FBI uses 5th-Amendment loophole to unlock iPhone of Bkhchadzhyan

iPhone TouchID fingerprint unlock ordered by Federal judge. Paytsar Bkhchadzhyan is easy for you to say.

iPhone fingerprint

A high quality photo of Paytsar Bkhchadzhyan, via LA Times

iPhone owner ordered by judge to give FBI the finger -- to unlock her iPhone with her fingerprint, that is. The feds think Paytsar Bkhchadzhyan's shiny hides evidence of criminality. But hold on there, buddy -- surely the 5th Amendment prevents the Federal Bureau of Investigations making citizens unlock their devices?

[Developing story: Updated 10:05 am, 2:51 pm and 2:54 am PT with more comment]

Apparently not, if the unlocking happens biometrically. You might be forgiven for thinking it's a gigantic legal loophole, based on an outdated legal interpretation. 

But perhaps this question is moot, anyway. Allegedly, TouchID isn't as secure as Apple led us to believe. Perish the thought.

In IT Blogwatch, bloggers refuse to self-incriminate. Not to mention: Paytsar Bkhchadzhyan is only the half of it

Your humble blogwatcher curated these bloggy bits for your entertainment.

What’s the craic? Matt Hamilton and Richard Winton ask, Should that be allowed?

A Los Angeles courtroom...compell[ed] the girlfriend of an alleged...gang member to press her finger against an iPhone. ... Prosecutors wanted access to the data inside it.

Experts expect such cases to become more common. [But] how far can the government go? ... Some legal experts say there should be a higher bar...because providing a fingerprint...could be a form of self-incrimination.

About 45 minutes after Bkhchadzhyan was taken into custody...Judge Alicia Rosenberg...signed off on the warrant. ... Asst. U.S. Atty. Vicki Chou said [it] was part of an ongoing probe.

Explain to me how that's even legal. Ben Lovejoy obliges—FBI granted federal court warrant:

For the first time...a suspect has been ordered to use her fingerprint. [In] a 2014 case [a] Court ruled that...passcodes are protected by the 5th Amendment [but not] fingerprints.

However, some law professors say that this [is] outdated. ... A fingerprint can provide...incriminating data.

Oh, I did not know that. And 89p13 comments:

Which is why you should power off your iPhone if you are being pulled over. ... I have nothing on my iOS device that I am ashamed of. ... I am not a terrorist.

I am an American who sees the government overreaching...without my knowledge or permission. ... This is an invasion of my Rights...under the Constitution and Bill of Rights!

But why power it off? Rosyna Keller explains why:

TouchID is disabled after 48h, 5 bad attempts, or reboot. ... It'd be awesome if it could be set shorter.

Interesting idea for Apple. And here's T. Greg Doucette, calling the Fifth a myth:

Yep, widespread misconception. If you want [it] to stay out of Govt hands, use a passcode. ... Our courts have long ruled that identifying info...like fingerprints aren't "testimonial". [But] courts have ruled you cannot be forced to disclose password...b/c of the Fifth.

Meanwhile, is there a silver lining to this supposed constitutional cloud? Yes, in flaky world of Harold Smith III

Finally a benefit for my hand eczema. My fingerprints are useless and can't unlock ****.

[You're fired -Ed.]

Update 1: However, TouchID isn't secure anyway. So says Russell Brandom, who calls it Your phone’s biggest vulnerability:

Fingerprints can...be stolen — and...you can’t change your fingerprint, so [it] creates a lifetime vulnerability. ... That’s particularly true in the wake of the San Bernardino case. ... If a more recent phone had [used] fingerprint, it would have been trivial for investigators.

If [Paytsar Bkhchadzhyan] had been in one of the federal government’s growing databases, the warrant might not have been necessary. ... Those records are typically used for verification, but...there’s no reason they couldn’t be used to trigger [TouchID].

The OPM breach compromised the fingerprints of 14 million. ... A fingerprint is easier to steal than a password. ... For anyone hoping fingerprint readers would usher in a new era, [it’s] terrible news.

Update 2: Many seem to assume the legal interpretation is settled. Probably not so. Katie "Bush" Bo Williams is running up that hill:

Critics have already raised questions about...Paytsar Bkhchadzhyan’s right against self-incrimination. ... Traditionally, courts have treated fingerprints as...“physical evidence” that does not require a warrant. ... But on certain iPhones, a fingerprint performs the same function as [the] passcode.

The issue is far from settled. ... Few courts have [ruled if you] can be forced to unlock a device using biometric sensors. ... In one 2014 case...the judge argued that providing a fingerprint was akin to handing over a key. ... But providing a passcode...was the equivalent of...testifying.

Update 3: So we live in hope for the Supremes to clarify the situation, some time in the future. But there could be unintended consequenses. So says Derek McAllister, who calls it yet another way...the government is getting it wrong:

They continue to exploit loopholes in laws...created long before these devices. ... This violates your rights.

Until a law is passed or this goes to the Supreme Court they will exploit it. My fear is that...all those that were convicted by...evidence found on these devices will be released and [compensation] will cost the taxpayers.

And Finally

Speaking of Paytsar Bkhchadzhyan...
[A classic from a pre-Web The Onion in 1996, via Ray and the late Tom]

You have been reading IT Blogwatch by Richi Jennings, who curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Catch the key commentary from around the Web every morning. Hatemail may be directed to @RiCHi or itbw@richi.uk.
Opinions expressed may not represent those of Computerworld. Ask your doctor before reading. Your mileage may vary. E&OE.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies