- Guy gets roasted for throwing razor in the toilet to protest Gillette Wednesday 9:23 PM
- Experts warn of uptick in ‘Ryuk’ ransomware after hackers net $3.7 million Wednesday 7:03 PM
- Video game composer boycotts Gillette after anti-toxic masculinity ad Wednesday 6:05 PM
- Steve Carell sitcom ‘Space Force’ heading to Netflix Wednesday 5:30 PM
- Ocasio-Cortez’s ‘run train’ phrase becomes conservative sex controversy Wednesday 5:25 PM
- ‘Into’ is a reminder that queer businesses can be hurt by straight leaders Wednesday 5:13 PM
- TSA agents are the latest tool in the government shutdown meme war Wednesday 4:22 PM
- YouTube still hosting bestiality images year after crackdown pledge Wednesday 4:13 PM
- YouTuber quits fight after Darth Vader fan film claimed by Disney Wednesday 3:26 PM
- Millions of Fortnite accounts exposed via Epic Games website exploit Wednesday 2:26 PM
- A man found a camera in his Airbnb and the company didn’t seem to care Wednesday 2:00 PM
- A redditor planted an Easter egg in Hulu’s Fyre Fest doc Wednesday 1:51 PM
- This new revelation about Woody from ‘Toy Story’ will blow your mind Wednesday 1:35 PM
- Dave Rubin fails to delete Patreon on livestream to delete Patreon Wednesday 1:14 PM
- The ‘some of y’all… and it shows’ meme is taking over Twitter Wednesday 12:24 PM
How the feds justify collecting fingerprints to unlock everyone’s phones
Think Touch ID will keep out the cops? Think again.
Police have begun to take unexpected steps to make sure they can access the phones of anyone they think is suspicious.
Court documents uncovered by Forbes show federal law enforcement in California attempted to receive a search warrant that would have allowed police to collect the fingerprints and passwords of everyone at a certain location for the purposes of unlocking their phones.
While the search warrant and other related documents were not publicly available, the effort is seen by some legal experts as an unprecedented power grab by police in the face of rising technical challenges facing law enforcement.
The May 9, 2016, memorandum filed by U.S. attorney Eileen Decker in the U.S. District Court for the Central District of California, explained that the Department of Justice request included “authorization to depress the fingerprints and thumbprints of every person who is located at the SUBJECT PREMISES during the execution of the search and who is reasonably believed by law enforcement to be the user of a fingerprint sensor-enabled device that is located at the SUBJECT PREMISES and falls within the scope of the warrant.”
Furthermore, Decker wrote, the request sought “the seizure of ‘passwords, encryption keys, and other access devices that may be necessary to access the device.’”
The legalese here means, according to legal experts, that police who obtain such a warrant would be able to collect the fingerprints, thumbprints, device passwords, and encryption keys of anyone at the location of the search in the event that they want to go back later, get another search warrant, and unlock those individuals’ phones. In other words, simply by being at, say, a house for which police have such a warrant would mean getting fingerprinted and potentially having your device searched by the cops.
For law enforcement, this tactic may be crucial in an investigation where evidence is on a locked device protected by strong encryption, like Apple’s iPhone—exactly the scenario that sparked a public battle between the gadget giant and the FBI late last year. For civil liberties advocates, however, such a search warrant pushes the boundaries of constitutional protections.
“Essentially, they are seeking to have the ability to convince people to comply by providing their fingerprints to law enforcement under the color of law—because of the fact that they already have a warrant,” attorney Marina Medvin told Forbes. “They want to leverage this warrant to induce compliance by people they decide are suspects later on. This would be an unbelievably audacious abuse of power if it were permitted.”
The key portions of the U.S. Constitution at issue here are the Fourth and Fifth Amendments. The Fourth Amendment protects against unreasonable searches and seizures. The Fifth Amendment protects against self-incrimination. And this is where things start to get tricky.
As Gizmodo points out, prosecutors have successfully argued that Fifth Amendment protections do not apply to a person’s body—fingerprints—but rather something they know, like a password.
The DOJ memorandum cites a number of court cases as setting precedent for this type of collection on the basis that police have reasonable suspicion of anyone at the location of an authorized search. However, most of those cases were decided well before the advent of smartphones—think 1960s, ’70s, ’80s, and even 1910—which contain infinite amounts of personal information.
The wide breadth of the data police could obtain with such a search warrant, as well as the after-the-fact nature of the DOJ’s argument that obtaining login data for a person’s phone before they are suspected of a crime, are the primary reasons civil liberties experts say this tactic crosses the legal line.
“If this kind of thing became law then there would be nothing to prevent … a search of every phone at a certain location,” Jennifer Lynch, a staff attorney at the Electronic Frontier Foundation, told Forbes.
So, the next time you find yourself headed to a sketchy house party, perhaps think about how much you really want to keep what’s on your phone private—you know, just in case.
Andrew Couts is the former editor of Layer 8, a section dedicated to the intersection of the Internet and the state—and the gaps in between. Prior to the Daily Dot, Couts served as features editor and features writer for Digital Trends, associate editor of TheWeek.com, and associate editor at Maxim magazine. When he’s not working, Couts can be found hiking with his German shepherds or blasting around on motorcycles.