Biometrics seems like such a cool way to control access, so when Apple offered fingerprint ID in place of a PIN to access its iPhone, what hipster could resist? Of course, David Baust in Virginia Beach may well wish he had gotten a droid instead.
A Circuit Court judge has ruled that a criminal defendant can be compelled to give up his fingerprint, but not his pass code, to allow police to open and search his cellphone.
The question of whether a phone’s pass code is constitutionally protected surfaced in the case of David Baust, an Emergency Medical Services captain charged in February with trying to strangle his girlfriend.
While the Supreme Court has held that police must obtain a warrant to search a cellphone, the question now becomes whether a warrant is sufficient to compel a person to provide the police with access to his cellphone. This is where it gets trickier, and far more technical.
Judge Steven C. Frucci ruled this week that giving police a fingerprint is akin to providing a DNA or handwriting sample or an actual key, which the law permits. A pass code, though, requires the defendant to divulge knowledge, which the law protects against, according to Frucci’s written opinion.
The critical distinction comes from the Fifth Amendment, the right not to bear witness against oneself. If access to the cellphone requires the defendant to give up information, it violates the “act of production” privilege. His fingerprints, on the other hand, are just another physical thing that he can be forced to provide.
It’s unclear in Baust’s case whether his phone is locked by fingerprints or PIN or both, as the argument relates to the hypothetical demands that can be made of him in complying with the warrant. There is no clue whether he actually won or lost, as far as being forced to provide access to his phone, but the point of the opinion is well made: a defendant cannot be forced to provide his pass code. His fingerprint, not so private.
This point was made by Marcia Hoffman, who anticipated that biometrics would open the door to collateral testimonial problems down the road.
There’s a lot of talk around biometric authentication since Apple introduced its newest iPhone, which will let users unlock their device with a fingerprint. Given Apple’s industry-leading position, it’s probably not a far stretch to expect this kind of authentication to take off. Some even argue that Apple’s move is a death knell for authenticators based on what a user knows (like passwords and PIN numbers).
While there’s a great deal of discussion around the pros and cons of fingerprint authentication — from the hackability of the technique to the reliability of readers — no one’s focusing on the legal effects of moving from PINs to fingerprints.
I know, the lawyers keep harping on lawyerish stuff when the techno-lovers only want to talk about the cooliosity of every new shiny toy. Why are lawyers so mean?
Because the constitutional protection of the Fifth Amendment, which guarantees that “no person shall be compelled in any criminal case to be a witness against himself,” may not apply when it comes to biometric-based fingerprints (things that reflect who we are) as opposed to memory-based passwords and PINs (things we need to know and remember).
This seems to be the recurring battle between tech advancement and law (ugh), always mired in the past century or more. There is an easy answer, which is to except biometrics from the things which we can be compelled to provide to the government upon a court order, except that there is no rational basis to create such an exception. Bear in mind, the only thing that protects a person from being compelled to spew out his PIN is the “act of production” privilege. We should be thankful we have that going for us, or the fingerprint issue would be moot as the government could get access to everything.
There is, of course, a technical means of defeating the warrant, which is to use both biometric as well as PIN (or anything that requires that the information come from a person’s mind rather than body). But that really undermines the whole point of biometrics, and takes the shine right off your iPhone.
Nor is this solely an iPhone issue, but a biometrics one, even if Apple has been at the forefront of bringing this tech to the public. On the one hand, the argument that each snowflake is special, and therefore our biometrics provide a fool-proof means of ascertaining identity (provided the reader actually works, but let’s not go there as it makes technophiles sad) favors biometrics.
On the other hand, much as it may stop hackers, who adore those of you whose password is “password” because who can remember that crap anyway, it won’t stop a judge from ordering a defendant to stick his finger where he doesn’t want it to be. The takeaway isn’t so much to favor one means over the other, or that a smart person anticipating that law enforcement may one day want to see all the cool stuff on your iPhone, but that every methodology has its unintended consequences and pitfalls. Of course, by the time this becomes painfully obvious, it’s usually too late.
H/T Bmaz, et al.
Discover more from Simple Justice
Subscribe to get the latest posts sent to your email.
Fortunately, Apple has already provided a technical fix. After shut down and power up, the pass code is required before the fingerprint will work. So always shut down your iPhone before any encounter with a cop.
Yeah, that’s not likely to be the case in real time. “Excuse me, officer, while I power down my iPhone before you slap the cuffs on me. Thank you for your cooperation.”
It also requires the password after not having been unlocked for a period of 48 hours, or after 5 consecutive incorrect fingerprints. [Ed Note: Link deleted per rules.]
Obviously that’s all unimportant when a warrant isn’t required, but the 48 hour limit could quite possibly force the cops to hustle a bit to get a warrant– or just provide a new excuse for “exigent circumstances.” “You see judge, we knew we could get the warrant for the fingerprints but not the password, so it was imperative that we force the perp to use his fingerprint before that 48 hour time limit was up. Ticking time bomb and all that, honest.”
48 hours is forever in the time it takes to get a warrant.
Yeah, I’d prefer an option from Apple to shorten than down to a smaller length of time. I assume that they set it so long so that people wouldn’t be locked out after going to sleep for the night or whatever, but reducing it to 12 hours wouldn’t be much different for how I think most people use it. Even shorter as an option could still be useful while increasing the security.
Setting the unlock to, say, left hand ring finger is still probably a decent safeguard. The police are likely to guess thumbs and index fingers first and get locked out.
Even so, best protection would be not using it at all. Sorry about the link in the previous comment, forgot your rules.
Couldn’t the police stick the phone in a “null box” basically a box that is shielded from all outside cell signals, but provides a cell signal, that has a timestamp that is fixed. Cells operate on tower time. if the tower time is static. the phone can effectively be placed in stasis while warrants are obtained.
As far as I know, no such box currently exists.
That’s got nothing to do with the issue here. That was already addressed by Riley/Wurie, and phones can be placed in Faraday bags. But again, that has nothing to do with the legal issue.
Nothing says that you have to use a particular finger, though, so if they guess five wrong fingers before hitting on the correct one, they also have a problem and are locked out. I wonder if the ruling forces the arestee to tell the cops *which finger* is the correct one?
why not look a the fingerprint that is already on the button. and choose that finger.
I only regret that there is no Picard triple face palm. Stop it!
There is also the problem of once a password has been compromised it can be changed. If your biometric lock is compromised, you do not change your finger prints.
And I didn’t touch the issue of somebody named Igor cutting off some hipster’s finger, either.
Requiring both a fingerprint and a PIN doesn’t necessarily take the shine off the tech, as that’s the definition of two-factor authentication: proving you *know* something and that you *have* something. It truly is unfortunate that us tech people don’t put more focus on protecting our users than on convenience…
I hope we get more decisions backing up the idea you don’t have to produce a PIN/password. ‘In re Boucher’ established one way for the government to force you to decrypt something for them, and since then we’ve also had ‘United States v. Fricosu’ and ‘Commonwealth v. Gelfgatt’. That last one is particularly eye-roll worthy if you believe the government’s story that the accused attorney mouthed off to them (after being informed of his right to remain silent, of course) that he could decrypt the hard drives, but he wasn’t going to.
I suspect most iPhone (heck, most any phone) users can’t be bothered with two-factor authentification. How many people never change their password from the default? We may like privacy, but not enough to go to all the effort to preserve it. As for the caselaw, Boucher ended up going nowhere, a huge disappointment. Fricosu was just an outlier. Gelfgatt was also an outlier, as the attorney was an asshole.
The glaring hole in the “act of production” privilege is that the government can circumvent it by granting testimonial immunity. After all, it rarely needs that extra bit of info, but definitely needs the evidence off the computer. Geeks keep thinking the tension between tech and law can be beat by more tech (note the focus on petty details, as if that’s the issue). It won’t. The law is a bludgeon wrapped up in pretty rhetoric. Ever seen an iPhone after someone’s taken a bludgeon to it? It’s not pretty.
In my own weak defense, sorry if I seemed focused on the petty details. To be clear, even as a geek I don’t believe there’s any magical technical solution to the massive problems of our “criminal justice” system. If anything, I’m naive enough to think that doing something simple like going back to considering the Fourth, Fifth, and Sixth Amendments an actual limit on government power rather than just a “guideline” to be discarded when inconvenient is the only real way to even begin to fix things…
Sorry if you took my geek comment as referring to you. Read some of the other comments here, and you see how people get caught up on technicalities of technology, without understanding that the problem isn’t which finger. I think you get it, and appreciated that you knew about the caselaw.
The “solution,” to the extent there is one, is to fight for the underlying rights, rather than technological solutions to circumvent bad law. Every new tech trick will evoke a new law trick to thwart it. The feds will not be put off that easily. We need a far more fundamental respect for privacy and constitutional rights, and then the tech tricks (or lack thereof) won’t matter.
Be grateful for your fifth amendment. In federal Australian law, and the State of Queensland, there is no constitutional protection against self-incrimination. A search warrant can include a power to compel passwords to the device. Under the federal law, a person can be compelled to assist in the search, and to provide access to data accessible from the device; that is, all your social media, banking and cloud accounts as well. Public opinion is not remotely bothered by this.