Handling Mobile Phone Data During an Investigation 

Introduction

As a lawyer, if you are handling a merger, cartel, compliance review, dispute or an investigation mandate, mobile phone data will certainly be a potential data source of evidence.

The data from a mobile phone will need to be treated with the same respect as an email or word document originating from a company system (e.g. collected, reviewed, classified and produced).

However, when handling mobile phone data, things can get a little tricky because you will more than likely need to satisfy custodians privacy demands...



Mobile phones in the current era

Firstly, let's briefly discuss “what is a mobile phone?". You might be reading this blogpost on one, if not. It is probably in your hands. 

The mobile phone has become an amazing tool... We have many ways to stay in contact with family and friends, we can purchase products, we do our banking with it, take pictures, order food and taxis, even find love with a mobile phone… Plus, you can also make a phone call!

A mobile phone is an incredibly personal object that knows everything about us.

From a work point of view, we have also switched to apps on our phones for some of our daily tasks. 

We live on the go and use our phones to take pictures of documents, talk to colleagues, customers or competitors via a vast array of applications, create work appointments on non-company-provided calendars and join meetings using 3rd party conferencing applications.   

Therefore, more and more company related data activities are happening outside of the control of company provided IT systems. 

This is the exact reason why mobile phones and the data stored on them are interesting in legal proceedings.



On the phone or not on the phone, that is the question?

Before you collect the data from a mobile phone, it is important to understand which applications store data locally on the phone and which applications store data in the cloud. 

Not all the information (documents/messages) you see within the phone is stored locally. For example, when in OneDrive and you open a document, the application is fetching it from OneDrive's cloud storage. The document is not stored on the phone.

Be aware that the information required for your review may not be copied/extracted if you only collect the phone as evidence. It is also necessary to collect the data from the cloud.



Consent from the custodian

The collection of data can only proceed with the custodians providing their consent. The custodian needs to assist the examiner by providing the necessary passcodes/passwords and usernames. Without compliance, it is almost impossible to conduct the collection.

Remember to be upfront with the custodian and discuss the processes before the collection day.

A consent form must be signed before you collect/extract any data. 

The drafting of the consent form is very important and needs to be clear and concise regarding the data that will be collected. If you also require the data from the cloud (e.g. OneDrive, LinkedIn, iCloud Drive, email, Google Docs), this will be stipulated in the consent form.

Once the consent form has been signed, the collection can start. During the coping/extraction process, the custodian will temporarily be without access to their phone. The collection process will likely take between 2-5 hours.

Over the years, I have witnessed tense situations unfold where custodians have started arguments about their data being collected. Sometimes, they have even walked away (with their phones) from the collection. Lawyers and examiners’ soft skills can be needed to calm things down. 



Workflows 

The workflow will be designed depending on the data required and the privacy that needs to be respected. It may differ from custodian to custodian and will need to be documented and annexed in the electronic search methodology paper.

When a custodian has privacy concerns and does not want the full content of their phone to be searched and reviewed, I recommend a workflow as follows:

 

  1. The content of the phone is copied in full into the forensic application.
  2. The custodian, lawyer and forensic consultant sit together and apply several filters to isolate an agreed subset of data that can be taken away and reviewed.
  3. The subset is extracted from the full copy and will be used for the legal research.
  4. The full copy is saved onto an encrypted drive, which is placed into a sealed/tamperproof bag/envelope and stored by the lawyers. It will only be accessed again if the custodian agrees. 

 


I advise this approach because as time goes by and new knowledge/information is obtained about the case, it may be necessary to go back to the phone and look for new evidence. Therefore, it will always be better to preserve a full copy and not need it, than need it and not have it.



Closing

At LTI, we have great results collecting mobile phone and cloud data, assisting our clients and custodians with these matters while respecting data privacy requirements.

We use Oxygen Forensics Detective software which allows us to work with our clients in a purpose-built mobile review application. Alternatively, the data can be transferred and reviewed in our eDiscovery platform. 


If you have a project or a scenario you would like to discuss, please do not hesitate to contact us: info@legaltechinnovations.com

Labour Market Cartels: The New Antitrust Frontier in Europe

By Luke Smith April 17, 2025
Labour Market Cartels: The New Antitrust Frontier in Europe

The Hidden Risk of Cloud Email Storage: When Data Disappears Forever

By Luke Smith February 26, 2025
Many companies assume cloud email providers retain data indefinitely, but once an account is deleted, emails may be lost forever. Without a clear retention strategy, businesses risk losing critical information needed for eDiscovery, compliance, and investigations. Learn how to protect your email data before it’s too late.
Best practices for managing cross-border eDiscovery in international litigation by Legal Tech Innova

Best Practices for Managing Cross-Border eDiscovery in International Litigation

By Luke Smith January 19, 2025
Learn key strategies for managing cross-border eDiscovery in international litigation. Discover tips for legal compliance, data privacy, and seamless workflows
Explore key eDiscovery trends for 2025. Stay ahead with insights on AI advancements, data security,

The Future of eDiscovery: Trends to Watch in 2025

By Luke Smith January 5, 2025
Discover the future of eDiscovery with Legal Tech Innovations. From AI-driven document reviews to evolving data privacy challenges, explore the top trends shaping 2025. Learn how these developments impact lawyers and legal professionals handling investigations and litigation.
Learn how to secure evidence from an employee's phone while ensuring compliance with privacy laws an

Securing Evidence from an Employee’s Phone while Complying with Privacy Laws

By Luke Smith September 13, 2024
Navigating the challenges of securing evidence from an employee’s phone? Discover best practices for balancing legal compliance with privacy laws. Legal Tech Innovations provides insights for lawyers handling investigations and litigation.
Explore how Generative AI is revolutionizing eDiscovery in competition investigations, enhancing eff

The Role of GENAI in Transforming eDiscovery for Competition Investigations

April 24, 2024
Generative AI is transforming eDiscovery for competition investigations. Learn how advanced tools are enabling faster, smarter document reviews and uncovering critical insights. Discover how lawyers can leverage AI in their litigation and investigation processes.
Discover how Legal Tech Innovations' partnership with Reveal’s ASK is revolutionizing eDiscovery, em

Unlocking Legal Intelligence: Legal Tech Innovations (LTI) Introduces Reveals 'Ask,' Revolutionizing eDiscovery for Our Clients

By Luke Smith January 11, 2024
Unlock the power of legal intelligence with Legal Tech Innovations. Learn how our collaboration with Reveal’s ASK is transforming eDiscovery, providing lawyers with faster and more accurate insights for litigation and investigations.
Learn how to efficiently identify critical evidence during legal proceedings, ensuring compliance an

Identify evidence during legal proceedings.

By Luke Smith November 13, 2023
Identifying crucial evidence is key to successful legal proceedings. Explore best practices for uncovering key data, ensuring compliance, and enhancing your legal strategies during investigations. Legal Tech Innovations offers expert guidance for lawyers in litigation and legal matters.
Discover why testing search results is crucial in eDiscovery exercises to ensure accurate and reliab

Testing search results is crucial when conducting an eDiscovery (electronic discovery) exercise

By Luke Smith September 6, 2023
Effective eDiscovery relies on testing search results to verify accuracy and relevance. Learn why this step is essential for legal professionals and how it enhances the efficiency and reliability of electronic discovery exercises in litigation and investigations.
Explore how leveraging mobile phone data can uncover critical insights in investigating anti-competi

Leveraging Mobile Phone Data in Investigating Anti-Competitive Practices

August 10, 2023
Mobile phone data plays a crucial role in investigating anti-competitive practices. Learn how legal professionals can leverage this valuable source of evidence in competition law investigations and uncover hidden insights to strengthen their cases.
More Posts