State Appeals Court Says Unlocking A Phone With A Fingerprint Doesn't Violate The Fifth Amendment
from the giving-The-Man-the-finger-no-longer-subversive;-actually-helpful dept
As was hinted heavily three years ago, you might be better off securing your phone with a passcode than your fingerprint. While a fingerprint is definitely unique and (theoretically…) a better way to keep thieves and snoopers from breaking into your phone, it’s not much help when it comes to your Fifth Amendment protections against self-incrimination.
The Minnesota Appeals Court has ruled [PDF] that unlocking a phone with a fingerprint is no more “testimonial” than a blood draw, police lineup appearance, or even matching the description of a suspected criminal. (h/t Orin Kerr)
Diamond relies on In re Grand Jury Subpoena Duces Tecum, 670 F.3d 1335 (11th Cir. 2012), to support his argument that supplying his fingerprint was testimonial. In In re Grand Jury, the court reasoned that requiring the defendant to decrypt and produce the contents of a computer’s hard drive, when it was unknown whether any documents were even on the encrypted drive, “would be tantamount to testimony by [the defendant] of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files.” Id. at 1346. The court concluded that such a requirement is analogous to requiring production of a combination and that such a production involves implied factual statements that could potentially incriminate. Id.
By being ordered to produce his fingerprint, however, Diamond was not required to disclose any knowledge he might have or to speak his guilt. See Doe, 487 U.S. at 211, 108 S. Ct. at 2348. The district court’s order is therefore distinguishable from requiring a defendant to decrypt a hard drive or produce a combination. See, e.g., In re Grand Jury, 670 F.3d at 1346; United States v. Kirschner, 823 F. Supp. 2d 665, 669 (E.D. Mich. 2010) (holding that requiring a defendant to provide computer password violates the Fifth Amendment). Those requirements involve a level of knowledge and mental capacity that is not present in ordering Diamond to place his fingerprint on his cellphone. Instead, the task that Diamond was compelled to perform—to provide his fingerprint—is no more testimonial than furnishing a blood sample, providing handwriting or voice exemplars, standing in a lineup, or wearing particular clothing.
Of course, it’s what’s contained in the now-unlocked device that might be incriminating, which is why Diamond pointed to In re Grand Jury as being analogous to the forced provision of a fingerprint. The court’s rebuttal of this argument, however, doesn’t make a lot of sense. It says the process that unlocked the device requires no knowledge or mental capacity — which is certainly true — but that the end result, despite being the same (the production of evidence against themselves) is somehow different because of the part of the body used to obtain access (finger v. brain).
In recounting the obtaining of the print, the court shows that some knowledge is imparted by this effort — information not possessed by law enforcement or prosecutors.
Diamond also argues that he “was required to identify for the police which of his fingerprints would open the phone” and that this requirement compelled a testimonial communication. This argument, however, mischaracterizes the district court’s order. The district court’s February 11 order compelled Diamond to “provide a fingerprint or thumbprint as deemed necessary by the Chaska Police Department to unlock his seized cell phone.” At the April 3 contempt hearing, the district court referred to Diamond providing his “thumbprint.” The prosecutor noted that they were “not sure if it’s an index finger or a thumb.” The district court answered, “Take whatever samples you need.” Diamond then asked the detectives which finger they wanted, and they answered, “The one that unlocks it.”
This is something only Diamond would know, and by unlocking the phone, he would be demonstrating some form of control of the device as well as responsibility for its contents. So, it is still a testimonial act, even if it doesn’t rise to the mental level of retaining a password or combination. (And, if so, would four-digit passcodes be less “testimonial” than a nine-digit alphanumeric password, if the bright line comes down to mental effort?)
Given the reasoning of the court, it almost appears as though Diamond may have succeeded in this constitutional challenge if he had chosen to do so at the point he was ordered to produce the correct finger.
It is clear that the district court permitted the state to take samples of all of Diamond’s fingerprints and thumbprints. The district court did not ask Diamond whether his prints would unlock the cellphone or which print would unlock it, nor did the district court compel Diamond to disclose that information. There is no indication that Diamond would have been asked to do more had none of his fingerprints unlocked the cellphone. Diamond himself asked which finger the detectives wanted when he was ready to comply with the order, and the detectives answered his question. Diamond did not object then, nor did he bring an additional motion to suppress the evidence based on the exchange that he initiated.
And so, in first decision of its kind for this Appeals Court, the precedent established is that fingerprints are less protective of defendants’ Fifth Amendment rights than passwords.
Filed Under: fifth amendment, fingerprints, minnesota, self-incrimination
Comments on “State Appeals Court Says Unlocking A Phone With A Fingerprint Doesn't Violate The Fifth Amendment”
Fuck it
cut your fingers off… that would show um
Re: Fuck it
No good. The fingers still have your fingerprints. And now since they’re no longer yours, they don’t need your cooperation. A better alternative, a unique identifier the same size as your fingerprint so it’ll work with the same phone reader, is…
(I’ve been asked to stop.)
Re: Fuck it
If you are that desperate, just burn the fingerprint. Or if you have nothing around, cut it a few different ways so the software can’t recognize it.
Re: Re: Fuck it
Hell, I just use my neighbor’s thumb. Keep it on a key-chain, I do. If needed, I can flush it down the loo or swallow it, minus the key-chain, of course (key-chains are dirty and gross!)
Re: Re: Fuck it
Use this https://www.amazon.com/DuraCraft-DUR12-Craft-Epoxy-Cement/dp/B008AY0206
Can’t wash off this thing for days.
Use a random non-pointer finger as your keyed fingerprint, along with a stringent ‘3 errors and the phone is wiped’ lock, perhaps? If you really really really wanted to still use finger unlock.
If forcing a fingerprint is just like a blood draw, it’s not like you *have* to tell them which finger is the correct one.
Re: Re:
Sigh…
Middle finger. It’s always the middle finger.
Search, not testimony
If the government already knows that you are the owner of the device (because of sufficient evidence – it is in your pocket, or in your home, or you have been seen using it) then it is a “foregone conclusion” that you are able to unlock it. Therefore your actual unlocking of it is not testimony; the government acquires no information through that act that it did not already have, whether you unlock by fingerprint or password.
That the device itself contains incriminating evidence is irrelevant; as you could not prevent an authorized search of your home, you similarly cannot prevent an authorized search of your device.
On the other hand, if the government then attempted to use the fact of your being able to unlock the device as evidence that you owned it, after you were compelled to do so, that would be a violation of the 5th Amendment.
Re: Search, not testimony
Some may disagree with your first sentence. News of the Weird has featured a couple stories over the years where drugs were found during a cavity search…. and the cavity owner denied being the drug owner. No sir, not theirs.
No doubt their defense relied on "alternative facts."
Re: Search, not testimony
There’s a difference, and while it may seem like splitting hairs I’d say that anything can make or break a case is important, between "We’re pretty sure that the phone/device is the property of the accused and they have access to it’s contents" and "We have rock-solid evidence that is theirs and they do have access to the contents." The first might be admissible depending on the judge, and even then they still have to make the link between the evidence found on the device and the accused, the latter would definitely be admissible and the link is trivial to make.
As for the second point I’d say the difference is between not being able to prevent an authorized search and being forced to enable an authorized search, and in the process provide evidence that wasn’t available before.
The comparison kinda breaks down given the difference between houses and phones so this will likely be a little sloppy, but assuming there is incriminating evidence to be found it would be somewhat like police showing up at someone’s house and demanding that they tell them where the evidence that will incriminate them is located. In that case the home-owner is not only providing the evidence that will be used against them they’re demonstrating that they know where it is, which creates a very strong connection between it and them, a connection which can be used against them in court.
Re: Search, not testimony
Let’s change that a little.
If the police already know what you did (because of sufficient evidence – of some sort) then it is a “foregone conclusion” that you are guilty. Therefore your confession is not testimony; the government acquires no information through that act that it did not already have, they just need you to sign the paper they have already prepared.
If “foregone conclusions” are good enough, that what do we need trials for, eh?
Re: Re: Search, not testimony
Attorney General Edwin Meese III explained why the Supreme Court’s Miranda decision (holding that subjects have a right to remain silent and have a lawyer present during questioning) is unnecessary: “You don’t have many suspects who are innocent of a crime. That’s contradictory. If a person is innocent of a crime, then he is not a suspect.”
– U.S. News and World Report, 10/14/85
Re: Re: Re: Search, not testimony
"You don’t have many suspects who are innocent of a crime. That’s contradictory. If a person is innocent of a crime, then he is not a suspect."
Talk about a perfect example of why the laws either protect the innocent and the guilty, or they protect neither.
If one holds to the idea that the guilty don’t deserve the same rights and legal protections as the innocent(an idea I have seen mentioned and/or hinted at several times before), and also believe that if someone is a suspect then they are guilty(or at the least are likely guilty), then simply being accused is enough to strip away rights and protections, which would be a bad idea were law enforcement flawless and never made mistakes, and becomes downright disastrous given that is anything but the case.
Re: Search, not testimony
The problem is somewhere else.
By unlocking the phone, you unlock it’s content. As long as it’s encrypted, the police doesn’t know what’s in there. Therefore, unlocking is providing the data.
So the “testimony” you’re offering is not that you can unlock the phone, but the content itself.
Re: Re: Search, not testimony
So the "testimony" you’re offering is not that you can unlock the phone, but the content itself.
I would(and have) argue that it’s both actually. It’s providing the content and demonstrating that you can access it, creating a link between the content and you, which is something that can be used against you. The most blatantly illegal evidence imaginable isn’t any good to the police if they can’t establish a connection between it and someone they can charge after all, and being able to unlock the device that that evidence is on establishes that link.
Time for a new locking mechanism
Now the app community has a new task: create a lock screen, that if you place a specific finger on the screen to unlock it, the phone is wiped instead of unlocked.
1. Create app to wipe phone if compromised
2. ???
3. Profit!
Re: Time for a new locking mechanism
Even better is to have the alternate finger boot into a hidden file system that contains innocuous data, just like hidden volumes in encrypted filesystems.
Re: Re: Time for a new locking mechanism
The alternate finger should even disable accessing the real system until some obscure action is taken in the decoy system.
If that action is not taken within some preset amount of time, say default 48 hours, the real system is destroyed.
Re: Time for a new locking mechanism
Suppose your new phone unlocking system used a drop of blood instead of a fingerprint.
Now would a fingerprint still have no more testimonial value than a blood draw?
The court should not compare the fingerprint to a blood draw but should compare it to a master key to your entire life history. Now does the fingerprint have testimonial value?
Re: Time for a new locking mechanism
I’m looking forward to using my DNA to unlock the phone
Re: Re: Time for a new locking mechanism
Like fingerprints, your DNA isn’t a secret. It’s easy for anyone else to collect, and getting increasingly easy to replicate.
At best it’s an ID, not a password.
Re: Re: Re: Time for a new locking mechanism
“Like fingerprints, your DNA isn’t a secret. It’s easy for anyone else to collect, and getting increasingly easy to replicate. At best it’s an ID, not a password.”
Darn, I’m going to have to get new DNA!
As someone once said on a similar post. There should be an option that uses your fingerprint as the Login ID and a password to unlock. That way even if your fingerprint is compromised, or in this case the government ask for it, a password is still needed to unlock the device.
Thinking about it a fingerprint as a password is a stupid way to secure something if you are truly concerned about someone accessing it. All someone needs to do it get to you or put you too sleep. Obviously the U.S. government probably wont do that, but what about a not so friendly friend, jealous lover, bad business partner after a night at the bar. Or foreign intelligence for a activist or generalist. This is not even considering the ways a fingerprint can be forged.
This particular decision seems inevitable. The government (1) is obviously allowed to take your fingerprints, (2) could, using that information, with little technical difficulty mold a counterfeit, (3) could trivially attempt all ten fingers, (4) can (with a judge’s permission) examine files on the phone.
What’s the point in arguing that they can’t take your fingerprint on a phone that they suspect is yours, rather than on their own inkpad?
And, as someone has already figured out, steganography becomes your very good friend, as soon as the software provides for multiple fingerprints opening multiple virtual systems on the same phone.
If they would attack the worlds problems with equal fervor that they expend upon crawling up everyones ass then maybe the human race would stand a chance of survival, otherwise these morons are going to destroy us all.
Re: Re:
Those morons aren’t likely to destroy us all directly, but rather indirectly by way of interference and distraction.
Solving the world’s problems, or at least that which we naturally define as “problems” is far more likely to bring about destruction, as messed up as that is. See: Overpopulation.
Simple rule of thumb(or forefinger, or pinky...)
If an act provides access to evidence that can be used against the person required to do the act, then it should count as self-incrimination, and therefore not be allowed.
That it involves a fingerprint rather than a password shouldn’t make any difference, the purpose behind the requirement is for the accused to be forced to provide evidence that will be used against them, something that could be trivially demonstrated simply by instituting a ‘trade’ of immunity for anything found, a requirement you can be sure the police would not accept as it would undermine the whole purpose of forcing the person to unlock the device in the first place.
I don’t understand this whole situation. For decades, fingerprints have been used for police work. Police would take fingerprints from various people, and then compare those fingerprints to prints found at crime scenes, searching for evidence which could be used to incriminate suspects. Nobody ever argued that providing prints was a form of self-incrimination, because it’s obvious that it isn’t. If the police searched the scene and found, say, a paper copy of the plan used by the criminals, and from that paper copy lifted fingerprints, then those prints would be used like any others found at the scene. If a computer was found at the scene, and your fingerprints were all over the buttons, they would be lifted and used to incriminate you, as well as provide evidence of ownership of said computer and the files on it.
Here, they are doing exactly the same thing. Taking fingerprints, and comparing those prints to prints found at the crime scene. Why should the fact that the prints found at the scene are stored in a digital format make a difference?
Just because you chose to use a stupid and insecure method of maintaining your privacy does not mean that the police/courts must write new policies to make your method secure.
Re: Re:
Here, they are doing exactly the same thing. Taking fingerprints, and comparing those prints to prints found at the crime scene. Why should the fact that the prints found at the scene are stored in a digital format make a difference?
Because they’re not just ‘comparing prints’, they’re demanding someone provide incriminating evidence against themselves by providing access via prints. If it was really as simple as taking prints then they could take the prints and then turn around and use them on the device if they want, yet they didn’t do so.
At the same time if it’s not an issue of self-incrimination then they could easily offer immunity from anything found on an unlocked device, yet I don’t imagine they’d ever make that offer because it would nullify the reason they are demanding the person unlock the device.
Just because it’s easier to force someone to provide self-incriminating evidence and/or violate their privacy does not mean the police/courts get to ignore the rules against such actions.
Re: Re: Re:
If it was really as simple as taking prints then they could take the prints and then turn around and use them on the device if they want, yet they didn’t do so.
Meh. I guess that’s a valid argument. I guess I’m a little too pragmatic for these things. No reason to waste the extra money transferring the prints to a machine readable material when you have the originals.
Re: Re: Re: Re:
I see it as a long-term issue. ‘We can compel someone to provide prints before, what difference does it make to make them provide them in a way to unlock a device?’ might seem fairly minor, but if allowed it will expand.
A little give here, ‘just to save time’, or ‘because it’s a foregone conclusion’ and what’s allowed under the law is widened, ever so slightly. And then a little down the line what’s allowable is stretched ‘just a little more’ and more is allowed. And so on and so forth until you reach a point where the ‘limits’ are little more than ‘guidelines’.
(A good example could be ‘asset forfeiture’. As horribly flawed as it is it started rather small and grew over time. I rather doubt the ones who originally put it into place would have envisioned innocent people losing their houses and having to prove the ‘innocence’ of their property or lose it, yet here we are with government and police agencies throwing fits about the simple requirement for a conviction before property changes hands.)
Rights are very rarely destroyed outright, as that’s obvious and people are more likely to fight back. Instead they suffer small erosion over time. ‘Minor, temporary exceptions’ that bend the laws just a bit, and then the law and/or how it’s interpreted changes and the ‘temporary exception’ becomes the new norm. And then a little while later another ‘minor, temporary exception’ is made, and the cycle continues until you have more ‘minor, temporary exceptions’ than you do the original law, and what is allowed and considered acceptable now has only the faintest similarity with what was allowed and considered acceptable then.
It's been used for stupider things before...
Can’t we just use the DMCA on them since they are definitely going beyond their authorization and breaking into the phone?
Coming next: Searching houses does not violate your privacy
With the same reasoning, they can abandon the warrant requirement for searching homes – after all, the keys to the front door are freely available in the accused’s trouser pocket or hand bag, and can easily be retrieved with minimal invasion of privacy and no disclosure of knowledge he might have or to speak his guilt.
Re: Coming next: Searching houses does not violate your privacy
I’d say don’t give them ideas but I have no doubt whatsoever that at least some of them have given serious consideration to that very argument, and hold back not because they don’t want it to work but because they don’t think it would work just yet.
Long, complex password. Problem solved.
Re: Re:
I have a 8 digit password. If you just turned the phone off the Fingerprint reader will no longer work until you first enter your passcode. You can power down a phone pretty fast. Once it starts powering down, you can’t just turn it back on or stop the process. Power your phone down before the police have a chance to grab it. If you’re really worried, just don’t use it.
There's an app for that!
This might require some SDR capability of the cell phone.
Imagine if the phone passively monitors the signal strength (not content) of police frequencies. If it detects one of these dangerous signals getting too close to you, the phone goes into a lockdown mode that takes more than a fingerprint to unlock.
Re: There's an app for that!
These days most police are using trunked radio systems. They may be sharing frequencies with ambulances, fire, transit, city crews and private companies, using talkgroup IDs to keep the conversations separate.
Digital encrypted trunked systems are increasingly popular, making it nearly impossible to determine which talkgroups belong to which users.
In any case, police would learn of such a system just like everyone else. They could unlock the phone between transmissions, drive the phone and owner a few blocks from the police station, or just weaken the signals by tin-foiling the interrogation from into a Faraday cage.
"While a fingerprint is definitely unique"
Citation needed.
Re: Re:
http://www.telegraph.co.uk/science/2016/03/14/why-your-fingerprints-may-not-be-unique/
Oh wait, did you want proof of uniqueness or proof that that statement is garbage?
Just need updated unlock features
Unlock with correct finger, get access.
Unlock with the special finger, phone gets wiped.
So when your being interrogated and the cop says “If you cooperate by unlocking your phone, we will put a good word in for you with the DA, maybe get you a plea deal.”
You say “Sure! and proceed to wipe your phone”
A phone I have been known to use requires a passcode entered every 24 hours in addition to the fingerprint. If asked to unlock the phone with a fingerprint, I could just stall until the next day, press my finger on it and……please enter your passcode.
Conflating Authorization and Authentication
People often conflate authorization and authentication, but they are very different things. Authentication determines WHO you are. Authorization determines WHAT you are permitted to do.
Biometrics make a great authentication token. It is really difficult (In a properly designed system) to falsify biometric credentials, so when you are authenticated biometrically there is a very low probability of a false positive, and a really good chance that you are the correct person.
Biometrics make a terrible authorization token, because YOU CANNOT CHANGE THEM. Once authorization has been assigned to a biometric is cannot be changed. ever. That’s the whole point of biometrics. They are immutable. But authorization DOES NOT NECESSARILY follow from authentication.
Good authorization tokens are passwords and PINs because they CAN be changed, and there are an infinite number of them. You can assign different authorization tokens to different parts of a system. You can see this when you log in to your computer using one password, check your email with another, and connect to facebook with yet a different password.
Security will always be a trade-off with convenience. Most people can’t be bothered to type different passwords for every application, so they tell the system to cache the passwords, and tie that all back to their primary authentication token, and mobile phone manufacturers are very conscious of this, so it appears that authentication and authorization are the same thing and thus, commonly conflated concepts.
Re: Conflating Authorization and Authentication
I use the same password for my computer as I do my email, bank account, AD domain at work, usenet, obscure and questionable hacking forums, random sites that I create an account to make one post with etc..