When A Fingerprint IS The Password, Where Does The Fifth Amendment Come Into Play?

from the a-non-testimonial-appendage? dept

Thu, May 5th 2016 9:41am — Tim Cushing

FBI Director James Comey is still complaining about encryption but it doesn't seem to be preventing law enforcement from accessing devices. To date, law enforcement has paid hackers to break into a phone, had an iPhone owner suddenly "remember" his password, seen a person jailed for 7 months (so far) for refusing to provide a password and, now, a law enforcement agency has used a warrant to force a suspect to unlock an iPhone using a fingerprint.

[A]uthorities obtained a search warrant compelling the girlfriend of an alleged Armenian gang member to press her finger against an iPhone that had been seized from a Glendale home. The phone contained Apple's fingerprint identification system for unlocking, and prosecutors wanted access to the data inside it.

The mostly-unanswered question is whether this violates the Fifth Amendment by forcing a person to provide evidence against themselves. (Not that due process was at the forefront of law enforcement's mind in this case. Or the magistrate judge's either. Jonathan Zdziarski points out the warrant was obtained within 45 minutes of the suspect being arrested -- not even enough time to bring in a lawyer.) While the law allows police to collect data from detained individuals -- including fingerprints -- it doesn't say much about physically applying someone's finger to their phone to unlock its contents.

The concern that fingerprint "passwords" would be less insulated against court orders and warrants was brought up here more than two years ago, shortly after Apple announced the new security feature. Biometric data isn't something anyone "knows" that could be considered "testimonial." It simply is an indicator of who you are, which courts have held isn't covered under Fifth Amendment protections against self-incrimination.

The additional concern is that law enforcement may have also used this Fifth Amendment workaround to obtain information on a separate suspect. The LA Times article adds these details to the general murkiness:

Why authorities wanted [Paytsar] Bkhchadzhyan to unlock the phone is unclear. The phone was seized from a Glendale residence linked to Sevak Mesrobian, who according to a probation report was Bkhchadzhyan's boyfriend and a member of the Armenian Power gang with the moniker of "40." Asst. U.S. Atty. Vicki Chou said the search was part of an ongoing probe. She declined further comment.

Bkhchadzhyan was arrested and pled no contest to one count of identity theft. But the US Attorney's comment seems to imply law enforcement was looking for more than just evidence on Bkhchadzhyan when it searched the phone. If so, it raises even further questions about the constitutionality of this particular warrant, which may have forced this suspect to provide evidence against someone else.

The only prior case to raise this issue isn't very instructive and a dataset of one is hardly an indicator of prevailing judicial winds. But the reasoning in the 2014 case draws a line between what the court considers "testimonial" and what is merely providing access.

In 2014, a judge said Baust could be compelled to provide his fingerprint to open a locked phone but could not be ordered to disclose a passcode. The judge reasoned that providing a fingerprint was akin to giving a key, while giving a passcode — stored in one's mind — entailed revealing knowledge and therefore testifying. Baust was later acquitted.

But does that line even exist? It's difficult to say it does when both fingerprints and passwords are virtually interchangeable, thanks to Apple's Touch ID system. The fingerprint is the password. The difference is detained suspects can only retain one of these "keys" in their minds. The rationale used by the court presumes vocal utterances are the only way a person can provide incriminating evidence against themselves.

It's not like withholding passwords will work in all cases either. Those who aren't jailed for contempt of court may instead find judges deciding that providing a password to law enforcement isn't a "testimonial" act on its own. The refusal to provide a password may also work against defendants by giving prosecutors a bit more ammo for their "foregone conclusion" justifications. After all, if a locked device didn't contain evidence of criminal activity, any "reasonable" person would have provided a password without hesitation.

It's a stretch of an argument though -- considering the prosecution needs to provide evidence it knows the stuff it's looking for resides on the devices, which is something extremely difficult to prove when the device is fully encrypted.

The limits of the Fifth Amendment's protections against self-incrimination are far from clearly defined when it comes to encrypted devices.. This leaves the security question in the hands of each individual user. Your choice of security method depends on who you're more worried about having access to your phone. If it's phone thieves, then a fingerprint might do. But if it's the government, use a password.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: 5th amendment, encryption, fingerprint, fingerprint swipe, id, paytsar bkhchadzhyan, self incrimination, sevak mesrobian, touch id

55 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 5 May 2016 @ 9:47am

The more I see where this country is headed, the more I don't want anything more to do with digital technology of pretty much any kind. (and I say this, having been in the IT industry for the last 20 years)

I guess I have a yearning for the olden days, when the screws would just beat the info out of me with truncheons and brass knuckles.
[ link to this | view in chronology ]
- Anonymous Coward, 5 May 2016 @ 11:32am
  
  Re:
  when you see you're country that you love sliding wholeheartedly into a police state. You can either emigrate or try and weather out the decades of citizen opression and murder that tends to happen.
  [ link to this | view in chronology ]
- Anonymous Coward, 5 May 2016 @ 7:12pm
  
  "Foregone Conclusion"
  After all, if a locked device didn't contain evidence of criminal activity, any "reasonable" person would have provided a password without hesitation.
  
  By that logic, if a home didn't contain evidence of criminal activity, any "reasonable" person would provide permission for warrant-less searches without hesitation.
  
  Yeah, I don't think so. That's quite a stretch.
  [ link to this | view in chronology ]
Mason Wheeler (profile), 5 May 2016 @ 9:48am

Bkhchadzhyan? How is that pronounced? What in the world is your mouth supposed to do with B-K-H-CH with no vowels between them?
[ link to this | view in chronology ]
- Anonymous Coward, 5 May 2016 @ 10:02am
  
  Re:
  I'm not sure of the exact sound, but I imagine it's a phlegmy throat noise.
  [ link to this | view in chronology ]
- Black Bellamy (profile), 5 May 2016 @ 10:04am
  
  Re:
  BYKHADZIAN
  
  Pronounce the DZ like the J in JAM.
  
  I'm not even Armenian but I'm pretty sure that's it.
  [ link to this | view in chronology ]
  - Anonymous Coward, 5 May 2016 @ 10:05am
    
    Re: Re:
    Hmmm, jam!
    [ link to this | view in chronology ]
Anonymous Coward, 5 May 2016 @ 10:01am

Laws about this
I think someone should try bringing in the Anti-Circumvention laws. Isn't it illegal to bypass protection on a device you don't own? If I call it "DRM" instead of encryption, do I suddenly get more rights?
[ link to this | view in chronology ]
- Anonymous Coward, 5 May 2016 @ 10:04am
  
  Re: Laws about this
  You get all the rights and each infraction gets you a gazillion bucks!
  [ link to this | view in chronology ]
  - Anonymous Coward, 5 May 2016 @ 2:32pm
    
    Re: Re: Laws about this
    Do I get to hire a lawyer with the gazillion bucks, or does the state take it because the money may have committed a crime?
    [ link to this | view in chronology ]
- Anonymous Coward, 5 May 2016 @ 10:32am
  
  Re: Laws about this
  Silly AC, CISPA doesn't apply to the law, only to the little people like you!
  [ link to this | view in chronology ]
limbodog (profile), 5 May 2016 @ 10:01am

duh
This is why a fingerprint *should not be* a password, it should be a userid.
[ link to this | view in chronology ]
- dfed (profile), 5 May 2016 @ 12:09pm
  
  Re: duh
  Man I feel like I go breathless trying to explain this to people.
  [ link to this | view in chronology ]
  - Anonymous Coward, 5 May 2016 @ 12:29pm
    
    Re: Re: duh
    I have the same problem with explaining to people why political parties are terrible.
    [ link to this | view in chronology ]
    - Anonymous Coward, 5 May 2016 @ 2:13pm
      
      Re: Re: Re: duh
      They don't even allow kegs any more....
      [ link to this | view in chronology ]
- Ninja (profile), 6 May 2016 @ 6:49am
  
  Re: duh
  This. Using fingerprints as passwords is insanely dumb. And yet you have even banks using it. It must be paired with a key to unlock the account/device/etc.
  [ link to this | view in chronology ]
  - Anonymous Coward, 6 May 2016 @ 10:41am
    
    Re: Re: duh
    To be fair, banks use it because the customers demand it.
    [ link to this | view in chronology ]
    - John Fenderson (profile), 6 May 2016 @ 5:53pm
      
      Re: Re: Re: duh
      They do?? Not that I don't believe you, but I've spent years going to great lengths to avoid giving my fingerprints to banks. Including refusing checks drawn against certain ones such as Bank of America.
      [ link to this | view in chronology ]
    - Anonymous Coward, 7 May 2016 @ 5:06pm
      
      Re: Re: Re: duh
      If I told them to jump off a bridge, would they do it?
      [ link to this | view in chronology ]
Anonymous Coward, 5 May 2016 @ 10:06am

Though honestly, if multiple random people on the internet can trick fingerprint readers with printed fingerprints, you'd have to think the FBI could do the same.
[ link to this | view in chronology ]
Anonymous Coward, 5 May 2016 @ 10:09am

The problem is the prosecutors had an easy argument "we've always been able to collect fingerprints so why not now, too?!", while defense lawyers have had weak arguments and didn't say stuff like "but the fingerprint is not just for identification now, it's to get access to all of our lives' data, so clearly it's not the same?"

Defense lawyers need to smarten up.
[ link to this | view in chronology ]
Uriel-238 (profile), 5 May 2016 @ 10:18am

The line exists.
The question is if the line should exist, I think.

So long as our laws are so numerous that it's impossible to know or follow them, so long as law enforcement can arrest people for what they imagine to be crimes, so long as prosecutory discretion allows officials to choose to convict some people and not others arbitrarily, I say the individual citizen needs all the protects it can get.

In the meantime you never want a part of your body worth more to someone than you are.
[ link to this | view in chronology ]
Scote, 5 May 2016 @ 10:18am

They can already get fingerprints, DNA, hair and blood...
With a warrant there is really no question of whether they can compel a fingerprint. They already have the right to book you and fingerprint you - no warrant needed. They can get warrants to force you to give up a DNA sample, blood samples, hair samples. They can get warrants to x-ray your body for drugs. They can give you laxatives and make you use an evidence collecting, nonflushing toilet. Fingerprints for a cell phone? Bah, that horse left the barn before cell phones were even invented.

So, the lesson is don't use just biometrics for critical security. Things you can't change and can't insure control over are not sufficient to insure that only you or people you willingly authorize will have access.
[ link to this | view in chronology ]
Anonymous Coward, 5 May 2016 @ 10:19am

Plausible Deniability
I do not see providing a fingerprint and different than a DNA/Blood/Stool/Whatever sample.

If you have secrets you want to keep private don't use biometrics/physical keys/etc to protect them.

Forcing someone to give up a password is wrong. First you can't prove they remember it and 2nd you can't force someone to testify against themselves. Attempting to force someone to reveal knowledge that they can plausibly deny having any knowledge of is wrong.
[ link to this | view in chronology ]
- Anonymous Coward, 5 May 2016 @ 11:36am
  
  Re: Plausible Deniability
  Actually, with iPhones, fingerprints ARE plausible deniability. Simply present a print that you know won't work until the print scanner is locked out. Then say that you've forgotten the password after mis-entering it a few times.
  
  Both of these are reasonable, and they can't prove intent here.
  [ link to this | view in chronology ]
Todd Shore (profile), 5 May 2016 @ 10:25am

Of the mind
A fingerprint may not be "of the mind" and may not ultimately have protection, however the knowledge of which finger was used and the orientation of that finger is.

Come on girl, hold up your ten fingers and say "here".
[ link to this | view in chronology ]
Anonymous Coward, 5 May 2016 @ 10:25am

What most people keep forgetting is that your fingerprint is not constitutionally protected. By using your fingerprint to lock your cellphone, you open yourself up to being forced to unlock your cellphone. This is different than a passcode.
[ link to this | view in chronology ]
- Richard (profile), 6 May 2016 @ 3:42am
  
  Re:
  heat up a hotplate to about 200C.
  Place finger on hotplate.
  (go straight to hospital - but your phone is now locked forever)
  [ link to this | view in chronology ]
  - Uriel-238 (profile), 6 May 2016 @ 11:09am
    
    Re: Re:
    Dillinger tried this in efforts to obfuscate his fingerprints. (Though he used acid, not a hot-plate)
    
    The results were temporary. They grew back.
    [ link to this | view in chronology ]
- John Fenderson (profile), 6 May 2016 @ 10:30am
  
  Re:
  You don't even have to be forced to provide a fingerprint. It's reasonably easy (but not always trivially so) to unlock those phones using a latent print lifted from something you've touched.
  
  Fingerprint authentication is a terrible idea on all fronts. It's not very secure, it can't be easily changed or revoked when desired, and you can suffer many kinds of injuries that will alter your prints.
  [ link to this | view in chronology ]
Quiet Lurcker, 5 May 2016 @ 10:29am

Is it a testamonial act?
Heck yes!

By unlocking the device - no matter the method used - you are implying that you had control over or authority to use the device and by extension, what was or was not on that device.
[ link to this | view in chronology ]
- Uriel-238 (profile), 5 May 2016 @ 10:34am
  
  Re: Is it a testamonial act?
  The state refuses to be governed by what it's allowed to do.
  
  The state is only governed by what it can do.
  
  That said, yes, a phone opened by compulsion without a specific warrant should be inadmissible for any reason.
  
  Not that we can expect that to happen in this society.
  [ link to this | view in chronology ]
  - Derek Kerton (profile), 5 May 2016 @ 11:17am
    
    Re: Re: Is it a testamonial act?
    "The state refuses to be governed by what it's allowed to do.
    
    The state is only governed by what it can do."
    
    ^ So much this. They see tech development as specifically FOR them.
    [ link to this | view in chronology ]
  - Anonymous Coward, 5 May 2016 @ 11:20am
    
    Re: Re: Is it a testamonial act?
    That said, yes, a phone opened by compulsion without a specific warrant should be inadmissible for any reason.
    
    It's a good thing they got a warrant then, isn't it?
    [ link to this | view in chronology ]
    - Anonymous Coward, 5 May 2016 @ 11:40am
      
      Re: Re: Re: Is it a testamonial act?
      Ah, but the get a warrant to actually search the phone, which is a different issue from compelling an unlock.
      [ link to this | view in chronology ]
    - Uriel-238 (profile), 5 May 2016 @ 2:37pm
      
      Re: Re: Re: Is it a testamonial act?
      Yeah, I betcha it's not a specific one.
      
      Such as a warrant to get a specific contact, not a warrant to search her email archives for something with which to incriminate her.
      [ link to this | view in chronology ]
- Anonymous Coward, 5 May 2016 @ 1:04pm
  
  Re: Is it a testamonial act?
  No, it isn't a testimonial act.
  
  The person is NOT being asked to verify that they know how to unlock the phone. The police claim to already know how to unlock the phone - they claim it unlocks via her fingerprint. And the fact that she does indeed HAVE a fingerprint is obvious and not testimonial.
  
  If her fingerprint does in fact unlock the device - well, perhaps that's evidence against her, but fingerprints on a murder weapon or something would also be evidence against her, and it's pretty well established that police can demand fingerprints (with a warrant) to check against a crime scene.
  
  Demanding a password is different; complying with that means admitting that you know what the password is. The woman here doesn't have to admit she knows anything about the phone, just like someone with their prints on a gun doesn't have to admit they know anything about the gun. Also, with fingerprints there's not a problem like there is with a password where the person may legitimately not know (or remember) the password - if her fingerprint doesn't unlock the device, that's that.
  [ link to this | view in chronology ]
  - Quiet Lurcker, 5 May 2016 @ 2:42pm
    
    Re: Re: Is it a testamonial act?
    No, it isn't a testimonial act.
    
    The person is NOT being asked to verify that they know how to unlock the phone. The police claim to already know how to unlock the phone - they claim it unlocks via her fingerprint. And the fact that she does indeed HAVE a fingerprint is obvious and not testimonial.
    
    >>>I'm not addressing the matter of whether she has a fingerprint or whether she knows how to unlock the phone.
    
    If her fingerprint does in fact unlock the device - well, perhaps that's evidence against her, but fingerprints on a murder weapon or something would also be evidence against her, and it's pretty well established that police can demand fingerprints (with a warrant) to check against a crime scene.
    
    >>>Being able to unlock the device, either with a pass code or fingerprints are evidence that the person who supplied either had at least some minimal authority and control over the device. Fingerprints on a murder weapon - or anywhere at a crime scene - are a straw man fallacy for this discussion.
    
    Demanding a password is different; complying with that means admitting that you know what the password is.
    
    >>>Yes and no. The fingerprint acts as a password here. In either case, the means of unlocking the device is being demanded.
    
    The woman here doesn't have to admit she knows anything about the phone, just like someone with their prints on a gun doesn't have to admit they know anything about the gun.
    
    >>>Straw man fallacy again.
    
    Also, with fingerprints there's not a problem like there is with a password where the person may legitimately not know (or remember) the password - if her fingerprint doesn't unlock the device, that's that.
    
    >>>Not knowing does not equal not remembering.
    
    >>>Please remember here. We are talking about a woman being ordered to unlock a device. It doesn't matter how the device is locked. It only matters that a) the device is locked; b) the cops think (or perhaps know) she has the means to unlock it; and c) the cops want the device unlocked. By unlocking the device, irrespective of how, the cops can infer that the woman had some level of control over the device; she is, in effect, saying 'I use or can access this phone' by unlocking for the cops or anyone else.
    [ link to this | view in chronology ]
    - Anonymous Coward, 5 May 2016 @ 8:26pm
      
      Re: Re: Re: Is it a testamonial act?
      >>>By unlocking the device, irrespective of how, the cops can infer that the woman had some level of control over the device;
      
      >>Being able to unlock the device, either with a pass code or fingerprints are evidence that the person who supplied either had at least some minimal authority and control over the device.
      
      Yes, if your fingerprints can unlock the device, that's evidence that you have some control over the device. Just like if your fingerprints are on the outside of the device, that's evidence that you had some contact with the device. How is that a straw man?
      
      Why does it matter whether the fingerprints are on the outside of the device, or in the software?
      [ link to this | view in chronology ]
      - Quiet Lurcker, 6 May 2016 @ 5:29am
        
        Re: Re: Re: Re: Is it a testamonial act?
        The presence of fingerprints on the murder weapon in themselves are not evidence that the person who handled the weapon committed the crime. Place the weapon at a murder scene, add the fingerprints to the weapon, and you still only place the person at the crime scene. There's still no evidence that the person pulled the trigger OR that they intended to do so even if they did.
        
        Here, the cops are arguing that the phone contains direct evidence - maybe pictures, maybe notes, maybe messages - that show that she was involved in the commission of crimes. They're looking for the equivalent of a video recording or pictures of the woman pulling the trigger.
        [ link to this | view in chronology ]
        
        Anonymous Coward, 6 May 2016 @ 9:42am
        
        Re: Re: Re: Re: Re: Is it a testamonial act?
        The presence of fingerprints on the murder weapon in themselves are not evidence that the person who handled the weapon committed the crime.
        
        It absolutely is "evidence"; that's going to be Exhibit A. It's not "proof", though. She can argue the gun was planted. Just like she could argue her fingerprint was planted or the content on the phone was planted.
        
        Here, the cops are arguing that the phone contains direct evidence - maybe pictures, maybe notes, maybe messages - that show that she was involved in the commission of crimes.
        
        Well, in THIS case it's unclear - they most likely want information on her gang member boyfriend. But I admit that doesn't matter much, since they COULD use it against her. One way they could solve this is to give her immunity, but they don't want to do that, so it's perfectly logical for her to assume they'd use it against her.
        
        You seem to think that you can't be forced to provide the means to unlock something that contains evidence against you. But under current law, you absolutely can. If the key to a strongbox is around your neck, the police can take that key from you and unlock the strongbox. If you've swallowed the key, they can use doctors to forcibly get it out of your body one way or another. And if your finger is the key to your smartphone, they can use that finger to unlock your it.
        
        What they can't make you do is admit that you know HOW to open the thing. Because that would be an actual admission. And if your fingerprint unlocks a phone, that might be evidence that you're connected to the phone, but it's not an admission of anything - maybe someone put your finger on the phone while you were asleep.
        [ link to this | view in chronology ]
Derek Kerton (profile), 5 May 2016 @ 11:16am

Crappy Workaround
As long as our rights are being "reinterpreted" by the courts, you can do this:

Use an unusual finger for your phone's lock.
Set the "lock after x unsuccessful attempts" to 3
Then have it fall back to a password

When compelled by the court, use the wrong fingers three times. Oops, sorry, FBI. My bad. Problem solved.
[ link to this | view in chronology ]
- John Fenderson (profile), 7 May 2016 @ 9:55am
  
  Re: Crappy Workaround
  Or, even better, disable the ability to unlock with a fingerprint entirely.
  [ link to this | view in chronology ]
Anonymous Coward, 5 May 2016 @ 11:24am

The thing is, your identity has never been something protected by the fifth amendment. Remember, confirming your identity already opens up a lot of potentially incriminating evidence. After all, without it they can't grab your phone and internet histories from your providers, locate your house to search it, contact your friends/family/employer, pull up your financial records, or a whole host of other things. And despite all of this very clear potentially incriminating info that is only accessible after you are identified, you can't refuse to identify yourself when ordered to.
And fingerprints are, while very convenient, a method of identification. There's a reason why "something you are" is less popular as a security paradigm than "something you have" and "something you know." It's the only one that you don't actually have any control over (both legally and practically).
[ link to this | view in chronology ]
Anonymous Coward, 5 May 2016 @ 11:26am

You have laws protecting citizens rights and law agencies that ignore those same laws to harass and intimidate citizens.

So in effect you have no laws, only goons with badges and guns
[ link to this | view in chronology ]
Brian C, 5 May 2016 @ 11:57am

“The refusal to provide a password may also work against defendants by giving prosecutors a bit more ammo for their "foregone conclusion" justifications. After all, if a locked device didn't contain evidence of criminal activity, any "reasonable" person would have provided a password without hesitation.”

It is a serious mistake for anyone to conflate a choice with an obligation. A person is afforded the Rights recognized by our Bill of Rights first. This being the case, waving such rights cannot ever be an obligation of a citizen. To think otherwise is a fast track to a Police State that cares not a wit for the Constitution of this country.
[ link to this | view in chronology ]
R.H. (profile), 5 May 2016 @ 12:07pm

I'm Thinking Tasker
If there's not already, I want a Tasker (for Android) plugin that uses the fingerprint scanner to determine which finger you used to unlock the device. You'd be able to set it so that specific fingers will perform an action other than unlocking the device. My personal preference would be powering it off. Android devices (I think iOS devices do this too) require the actual PIN to be typed on powerup for decryption before accepting a fingerprint to unlock the lock screen. That way, I can have the ease-of-use of fingerprint unlock but, the safety of my PIN in case of compulsion.

Of course, one could have a fingerprint set to factory reset but, I wouldn't want to deal with the legal consequences of a destruction of evidence charges.
[ link to this | view in chronology ]
- Anonymous Coward, 5 May 2016 @ 12:56pm
  
  Re: I'm Thinking Tasker
  There's no destruction of evidence by you unless the court specifically directs that you unlock the phone. If you just have to provide your fingers, you compliantly hold your hand out and let the police officer press the finger of their choice on the phone.
  If you're being forced to tell them, "No not that finger.", or "Turn the finger sideways first", then there is a 5th amendment issue.
  [ link to this | view in chronology ]
Richard (profile), 5 May 2016 @ 12:12pm

Simple technical fix
There is a simpe technical fix for this.

Two passwords.

Password 1 - your real data is decrypted.

Password 2 - your real data is wiped and replaced by an "innocent" substitute.

Modern devices generally have enough spare space for both.
[ link to this | view in chronology ]
- Uriel-238 (profile), 5 May 2016 @ 2:38pm
  
  Re: Simple technical fix
  The going version of this is encryption that looks like garbage in unused data sectors.
  
  That way there's plausible deniability that it's actually data.
  [ link to this | view in chronology ]
mb (profile), 5 May 2016 @ 3:14pm

Unchangeable Password?
Why would anyone ever consider having an unchangeable password? Stupidest idea ever!
[ link to this | view in chronology ]
Anonymous Coward, 5 May 2016 @ 11:11pm

after seeing a case where it appeared to me shit was planted on someones pc I will never give up a key password ever, and there will be no auto mounting of usb devices ever again
[ link to this | view in chronology ]
darren chaker (profile), 6 May 2016 @ 12:38am

Giving the 5th Amend the Finger
I actually wrote a post about this topic, http://consenttosearch.com/site/fingerprint-and-fifth-amendment/ The law is well established a person must provide a handwriting exemplar, voice exemplar, and other non-testimonial things to police. Now, due to technology, people enjoy swiping the finger in lieu of using a PW. I know of a couple of cases that said yes, and one that said no. There's a case pending in the 9th Circuit now on this issue. I see it as, police cannot force you to provide the key to your house where you a stolen radio at, but they want you to use your finger to open up a secure phone so they may incriminate you with the contents? For now, I suggest the obvious - take the .05 second to enter in a PW, and do not use your finger for anything less that things you enjoy using it for, since we do not need the government to tell us where to put it!
[ link to this | view in chronology ]
btr1701 (profile), 9 May 2016 @ 9:47am

Counsel
> Not that due process was at the forefront of law
> enforcement's mind in this case. Or the magistrate
> judge's either. Jonathan Zdziarski points out the warrant
> was obtained within 45 minutes of the suspect being
> arrested -- not even enough time to bring in a lawyer.

WTF? Due process has *never* required the police wait to apply for a warrant (or the judge to wait to grant one) until the subject/defendant's lawyer shows up at the warrant application hearing.

In fact, that almost *never* happens.
[ link to this | view in chronology ]
btr1701 (profile), 9 May 2016 @ 9:52am

Incrimination
> If so, it raises even further questions about the
> constitutionality of this particular warrant, which may
> have forced this suspect to provide evidence against
> someone else.

That's actually less of a constitutional issue. While you do have a 5th Amendment right against self-incrimination, absent something like spousal privilege-- which isn't a constitutional issue-- you have *no* right whatsoever to be free from incriminating others. If you have evidence that can be used to help the government's case against someone else, you can be compelled to provide it. Period. And nothing in the Constitution protects you from that.
[ link to this | view in chronology ]