Suspects cannot be forced to biometric unlock their devices as it breaks self-incrimination laws, US judge rules
A US judge has potentially thrown a very large spanner into efforts by US authorities to get suspects to unlock their electronic devices.
Northern California federal judge Judge Kandis Westmore issued the potential landmark ruling when she decided that American law enforcement officials could not force a person to unlock their mobile phone with their face or finger.
The ruling is potentially hugely significant Forbes reported, as until now US judges had allowed the police to force suspects unlock devices with biometrics (fingerprints, faces or irises etc). However, the police had not been permitted to force a suspect to divulge a passcode. But now this ruling means that all logins are equal under the eyes of the US fifth amendment.
Judge Westmore’s ruling came when the judge denied a search warrant for a property in Oakland. The warrant, according to Forbes, was part of an investigation into an extortion crime (via Facebook Messenger), in which a victim was asked to pay up or have an “embarassing” video of them publicly released.
It seems the police had two suspects in mind and wished to their carry out a raid, during which they would force the suspect to open up any ‘digital devices’ found on the premises via facial recognition, a fingerprint or an iris.
But the judge it seems felt that this was ‘overbroad’, and ruled that even with a search warrant, police could not force suspects to bio-metrically unlock their phones as it amounts to the same type of self-incrimination as being forced to hand over a passcode.
Essentially, while the judge agreed that the police did have probable cause to search the suspects’ property, she did not agree they had grounds to unlock any and all devices, or compel people to do so.
The ruling could set an important precedent in Fifth Amendment interpretation, as Judge Westmore ruled that compelled testimony is compelled testimony, regardless of whether it is a passcode uttered aloud or a forced finger swipe.
And if other courts apply this ruling, it could have a serious impact on other cases. However the ruling is sure to be challenged by US officials and could even be overturned.
“For the reasons set forth below, the Court finds that the Government’s request runs afoul of the Fourth and Fifth Amendments, and the search warrant application must be denied,” said the ruling.
The Judge did sympathise US law enforcement officials, but said that there were other ways to obtain the information that “do not trample on the Fifth Amendment.”
The Judge suggested that American police instead obtain any Facebook Messenger communications directly from Facebook itself, using the ‘Stored Communications Act’ or a warrant based on probable cause.
The ruling brings into stark contrast the issue about the need for privacy, versus the ability of law enforcement to unlock electronic devices as part of an investigation.
In February 2018 it should be remembered, the FBI forced an owner of an Apple iPhone X to unlock his device using its built in facial recognition.
The police had arrested a suspect, 28 year old Grant Michalski, whilst he was being investigated for child abuse. Special agent David Knight then unlocked the suspect’s iPhone by holding up the handset to his face, as they did not have Michalski’s phone passcode.
And in other cases, Apple iPhones that boasted fingerprint touch ID have been unlocked by police using the fingerprint of the dead owner.
British police meanwhile have developed a low tech but highly effective strategy to deal with the problem of accessing vital data on locked smartphones.
Police detectives at Scotland Yard’s cybercrime unit in 2016 took down a fake credit card fraud racket by legally ‘mugging’ or ambushing the criminals while they were using their phones, in order to bypass smartphone encryption.
Biometrics. Know all about this form of authentication?