Can the Police Search My Phone in Singapore?

The police in Singapore can search your phone, in defined circumstances, under several provisions of the Criminal Procedure Code 2010 and supplementing legislation like the Computer Misuse Act 1993. For phones found on a person at the time of lawful arrest, search is permitted under section 39 of the CPC without a separate warrant. For phones found at premises, a warrant under section 35 is the usual route, with limited exceptions under section 40 for urgent circumstances. The framework gives the police substantial reach, but the reach is not unlimited and procedural safeguards remain.

I’m Hasif, an Associate Director at A.W. Law LLC handling criminal investigation defence in Singapore. The “can they search my phone?” question has come up much more often in the last few years as digital evidence has become central to so many investigations. This post covers what the police can lawfully do, what they need a warrant for, and what to do if you’re asked to unlock or hand over your phone.

The basic search powers

Three CPC provisions are most relevant.

Section 39, search of an arrested person. When the police lawfully arrest a person, they can search the person’s body and the items in their immediate possession. A phone in the accused’s pocket or bag at the time of arrest falls within this. The search is incidental to the arrest and doesn’t require a separate warrant.

Section 35, search by warrant. Where the police want to search premises or items not associated with an arrest, a warrant from a court is the usual basis. The warrant is granted on application, supported by an affidavit setting out reasonable grounds. The warrant specifies the premises and the categories of items.

Section 40, search without warrant. In urgent circumstances where obtaining a warrant would defeat the purpose, the police can search without warrant. This power is exercised carefully and any subsequent challenge can scrutinise whether the urgency was genuine.

For phones specifically, the most common scenarios are:

• Phone on the person at arrest. Search under section 39.
• Phone at home or in the office during a planned investigation. Search under section 35 with warrant.
• Phone seized during ongoing investigation. Continued retention and forensic analysis under various authorities.

Forensic data extraction

A search of a phone in the modern context usually means more than the officer scrolling through messages. Singapore police and the Cyber Crime Investigation branch use forensic tools (Cellebrite, Magnet AXIOM, EnCase) to extract a complete copy of the phone’s data: messages, call logs, photos, location history, app data, deleted items where recoverable, cloud-synced data where credentials are available.

This means:

• Encrypted device contents are accessible if the password or biometric is provided. Modern iOS and Android encryption is robust against brute force, so practical access requires the password.
• Cloud-synced data in iCloud, Google, WhatsApp, Telegram, and similar can be pulled via the device’s saved credentials. Police can also issue mutual legal assistance requests for data held on overseas servers.
• Deleted data is often recoverable. Data on the device but no longer in the user-visible state can be extracted by forensic tools.

Once extracted, the data is treated as evidence. The phone itself may be returned to you at some stage, but the extracted data persists.

Compelled passwords: the section 39A regime

The most important development in Singapore digital-search law in recent years is the strengthened regime around compelled access. Section 39A of the Computer Misuse Act 1993 (and parallel provisions in other statutes for specific contexts) gives the police power to require a person to provide access to a “computer” (which includes a phone) where they have grounds to suspect the device contains evidence of an offence.

In practice, this means:

• The police can require the password. Refusal can be a separate offence under section 39A, with penalties up to 3 years’ imprisonment and S$10,000 fine.
• The police can require biometric access. Whether this extends to forced fingerprint or face unlock is more nuanced; in practice, the police usually request the PIN or password rather than physically using biometrics.
• Refusal is itself evidentially significant. Even where refusal is procedurally justifiable, the court may draw adverse inferences about why access was refused.

The framework is asymmetric: the constitutional privilege against self-incrimination gives some protection, but the section 39A regime cuts across that protection in defined investigative contexts.

What about iCloud and remote backups

A common practical question: can the police access cloud data without the device?

For data on Singapore-based servers, the answer is usually yes, with appropriate authority (warrant, mutual legal assistance, or direct order). For data on overseas servers, the answer depends on the country and the cooperation framework. Apple, Google, Meta, and similar major providers cooperate with Singapore law enforcement requests within their stated frameworks. End-to-end-encrypted services (Signal, WhatsApp end-to-end, iMessage end-to-end) are harder to access without the device or its credentials.

The practical implication: deleting data from your phone doesn’t necessarily remove it from forensic reach if it’s also in cloud backup or has been transmitted to other parties.

What to do if your phone is being searched

If the police are at the door, in your office, or on the street wanting to search your phone, the practical considerations:

Don’t physically resist or destroy the device. Resistance and destruction are separate offences under the Penal Code and the CPC. They convert a defendable position into a clearly indefensible one.

Ask the basis for the search. Politely. “On what authority are you searching?” or “May I see the warrant?” The police are required to identify themselves and explain the basis.

Note the details. The officers’ names, the time, the place, what was searched, what was seized. A contemporaneous note (even on another device or paper) is valuable for later challenge.

Provide what’s required, but no more. If the police require access under section 39A, comply. Don’t volunteer additional access (your other devices, your social media credentials, your work account passwords) beyond what’s specifically required.

Take legal advice as soon as possible. Even a brief call to a criminal lawyer during or immediately after the search shapes what happens next. The first ten minutes with me are free.

Don’t try to “explain” what’s on the phone. Anything you say in the moment can be characterised as a statement under section 22 and used in subsequent proceedings.

Challenging an improper search

Where a search has gone beyond proper authority, the affected party has options:

Challenge admissibility at trial. Evidence obtained through an unlawful search can be excluded. The court considers whether the search was authorised, whether the procedure was followed, and whether admitting the evidence would bring the administration of justice into disrepute.

Challenge the warrant or its execution. If the warrant was improperly obtained (insufficient grounds, misrepresentation in the application) or improperly executed (search beyond the scope authorised), parts of the evidence can be challenged.

Civil claim for unlawful search. In rare cases, where the search was clearly outside any authority, civil proceedings against the state may be available. This is unusual and requires specific facts.

In most matters, the search itself isn’t successfully challenged but parts of the evidence can be excluded on procedural grounds. The evidence picture at trial is often shaped more by these procedural issues than by the substantive defence.

Particular contexts

Drug investigations. Where a phone is searched in the context of drug offences, the focus is usually on supplier chains, customer communications, transaction records. The cooperation question (whether to assist with identifying others) becomes a core strategic decision.

White-collar investigations. In white-collar matters, the phone is often a secondary evidence source. Email accounts, document servers, and corporate systems are usually the primary focus. Personal phone data supports rather than drives the case.

Cybercrime investigations. Where the phone or computer is itself the alleged instrument of the offence (under the Computer Misuse Act), the search and seizure regime is particularly intrusive and the section 39A access powers are most heavily used.

Sexual offence investigations. Phone evidence (messages, images, location data) is often central. The search procedures here are careful and may involve specialist forensic units.

What to do next

If the police have searched, are about to search, or have asked for access to your phone in Singapore, the urgent step is to take legal advice before providing additional access or making further statements. Phone evidence is typically the most consequential evidence in modern criminal matters, and the early decisions about access, cooperation, and statements shape everything that follows.

The first ten minutes with me are free. Book a Criminal Matter Discovery Session and we’ll work out the immediate next steps. English, Malay, Mandarin, Tamil, or Vietnamese, with translation staff on hand for each.

For related topics, see what to do if you get arrested in Singapore and do I have to give a statement to the police in Singapore.