There has been several debates as to the legal provisions for search and seizure of electronic devices and digital evidence. Without prejudice to any related investigation going on, this piece will examine the legal provisions of search and seizure, particularly of mobile phones and electronic devices. In this analysis, I will examine the scenario, looking at two jurisdictions: USA and Nigeria. 

Here is a caveat: I am not a lawyer. However, my training as a cybersecurity and digital forensic specialist has exposed me to the fundamental lessons of legal considerations in search and seizure, particularly, of digital devices. This is even more so in mobile forensics, given the nature of mobile devices. Like data, mobile devices are ubiquitous and continue to be a major source of digital evidence. Therefore, expectedly, phones and mobile devices will continue to be of interest to law enforcement agents. Nigeria has a negative reputation for being one of the major hotbeds of cybercrime in the world. Expectedly, the law enforcement agents have ramped up efforts to curb the menace. This often desperate desire to stamp out the menace often see officers carry out unlawful search and seizures and alleged torture of suspects to get passcodes to phones. It is therefore not surprising that most of these do not scale legal scrutiny, and easily fall by the wayside on technicalities. Acquisition of digital evidence is as delicate as the tiny legs of the microchip embedded in the phones. 

Acquisition of digital forensics evidence is governed by certain rules and regulations; most of which are derived from the constitution. For instance, in the United States of America, the 4th amendment protects citizens against unlawful search and seizures. The implication is that to conduct a search, there must be a valid court warrant permitting same. In a recent case under review, searching a suspect's phone constitutes a search; and if this were in the United States, would be an unlawful search and a breach of his 4th amendment rights, since it was without a search warrant (except any of the exigent conditions hold sway). Digital evidence acquired from this, no matter how incriminating, will not be admissible. Such evidence is termed, "fruit of a poisonous tree". 

However, like most cases in life, there are exceptions. These conditions include plain view, consent, and other exigent scenarios. Plain view means the evidence in question was already in view and did not require extra efforts to search. By consenting to a search, the suspect also has waved his 4th amendment rights, and evidence acquired therefrom could be easily admissible (all things being equal). Other exigent conditions where a warrantless search is permissible includes when failure to do so could endanger the life of the law enforcement agent or the public. Also, a warrantless search may be exigent if there is a risk that the evidence might be altered or destroyed. In these exigent conditions, once evidence has been seized and preserved, you will still need an appropriate search warrants to gain access to the seized phone and conduct a proper forensic analysis. This is best practice in digital forensics.

In a recent case that was alleged to have happened, not only did the Law Enforcement allegedly carry out a warrantless search and seizure, they also allegedly forced the suspect to supply the password to phone. That is a breach of his rights. In the United States, this will constitute a breach of his 5th amendment rights. The 5th amendment rights protect citizens from self-incrimination. This is what is often summarized during arrests as: "you have the right to remain silent". A suspect has the right not to incriminate self. There are a lot of celebrated cases that tested both the 4th and 5th amendment rights of the American citizen in relation to cybersecurity and digital forensics. Examples include FBI v. Apple, State v. Stahl, etc. 

In Nigeria, fundamentally, the Nigerian constitution makes provision for the protection of the privacy of citizens. Section 37 of the Nigerian Constitution particularly states that: "The privacy of citizens, their homes, correspondence, telephone conversations and telegraphic communications is hereby guaranteed and protected". Therefore, in the case under review, the victim, as a Nigerian, has rights to his privacy; and that includes the privacy of his data contained in his phone or other mobile or computing devices. Warrantless search of his phone, therefore, constitutes a breach. 

The right of the Nigerian citizen to privacy was further amplified by Nigeria's recent data protection legislation (courtesy NITDA) known as the Nigeria Data Protection Regulation (NDPR). It is noteworthy to mention that while there are differences (and indeed fears of lack of mechanism and will for implementation), the NDPR seems modelled after EU's General Data Protection Regulation (GDPR). Beyond this, there is also the Cybercrime Act 2015, which criminalizes the breach of citizens privacy. It is ironical that most of the illegal search and seizures done by the law enforcement end up in court, and suspects are prosecuted for breach of the cybercrimes act 2015; same Act that was breached in the process of acquisition of digital evidence.  

However, despite this sweeping provision for privacy in the Nigerian constitution (and the other Acts and Regulations), in reality, it is not as smooth as the paragraph above suggests. Section 29 of the Police Act states that: "A police officer may detain and search any person whom he reasonably suspects of having in his possession or conveying in any manner anything which he has reason to believe to have been stolen or otherwise unlawfully obtained". This gives the police extended rights to search and seize, on mere suspicion. So, in the case under review, the Police may hold on to their right to so search and detain if there is reasonable suspicion. This brings to question, what constitutes reasonable suspicion? The so-called "objective test" to determine the degree of reasonability, in my opinion, is subjective and prone to multiple interpretations.

In addition, the Nigerian jurisprudence has another curious complexity. While the "fruit of the poisonous rule" applies in the US, in Nigeria, improperly acquired evidence are admissible; except the judge discretionarily thinks otherwise. Section 14 of the Evidence Act 2011 specifically states that evidence obtained improperly or in contravention of a law "shall be admissible unless the court is of the opinion that the desirability of admitting the evidence is out-weighed by the undesirability of admitting evidence that has been obtained in a manner in the evidence was obtained".  

This inclusionary rule allows for the admissibility of any evidence, once is deemed relevant; not minding the circumstance acquired. In my opinion, this gives the law enforcement a loaded gun. The rule seems to encourage law enforcement agents to take the short cuts of unlawful search and seizure, and in some instances, extreme torture to gain access to mobile devices. It is noteworthy to mention that the 1975 UN Declaration on torture clearly prohibits the use of evidence from torture. Specifically, article 12 states that: "Any statement which is established to have been made as a result of torture or other cruel, inhuman or degrading treatment or punishment may not be invoked as evidence against the person concerned or against any other person in any proceedings".  Therefore, torturing a suspect to obtain his passcodes constitute a breach of this declaration by the UN. While Nigeria must continue to improve in their war against cybercrime, such should be done in respect to the rights of citizens. 

In the light of this delicate realities, it is important that officers are properly trained on best practices in digital evidence acquisition. It is a delicate and painstaking process, and there are no shortcuts. Every process in digital forensics is painstaking and requires patience. From the preliminary investigation to securing the necessary search warrants from a competent court, down to search and seizure; they all take time and careful planning. Even what appears a simple task of getting a forensic duplicate of a seized device could take several hours or even days, depending on the size of the device and the tools used. Therefore, substituting technical skills for brute will always lead to the case being thrown out on technicalities. Read the case file of a typical cybercrime investigation in the United States and you will understand the complexity and time it takes, and why they have greater prosecution success ratio in that jurisdiction. 

Finally, the justice system grinds slowly, in comparison to the fast pace technology it seeks to investigate. Digital forensics is still an emerging area, and still unfolding. The complexities of other emerging technologies, such as cloud computing, Internet of things (IoT), Big Data, etc, further complicates digital investigations and prosecutions. Therefore, judges and judicial officers need to be constantly trained and equipped to understand the complexities of digital evidence, as well as understand expert testimonies in this regards. Also, there is a greater need for more handshakes and collaborations between the justice system and digital forensic experts, for Nigeria to be able to wage a formidable war against cybercrime. Digital crime investigation must be standardized and methodical, in line with best practice. 

R. Tombari Sibe is the CEO/Lead Forensic Examiner at Digital Footprints Ltd. You can reach him at