[HN Gopher] Cops can force suspect to unlock phone with thumbpri...
___________________________________________________________________
Cops can force suspect to unlock phone with thumbprint, US court
rules
Author : moelf
Score : 53 points
Date : 2024-04-18 21:17 UTC (1 hours ago)
(HTM) web link (arstechnica.com)
(TXT) w3m dump (arstechnica.com)
| cranberryturkey wrote:
| Yeah no. That goes against the 5th
| anotherhue wrote:
| Yeah, the phone goes against the 5th finger.
| coldtea wrote:
| The 5th is words on paper. The people who write the laws or
| enforce them can do whatever they want by "interpeting" it or
| just ignoring it.
| proc0 wrote:
| Isn't that every law? What's the point, are you justifying a
| tyrannical government?
| llamaimperative wrote:
| In theory sure, in practice no. Laws and precedents stand for
| long, long times, including this one which is not even close
| to a groundbreaking or controversial ruling.
| tedunangst wrote:
| Unfortunately your analysis is too late. If only you had
| informed the judges sooner, they could have issued a correct
| ruling.
| torstenvl wrote:
| What part of the Fifth Amendment do you believe applies here?
| cranberryturkey wrote:
| the right to remain silent and the search and seizure
| protections...
| meepmorp wrote:
| Nobody was compelled to give evidence against themselves.
| Fingerprints are external, physical features - it's no
| different than being made to give up a key to a locked door
| pursuant to a warrant. And parolees are released under
| supervision, with law enforcement having greater authority
| to search them and their property.
| bsder wrote:
| As I understand it, this has always been the case?
|
| The point is that the police can't prove you do or do not
| remember a code. Consequently, they can't _compel_ you to use
| that code.
|
| However, since your thumbprint _definitely_ exists, they can
| compel you to use it.
| JohnFen wrote:
| That was my understanding as well. Are we missing something
| here?
| AdamJacobMuller wrote:
| My understanding of it was different.
|
| As I understood it, the police can not compel you to tell them
| something you know because this would be analogous to
| testifying against yourself, however, they can require you to
| give them something you have (or something they would find with
| a warrant) because it is a physical thing, not testimony.
|
| It's the difference between being required to give up a safe
| combination which the police can not compel you to tell them,
| vs, a key to a safe which the police could search you for and
| take from you and use to open the safe within the bounds of a
| warrant (or some other theoretical circumstances).
| ortusdux wrote:
| I'd add this to the list of reasons why biometrics [?]
| passwords.
| jetrink wrote:
| > The point is that the police can't prove you do or do not
| remember a code. Consequently, they can't compel you to use
| that code.
|
| Also, they can't coerce you to reveal the code even if they can
| prove you know it. Confessions extracted under torture by
| inquisitors was a recent memory when the Bill of Rights was
| drafted.
| ukd1 wrote:
| Well, at least in the USA; in the UK the Regulation of
| Investigatory Powers Act 2000 (RIPA), specifically under Part
| III - a Section 49 notice can be issues, which legally requires
| an individual to disclose passwords or encryption keys, though
| I can only see a few folks prosecuted for failure to disclose.
| RcouF1uZ4gsC wrote:
| > Payne's Fifth Amendment claim "rests entirely on whether the
| use of his thumb implicitly related certain facts to officers
| such that he can avail himself of the privilege against self-
| incrimination," the ruling said. Judges rejected his claim,
| holding "that the compelled use of Payne's thumb to unlock his
| phone (which he had already identified for the officers) required
| no cognitive exertion, placing it firmly in the same category as
| a blood draw or fingerprint taken at booking."
|
| > "When Officer Coddington used Payne's thumb to unlock his phone
| --which he could have accomplished even if Payne had been
| unconscious--he did not intrude on the contents of Payne's mind,"
| the court also said.
|
| I think that is a pretty reasonable interpretation.
| AdamJacobMuller wrote:
| From a practical point of view these kinds of cases are
| interesting to me, because, coming from an iPhone this seems like
| it would largely be a non-issue.
|
| If my phone was handed to or taken by an officer, I would either
| quickly do the 5-tap on the lock button which will require a
| password (not faceid or touchid) next time, or, simply by them
| handling it, faceid would be locked out.
|
| Is that not a thing with Android? I've seen articles where a
| suspect is requested or compelled to unlock a phone with
| biometrics which was held in evidence for months!
|
| Does Android (and I know this is a much broader question than
| with iPhone) just allow touch/face ID in perpetuity with no locks
| on it?
| OkayPhysicist wrote:
| Stock Android doesn't have a shortcut to disable thumbprint, to
| my knowledge, but it does require passcode on reboot. So a long
| hold of the power button would avoid this 5th amendment
| loophole.
| logicprog wrote:
| On GrapheneOS (what I use) there's this at least:
| https://grapheneos.org/features#more-secure-fingerprint-unlo...
| steve_rambo wrote:
| I had a chuckle at this being a "non-issue". Where I am from,
| you'll get a severe beating (or worse) if you refused to
| provide the authentication credential, whatever it might be.
| It's like we're living on different planets. I can only humbly
| suggest fighting for your rights tooth and nail while you have
| them.
| askonomm wrote:
| Where are you from where there are no human rights, if you
| don't mind me asking?
| dontupvoteme wrote:
| It always seemed like the 'fake' encrypted data, e.g. hidden
| volumes on veracrypt[1] seemed like one of the better options
| for these situations. Obviously phones don't have them and
| the data has to be believable, but it gives you an out.
|
| 1 - (I'm not sure what this is technically called)
| AdamJacobMuller wrote:
| Oh, I'm well aware.
|
| I've spent 25 years fighting against intrusions in our
| rights. Admittedly, quietly and sadly, mostly unsuccessfully
| as every year things are eroded further and further.
|
| I don't think the US will ever devolve into a scenario where
| the police will beat you for refusing to provide your
| password, I don't even think we will end up in a situation
| where police can legally compel you to give up your password.
| I think we will end up where cloud providers will be legally
| compelled to provide data on request (banning E2E) and
| consumers will be incentivized (both in unnatural and natural
| ways) to more deeply rely on cloud services.
| adrianmonk wrote:
| On a Pixel phone, you just select "Lockdown" from the same menu
| that you use to power off or restart.
| autoexec wrote:
| I don't see why the police couldn't keep an iphone in evidence
| for months while they attempt exploits to gain access. That's
| already happened right? I'm guessing that law enforcement will
| continue to push for companies to install backdoors for them in
| their devices as well.
| kergonath wrote:
| I think the point was that after more than a couple of hours
| you should not be able to unlock a device using biometrics
| alone. I would tend to agree. Biometrics are a convenience,
| but also a weakness.
| AdamJacobMuller wrote:
| Correct, that was my point, and iOS already does this. I'm
| surprised Android does not.
| Jtsummers wrote:
| The phone in this case was in his car door, he would have had
| to do that while pulling over or while pulled over for the
| initial traffic violation.
| greyface- wrote:
| On iOS, you can quickly ditch the current FaceID/TouchID session,
| and require a passcode for the next unlock, by holding power and
| volume buttons simultaneously for several seconds until the
| "power off" screen appears.
| ortusdux wrote:
| The only similar thing I know of on Android is that 4 failed
| attempts with an unknown finger disables fingerprint unlock. So
| I can lock my phone out in a few seconds using my middle
| finger.
| modeless wrote:
| In the power menu next to "power off" there is "lockdown".
| thallium205 wrote:
| Android had lockdown mode but it has to be enabled.
|
| https://www.androidcentral.com/apps-software/how-to-
| disable-...
| rezonant wrote:
| > So I can lock my phone out in a few seconds using my middle
| finger.
|
| This is perhaps off topic, but does this mean you put your
| phone in your pocket with the screen facing outward? I do the
| opposite, am I weird?
|
| EDIT: I suppose maybe you meant when the phone was on a table
| or something
| simongr3dal wrote:
| How long before some court declares such practice equal to
| evidence tampering or obstruction?
| toomuchtodo wrote:
| Between now and if that happens. Works today though!
| cryptonector wrote:
| IANAL. But I believe it's not that easy. First it would have
| to be a foregone conclusion that you had contraband on your
| phone before merely locking it could be construed as
| obstruction. Then they'd have to demonstrate that you locked
| the phone at a time when you had reason to believe that you
| might be coerced to unlock it because it was a foregone
| conclusion that you had contraband. Are those likely
| circumstances? Probably not, though it will happen to
| someone, sometime, but when it does it will be because they
| did something stupid or because the cops overstepped their
| authority (in the latter case the process is the punishment,
| and it wouldn't be the cops getting punished).
| generalizations wrote:
| That's probably why it's also triggered by shutting
| down/rebooting the iphone, which has plausible deniability.
| tzs wrote:
| iPhone periodically disables biometrics until you enter your
| passcode. They aren't going to be able to prove that the
| reason the phone is asking now isn't that.
| bombcar wrote:
| If you trigger the side lock button enough to get emergency SOS
| it also cancels the current session.
| letmeinhere wrote:
| Android, or at least Pixel, similarly has a "Lockdown" mode,
| reached by long-pressing power. Unfortunately I think you do
| need to enable it in advance.
| compootr wrote:
| I just use a long pin
|
| it's kinda a fun trick when I'm showing people something on my
| phone and need to unlock it :)
| wil421 wrote:
| All you have to do is press the power button in rapid
| succession. No need to hold the volume on my iPhone 14.
| tzs wrote:
| A couple things to note:
|
| 1. Check your "Emergency SOS" settings. It is possible to set
| it so that holding down those buttons like that initiates a
| countdown to an emergency call. Depending on the exact settings
| this may also be accompanies after a few seconds with a loud
| alarm.
|
| If you are trying to surreptitiously disable biometrics this
| might be irksome.
|
| 2. I think these procedures were different on earlier phones or
| iOS versions, so test it out.
|
| 3. It also works to click the power button rapidly 5 times.
| That too can be set in the "Emergency SOS" setting to trigger
| an emergency call so check that before using it.
| dzhiurgis wrote:
| FaceId would be hard to force - you can close eyes or make a
| shocked face and it wont work. Unless they drug you to
| oblivion.
| luxuryballs wrote:
| Anyone know why a cop might want to do be able to do this?
| timothyduong wrote:
| View messages, photos, calls, data.
|
| Was very common for drug dealers to break their phones on being
| caught
| meepmorp wrote:
| To get access to the information on the phone?
| 0xcde4c3db wrote:
| Bad cops (and I assume this can easily worm its way into the
| culture of a department/division/unit rather than being a
| strictly individual bias) have a long history of using just
| about any convenient lever within reach to apply more scrutiny
| to people who they already believe are guilty of something,
| regardless of whether the justification is supported by any
| objective facts or sound reasoning. Classic examples include
| planting evidence, "smell of marijuana", and "furtive
| movements", but there are countless other tactics.
|
| The "good" cops might be reluctant to push back on this pattern
| because they see value in having such tactics in their back
| pocket for extraordinary circumstances (cf. the various "is
| torture justified in a ticking-time-bomb scenario" debates and
| thought experiments, or just most seasons of _24_ ).
| supernova87a wrote:
| It will be interesting some day if the line becomes blurred
| between "what you know" and "what you are" and you could be
| compelled to turn over something against your will. Because that
| boundary is if anything getting less clear over time?
|
| For example, if your voiceprint were required to unlock your
| phone, but not a particular passphrase. Could you be compelled to
| speak (or just recorded speaking) general statements in order to
| unlock?
| autoexec wrote:
| I'd argue that the solution then is the same as the solution
| now. Do not use or depend on biometrics for security or
| privacy. Stick with pins and passwords and you can't be
| compelled to give up that information just as you can't be
| compelled to give up the combination to a safe.
|
| I'd bet that law enforcement will be routinely using backdoors
| to gain access to our devices long before the laws that protect
| us from giving up a password are changed.
| dataflow wrote:
| > I'd argue that the solution then is the same as the
| solution now. Do not use or depend on biometrics for security
| or privacy. Stick with pins and passwords and you can't be
| compelled to give up that information just as you can't be
| compelled to give up the combination to a safe.
|
| This is practically impossible. IMO it has been impossible
| for as long as phones have fused the decryption key and the
| screen unlock key into the same thing. (Some older Android
| ROMs let you have separate unlock and deception keys; does
| anyone know of any that still do?)
|
| Either you choose a strong encryption key, in which case you
| have to spend a ton of time typing it in every time you want
| to unlock your phone, or you choose something easy to type in
| which case the key becomes easy to crack.
|
| And in either case you have to do it over and over again in
| front of other people or security cameras constantly
| recording you.
| autoexec wrote:
| Are passwords/passcodes really the only form of entropy
| used when generating encryption keys for an iphone? I'd
| expect that a longer password would only increase your
| security but that even the shortest password wouldn't leave
| the data encryption trivial to crack.
|
| > And in either case you have to do it over and over again
| in front of other people or security cameras constantly
| recording you.
|
| That's partly prevented by having keys randomize their
| position on the screen so that your movements don't give
| away your code, and also by occasionally changing your
| password. Obviously if a camera is looking directly at the
| screen while you enter your password you're probably
| screwed.
| dataflow wrote:
| > Are passwords/passcodes really the only form of entropy
| used when generating encryption keys for an iphone?
|
| I don't believe I ever claimed that.
|
| > I'd expect that a longer password would only increase
| your security but that even the shortest password
| wouldn't leave the data encryption trivial to crack.
|
| How short are you talking? Most people do like 4-6
| digits. That's not going to protect you against anyone
| brute forcing it.
|
| > That's partly prevented by having keys randomize their
| position on the screen
|
| That's almost security theater. It really only protects
| you from laymen, not state actors. It forces you to use
| numeric digits if you want that, which itself makes your
| key much weaker.
|
| > Obviously if a camera is looking directly at the screen
| while you enter your password you're probably screwed.
|
| Which is guaranteed to happen _at some point_ when you
| 're in public.
| thfuran wrote:
| You can be compelled to provide some information, but I'm not
| sure you can be compelled to voice it aloud, even if that is
| the usual means of conveying it.
| cryptonector wrote:
| The right to not self-incriminate is very limited. Historically
| if it is a foregone conclusion that you have contraband hidden
| or locked away then you can be coerced by the courts to reveal
| the location and/or furnish the key to unlock it. The theory is
| that handing over a key is not testifying. Therefore neither is
| providing your biometrics testifying either, and possibly even
| revealing your passcodes would be testifying either.
| layman51 wrote:
| I already knew there was a legal separation between biometric
| access and password access. But what I'm still confused about is
| whether someone who is very security or privacy focused would
| ever willingly want to use Face ID or Touch ID.
|
| Also, I believe things are different in civil trials too. I heard
| you might be compelled to give up a password and could even get
| in trouble if you claim you forgot it. It was a plot point in the
| Cryptonomicon novel.
| notRobot wrote:
| Is it really so hard to believe that people who use biometric
| authentication might want to be particular about their security
| and privacy? Lots of folks who aren't tech super users care
| about that stuff.
| autoexec wrote:
| Someone who might want to be particular about their security
| and privacy could still use biometric authentication without
| knowing that it weakens both, but presumably someone "very
| security or privacy focused" would be aware that using
| biometric authentication exposes them to more risks and would
| avoid it for that reason.
| JohnFen wrote:
| Whether or not biometric authentication exposes you to more
| risk depends on what your threat profile looks like. If it
| includes governmental action, then yes, biometrics are a
| weak spot. On the other hand, if your risk profile includes
| the government, then you should be taking much more extreme
| steps to protect yourself than a lockscreen, and using
| biometrics would really impact things much. If the cops
| unlock your phone (if you're comfortable taking the
| inherent security risk of even having a phone), they would
| still not find anything important that isn't encrypted
| separately.
| autoexec wrote:
| > Whether or not biometric authentication exposes you to
| more risk depends on what your threat profile looks like.
| If it includes governmental action, then yes, biometrics
| are a weak spot.
|
| Even if it doesn't include the government biometrics
| still leave you much more vulnerable. You leave your
| biometric information everywhere you go. Your face is
| easily found in photographs. Fingerprints are left on
| everything you touch. Your voice is easily recorded and
| deepfaked. Attacks on biometric authentication are well
| documented and while some seem pretty impressive (https:/
| /www.bleepingcomputer.com/news/security/scientists-ex...)
| others are embarrassingly unsophisticated
| (https://www.marketwatch.com/story/heres-how-easily-
| hackers-c...). Unlike passwords your fingerprints can't
| be changed following a compromise either.
|
| I can also set a unique password for every device/service
| I use. Even if you managed to guess my hackernews
| password, that password would be useless to you for
| anything else. The face/voice/fingerprint that unlocks
| one device will forever be identical to the one that
| unlocks everything else someone has or will secure with
| it.
|
| biometrics sacrifice huge amounts of security for the
| sake of convenience and an appearance of being "high
| tech" and "fancy".
| JohnFen wrote:
| yeah, all good points.
|
| I was just thinking that the average person's risk is
| going to be either casual snooping by people they know,
| or common theft for resale. In both of those cases, the
| weaknesses that biometrics present don't strike me as
| being a huge problem. They do exist, though.
| JohnFen wrote:
| > But what I'm still confused about is whether someone who is
| very security or privacy focused would ever willingly want to
| use Face ID or Touch ID.
|
| I'm much more security-focused than most, and I don't use these
| features. I don't think that using them presents a real
| security problem for most users or anything, though.
|
| The reason I don't use them is that I don't think they increase
| security enough to be worth the additional hassle and battery
| drain.
| thfuran wrote:
| They don't increase security enough more than having no
| security at all?
| JohnFen wrote:
| Of course they do, but I wasn't assuming that people would
| choose "no security" just because they don't use
| biometrics.
| thfuran wrote:
| I don't think they're really intended to increase
| security over passwords. They're intended to increase
| convenience by operating nearly like there's no
| authentication rather then requiring a bunch of typing.
| dwattttt wrote:
| From memory (and I am not a lawyer), in civil cases you are
| allowed to infer negatively from a refusal to provide a
| password, and I think I'm criminal cases that is not allowed.
| kjkjadksj wrote:
| Why force them and not borrow a tool from the FBI? Do you need a
| warrant to use those tools or something?
| amlozano wrote:
| Those tools are expensive. Forcing someone to use their thumb
| or face is free.
| generalizations wrote:
| We've known this for a while; it's why iPhones have mechanisms to
| explicitly require a something-you-know authentication.
| Jtsummers wrote:
| https://cdn.ca9.uscourts.gov/datastore/opinions/2024/04/17/2...
|
| Payne was required as a part of his parole to reveal the
| passcode/password to his electronic devices. He had already told,
| when asked, the officer the color and location of his phone, then
| when asked for the passcode he denied the phone was his. That's
| when the officer physically forced him to unlock it with his
| thumb (this is the contentious part in the case).
|
| The fourth amendment challenge against the search starts on page
| 10, and the fifth amendment challenge on page 21. The fact that
| he was a parolee substantially factors into the decision
| regarding the fourth amendment challenge.
| moshun wrote:
| Definitely feels like a hop, skip and jump to police forcing
| your face or any other biometric access key against your will.
| _DeadFred_ wrote:
| Police can already unlock your phone using your face/finger
| prints. Been that way since at least 2018. But... they can't
| force you to tell them what to use
|
| https://www.forbes.com/sites/thomasbrewster/2021/11/29/fbi-n.
| ..
| snakeyjake wrote:
| Forcing me to apply my thumb to a fingerprint reader is, to my
| mind, no different than forcing me to empty my pockets to provide
| a key that unlocks something the court has ordered be unlocked.
|
| Parolees have restrictions placed on them as part of their
| release, including the right of police to inspect things on their
| person and property. If parolees find those conditions
| burdensome, they are more than welcome to reject parole and
| finish their sentence as it was originally imposed.
| leptons wrote:
| The title says "suspect", but in the article it's about a
| _parolee_ , which seems is a bit different than just "a
| suspect" in the eyes of the law? Clickbait title strikes again.
| JohnFen wrote:
| I don't think it's clickbait. The subject was a parolee who
| was also the suspect in a new crime.
| EA-3167 wrote:
| Parolees are subject to all sorts of restrictions and
| obligations that a regular citizen is not, even when
| they're not a suspect in a new crime. That's the issue,
| their rights are already abrogated, and that's settled law.
| happytiger wrote:
| We need a privacy bill of rights. There shouldn't be a separation
| between biometrics and passwords.
| advisedwang wrote:
| Eh it's kind of a technicality that passwords are protected at
| all. It's not a privacy thing.
|
| If you keep incriminating documents in a safe, the police have
| every right (with a warrant) to cut it open and get the
| documents. If the safe has a code, you don't have to share the
| code, but only because SHARING the code requires you to be "a
| witness against yourself" in violation of the 5th amendment,
| not because you have a right to privacy in the safe.
|
| It's hard to justify giving a fingerprint as being a "witness
| against yourself". So with a warrant or other relevant due
| process it's hard to object.
___________________________________________________________________
(page generated 2024-04-18 23:01 UTC)