What you should know about privacy and Apple’s FaceID on iOS 11

During and after yesterday’s Apple announcement of its FaceID unlocking feature for its new iPhone X, some brief discourse began on the Ars #staff Slack channel concerning legal rights when your face is your new passcode. It’s a big deal, as this is the future of smartphone unlocking—largely because Apple says so.

“This is the future of how we’ll unlock our smartphones and protect our sensitive information,” Apple VP Phil Schiller said.

So let’s start off with one fear an Ars colleague brought up. He suggested that the cops could take your phone and hold it up to your face to unlock it. Presumably, a mugger or nefarious actor could do the same thing.

But remember the Supreme Court is on your side, at least when it comes to the authorities searching your phone. In 2014, the high court ruled that the authorities need a warrant to search your phone incident to an arrest. It’s probably one of the biggest privacy decisions for the digital age.

“Prior to the digital age, people did not typically carry a cache of sensitive personal information with them as they went about their day. Now, it is the person who is not carrying a cellphone, with all that it contains, who is the exception,” the court ruled.

This right to privacy isn’t the same when it comes to being at the US border, however. A quirk in the law allows authorities at the border to search your phone without a probable cause warrant. The law doesn’t care about the method by which the phone is locked, either.

Before we get into the obvious questions about the Fifth Amendment implications for refusing to unlock your phone when ordered, it should be noted that Apple has instituted some new privacy features for iOS 11, which rolls out next week. Let’s assume you unlock your phone for the authorities, whether they have a warrant or not. If you have TouchID enabled on a non-iPhone X phone, the passcode is now required when the phone is connected to a new computer. “Trust This Computer” pops up on the computer’s monitor, requiring the password. That wasn’t the case before. This means the authorities would need your passcode again to siphon data from your phone beyond just reading its contents manually.

One researcher who has written about this suspects the same will apply to the iPhone X and its FaceID—that a passcode will be required when connecting it to a new computer.

Nicholas Weaver, a computer scientist at the International Computer Science Institute in Berkeley, California, told Ars in an e-mail that “There is no way I could see Apple making FaceID bypass the iOS-11 passcode needed to trust this computer change.”

Apple did not immediately respond for comment.

Spoofing

To be sure, there are all types of technological reasons to fear FaceID, just like a fingerprint scanner. Spoofing is probably among the biggest concerns. Apple’s TouchID has been spoofed with a fake fingerprint. And it’s only a matter of time before FaceID is fooled, too.

Technological concerns aside, let’s address the hot-button topic about what happens if you refuse to unlock your phone. This has been an ongoing topic here at Ars. And it’s headed to the Supreme Court.

So are Fifth Amendment rights any different depending on whether a device is locked via a passcode, a fingerprint, or your face?

For starters, the cops don’t see any difference.

There’s a man imprisoned for two years now for refusing to abide by a court order to unlock his passcode-protected hard drives. Last week, the child-porn suspect, named Francis Rawls, lost his bid to be released pending his appeal to the Supreme Court, which has never ruled on whether forcing someone to unlock hardware amounts to a Fifth Amendment breach of the right to be free from compelled self-incrimination.

One positive ruling on the issue has come, however. A federal appeals court in 2012 declared that forcing somebody to decrypt a passcode-protected device was a constitutional violation.

But privacy seems to be losing in these decryption cases. Last year, for example, we brought news that federal prosecutors in Los Angeles were successful in getting judicial approval to force two people, who were inside their California homes, to press their fingerprints on a seized smartphone in a bid to unlock them.

Compelled decryption

But even civil rights activists acknowledge there might be a legal distinction between being compelled to state what is in your mind compared to being forced to use one’s body to unlock a device.

In the Rawls child-porn case, the Electronic Frontier Foundation said (PDF) that “compelled decryption is inherently testimonial because it compels a suspect to use the contents of their mind to translate unintelligible evidence into a form that can be used against them. The Fifth Amendment provides an absolute privilege against such self-incriminating compelled decryption.”

Matthew Segal, legal director of the American Civil Liberties Union in Massachusetts, said in a telephone interview that he believes an argument could be made that forced decryption is a Fifth Amendment violation no matter what. “Compelling somebody to decrypt something, whether it’s with their thumbprint, or their face, or with a passcode, is asking them to translate scrambled data,” he said. The act of decrypting a device, he added, is “rearranging data to be intelligible to the computer.”

One of the first to raise the issue that biometric-protected devices bring fewer Fifth Amendment protections over passcodes was Marcia Hofmann, a San Francisco lawyer and formerly of the EFF. When TouchID came out four years ago, she said:

But a communication is “testimonial” only when it reveals the contents of your mind. We can’t invoke the privilege against self-incrimination to prevent the government from collecting biometrics like fingerprints, DNA samples, or voice exemplars. Why? Because the courts have decided that this evidence doesn’t reveal anything you know. It’s not testimonial.

Your face is no different.

Leave a Reply