (profile) says:

I thought (could be wrong) that law enforcement needed both probable cause and consent to search your vehicle during a traffic stop in Michigan.

If you do not give consent, then anything they find that is not in plain sight is improperly collect evidence. Of course, at that point they can impound your vehicle until they get a warrant.

Wouldn’t that apply to your phone also?

Kingster (profile) says:

The only phone they can currently “get around password protection” on is the iPhone, and ONLY if they have access to files that are on your PC that you sync with (.plist files).

Same holds true for Android (supposedly available in the next release of the Cellebrite UFED firmware). Blackberries are a bit different, but just as secure, if you have a password.

Moral of the story? Keep your phone locked when driving in MI. Oh, and as usual, don’t consent to searches, of your car or your phone. Ask for a warrant.

BTW, USB only works so fast. No way they’re gonna D/L a 32G iPhone in 1.5min. It’s not possible.

aldestrawk says:

Re: Re:

Cellebrite claims they can do “password extraction” on 682 out of the 3080 phone models they handle. Mobile phone forensics and security is not my forte, but offhand, it looks like 682 password schemes weren’t implemented properly. I glanced at the brochure and user manual, and it looks like they do “physical extraction” only on the SIM. That may mean the UFED can’t access the majority of data stored in the file system within the flash device separate from the SIM if the phone is password protected and they can’t extract the password. The other thing I wonder about is the effect of wear leveling on hash signatures and recovering deleted data.

The DOJ speed test was probably done on a 4G iPhone. The MSP acquired the UFEDs in 2008 or prior, and may well be basing their statement on a DOJ test from that period.

John Doe says:

Yes, the Constitution is still in effect in the USA

Even if the police or a police dog smells drugs, they can only search for drugs (unless you give them permission to search everywhere and copy everything on your computer.)

I am not sure what drugs I could hide in a Droid, but looking for data is not looking for drugs.

I would think that the same laws applying to say paper records would apply to electronic date and the police can?t just read everything even if they arrest you. They can of course search you for weapons and drugs if they arrest you.

Even if you are a scumbag IP thief with all sorts of unpaid-for-porn on your computer, short of kiddie porn, I don?t think the police would have any interest in wasting their time reading your files unless you are into something much more illegal.

More likely, it?s just another example of bad, alarmist reporting on TechDirt. Now I think I know why it?s called ?Dirt.?

I also see that the police, like the military, have an interest in keeping their capabilities secret (Mike?s not a WikiLeak fool also???).

Anonymous Coward says:

The cost is an obvious and absurd fabrication...

…but this is a common ploy when thugs don’t want to hand over data that they’ve illegally copied. (Yes, “illegally”: aside from the issue of how it was obtained, it’s copyrighted, therefore the MI police illegally downloading it.)

The actual cost for retrieving such data is more like $200: an hour of someone’s time and a 1 TByte USB drive. Start the copy, go home, come back the next day when it’s done, unplug, hand it over.

John Doe says:

Re: The cost is an obvious and absurd fabrication...OR NOT

OR the ACLU could have filed a BLANKET request for all information acquired by the program.

For privacy reasons the police are not going to hand over a copy of your phone or computer records to anyone who asks.

They are going to have to pay someone to go through every document and black out half the information.

This would take some clerk one year (about $75K), just for my computer.

Some real reporter should call the ACLU and the police for clarification.

John Doe says:

Re: Re: Re: The cost is an obvious and absurd fabrication...OR NOT

The Constitution protects one against UNREASONABLE search and seizures, not all searches and seizures that might infringe one?s privacy.

Society?s interest in catching child molesters overrides the right to privacy with a search warrant. No, you just can?t beat them up like Dirty Harry.

But just because you are a child molester or just a suspect, the police have to protect your privacy from third parties filing freedom of information requests.

Maybe we should call illegal searches ?privacy infringers? or ?info-sharing? so that criminal cops look better. LOL. Dirty Harry was a privacy infringer.

btr1701 (profile) says:

Re: Re: Re:2 The cost is an obvious and absurd fabrication...OR NOT

> Society?s interest in catching child molesters
> overrides the right to privacy with a search
> warrant.

Absolute bullshit.

There is not now, nor has there ever been, a “we’re searching for child molesters” exception to the 4th Amendment warrant requirement.

If you think there is, feel free to cite the case that established such a thing.

John Doe says:

And more misuse of words - A Parody of Mike

I suppose peeping Toms don’t like being called peeping Toms, since it sounds perverted and would also like to be called, “privacy infringers.”

And gang-rapist sounds too harsh, so we would should call gang-rapists “woman sharers” who claim women should be free (to be raped). Anyone who claims that a woman has a right not to be raped is a “monopolist” who wants to give a woman monopoly rights to her body.

Gwiz (profile) says:

Re: And more misuse of words - A Parody of Mike

And gang-rapist sounds too harsh, so we would should call gang-rapists “woman sharers” who claim women should be free (to be raped). Anyone who claims that a woman has a right not to be raped is a “monopolist” who wants to give a woman monopoly rights to her body.

I don’t know about any of that – but it’s clear that some commenters should be labeled as “unintelligent miscreants”.

FormerAC (profile) says:

Complete GPS history?

Would the data they download/copy/steal include the complete GPS history of the phone? It appears Apple iPhones store a complete GPS record of every cell phone tower they have ever contacted, and every wifi connection they have seen.


Anonymous Coward says:

Here's a cheaper way to get all the info

It’s now publicly known that the information exists. Given the quality (or lack thereof) of the monkeys who work in IT for all levels of government, it’s almost certainly stored on insecure systems.

And it (the corpus of data) has value to third parties. There are endless possibilities for extortion, blackmail, sale, etc. So SOMEONE, more like multiple someones, is going to try to steal it and then sell it on the open market (see: Russian Business Network).

It should be available at a fraction of the price there.

383bigblock (profile) says:


I would simply tell them that my phone contains personal medical information (which it does) including correspondence with my doctors office. All of that information is currently protected by Federal statutes surounding HIPAA. If they cannot discern one piece of information from another then they cannot download everything exclusive of HIPAA protected data and therefore would be violating Federal Statutes which trumps the states.

This is a clear violation of the 4th amendment and probably the worst form of over-reaching that I’ve read in recent months. Even if its nothing more than enflammatory media reporting by the Dirt…..the fact that someone in Michigan would even consider it is scary enough. No wonder they have the highest unemployment rate.

jenningsthecat (profile) says:

A solution is just around the corner

With stories of such flagrant abuse, it won’t be long before all of the major cell phone platforms have apps that allow a quick wipe of the phone’s contents. So anyone concerned about unauthorized access to personal data, will be able to press a key sequence and destroy that data. Keep frequent backups in a safe place, and you’re good to go.

Of course, this will do nothing to fix the situation wherein a government charged with protecting its citizens’ rights stands at the forefront of violating those rights.

aldestrawk says:

ACLU letter to MSP

This is the most recent letter which the ACLU sent to the Michigan State Police. Apparently, they have only five of the UFED devices. Given that, and the Michigan branch of the ACLU attempts to get information with 70 iterations of FOIA requests, it is pretty clear MSP is stonewalling.


if we are to trust MSPs response to this letter on their web-site, there really is nothing to worry about. 4th amendment protections are being completely respected. Why all the big fuss?

“The MSP only uses the DEDs if a search warrant is obtained or if the person possessing the mobile device gives consent. The department*s internal directive is that the DEDs only be used by MSP specialty teams on criminal cases, such as crimes against children.”

If that’s the case, MSP, why all the stonewalling?

Frost (profile) says:

Michigan - the leading outpost for the fascist takover apparently

Considering how the Governor of Michigan pushed through a law that allows him to install a dictator anywhere he likes and that new function was exercised in Benton Harbor a few days ago and the elected officials got sidelined in favor of a Fuhre… I mean, an “Emergency Financial Manager” with dicatorial powers, Michigan is really standing out as the furthest outpost of the war on freedom in America. Even Wisconsin is looking less toxic at the moment, which didn’t seem likely just a short while ago. Then we add this latest outrage and well… it’s not looking good for America, is it? When the bill comes due for the screwed up economy to boot, things will probably get considerably worse. Probably by design. Fun times ahead.

ofb2632 (profile) says:


When you add in the story about your iphone detailing each and every place you have visited, you really have problems. My main concern is the statement that this device bypasses passwords. That is hacking plain and simple. Even with a warrant, you have to specify if you will be bypassing passwords without the users consent. Mabe the Michigan State Police should be brought up on charges.

techie42 (profile) says:

Does the TSA know about these devices?

Given IOS tracks your moves and TSA could clone your phone with this device I think this is actually a lot worse then it looks.

So while the Michigan State Police might not be able to do this leagaly I am pretty sure the TSA would be okay with it. Good bye privacy, we will miss you.

… and how soon until the laptop cloner device comes out?

John Doe says:

April 20, 2011 - Official Statement (from police): Use of Cell Phone Data Extraction Devices

LANSING. Recent news coverage prompted by a press release issued by the American Civil Liberties Union (ACLU) has brought speculation and caused inaccurate information to be reported about data extraction devices (DEDs) owned by the Michigan State Police (MSP).
To be clear, there have not been any allegations of wrongdoing by the MSP in the use of DEDs.

The MSP only uses the DEDs if a search warrant is obtained or if the person possessing the mobile device gives consent. The department*s internal directive is that the DEDs only be used by MSP specialty teams on criminal cases, such as crimes against children.

The DEDs are not being used to extract citizens’ personal information during routine traffic stops.

The MSP does not possess DEDs that can extract data without the officer actually possessing the owner’s mobile device. The DEDs utilized by the MSP cannot obtain information from mobile devices without the mobile device owner knowing.

Data extraction devices are commercially available and are routinely utilized by mobile communication device vendors nationwide to transmit data from one device to another when customers upgrade their mobile devices.

These DEDs have been adapted for law enforcement use due to the ever-increasing use of mobile communication devices by criminals to further their criminal activity and have become a powerful investigative tool used to obtain critical information from criminals.

Since 2008, the MSP has worked with the ACLU to narrow the focus, and thus reducing the cost, of its initial Freedom of Information Act (FOIA) request. To date, the MSP has fulfilled at least one ACLU FOIA request on this issue and has several far-lower cost requests awaiting payment to begin processing. The MSP provides information in accordance with the Freedom of Information Act. As with any request, there may be a processing fee to search for, retrieve, review, examine, and separate exempt material, if any.

The implication by the ACLU that the MSP uses these devices “quietly to bypass Fourth Amendment protections against unreasonable searches” is untrue, and this divisive tactic unjustly harms police and community relations.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...