The Supreme Court of Canada issued its decision in R. v. Fearon today, a case involving the legality of a warrantless cellphone search by police during an arrest. Given the court’s strong endorsement of privacy in recent cases such as Spencer, Vu, and Telus, this seemed like a slam dunk. Moreover, the U.S. Supreme Court’s June 2014 decision in Riley, which addressed similar issues and ruled that a warrant is needed to search a phone, further suggested that the court would continue its streak of pro-privacy decisions.

To the surprise of many, a divided court upheld the ability of police to search cellphones without a warrant incident to an arrest. The majority established some conditions, but ultimately ruled that it could navigate the privacy balance by establishing some safeguards with the practice. A strongly worded dissent disagreed, noting the privacy implications of access to cellphones and the need for judicial pre-authorization as the best method of addressing the privacy implications.

The majority, written by Justice Cromwell (joined by McLachlin, Moldaver, and Wagner), explicitly recognizes that cellphones are the functional equivalent of computers and that a search may constitute a significant intrusion of privacy. Yet the majority cautions that not every search is a significant intrusion. It ultimately concludes that there is the potential for a cellphone search to be intrusive, it does not believe that that will be the case in every instance.

Given that conclusion, it is prepared to permit cellphone searches that are incident to arrest provided that the law is modified with some additional protections against invasion of privacy. It proceeds to effectively write the law by creating four conditions: a lawful arrest, the search is incidental to the arrest with a valid law enforcement purpose, the search is tailored or limited to the purpose (ie. limited to recent information), and police take detailed notes on what they have examined and how the phone was searched.

One saving grace in the majority’s decision is that rejects the notion that password-protected phones legally enjoy greater privacy protection than non-protected ones. The majority states:

I pause here for a moment to note that some courts have suggested that the protection s. 8 affords to individuals in the context of cell phone searches varies depending on whether an individual’s phone is password-protected. I would not give this factor very much weight in assessing either an individual’s subjective expectation of privacy or whether that expectation is reasonable. An individual’s decision not to password protect his or her cell phone does not indicate any sort of abandonment of the significant privacy interests one generally will have in the contents of the phone. Cell phones – locked or unlocked – engage significant privacy interests.

The dissent – written by Karakatsanis and joined by LeBel and Abella – unsurprisingly agrees on the issue of password protection but also offers a much stronger defence of privacy. It explicitly recognizes the connection between digital devices and privacy:

the cell phone acts like a key or portal which can allow the user to access the full treasure trove of records and files that the owner has generated or used on any number of devices. It is not just the device itself and the information it has generated, but the gamut of (often intensely) personal data accessible via the device that gives rise to the significant and unique privacy interests in digital devices. The fact that a suspect may be carrying their house key at the time they are arrested does not justify the police using that key to enter the suspect’s home. In the same way, seizing the key to the user’s digital life should not justify a wholesale intrusion into that realm. Indeed, personal digital devices are becoming as ubiquitous as the house key. Increasingly large numbers of people carry such devices with them everywhere they go (be they cell phones, mobile computers, smart watches, smart glasses, or tablets).

The dissent proceeds to adopt the position that complicated conditions are no substitute for effective privacy. It therefore concludes that warrants provide the right balance:

The intensely personal and uniquely pervasive sphere of privacy in our personal computers requires protection that is clear, practical and effective. An overly complicated template, such as the one proposed by the majority, does not ensure sufficient protection. Only judicial pre-authorization can provide the effective and impartial balancing of the state’s law enforcement objectives with the privacy interests in our personal computers. Thus, I conclude that the police must obtain a warrant before they can search an arrested person’s phone or other personal digital communications device. Our common law already provides flexibility where there are exigent circumstances – when the safety of the officer or the public is at stake, or when a search is necessary to prevent the destruction of evidence.

While the case does provide some helpful language on the importance of privacy, the recognition that cellphones and computers are now functionally equivalent, and that password protection should not be a pre-requisite for privacy protection, the decision is a setback for privacy in Canada. With the court having just concluded in Spencer that a warrant is needed to access subscriber information, it should have maintained that approach by similarly requiring one for cellphone searches during an arrest. In trying to establish the legality of some warrantless cellphone searches, it has replaced the important safeguard of a judicial authorization with conditions that do little to protect privacy while complicating the obligations of law enforcement.