I'll admit it - I can be lazy when it comes to security. I don't have a passcode on my iPhone because it never leaves my pocket and I'm not one to misplace things. An article in Ars Technica has me rethinking my passé attitude toward passcodes and privacy, however.
According to the article, a recent decision holds that "police officers may lawfully search mobile phones found on arrested individuals' persons without first obtaining a search warrant."
The decision (.pdf) by a California Supreme Court allows that police officers can "conduct a warrantless search of the text message folder of a cell phone they take from [one's] person after the arrest."
The solution to this, according to Ars Technica's Ryan Radia, is not simple, but setting a password is a good first step:
While the search incident to arrest exception gives police free rein to search and seize mobile phones found on arrestees' persons, police generally cannot lawfully compel suspects to disclose or enter their mobile phone passwords. That's because the Fifth Amendment's protection against self-incrimination bars the government from compelling an individual to divulge any information or engage in any action considered to be "testimonial".
Password protection, however, is just the beginning,says Radia. "If you care about your privacy, password-protecting your smartphone should be a no-brainer," he writes. "Better yet, you should ensure your smartphone supports a secure implementation of full-disk encryption."
For the full, in-depth discussion of the topic, definitely give Radia's article on Ars Technica a read.