The isolation phase

Mobile phones are, by design, intended to communicate via cellular phone networks, Bluetooth, infrared, and wireless (Wi-Fi) network capabilities. When a phone is connected to a network, new data is added to the phone through incoming calls, messages, and application data, which modifies the evidence on the phone.

Complete destruction of data is also possible through remote access or remote wipe commands. For this reason, isolation of the device from communication sources is important prior to the acquisition and examination of the device. Network isolation can be done by placing the phone in radio frequency shielding cloth and then putting the phone in airplane or flight mode. Airplane mode disables a device's communication channels, such as cellular radio, Wi-Fi, and Bluetooth. However, if the device is screen-locked, then this is not possible. Also, since Wi-Fi is now available in airplanes, some devices now have Wi-Fi access enabled in airplane mode.

An alternate solution is isolation of the phone through the use of Faraday bags, which block radio signals to or from the phone. Faraday bags contain materials that block external static electrical fields (including radio waves). Thus, Faraday bags shield seized mobile devices from external interference to prevent wiping and tracking. To work more conveniently with seized devices, Faraday tents and rooms also exist.