Apple's iPhones appear to be getting more secure: they've moved from passcodes to fingerprints, and again from fingerprints to facial recognition. But while this may keep your iPhone safer from hackers, it may not keep it safer from law enforcement.
As we noted earlier this week, police officers and federal agents are increasingly using suspects' Face ID function to unlock their iPhones during criminal investigations. Thus far, there's been no case of someone refusing such a request, but could law enforcement force you to use your face to unlock your phone, or, worse, could they trick you into unlocking it just by looking at it?
Police searches and seizures are governed but the Fourth Amendment, but providing officers with certain information and access is sometimes covered by the Fifth Amendment, which protects people from making self-incriminating statements. This can lead to some seemingly odd legal rules. For instance, the U.S. Supreme Court has ruled that a person cannot be compelled to recite the combination to a safe, but they can be ordered to hand over the key to a locked box.
That logic has been applied to biometrics and access to phones. While courts are split are whether a person can be forced to provide a passcode for their phone, most agree that providing a fingerprint for access is not protected. Similarly, you may not have any legal protection in your facial features, meaning that even if your refuse to unlock your iPhone using Face ID, the police or a court could compel you to do so.
Ars Technica took this idea a step further when looking at immigration searches at the border, where normal Fourth Amendment protections -- like the warrant requirement -- are relaxed. Generally speaking, law enforcement cannot use subterfuge to gain consent for a search. But, given that Face ID can work from a distance of three or four feet and doesn't always require a straight-on view, could border agents trick uncooperative iPhone owners into unlocking their phones?
"I agree that that hypothetical is at least plausible, if not more than that," Electronic Frontier Foundation attorney Andrew Crocker responded to Ars. "It's concerning that it could be that easy to get into the contents of a device at the border."
Our smartphones contain an incredible amount of data. And in the race to keep that data secure, sometimes moving backward is the only way to move forward.