A crime unit within the San Diego Police Department (SDPD) is utilizing new technology to find clues stored on mobile devices that would otherwise be lost.
A suspect will sometimes attempt to destroy evidence from a mobile device before police can look at it, but the SDPD's newly formed Forensic Technology Unit has data extraction technology that can retrieve deleted texts, videos and e-mails from damaged or destroyed cellphones.
"The actual data that's in the motherboard, inside the phone, can actually be recoverable," said SDPD criminalist Sean Soriano, who has restored cellphones damaged by bullets.
The forensic unit, which worked its first case in November 2017, can only use the extraction technology to access mobile data with legal clearance. SDPD criminalists said they do not violate an individual's privacy rights when extracting data from mobile devices, and follow the specific court orders outlined by a judge.
The technology has proved invaluable for the department as it works to solve crimes.
"We get data using this [technology] that we couldn't get any other way. This'll get data that's been deleted. It'll get databases out of the devices," said Randy Gibson, a criminalist at SDPD. "Some people take pictures or videos of themselves committing crimes, which makes things very easy for us."
Suspects who attempt to wipe a phone remotely, once law enforcement is in possession of the device, will hit a roadblock thanks to a tool called the Faraday Box.
Once placed inside, the box blocks electromagnetic fields, including cell signals, from reaching the device.
"(The Faraday Box) is really a critical piece of equipment for us. If this was evidence and I received it in a power down mode, it's possible, if the owner of the phone didn't want us to see what's in it, they can send a wipe command remotely," explained Gibson. "And that wipe command will just wait out there until the phone is turned on, and once the phone connects to the network, we could lose all data from the device."
After the mobile device is secured inside the box, criminalists access it through gloves built into the side of the box and a look through a window on the lid. The device can be turned on and placed into airplane mode from the inside.
"Once it's in airplane mode, I can take it out and it's still disconnected from the network, so that wipe command that's still out there, still can't reach the phone," Gibson added. "So the data is still safe."
Most law enforcement agencies cannot access locked iPhones. Many of those agencies, including SDPD, are looking at new technology that could eventually give them legal access to encrypted systems.
"Everything has changed as far as the technology goes, but the underlying philosophy of evidence collection and processing, that's still the same," said Gibson, who has worked at the SDPD crime lab for 35 years. "The only thing that's changed is how we collect and process the evidence and how we present that."