Hacker News new | comments | ask | show | jobs | submit login
Feds Can't Force You to Unlock Your iPhone with Finger or Face, Judge Rules (forbes.com)
787 points by koolba 34 days ago | hide | past | web | favorite | 281 comments

Relevant excerpt:

> “The undersigned finds that a biometric feature is analogous to the 20 nonverbal, physiological responses elicited during a polygraph test, which are used to determine guilt or innocence, and are considered testimonial.”

So it's analogous to a passcode because you're divulging something stored by your body, as opposed to e.g. a metal key which is artificial.

Tangentially related, it's astounding to me that polygraphs are still considered valid evidence given how widely they've been discredited.

I thought that polygraphs were not accepted as evidence in court, but are still used by some government and private agencies.

Also, just curious, have they been discredited as in that double-blind trials show no more than a 50/50 chance of being correct (i.e., flipping a coin)? Or is it that a high enough percentage of people will fail them even if innocent, or pass them even if guilty?

The thing I don't like about them is the method of reading them, where it is up to the subjective judgment of the examiner. That is, there isn't an algorithm that can be written down so that, for example, an untrained person or computer program can read it (and therefore be subjected to large enough random tests).

> have they been discredited as in that double-blind trials show no more than a 50/50 chance of being correct?

Yes. The reading of polygraphs is very subjective and it's been found that they reflect only whether the person administering the test thinks the subject is guilty.

They also reflect whether or not the subject of the test believes the test works. In practice polygraphs are used as a form of psychological torture, used to frighten people into giving confessions.

Of course whether a polygraph can frighten an innocent person enough to falsely confess is another matter, but if the subject is guilty and understands how polygraphs (don't) work, they can deceive the person administering the test very easily. There is no shortage of spies that have passed polygraphs regularly and reliably with flying colors.

Obligatory scene from The Wire: https://youtu.be/AJ5aIvjNgao?t=115

You can read the National Academy of Sciences' conclusions on the polygraph and lie detection in their paper here - https://www.nap.edu/read/10420/chapter/10

I know this will sound stupid - but its a serious showerthought of a question:

Are "clearers" from Scientology any 'better' at reading a polygraph than non-"clearers"

Auditors in scientology are in fact using a primitive polygraph device to get gullible people to divulge their deepest and darkest secrets. This is something the "church" has used to blackmail and discredit their enemies.

They're notoriously inaccurate, but I don't think that courts have given up on them yet. And if you think that's bad, just wait until you're given an inaccurate brain scan to tell whether you're lying.


>The rates of correct detection in guilty and innocent subjects were 86%, which was better than other previously used methods.

Eh, that sounds close enough to 'beyond a reasonable doubt', right?

Eyewitness testimony is also extraordinarily inaccurate, but courts overwhelmingly consider it as strong evidence of guilt.


People win the lottery every day and those odds are very much against thrm, but they play the odds in hopes of a positive outcome. When talking about life and liberty and negative consequences there should be as few chances taken as possible. I don't think 86% is the best we can do.

The polygraph test is an interrogation technique. The examiner uses the reading to guide the questioning. I think taking a human out of that loop would be as difficult as a Turing test.

Individuals can also 'train' for polygraphs, basically learning to spoof the readings. So really you just can't rely on polygraphs for anything at all.

People can also simply lie, but statements are still considered testimony.

Yea the polygraph adds nothing useful here

Clench your anus, a la ‘The Americans’ tv series.

What does it mean for a polygraph to be "correct?" They're not lie detectors, they are stress detectors. You can't "fail" a polygraph in any reliable sense.

> I thought that polygraphs were not accepted as evidence in court...

Only if you "pass". Fail one and admissible or not, it'll be brought up.

I thought this smelled like totally useless Reddit-style cynical speculation, and 30 seconds of Googling confirmed my suspicion. No state allows admitting polygraph results without both parties' consent. Federal courts may or may not allow them depending on the judge, but if the judge allows them then the defendant is free to submit their passed polygraph (for whatever that's worth) just as equally as the prosecution is free to submit a failed one.

> admissible or not, it'll be brought up

That's not how it works, and even a public defender working 20 hour days who doesn't know their defendant's name would be able to get a mistrial.

In the stairwell outside the court room:

"Look, I know your guy went for a polygraph, but you've not brought it up, so I assume he didn't do well. Here's what I can offer..."

Look up studies on the reliability of witness testimony if you want to get really scared on how courts run.

And jurors.

This one's my favourite:

The jurors who used a Ouija board to find a murderer guilty - https://www.abc.net.au/news/2018-05-08/ouija-board-juror-mis...

The Drunkards Walk talks about the misuse of statistics in court as well. Not only do they get the math wrong easily, or make common mistakes ("the odds that it's raining given the ground is wet, is the same as the odds that the ground is wet given it's raining"), but if someone accurately states there is only a 1 in 100,000 chance of something happening by chance, the jury will think that means the "something" was not by chance, instead of "oh, so it happens by chance to thousands and thousands of people" like they should.

Even forensic science can be used questionably. Really, once you're in the court room it's entirely rhetoric and fudge-factor.

My favorite case was where someone was accused of arson because the wood floor was found to contain traces of gasoline, even though none was found on the carpet or padding on top. Turns out that further testing by the defense showed lead also. Which means that the gasoline came from a cheap contractor several decades ago that used (at the time leaded) gasoline as a lacquer thinner for the hardwood floor. And the burn patterns on the floor which indicated an accelerant, were due to wear patterns on the carpet above which allowed more heat to penetrate.

> Really, once you're in the court room it's entirely rhetoric and fudge-factor

I agree with all the skepticism of particular types of evidence in this thread including witness testimony and forensic evidence (I'd also add even confessions to this list). But this rather extreme conclusion doesn't follow. Evidence can be uncertain and hard to interpret, but still lead us to truth. You just need more than one data point.

In a typical criminal trial (assuming the defendant is guilty) the prosecution generally will not hang on a single dubious piece of evidence. They will often assemble a veritable mountain, if they can, because they know that a competent defense attorney will make sure that the jury knows better than anyone the various ways in which evidence can mislead.

This is not to say that everything is rosy in the criminal justice system, and that juries always get it right. There are lots of big problems: Juries are often mysterious and unreliable. Defense attorneys often do a bad job (meaning, among other things, that the prosecution can get sometimes get away with presenting a weak case based on shoddy evidence). And, lest we forget, huge numbers of criminal prosecutions end in a guilty plea, and never go to trial in the first place (sometimes for good reasons, sometimes for bad).

But I want to push back on the extreme notion that the outcome of every trial is all about rhetoric. Sure, it plays a role and some cases are better than others. But I've never seen one that was "entirely rhetoric and fudge-factor." (I'm sure it happens, but not often enough that I've ever seen it.)

"Forensic science" has a long history of being flagrant psuedo-science, very often being a morally bankrupt abuse of statistics.

My favorite example:

>In one case, West claimed to have matched the bite marks in a half-eaten bologna sandwich to the defendant. The jury convicted. (The conviction was overturned on appeal when defense lawyers discovered that the autopsy report recorded a partial bologna sandwich in the stomach of the victim.)



Pretty much everything in forensic science turns out to be junk science over a long enough timeline. Hair, bite marks, fire progression, all junk. There's even a few cracks in the fingerprint wall. Don't get me started on all the field test kits of various types that LEOs use.

The only things that seem to be reliable are things that don't have their roots in forensic science (e.g. using DNA to identify people) and even then you still have to depend on a crime lab (run by the people doing the prosecuting) to not be sloppy.

>crime lab (run by the people doing the prosecuting) to not be sloppy

Oh yeah. Not just incompetence, but actual malice. Recently in Massachusetts there were two high profile state forensic drug lab scandals: One where a chemist was functionally incapacitated by taking all the drugs she should have been testing [0], and one where the chemist was falsifying positive tests (!!!!!!) [1]. More recently, the state police are known to be falsifying overtime records [2]. I can't even begin to imagine what it's like in "stereotyped as corrupt" states.

[0] https://www.cbsnews.com/news/6000-drug-cases-linked-to-rogue...

[1] https://www.cbsnews.com/news/more-than-21000-drug-conviction...

[2] https://www.masslive.com/expo/news/erry-2018/12/1fc00a248688...

> and even then you still have to depend on a crime lab (run by the people doing the prosecuting) to not be sloppy.

Which CSI has done a wonderful job of turning into super-cops in the eyes of jurys.

This has had the opposite effect of what you seem to be implying. It's something that's come up quite frequently in discussions of jury nullification [1]. Jury nullification being when a jury ends up voting not guilty, even when they believe the defendant guilty, generally because they do not find the law (or possibly the punishment) just.

For decades a rate of about 5% for hung juries was typical. In more recent years some jurisdictions have seen more than 20% of cases end in hung juries. [2] Some have seen this as evidence of a rise in jury nullification, but others have argued that it's due to the 'CSI Effect' [3] with these individuals believing that, because of shows like CSI, the standard of proof required for a conviction seems to be rising - along with a reduced weighting given to things like circumstantial evidence.

[1] - https://en.wikipedia.org/wiki/Jury_nullification

[2] - https://www.washingtonpost.com/wp-srv/national/jury080299.ht...

[3] - https://en.wikipedia.org/wiki/CSI_effect

That sounds like a good thing to me to be honest

The article about the CSI effect says it's believed to work both ways. Jurors expect more forensic evidence but put more faith in it.

High quality video can be quite useful for getting closer to the truth in many cases. Fits under your tech not developed for forensic science category though.

While we're at it, most of "ballistic fingerprinting", as well.

And along those lines, I've heard that DNA tests aren't reliable either.

The problem with the DNA tests we use today, assuming even perfect cases with zero contamination or mistakes (whole other argument there), is that (in my non-expert understanding):

    * Taking the samples and using several solutions to snip them at given patterns.
    * Taking another solution and promoting replication of the fragments.
    * Using some dye and a weight sorting channel to bin the fragments by weight.
This results in a kind of 'bar code' that graphs the distribution of weights as a VERY crude hash of samples of DNA.

It's pretty useful for determining things like IF it is LIKELY that individuals are related.

It's also pretty good at confirming negatives (We're sure someone is NOT related to X).

It's not that great at confirming positives. That is, the results are both subjective and ambiguous given the hashing. A "positive" result here is really more of an "OK, it's likely we should run the real and expensive check, evaluate if someone might be a suspect by other merits, etc."

I would, offhand, consider a "positive" above to be enough evidence to produce /suspicion/ and /warrants/ to locate other specific evidence to ascertain an actual guilt or innocence based on harder evidence. If an actual "sequence the whole set of samples" option enters the realm of feasible tests then it would also warrant actually doing that.

Come to think of it, I'm not sure how the Ancestry/etc novelty DNA tests work. I'd assume they've isolated a few specific markers they're looking for and the processes are optimized towards identifying those and comparing combinations for those specific traits.

You’ve described electrophoresis DNA fingerprinting correctly, then jumped to the unjustified conclusion that it’s a VERY crude hash.

Not so, it’s a fairly excellent hash, one with few collisions. Better than a fingerprint. If it looks like your DNA, it most likely is.

Source: was an electrophoresis tech (not forensic) in a previous life.

And yes, the usual genetics sites do SNP tests, which are cheaper than full sequencing but mean that they only find what they’re already looking for.

The price of full sequencing is dropping rapidly, I look forward to it being a standard part of medical practice, it will save a lot of lives and improve quality of care.

Better than a fingerprint is still not great!

Well, several decimal orders of magnitude better than a fingerprint, to be accurate.

DNA tests prove a very specific narrow fact, and it’s up to lawyers to string together a hypothesis in order for it to have relevance.

Unfortunately all too often the DNA test result is used as proof of a hypothesis, not of the mere presence of surprisingly similar DNA in a swab sample.

Apropos of this, but about human incompetency rather than DNA tests, the Phantom of Heilbronn. A serial killer so well concealed that her very existence was only given away by DNA traces.


Your Wikipedia link says that the Phantom is a myth and the DNA was contamination from the kit factory.

Yes it does, good reading skills. That's the point. Human incompetency, related to DNA forensics.

I didn't outright say that, though; the idea was that I would prepare you for a story of a serial killer so well concealed that her existence could only be inferred from trace DNA, but THEN there's the surprise twist - there is no serial killer, it's a trick of human incompetency. BOOM!

The twist has a much greater effect because I didn't give it away at the start, but the twist also ties back in to my original statement about human incompetency - but NOT where you may have been expecting, and subverted expectations are a key part of surprise twists - and the story is also about DNA forensics. That's the previous subject again, the reader having been led around in an interesting and surprising circle.

There is a lot of sketchy evidentiary techniques that get in, for sure. That said, the vast majority of prosecutions are based on extremely strong evidence. Reading the news gives a misimpression because you only see the edge cases. But for every “making of a murderer” there are ten guys who are convicted based in being caught on security cameras, and credit card reciepts tying them to the scene of the crime, and witness testimony.

I once had to go to court as an individual had attempted to stab myself and another (we had tried to stop them from escaping the police).

During the suspect identification process I failed completely; the suspect was bald and had a spider tattoo on their face. I realised that I couldn’t even remember how they looked, it shocked me quite a lot. I assume it was the adrenaline.

> considered valid evidence

They're considered a valid tool for coercion.

Stupid criminals who watch too much TV think they work and some cop comes in and says he failed a lie detector test and they confess.

In that way they actually do work.

Assuming all you want is a confession but if the person actually provides evidence of their own guilt they so be it.

"Tangentially related, it's astounding to me that polygraphs are still considered valid evidence given how widely they've been discredited."

They generally are not considered valid evidence.

(to expand, they are not admissible without consent of both parties, and even then, the court would likely find it not relevant)

I'm not sure how the courts will differentiate between biometric data related to authentication and biometric data from blood tests, breathalyzers or DNA tests. The latter are, in a sense, examples of forcing you to divulge something stored in your body.

Implied consent (the authority the police use to try to force you to divulge your blood alcohol content) is a well-established area of law.

The courts can differentiate it by saying that the legislature has written implied consent laws that cover what you are deemed to have consented to when operating a motor vehicle, and that the legislature has not written implied consent laws for cell phones/etc.

Right now it's a pretty easy case for the courts, though higher courts have justified much worse with much less.

It's possible a legislature could write implied consent laws for cell phones, but I don't think they have yet. Not sure if they'd withstand court review, but I am afraid they might.

> Implied consent (the authority the police use to try to force you to divulge your blood alcohol content) is a well-established area of law.

Indeed - warrantless blood tests have been found unconstitutional by SCOTUS three years ago (Birchfield v. North Dakota).

The UK fixed this for drink driving by making it an offence to refuse to submit to the alcohol tests. So they don't force you to implicate yourself for drink driving, you can choose instead to be prosecuted for refusing to provide a sample and have everybody assume (not at all unreasonably) that you refused because you knew you'd fail badly.

Sometimes people are _so_ drunk they refuse to provide a sample without really comprehending that this will itself directly lead to getting arrested and prosecuted but minus any opportunity to get the results thrown out for any reason since it'll just come down to "Officer, did the suspect refuse consent to the required sample?".

You couldn't do that exact workaround in the US because of the Constitution, but I'm sure a creative work around can be invented.

> You couldn't do that exact workaround in the US because of the Constitution, but I'm sure a creative work around can be invented.

The "workaround" in the United States is similar. When you apply for a driver's license, you agree to submit blood/breath/urine upon demand or lose said license automatically.

This is basically how it works in the US too. You are punished for not submitting to the test by revocation of your license and also, the refusal to submit can be used against you to help establish you were DWI.

The article is quite clear about that differentiation:

"the judge wrote that fingerprints and face scans were not the same as “physical evidence” when considered in a context where those body features would be used to unlock a phone."

(Emphasis mine.)

It's the context of using those body features to unlock a phone, that makes them testimonial rather than physical evidence. Outside that context, they can still be physical evidence.

But does that mean the police can't use physical evidence to unlock your phone? I don't know if it's possible to get a fingerprint from a glass and use that to unlock a phone, but if it was, would that still be legal? What about if someone wrote their password on a note?

The only difference I can see is that in the case of alcohol, biometric data is the thing you are looking for.

In the case of telephones, biometric data is being used to get access to something else.

My understanding is that the police use polygraphs simply as a 'primed' question-asking session for people who agree to take them. It is no different from sitting down and asking someone questions, except maybe they will believe you can tell that they are lying, and so might be more honest. The polygraph doesn't have to be evidence because your answers to questions are evidence by themselves. Whether you are hooked up to a polygraph is irrelevant.

In this respect they're not really any different from an officer administering a field sobriety test or a breathalyzer to someone they've stopped for a suspected DUI: these prime the suspect to give more information than legally required.

And worse, these will provide opportunities for the state to build probable cause for a stop that otherwise might not exist.

> Whether you are hooked up to a polygraph is irrelevant.

I'm going to go with strongly disagree here.

So you're willing to argue that the output of a polygraph is evidence of something in absence of any responses you give during questioning?

I'm arguing that the idea that anyone is allowed to connect anything to me while they ask me questions is perverse, reprehensible, and absurd.

That has nothing to do with what I'm talking about. You can (and should) simply refuse to take any polygraphs. It will never work in your favor.

Also "no comment, lawyer please" is a good answer for any question.

The comment you replied to pointed out that they are voluntary.

Voluntary is the sense of someone(s) in a position of authority or power asking if you're willing to submit to a voluntary procedure.

I've be interviewed by police twice after being charged with crimes that carry potential prison sentences. The interviews are voluntary in the sense you're not required to answer any of the questions, and I could have chosen to wait in a cell for my lawyer to turn up days later ... but I volunteered to respond to each question by making a mockery of their questions and processes.

These people in authority, they are not there to help you, with their badges and their guns and their attitude problems, and I don't believe it's possible for someone to "volunteer" when such a power imbalance exists.

It's an absurd use of the word. You can't "volunteer" when the other person is carrying a gun.

Absolutely you could have waited for a lawyer. You voluntarily decided not to.

"voluntary" - done, given, or acting of one's own free will. You said yourself that you could have waited, but decided not to.

Alternatively you could have just done a "no comment" interview, which - let's be honest - is what the lawyer would have advised you to do, no matter if you're guilty or not.

> So it's analogous to a passcode because you're divulging something stored by your body, as opposed to e.g. a metal key which is artificial.

Also, shouldn't the act of entering someone's phone be analogous to entering someone's house? I.e., wouldn't a search warrant/court order be required?

The article is about the warrant. The warrant was for forcing unspecified non-suspects to be forced to unlock their phones so they could be searched for evidence. The judge judges to be "overbroad".

I doubt this will hold up.

You can be compelled by a court to have your blood withdrawn if a warrant is issued while you're under suspicion of DUI. Why would it not be similarly allowable to have your finger placed on the unlock button?

Testimonial privilege (against being forced to testify) is about not being made to say / speak statements against your own prosecution. Speech. Testimony.

Having evidence taken is not forcing you to speak, testify, or make a statement, at least in the current interpretation of evidence.

This ruling is not for sure at all.

In the eyes of the law, how is this different to being compelled to give your passcode though? Of course it’s easier and they could maybe even unlock a phone with your corpse but in jurisdictions where the law protects the individual’s privacy above all else this shouldn’t make a difference.

As I understand it, we are not required to incriminate ourselves. e.g. we can not be told or forced to confess, similarly we cannot be told to open a lock. In fact, there is no way to determine wether you indeed do know (or remember), or do not know/remember the passcode prior to forcing you to hand it over. Any punishment for not cooperating may be a punishment for not remembering, or worse, not even ever knowing the passcode.

But we can be be 'used' to build evidence. For example, being detained and forced to stand in a line-up so that a witness may recognise you. Or having your speech recorded, so it may be compared to a criminal telephone recording. Or having your fingerprint taken to be compare to fingerprints found at a crimescene. Having your key be taken to unlock a vault which is suspected to contain stolen items. Or indeed, having your finger or face scanned to unlock the same thing.

These seem like fundamentally different things, one which may lead to improper judgements, another which leads to generally reasonable judgements.

It is fundamentally, very importantly, different.

Being compelled to say / give your password is forcing you to admit or testify that you know the code and can unlock your phone. You can choose not to give testimony (statements) that could be used against you.

On the other hand, if you are in possession of a physical key or code written on a piece of paper... or fingerprint... you can be compelled to turn that piece of evidence over to the government.

And this ruling is simply stating that your fingerprint is more akin to testimony than it is to an object. I personally don't think it will stand up (unfortunately) but for the moment, in this jurisdiction, it will.

Its 'something you know' vs 'something you are'.

In some sense, the issue here is that we use fingerprints as authorization whilst they should be authentication.

> Testimonial privilege (against being forced to testify) is about not being made to say / speak statements against your own prosecution. Speech. Testimony.

As the article states, polygraph results are (were) legally considered testimony. That's the results, not what you actually said. So "testimony === speech" is incorrect at both the practical and the legal level. This court is simply saying that your fingerprint is much closer to testimony than it is to objective chemical proof of a crime, as in your blood draw DUI/DWI example.

And also, the problem with biometrics is that they're not passwords, they're usernames.

It's by no mean secret, although somewhat unique to the individual.

“A California [federal] judge” yeah I stopped reading there

Even the 9th circuit appeals court upholding this ruling wouldnt be something to trust

This part of the country simply doesnt have consensus with the rest and doesnt have power over the constitution, whether I like the ruling or not.

Until a higher court overturns it this is the law of the land in that jurisdiction. Whether they agree with a court 2,000 miles away is completely irrelevant.

Also you should occasionally read things that you disagree with, if only to test your own assumptions and prejudices about yourself and the world around you. It makes you an objectively better person.

There can be a lack of appeal which lets the district court ruling stand.

What does your second paragraph have to do with anything mentioned in this thread

I won't believe this ruling is safe until it goes thru higher levels. The Executive Branch has over the past 2 decades has shown a large propensity for attempts to disregard the 4th and 5th amendments, and I see no change in this posture or the attempts to subvert them with the current political climate.

"I won't believe this ruling is safe until it goes thru higher levels."

Yes - right now, there are people being held indefinitely for not decrypting hard drives the US [1]. The law used is: "All Writs Act (28 U.S.C. § 1651)". As one judge said, "We don't want your password - we just want the hard drives in unencrypted state."


I fear I'll be barbecued for asking, but I must: What's the alternative? I am a privacy advocate and understand that the law can (and likely will) abuse a forced decryption law.

However, the story you linked is about a _police officer_ who was suspected of child pornography. His sister reported him to the police and 'content stored on the encrypted hard drive matched file hashes for known child pornography content'.

How can you look in the mirror and think he should go free without the evidence being examined? I couldn't live in a world where a suspect could say "Well, I forgot the password" and walk away Scott-free on such an ugly crime.

> How can you look in the mirror and think he should go free without the evidence being examined? I couldn't live in a world where a suspect could say "Well, I forgot the password" and walk away Scott-free on such an ugly crime.

This is the price we pay for an imperfect world, I'd rather a few murderers walk than many innocent men be imprisoned. Your balanced, nuanced idealism simply doesn't work at scale, you cannot assume that every judge, jury, and LEO will be good, so you've got to give the criminals rights even if you're pretty sure they're criminals.

As a judge or LEO I'd have a much harder time looking in the mirror knowing I stole an innocent man's life than knowing that I might not have stopped every criminal.

How does not being able to force someone to decrypt their hard drive overlap with innocent men being imprisoned?

It's potentially happening right now.

While circumstantial evidence would suggest the cop who is being asked to decrypt his computer is in fact guilty of at the very least looking at child porn, we don't know concretely, yet he is being jailed until the judge decides that he really won't release the password. Imagine a less scrupulous judge and a more innocent man, maybe he's trying to protect the identity of source, suddenly it doesn't seem fair that the man should be jailed, yet in a world where we can compel you to release the password both cases are the same.


Law Enforcement Officer

>His sister reported him to the police and 'content stored on the encrypted hard drive matched file hashes for known child pornography content'.

If that's evidence enough to hold him in jail indefinitely then it's evidence enough to convict him. So convict him using it. There's no need to force him to self-incriminate.

If it's not evidence enough then the alternative to this is do good police work that doesn't require holding suspects in jail indefinitely until they incriminate themselves.

>I couldn't live in a world where a suspect could say "Well, I forgot the password" and walk away Scott-free on such an ugly crime.

What if it was a slightly different scenario. What if instead of encrypting the child porn he deleted it right before the police came in. Would it be ok if he was held in jail indefinitely until he confessed? What if we just hold all suspects in jail indefinitely until they confess?

The biggest "what if" is, what if he actually did forget the password? I have an encrypted backup of an old computer that I actually have forgotten the password for. The only reason I keep it is because I think there's a small amount of LTC on there. I wonder if I should delete it in case police ever get their hands on my drive.

The alternative is real privacy.

> However, the story you linked...

Freedom only works when it also protects things you don't like. Because of that, the specifics of any one case are totally, completely irrelevant.

> I am a privacy advocate and understand the the law can...abuse a forced decryption law.

There is no sentence after that that justifies having a forced decryption law unless "I am a privacy advocate" is a lie, I'm sorry. You don't have to be a privacy advocate, that's fine, but don't wear that mantle if you're not willing to actually advocate for privacy. The entire point is that it doesn't matter what is being kept private.

Upvoted because while I disagree with your thought process it seems like a good-faith question.

> 'content stored on the encrypted hard drive matched file hashes for known child pornography content

Sounds like BS to me, how can they match hash of encrypted content without the key?

That's because it is BS and this is not how cryptography works. Either the drive was decrypted and they have the file hashes, or the drive was encrypted and they don't. Or they caught the transfers on the wire, but this is much less likely, and impossible to determine if they were recorded on the HDD, because it's encrypted.

This. It's encrypted data. You can't even see where the files are.

I can only surmise that this means that they scanned the content of the hard drives and found data sequences that matched some file hashes of known child pornography.

If that's the case, why do they even need the drive to be decrypted? All they'd have to prove is that the drive was not owned by anyone other than the accused and could then say that there was CP saved onto this drive by the guy.

If they matched the hashes to data on the drive, the files are already on there unencrypted. Could be some space left by a now-deleted unencrypted partition, or maybe some leftover data in a temporary location where the data is saved before being encrypted.

Together with the witness testimony, that seems pretty compelling.

I don't even think they'd need to prove that. It's there and it's in his possession, isn't that alone a crime?

> how can they match hash of encrypted content without the key?

Right!? This sounds like, "We know you have it and we can see it, we just want the password to prove it was _you_ who did it."

Also, whilst I'm here, it does strike me as very odd that the justice system in the United States has such a raging evangelicalism about getting to the truth, that it will impose against a person's rights, just to get at that truth.

To refer to the old Eddie Izzard joke:

"If you commit perjury, I don't care. Don't give a shit. I don't think you should because you grade murder. You have Murder One and Murder Two. You realize that there can be a difference in the level of murder.

So there must be a difference in the level of perjury. Perjury One is when you're saying there's no Holocaust when, you know, 10 million people have died in it, and Perjury Nine, is when you said you shagged someone and you didn't."

The whole precept of the truth being this infallible end-gaol, which must be attained - no matter what, is just as abusively dehumanising as the phrase, "Well, if they weren't doing anything wrong..."

Sorry, wrong meeting... I'll see myself out.

The same way when a person denies they committed an offense, build a case

If he is so obviously guilty, then why not judge him with the current evidence?

Also, "content stored on the encrypted hard drive matched file hashes for known child pornography content" - this sounds like BS (but do feel free to correct me please), I am not aware of any full-disk-encryption software that stores the unencrypted hash of whole unencrypted files.

That's the cost of liberty.

It’s okay if you think we should not force people to unlock their phones pursuant to a criminal investigation. But it’s disingenuous to paint this as an attempt to “disregard” the 4th and 5th amendments. The Supreme Court in the 1950s and 1960s expanded the scope of those amendments far beyond the text. They turned the 4th amendment into a general purpose “privacy” amendment, even though the amendment doesn’t use that word or anything nearly as expansive. And they took the 5th amendment, which refers only to forcing someone to testify against themselves in a criminal case, and turned it into a broad protection against self incrimination. But that amendment doesn’t use the phrase “self incrimination” or anything nearly as broad.

This is not novel. It’s always been the rule that the police can force you to turn over evidence in your possession, even though they can’t force you to serve as a “witness” against yourself. The idea that turning over a password is like forcing someone to testify against himself because it involves a mental recollection is already a very stretchy interpretation of the 5th amendment. Extending that even further to situations that aren’t testimonial in any way (Face ID or Touch ID) is hard to defend as a matter of Constitutional interpretation (even if you think it is good policy).

The background principle of the law is that courts are entitled to all the evidence so they can find the truth. The amendments are exceptions to those rules created for specific purposes. But they are exceptions; they are not the rule. To the extent that anyone is trying to “bypass” something, folks reading those amendments unreasonably broadly are trying to bypass the general rule in favor of discovering evidence.

bear in mind that whilst the scope of those ammendments may have been, for want of a better term, “extended” (SC sets precedent for interpretation, as far as i’m aware, i.e. the amendments do not actually change), you must also bear in mind that the scope and power of the government has expanded incredibly since they were written.

the concept of privacy, outside of say, what a married couple do in the bedroom, didn’t really exist when the constitution was created.

devices that are essentially extensions to ones “self” in the digital world couldn’t even have been imagined, let alone the rights required to make that one as as free as the america that was being created.

Your premise simply isn’t true. Privacy as a concept did exist, including in the law, for example in connection with correspondence and diaries. If you read those materials from that time, you’ll see that they were in many cases far more intimate than what you might find in an iPhone today. (People used to record their private thoughts in their papers. Today, people usually don’t leave a record of things that they were thinking but never communicated to someone else.) People also had private financial and legal records, as they do today.

And the 4th amendment did protect those things. But those protections also had limits. The police couldn’t get your diary from your desk without a warrant. But they were entitled to it with a proper warrant. The fact that you recorded your deepest thoughts and intimate affairs on a phone rather than a dairy or private correspondence shouldn’t change that.

note that the interception of most correspondence, e.g. mail, is still a federal offence. additionally, the record of that correspondence can easily be erased. no warrant exists to recover the contents of a burnt letter, i.e., compel someone to testify against themselves.

additionally, one would have to prove an entry in a diary was written by the person that allegedly wrote it. or even that it was owned by that person.

i feel you’re being disingenuous with regard to how much of our lives get recorded, either directly or implicitly, on our devices. concerns on this level simply didn’t exist. giving law enforcement access to your phone is allowing for some level of intrusion into your mind.

i doubt the founding fathers were thinking about how your strava runs could be used to “testify” against yourself, if you happened to be in the wrong place at the wrong time.

Read on their own, I'd be inclined to agree - neither the 4th or the 5th on their own appear to prevent this. However, taken together, I'm not so sure. Clearly a person can be searched under the 4th, and the discovered evidence used. However, when the accused has to take a more active role (Face ID/Touch ID/password), that would seem to go towards being a witness against yourself. As such, any search under the 4th would go towards being an unreasonable search, warrant notwithstanding, as it is predicated on a potential breach of the 5th.

It's a bit of a stretch, but I don't think it's _wholly_ without merit.

What about Ammendments 9 and 10 that leave all rights and powers to the people unless they’re explicitly given to the government?

Amendment IX

The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

Amendment X

The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.

What about them? The 4th amendment explicitly gives the government power to seize and search “effects” (personal possessions) given a valid warrant.

Moreover, the 4th amendment is usually applied against state police. But the bill of rights originally didn’t apply to the states (until some clever interpretation of the 15th amendment). The state governments are not ones of explicitly enumerated powers. It makes no sense to interpret the 10th amendment to keep states from doing something because it’s not explicitly enumerated in the Constitution, when the whole point is that powers not enumerated are reserved to the States by default.

Unlocking your phone does give law enforcement access to more than evidence. Especially since in most cases the existence of said evidence isn't even ensured. What remains is a violation of privacy.

Unlocking a phone is just another fruit of the forbidden tree.

If you look at the last 20 years, giving law enforcement additional competency didn't improve anything.

There is a high probability that this will be challenged at a higher level.

Let’s hope the Supreme Court hears it and it stands.

It won't stand because it's not pragmatic. The issue around 'passwords being in your mind' is interesting, but they'll move past it.

If you have evidence of a crime on your phone, it must be part of the process.

There's nothing remotely unlawful about search of property so long as there is merit, oversight, warrant etc..

Ultimately, this will be no different than searching your car.

Now, the cops doing it without a warrant, shenanigans at the border, searchings stuff they should not be - this is all another matter entirely.

There will be some weird scenarios around people 'forgetting' passwords etc. but otherwise, it's just a new angle on the same old thing.

Those who would like to see better judicial reform I think should look elsewhere, into such issues as why/how warrants are issued, the transparency around them, etc..

The problem with forcing someone to reveal a secret (e.g. a password), is that ultimately, there's no way to prove that someone actually knows the password. If I say that I forgot the password, and a judge throws me in jail for contempt of court, I could rot there forever. There is absolutely no way for me to ever prove that I truly forgot the password. You can't prove a negative.

With fingerprints or face scanning, neither of these is an issue. You put your fingerprint on the device, or you scan your face.

So, I think that forcing someone to reveal a secret that is purely in their head is fundamentally different than compelling other forms of access (physical keys, fingerprint scans, face scans, etc.). The physical access methods can be verified to either work or not. That's not true for mental secrets.

Francis Rawls is still in jail after 2 years for not decrypting his hard drive. He's in contempt indefinitely until he decrypts the drive.

However, that's a unique case, because the authorities know the hashes of the cleartext files on his machine match the hashes of illicit media. "Foregone conclusion" so long as you believe in the mathematics behind hash collisions.

How can they possibly know that?

If that is the case then there should be no problem convicting him.

They had access to the drive at one point.

In a filesharing seneario it is common for feds to see what you got before the raid that grabs the physical drive.

Either what they have is enough for a conviction or it's not. If it is, then there's no need to actually get access to it, if it's not then it might as well not exist.

In the file sharing scenario, how would the feds know that the encrypted drive actually has the files? They can only know what they suspect is on the drive.

It isnt about absolutes. They can be reasonably certain that the drive was in use on a network.

I don’t understand this. Are the hash values stored somewhere unencrypted?

Reminds of that guy in The Crucible that gets crushed with rocks for refusing to take part in the witch trial.

I do believe you mean Giles Corey.


You've completely misunderstood the law here, unfortunately, and argued something that that goes in the opposite direction of this ruling.

The law is actually that physical features/etc can be compelled because they are not testimonial.

“[i]t is compulsion of the accused to exhibit his physical characteristics, not compulsion to disclose any knowledge he might have.”

United States v. Wade

"“the task that Diamond was compelled to perform—to provide his fingerprint—is no more testimonial than furnishing a blood sample, providing handwriting or voice exemplars, standing in a lineup, or wearing particular clothing.”"

State v. Diamond (This is a state case but applying the federal constitution).

Note also that fingerprints are almost always taken at booking, etc. They just aren't transferable in a way that lets the police use them to unlock the phone.

Passcodes, on the other hand are often testimonial. Entering the combination to a safe proves you probably had ownership/control of the safe, for example.

In those situations, generally the government has to be able to prove that you own it. If they can, you will be forced to open the safe.

In the case of phones, the only interesting intermediate cases are phones where ownership can't be proven easily by other evidence.

(Note:I don't necessarily agree with these doctrines, but that is the current law)

> Passcodes, on the other hand are often testimonial. Entering the combination to a safe proves you probably had ownership/control of the safe, for example.

Is this not also true for face/fingerprint ID? Proving the face/fingerprint ID proves you probably had ownership control of the device.

No more than having it in your pocket when you get arrested, or it being in the apartment that you share with nobody else, etc.

> With fingerprints or face scanning, neither of these is an issue.

We treat biometrics like a secret (i.e. password), but really it's not much better than public information (i.e. username).

Will you consent to a brain scan then? Memories are physical. All secrets are.

X-ray scan?


Actually, there is a fingerprint in my phone. It isn't any of my fingers (I can't recall, maybe my elbow). Will I be in contempt of court for scanning my finger 'wrong'. I don't think my elbow will work a month later, it must have changed more than my finger.

I don't see why this is downvoted, parent brings up a good point. If a phone has a fingerprint or face lock, there is proof whose fingerprint or face (or whether it is a fingerprint or face) is the key. Is that knowledge not similar to a password? If the phone requires a PIN or passcode after say, 3 attempts, that's important information.

The issue arises when the knowledge of the password itself is incriminating. The 5th amendment prohibits forced self incrimination.

Forcing a suspect to divulge information that is directly incriminating will not stand constitutional review, regardless of the nature of the information.

You have the right to remain silent.

Mugshot photographs are constitutional, no? Suppose the face biometrics were poorly implemented, such that holding a printout of the mugshot were sufficient to defeat the facial recognition. Would doing that violate the 5th amendment? What if the face biometrics are better than that, but they can still be defeated by a very carefully constructed 3d model of the suspects head, created from data taken from numerous mugshots taken from many angles?

Or what if a suspects fingerprint was taken without his consent by the police, and compared against a fingerprint taken from the murder weapon? Is that self incrimination?

I'm not seeing the "self incrimination" angle for face or fingerprint scans here. For classical passwords yes, but not for biometrics.

The issue is more related to the intent of the action regardless of the practicalities of it. Essentially the subjecting giving a password is giving their consent to the device to unlock it. Using their iris or facial pattern as something compelled in that context would be distinct from the gunshot residue or blood of a victim which also incriminates them since that is something about them as opposed to being compelled to testify against themselves.

It is admittedly a weaker argument from a pure physical standpoint but the law doesn't operate based upon that anyway. Any judge would throw out a request in discovery for the defendant to produce a recording confessing their guilt even for legitimate comparative purposes and many other requests or demands that would be unduly prejudicial for 5th amendment reasons.

I'm just not seeing a meaningful distinction between forcibly taking their fingerprint ("something about them") to check against prints found on a gun and forcibly taking their fingerprint ("something about them") to check a smartphone found on the scene.

If they have a warrant to check the phone, and if taking fingerprints of the arrested without consent has already been found constitutional, I just don't see a problem.

I'm guessing this ruling is about taking the suspects actual finger and placing it on the scanner. This is different from building a fake finger based on fingerprints and using it to unlock your device.

Consider the password case, you can't be compelled to give your password, but the government is allowed to throw all of their hacking prowess against your device to crack that password. They can even ask you about the name of your first pet to get through security questions. Though they can't compel you to answer truly regarding the name of your first pet.

The important word in the comment you're replying to is "knowledge." The biometric properties of your face are not knowledge and are not protected by the 5th amendment.

If your password is “I killed him and the body is hidden under my deck” and that’s the literal crime you are being charged with, sure. But your password is usually not an admission of a crime, so that’s not the argument.

Even if your encrypted laptop contains evidence, you cannot plead the fifth if the prosecutors know it’s there. As long as they can get a warrant and when they get the data say “see your honor? Here is the evidence we knew was there!”, it doesn’t fall under the fifth.

Self incrimination would be if you are charged with tax fraud and proof is on your encrypted drive and the prosecution knows this, but also on that drive is records of money laundering, a separate crime they do not know about. This is when pleading the fifth would apply. By decrypting the laptop, you would incriminate yourself in a second crime, that you were not being charged with. Presumably if you were coerced into decrypting the laptop in this case, you could use the argument that the money laundering evidence can not be admitted into court because it was obtained inappropriately.

IANAL and this ain’t legal advice. Stay in school kids.

Not quite.

It depends on what you are charged with.

In a case of say, possession of stolen information, the laws of possession applied to contraband such as drugs would likely apply.

Since the information wouldn't be in your actual possession(literally in your hands or on your person), then they would fall under constructive possession laws.

In most states, constructive possession has 3 parts --

1) You must have knowledge of the presence of the contraband

2) You must know of the contraband's illicit nature

3) You must have the ability to exercise dominion and control over the contraband.

If I slip an encrypted thumb drive full of stolen trade secrets into your suitcase at the airport, you're not automatically in possession of those things because, absent any other information, none of the rules above could be satisfied.

But, if you knew the encryption key to the thumb drive, then that is evidence against you and that knowledge would be protected under the 5th amendment.

If police find a random iPhone in your house that you share with a roommate, they would have to prove constructive possession to tie anything found on that device to you. Knowledge of the password, regardless of what the password is, would be protected under the 5th amendment.

In both cases, the authorities could not compel you to incriminate yourself by forcing you to disclose your knowledge of the password to the device.

IANAL either. If you are ever in such a situation, be prepared to sit in prison for 10 years while you work your way through the appellate courts, because you're in for a long battle.

Thanks for the info. That makes sense: if by revealing that you know the password, you are also revealing constructive possession, then your explanation adds up. But if it’s very obvious that it is your phone, which I think is the more common case for some of these situations, it doesn’t, right?

> Even if your encrypted laptop contains evidence, you cannot plead the fifth if the prosecutors know it’s there. As long as they can get a warrant and when they get the data say “see your honor? Here is the evidence we knew was there!”, it doesn’t fall under the fifth.

That sounds like the 'foregone conclusion' doctrine.

When it is a 'foregone conclusion' that the data is present on a device, you can be compelled to produce that data by decryption. However, if you are so compelled, the fact that you were able to decrypt that data can't be used against you. So they will need another way to tie you to the data.

An example is if police saw you had classified documents on your computer (by e.g. a video camera) and later confiscate the computer and find it to be encrypted.

That could work if knowledge of the password itself is all they are trying to pin on you.

Usually, though, they are going to be after what the password is protecting. If you try to invoke the 5th claiming that admitting knowledge of the password itself would be incriminating, prosecutors can grant you immunity over that and that greatly reduces your 5th Amendment protections with regard to that particular subject.

What if they have a warrant? At that point I would argue that you are not self-incriminating. In my mind, it's like if the police had a warrant to search your apartment and you didn't let them in.

More like:

Police: "We have a warrant for your apartment, let us in"

Suspect: "Sorry, I lost the key when I went hiking in the Rocky Mountains, there's no way in. Oh, and be aware that if you try to force your way in more than 5 times, the apartment will catch fire and destroy everything inside"

What would happen in this case? Can the suspect be held in contempt?

Probably obstruction of justice IMHO

Doesn't that require intent and planning? If the arrangements were in place before the crime was even planned, how can it be obstruction?

It's obstruction if they didn't actually lose the key, or the deliberately "lost" the key.

That is a degenerate argument. an apartment is clearly yours. Without your password there is no way to conclusively prove that a phone is yours. SIM cards can be swapped, for example. The incriminating is not stating the password. it is the fact that you are proving the phone as yours.

Phone's have serial numbers tied to the hardware. It's certainly possible to prove that a given phone is the same physical unit that one purchased.

Which does not in any way prove that it is yours. Over my lifetime I purchased over 30 phones. Only two of them are currently mine. If you were to place another one I have purchased, but long ago sold in my possession, that would not be enough to prove that it is currently mine. if I happen to know the password, that might be very convincing.

It will be interesting what happens at airports.

Nominally, the reason they check your bag at the airport is for security. But in the process they can find all sorts of other stuff that isn't dangerous to fly with but is illegal, e.g. marijuana. So the whole thing becomes an avenue to warrantless search.

You can't make the same argument about a computer or phone -- you can't bring down a plane or hurt anyone by having certain pictures on your hard drive. Anything you could do with a phone (e.g. trigger a bomb) would require some other physical infiltration, which hopefully would be caught by all the scanning and searching of people and baggage that we do already.

So I would hope that a sensible explicitly disallows this "airport loophole" in the process of bringing phone search into the normal legal process of warranted search... but I am doubtful. There are powerful people in the USA, UK, Australia, etc. would love the unfettered ability to search the phone of every air traveler.

How does TSA know your giant laptop is really a laptop and not a bomb inside a laptop case? One indicator is whether it powers up and you can log into it. (I'm not saying I love that answer, but it's a better indicator than just popping up a backlit lock screen [which could be a sheet of acetate with a fixed image])

A raspberry pi could display a login prompt. The rest could be contraband.

Aren't you confusing property with ideas?

I agree, the physical phone itself should be part of discovery. Authorities should be allowed to physically disassemble the phone and inspect its insides or run forensic tests on it.

The content on the phone is a matter of interpretation, subject to proper decryption. It is just an idea, no different from decoding ideas in somebody's journal. It makes no sense to talk about discovery of this.

1's and 0's representing words are the same thing as ink blots in the form of characters representing words.

So, if you encrypt your paper journal, can you be compelled to decrypt it?

And in 20/30 years when the phone is embedded in your brain?

A phone isn't a car. It's an extension of my brain. I use it to store memories that I offload from my brain. As an example I used to have 50 to 100 phone numbers memorized. Now I have zero because they are on the external part of my brain.

I see this as no different than having to decode the secret code in the ledger. You can see the encrypted data. I'm not required to decrypt it. (or am I? I don't know the law on coded ledgers)

> If you have evidence of a crime on your phone, it must be part of the process.

Then access it. If you can't access, do good police work and (legally) acquire access to it. If the entire success of your case hinges on convincing someone to incriminate themselves by giving you the password, build a better case before arresting them or tipping them off to the investigation.

> Ultimately, this will be no different than searching your car.

This can be done 100% with the accused's intervention. A LEO can see something that gives them probable cause for a warrant. A locksmith can open the car or the LEO can simply break the window and unlock it.

Just because the police don't have the technical ability to get into a phone without the user's intervention doesn't mean that person should be forced to divulge information that could incriminate them.

It it's the same as searching the car, open the door and search. Break the window, if needed. But it is more like searching your brain, which is the whole point of the 5th, it seems. On your argumentation, there is no 5th. You can get a warrant to search someone's mind by asking questions they need to answer, even if it's self-incriminating. End of story.

If the police can force you to unlock a safe, they should also be allowed to force you to unlock a phone.

But, unlocking a phone should come with a lot of paper work and checks and balances to ensure that it's done only when really required?

My understanding is that if you are in possession of a key to a safe then law enforcement or the court can compel you to produce the key. But if the safe has a combination, then the court cannot make you give up the combination as that may be self incriminating. Not to mention the practical aspects of trying to compel someone to give up a secret. What if they claim to have forgotten the combination? What if they actually _did_ forget?

I imagine the situation with electronics will be similar. If a key to, say, an encrypted volume is stored on a flash drive then they may compel someone to produce it (analogous to a safe key). But if the drive is protected by a password, then the government cannot compel someone to provide the secret.

I think that's why the article mentions finger prints and faceid. Those are the 'keys' to your phone.

I think you need to read the court opinion, because you're only addressing one half of it. There's a 5th amendment aspect too and that's a lot harder to overcome.

The only way for this to stand is if the 9th circuit upholds the ruling and the Supreme Court declines to hear it

Another circuit will disagree with the 9th circuit and the supreme is forced to take the case, they wont uphold a novel 9th circuit ruling

There isnt an interpretation of the constitution possible for them to, and a the composition of the court makes this even more unlikely to pluck from thin air

I hope that it doesn't so that hopefully people will stop using their body as a password (it should only be used as a login name if you absolutely need to use it)

The judicial branch and the legislature have also been quite hostile to the 4th during that period. Its absolutely not a problem isolated to the executive.

Thank you, Antonin "Emails aren't Papers" Scalia.

What's the "emails aren't papers" thing in reference to?

Scalia had a pretty narrow interpretation of the 4th, and believed that ‘conversations’ in general were not ‘persons, houses, papers [or] effects’, meaning wiretaps were not within the scope of the amendment.

Bio identification is for usernames... not passwords.

NEVER use a fingerprint or an iris scan for a password. That's insane!

Just don't do it.

Meh, convenience matters. The alternative to me using a fingerprint reader oh my phone isn't me typing 16char alphanumeric password every time I pull my phone out, it's to not use a password at all.

Most people don't have attackers going after them who are harvesting fingerprints to get into their devices.

A mugger can get into your device - less relevant now given that wallets are where the value is 99% of the time but given pay with phone options growing in popularity that might be a matter of concern eventually.

A guy with a gun in my face can have my PIN. I’ll also happily provide my fingerprint or look at my phone to unlock it.

This idea that digital security is going to solve for physical violence is absurd unless you’re willing to die to protect your digital assets.

> unless you’re willing to die

I feel like that's getting the threat model wrong. The mugger wants to spend as little time with you as possible. If a fingerprint is needed to make purchases, then it can actually be significantly better than a PIN, and even a PIN is a lot better than nothing because they have to memorize it.

Sure. Have a fingerprint or PIN or whatever. Totally reasonable. Mugger takes your phone in a rush, can’t unlock it later, sells it for $10 to someone who’ll gut it for the pieces. Sucks, but not as bad as the mugger also emptying your bank account.

But my response is to the belief that a security factor that cannot be directly taken by force is somehow more secure. If you’re guarding The Football, sure. You might actually be willing to die for that. If you’re willing to die rather than reveal your PIN to a mugger, though, your advice is not applicable to the vast majority of the population who value their lives more than their bank accounts.

The way around that complicates things - validation of circumstances and parties outside the sphere of power can avoid it. Anyone trying to force a withdrawal from someone's account at gunpoint at a bank itself would just be robbing the bank itself. Which being federally insured means robbing the federal government by force of arms. Which draws a heavy response from any sort of government.

I have noted that spiteful to lethal anti coercion measures seem surprisingly rare given the premium paid for security and even when a lesser value to human life is assigned. They would use ink bombs for robbers and not time delayed or remote triggered fragmentation bombs with the loot. I assume relative rarity and baseline risks (even military bases in hostile regions tend to restrict arms to the armory except for MPs, on duty soldiers, and maybe personal side arms for ranking officers who keep it holstered most of the time as opposed to readied) and margins are why even in places where security is tenuous enough that foreign businesses travel arrangements include at least one mercenary with an AK47 or its descendant as a guide, driver and bodyguard due to their guest being a relative king's ransom.

Theoretically ATMs could be fortress panopticons watched 24-7 and with a SWAT team readied to deal with compelled withdrawals but that just plain wouldn't be a sensible use of resources - cameras, willingness to write off or insure losses and policing makes far more sense.

I don’t see how any of this is relevant to the topic of muggers.

obligatory https://xkcd.com/538/

edit: - sorry if it's annoying but for me it was a very graphical way to always remember this issue.

Not annoying, just Hacker News. Funny/cute/meme/etc typically gets downvoted, even if it’s directly relevant, because of the strong fear of turning into the circle jerk of endless shitty joke threads like Reddit.

Am I wrong that an (inevitable) biometric data breach would mean this can be done on the cheap (if you were unlucky enough to have given your data to a third party)?

Yes, at least for finger prints. Getting the print is easy, especially with glass back phones, it's making a good enough fake that's non-trivial.

Well out of convenience you kind of have to. But if you really wanted to you can just disable it at ports of entry.

Which is easy enough to do on iOS: Hit the sleep/wake button 5 times quickly.

Careful - after iOS 12 that defaults to calling 911 for you (while also locking your device). You can change that in the settings though.

Correct, I just did this yesterday while idly fidgeting around with my phone. Fortunately I cancelled it in time to avoid creating a false alarm. Glad to hear it can be turned off, doing that now. WTF were they thinking, making it so easy to trigger by accident?

(Edit: OK, I'm confused. There doesn't seem to be an option to disable the emergency trigger entirely, but there's an "Auto Call" slider whose relationship to the feature is unclear. This slider is turned off, yet the phone still went into emergency mode when I clicked the button a few times. What a half-assed feature, sadly typical of Apple's work lately.)

They made it easy to trigger so that people can use it as a panic button. That was a customer request.

Apple gets a lot of customer requests, 99.9% of which they ignore, and 95% of which they should ignore. This was a funny one for them to select for implementation.

You don't have to. At least in Android it is fairly easy to disable the fingerprint reader and force a PIN to unlock.

> Well out of convenience you kind of have to.

What a sentence.

If it weren’t for convenience I’d lock myself in the house and never go out either. A dangerous world lies outside.

What about for devices that don't have usernames?

Still a bad idea as a password.

What about a second factor for TFA?

I have a simple test for if I should use biometrics for something:

Replace every instance of "New Biometric Tech" with "Social Security Number".

So it will become ubiquitous.

This nice and all in theory but looking through the lens of reality where police are legally allowed to lie to get a confession - claiming they have evidence that they don’t have to coerce a confession and seeing that “rubber hose decryption” is real, it really doesn’t mean much in practice.


Since people don’t seem to believe that police are actually legally allowed to lie during an interrogation:


Police are absolutely allowed to lie during an interrogation. I’ve seen it done multiple times. The most disturbing interrogation I’ve ever seen was actually the one where a teenager murdered his own father while under the influence of magic mushrooms. He was taken into the interrogation room shortly after the murder but enough time had elapsed that he was sober and just starting to understand the gravity of what he had done. The police sent in a soft-voiced female who spoke in a very caring and patient way. 99/100 people who watch that interrogation video would say that the woman was a therapist or councilor of some kind. Everything she asked and stated appeared to concern the wellbeing of this kid and the resolution of the terrible even that had taken place. In reality, everything she did was a cunning ploy with some kind of hidden goal. The entire interaction was calculated to extract information from him, very specific information, to be used against him in court. Every tangent of questioning she went on, seemingly random to the untrained eye, was highly specific in its value in a legal context.

An interrogation like this is not an example of outright lying, which is legal and commonly practiced, but it is much more sinister. It is an example of an interrogator assuming another identity and drawing the suspect into a false sense of warmth and security in order to make the suspect incriminate himself. To me, it is the same as having a conversation with your mother after a traumatic event, only to see her rip her own face off, a mask, to reveal the grotesque face of a police interrogator, and then going to jail for what you disclosed. Absolutely terrifying and dystopian. You absolutely must be proactive and protect yourself in this world. Even in “free” countries like the USA. https://youtu.be/rBpDHJIwcUk?t=1495

TLDR: the police are allowed to lie to you https://youtu.be/_WnhP91NJeU?t=1600

I have seen that interrogation video and I have no problem with her asking questions in a caring and patient way. In fact I would prefer all interrogations were like that one.

There are many, many, much worse examples.

The first one that comes to mind to me is when they interviewed that simple guy on the Netflix show, Making a Murderer. They basically told him everything would be ok if he just admitted to murdering someone, and prompted every detail by just badgering him. He had no idea how serious the charges were that he was admitting to, and clearly had no idea of the details of the murder until they prompted him. I'm sure he should have had a lawyer or guardian helping him, as you would with a child.

He's still in jail AFAIK.

Did you expect the guy to get off free for murder?

Guilt is orthogonal to due process. What if the kid hadn't committed the murder but was duped into making incriminating statements anyway? Furthermore, considering testimony given while under the influence is ridiculous.

> "What if the kid hadn't committed the murder but was duped into making incriminating statements anyway?"

Then maybe it would make a better example for discussions like this. As it stands, that anecdote is little more than "the police are good at their jobs and they caught a murderer which is unambiguously good for everybody, but what if they were instead using their skills for something bad?"

> "Furthermore, considering testimony given while under the influence is ridiculous."

I'm sorry but expecting cops to never talk to drunk people is just absurd. There are plenty of valid objections to modern policing, but this isn't one of them.

As long as a witch is burned who cares how they did it? Cops lying and deceiving is fundamentally wrong. Don’t pretend that it’s required for police to get convictions. There are other ways.

Comparing the arrest of a murder to witch hunting is absurd. You know that's absurd, you don't need me to explain it to you.

> "Cops lying"

You already admitted the cops in your example didn't lie. They're guilty only of having a calm demeanor when interrogating a murder suspect, which for some reason you consider morally abhorrent.

I went through ur comment history and I have to say that I respect you.

It isn’t meant to directly compare this to witch hunting. It’s a case of people overlooking brutality because witches are bad anyway right? There are zillions of examples of this. It’s the concept that’s important. Saying that the technique of lying is ok because it gets rid or murderers is wrong especially in light of the fact that there are other ways to do it.

And yes, there is a grey area where interrogators don’t outright lie but are still highly deceptive. I don’t care about the grey area, I just care that police are allowed to outright lie. That is not grey. The example that I illustrated reveals how sinister the police can be. It is more emotionally stirring than mechanical lying. But the interrogator did reveal her title and so whatever. Seriously twisted still. But making outright lying routine is wrong. I don’t want to live in a world where police tell flat out lies to people. That is why we have Miranda rights. Under your logic there should be no reading of Miranda rights, allowing the police to tell the suspect literally anything like “if you don’t confess we will do x” or “you have to tell us something or you’ll be locked up forever” or whatever. Miranda rights exist for an extremely good reason. And stopping outright lying is a continuation of the spirit of Miranda rights.

And the prevailing sympathy on HN for defendants is orthogonal to due process as well. There is no violation of due process here, without regard to the number of commenters who just don't like it.

No but they also use the technique to coerce a confession out of someone who is innocent as part of a plea bargain.

You can hardly call it a conviction when it was based on deception.

When people downvote you on this website, it doesnt mean they dont believe you

They just dont like what you say

It means they don't think you're adding anything of value to the discussion.

And people just mash the button

This might be a good time to let others know: Android (at least my OnePlus) has a "Lockdown" mode in the shutdown menu that locks the screen and prevents the usage of the biometric methods. You have to use the password. This is good because passwords have already been hashed out in court and are unequivocally protected by the fifth amendment; you don't have to tell an officer your password (and entering it for them constitutes telling them).

In iOS 11 and higher, you can disable Touch ID by pressing the power button 5 times in quick succession:


> In iOS 11, Apple has added an "Emergency SOS" feature that's designed to give users a quick and easy way to summon emergency services should the need arise. As it turns out, there's a secondary benefit to Emergency SOS - it's also a way to quickly and discreetly disable Touch ID. ... This is a handy hidden feature because it allows Touch ID to be disabled discreetly in situations where someone might be able to force a phone to be unlocked with a fingerprint, such as a robbery or an arrest. With Touch ID disabled in this way, there is no way to physically unlock an iPhone with a finger without the device's passcode.

"Pressing power button 5 times in quick succession" doesn't work on my iPhone 8 Plus running iOS 12. To achieve the same effect, I need to hold the power button and one of the volume buttons for a couple of seconds.

Sorry - looks like the power button x5 trick only works on iPhone 7 and earlier (had tested successfully on a 6S before posting): https://support.apple.com/en-us/HT208076

On later phones its power and volume simultaneously.

> "summon emergency services should the need arise"

What does that mean? It calls 911 or the local equivalent? That doesn't seem like desired behavior if you're triggering it in anticipation of crossing a border.

There's a slider to call 911/emergency services (as well as to show medical ID). You can configure it to call 911 after 3/5 seconds but even then there's the second countdown with a cancel button. It prevents biometric unlock either way.

This is assuming you have the time to do so. In the shock and awe practices of law enforcement in the states, no-knock-warrants by SWAT teams at 3am in the morning aren't an unheard of thing. Do you honestly think, in that precise moment, you'll remember to run and grab your phone and implement the lockdown mode before they breach into the premises?

I'd say it's better security practice to only use a passcode and, if you must use any biometrics, use an obscure finger (like the side of your pinky finger or something) - whilst also enabling the the auto-wipe feature after 10 failed login attempts.

IANAL but from what I understand of the current goings on in the states, the police have to tell you which digit to try. Just as a password is protected, knowledge of which digit and how it should be placed is also - technically - protected. Think of it like two-factor authentication: The fingerprint is what you are, which was can be used to unlock the phone, but divulging the "which finger and how it should be placed" is what you know.

I can't seem to find it but people were "hacking" the biometrics of Androids with 3D printed heads. The trade-off of convenience for security isn't really worth it.

Again, IANAL, and IMHO, and - if you care about privacy - you shouldn't use biometrics whatsoever but I understand the trade-offs between convenience and security and why so many people fall into that trap.

Lockdown mode is a new feature in Android Pie: https://www.androidauthority.com/android-pie-lockdown-securi...

iPhone too. Press the power button five times and it goes into password only mode.

Holding the power + volume button also forces a lock, and is more discreet in that it doesn't make blaring beeps and call emergency.

the beeps can be turned off, though, so that's a good thing.

it depends on what phone you have. the key press combo is different depending on what model you have. the 6s+ is 5 presses of the power key, but that is a very conspicuous thing to do. other/newer models have a much more inconspicuous button press combo that could be done while "attempting" to hand over the device.

Don't know how vanilla this is, but on a Moto g^6 I have configured biometric auth but have to auth via PIN 1) every time I boot the phone and 2) every 24 hours.

Waiting for a case where the FBI bangs down Google's door to get access to a locked Android phone before I make any assumptions about the security implications of that though.

Also, and I think it works on all Android, if you press the fingerprint sensor with the wrong finger 5 times it deactivates it. So just hit it with your pinky or any other non-registered finger.

It's also in EMUI 9 (Huawei) now.

As a Root Android user, any time I have reason to believe that a situation with the police is going to end even slightly bad on my end, I power off my phone. And as a Root user I have several layers of security on all my devices. I also take a mental note of what my battery percentage is at, that way I know if my phone has been turned on at all.

As for a little back story on myself; I am wrongly labeled as a drug felon. My wife (separated for over a year) decided to try meth shortly after our wedding and got hooked in a bad way. I have a history with said drug and didn't want her to try but she insisted saying that it would help her understand why I am the way I am. I didn't know about her use of the drug and was in jail for 2 weeks because she had them in the car and I got pulled over and searched. After my release the cops in the area basically harassed me by pulling me over every other day at minimum. I was in and out of jail several times within 2 months. I had come into possession of the phone she had when I was in jail because she got a new one and I always saved the old phones to test my rooting and hacking skills with. Even though the phone was wiped, by her deleting all of her account info and messages, I was able to do a text recovery on the phone. I found in a few chats that she had with some of her friends and family while I was in jail for the 2 weeks, her telling them that I was in jail for her drugs. Of course everyone thinks that it's weed first, but we were in Colorado, so she clarified that it was for meth.

Now because of specific laws I can't even use those messages to clear my name and she won't take the stand to the law and accept her punishment for the use of the drugs.

As others have noted, this decision comes from a low-level court. And from what I've seen recently, it won't stand.

Indeed, the basis of the opinion is iffy:

> “If a person cannot be compelled to provide a passcode because it is a testimonial communication, a person cannot be compelled to provide one’s finger, thumb, iris, face, or other biometric feature to unlock that same device,” the judge wrote.

Because defendants' right under the 5th to withhold passcodes is not at all settled. And even if they can't be compelled, they can be jailed indefinitely for contempt of court. Even if, as that ex cop in Philadelphia claims, they've forgotten it.

So anyway, this is iffy advice:

> The best advice for anyone concerned about government overreach into their smartphones: Stick to a strong alphanumeric passcode that you won’t be compelled to disclose.

I didn't read the opinion but even the quotes that Forbes pulled are eyebrow-raising. Like:

“The undersigned finds that a biometric feature is analogous to the 20 nonverbal, physiological responses elicited during a polygraph test, which are used to determine guilt or innocence, and are considered testimonial.”

This is the kind of wacky magistrate judge ruling that I'm sure the US Attorney rolls their eyes at.

It'll be just a short time before this is overturned. Fingerprints are non-testimonial. So is a photograph of your face. So is a sample of your handwriting. You can be forced to give a handwriting sample. As to polygraphs, at the federal criminal level, they have been approved in only one federal circuit, and then only under limited circumstances. See, U.S. v. Picinonna. Despite this federal non-acceptance, they are widely used at the federal administrative level for security clearances and the like. In the private sector, there are little restrictions on their use. You could also use divining rods, tarot cards, crystal balls and similar implements to discover the truth of a statement if you wanted to. However you can't weight a person down and throw him in the lake to see if he floats.

Tip 1, which most people know: To quickly disable Face/TouchID you can squeeze left and right side buttons together (any combo) for two seconds to bring up the power off display.

Tip 2, which probably most people don't know: If you aren't holding the phone -- if someone shoves it in your face -- you can close your eyes to prevent FaceID from working and say "Hey Siri, who's phone is this?"

Not that it's wise to do this to frustrate a violent attacker, but it might work for some situations.

>...you can close your eyes to prevent FaceID from working and say "Hey Siri, who's phone is this?"

That's specific to Apple and I wouldn't be surprised if that got you an obstruction charge in the states. Plus, if you don't produce the password, afterwards, you're now sitting in jail for contempt - even if you may have actually forgotten it.

It's a much safer avenue, legally, to just use a password to unlock the device.

Any idea if and how this ruling (if upheld) can be used to refuse phone seizures / password requests by CBP when entering the country? The ruling relies on the 5th amendment so its scope is limited to American citizens I guess. And whatever the rule of law it’s probably not a good idea to piss off a CBP agent... but still, it’d be nice to be able to travel to the US without having to wipe one’s phone and social media accounts.

I highly doubt it, even for American citizens at the border. The "Border search exception" pretty much says that anywhere within 100 miles of a boarder, the fourth amendment doesn't apply[1]. I imagine they would make a similar rule for the fifth amendment.

[1] https://en.wikipedia.org/wiki/Border_search_exception

Citizens can’t be denied entry. Worst case if you refuse to turn over your phone password is a short (hours, maybe days) detention, and confiscation of your phone.

Non-citizen admittance is at the discretion of the immigration officer and they can turn you away for just about any reason.

Either way, yes, this ruling wouldn’t change anything there.

they can detain you for a limited amount of time, but they can confiscate your devices for an indefinite period.

Well, you couldn't trust the device after they returned it. So losing it isn't a problem.

The best option is not carrying devices across borders. Have whatever you need online somewhere. Securely encrypted, of course. Buy a device at destination. And discard it before return. That's accepted best practice for security-conscious firms. They'll provide devices and online storage.

If you must carry a device in transit, it ought to be plain-vanilla, with nothing sensitive on it. Again, security-conscious firms supply such devices for staff. And private individuals can just say that they're too concerned about theft to carry their primary devices.

Exactly. If the government takes your phone and gives it back its time to wipe the phone and sell it. Restore a backup on to a new phone.

I'm thinking about a good device strategy. I think I need a disposable smartphone for situations like this. I should not lose any data if I lose the smartphone and nobody should gain any data if he finds/steals/takes it.

A lot of "freedom" fighters suggest this as SOP anyways. You keep all of your needed data in the cloud, and download on the other side of whatever security you are clearing. This goes for any device, not just phone. Some people even go ports on their laptops filled in with an epoxy or something so that ports can't be accessed. Of course, that just makes you look that much more suspicious. How paranoid are you, and what data do you really have that you don't want to be seen?

> what data do you have

That's really irrelevant. The question should be, "what data does the government think I have, and what evidence do they have that I have it?"

Crossing the border feels like "guilty until proven innocent", which completely goes against everything this country was founded on. If I'm not traveling with my wife and kids, I'll put up a much bigger fight at security check points. Yes, it's annoying to the people who have to check me, but they're being paid for it (well, not while there's a shutdown) so I don't feel too bad.

If they do have evidence of wrong doing, it shouldn't be hard to get a warrant. We should be following due process at the border, especially for American citizens.

Driving through, they can do friendly things like dismantle your car looking for contraband.

Wait, within 100 miles of a border the 4th amendment doesn't apply? There are entire cities, large ones, within 100 miles of a border. Does the 4th amendment not apply to the citizens of those cities? That would be a rather serious problem.

There is a Border Search Exception to the 4th Amendment established by the courts; this ruling has no relevance at at port of entry.

It has no relevance to the Border Patrol within 100 miles of a US border or coastline, which is even more ridiculous.

Yeah, it should be more like 10 miles or less. I don't understand why they're given so much leeway.

This should have been enough:

  A. Contiguous states - 12 nautical miles towards sea, one full state inwards
  B. Alaska and Puerto Rico - 12 nautical miles towards sea, 3 nautical miles inwards
  C. Archipelagic territories (including Hawaii) - 100 nautical miles towards sea, 1 nautical mile inwards
  D. Airports - airport administrative zone

*If they have cause to believe you just crossed the border.


Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact