Police power to search contents of mobile devices



Back in September 2016, ONC published an article titled “The Requirement to Decrypt Information in Hong Kong” concerning the law enforcement agencies’ power to intercept and decrypt the encrypted communications.

Regarding the police power to search the contents of mobile devices, we discussed the Court of First Instance’s (“CFI”) decision in the case of Sham Wing Kan v Commissioner of Police [2017] HKCU 2725 in our article titled “Can police search your mobile phone?”, which was published in December 2017. It was found in this case that save for certain exigent circumstances, the police must first obtain a warrant before they can peruse digital contents of seized mobile devices, failing which any such warrantless search will be deemed as unconstitutional and therefore illegal (“CFI Decision”).

The CFI’s “exigent” standard was subsequently revisited by the Court of Appeal (“CA”) during which it was held that the standard of “exigent” standard has failed to balance lawful law enforcement objectives and privacy interest guaranteed under Hong Kong’s constitution.

That said, the most notable feature of the CA decision is that it was further ruled that a magistrate cannot force a person to hand over the password to his or her mobile device to the police under a warrant.


CFI’s decision

Taking into account factors including the constitutionally protected right to privacy and freedom of private communication against unlawful intrusion, the CFI considered that a warrantless search is ONLY lawful where it is necessary to (1) prevent an imminent threat to the public or police officers; (2) to prevent imminent loss or possible destruction of evidence; or (3) lead to the discovery of evidence in extremely urgent and vulnerable situation (“Exigent Circumstances”). Such protection also covers warrantless searches against other similar devices such as tablets, smart watches and laptop computers.

CA’s Ruling

Searches of mobile device

The CA took a different approach and held that there ought to be a balance between the legitimate law enforcement objectives and the potentially great privacy interest and volume of data stored in a mobile phone. While the Court agreed that the privacy interest engaged in the search of mobile devices is potentially higher than a search conducted of private premises, the judges also noted the potential use of mobile device in crime and there was a legitimate need for law enforcement officers to “act prudently and promptly in appropriate circumstances which may not strictly be characterised as an emergency”.

The judges in CA were of the view that, the digital world should not create a loophole to become a safe haven for criminals to hide evidence in.

Therefore, the judges did not agree with the doctrine of Exigent Circumstances and instead, advocated the use of the reasonable basis test to strike a fair balance. In other words, for warrantless search, when it is not reasonably practicable to obtain such warrant before a search is conducted, the police officer must also have a reasonable basis for having to conduct the search immediately as being necessary:

(1)   For the investigation of offence(s) for which the person was suspected to be involved, including the procurement and preservation of information or evidence connected with such offences; or


(2)   For the protection of the safety of persons (including the victim(s) of the crime, members of the public in the vicinity, the arrested person and the police officers at the scene).


(Altogether, the “Purposes”)


Otherwise, if a warrant is obtained under section 50(7) of the Police Force Ordinance, a police officer can also search the contents of a mobile device.

The CA highlighted the fact that mobile devices nowadays are equipped with security features to safeguard the digital contents stored therein from unauthorised access. Such features might however impede the police’s timely access to the digital contents stored on or accessible by the device for law enforcement purposes (e.g. prevention of an ongoing crime). Therefore, if a warrant is required for examining the digital contents of a seized device after arrest, there will be un-resolvable risk that the digital content may self-destruct or access to such digital contents could be obstructed by utilizing the security features, including strong encryption, multi-access to cloud platforms, retrieval of volatile and temporary memory and automatic erased data. These may justify a warrantless search of mobile devices by the law enforcement officers.


Obligation to give password to unlock electronic device

Notwithstanding the above, it was expressly stated in the judgment that it was a common ground that a magistrate does not have the power to compel a person to give password (in the form of password, Face ID or Touch ID) to the police so as to unlock his mobile phone or other electronic devices.

Hence, even when the mobile phone or any other electronic device was seized by the police, an arrestee is entitled to reject a police officer’s request to unlock the same and such refusal would not constitute an offence of obstruction of a police officer in the due execution of his duty.


The CA judgment provides that the police officer may conduct warrantless mobile phone search if he has a reasonable basis to conduct the search immediately as being necessary for (i) the investigation of the offence(s) which the person was suspected to be involved or (ii) for protection of safety of persons. Even though it was spelled out by the judges that the scope of detail examination of the digital contents of a phone should be limited to items relevant to such Purposes, cursory examination for filtering purpose shall be allowed. It might be difficult to draw a line between what is qualified as item relevant to the Purposes and what is not.

Police’s judgment on the spot as to whether there is any reasonable basis for doing so may also be subject to be reviewed and challenged. It is understandable that the public may have reservation towards such extensive discretion conferred to the police.


For enquiries, please contact our Intellectual Property & Cyber Law Department:
E: ip@onc.hk                                                                        T: (852) 2810 1212
W: www.onc.hk                                                                    F: (852) 2804 6311

19th Floor, Three Exchange Square, 8 Connaught Place, Central, Hong Kong

Important: The law and procedure on this subject are very specialised and complicated. This article is just a very general outline for reference and cannot be relied upon as legal advice in any individual case. If any advice or assistance is needed, please contact our solicitors.
Published by ONC Lawyers © 2020