It’s no surprise by now that technology often runs ahead of society’s ability to keep up with it, and Apple’s implementation of new security paradigms like Touch ID and Face ID have created a legal quagmire for privacy and law enforcement that appears to still be largely unresolved.
Despite a decision earlier this year by a U.S. federal judge that ruled that police can’t force suspects to unlock their devices using any biometric security methods — whether it’s fingerprints, facial recognition, or even retina scans — a new search warrant uncovered by Law360 has revealed that another federal judge recently made exactly the opposite ruling.
In a search warrant issued on April 18, U.S. Magistrate Judge Judith G. Dein authorized law enforcement agents for the Bureau of Alcohol, Tobacco, Firearms and Explosives to search for and seize a number of items from an apartment in connection with a gun trafficking investigation in Cambridge, Massachusetts. The list of items included firearms, ammunition, books and papers related to the sale or purchase of firearms, as well as “cellphones and all of their digital contents.”
In the warrant, Judge Dein explicitly authorized federal agents to search the contents of any cellphones by pressing “resident Robert Brito-Pina’s fingers on the Touch ID sensor to unlock the device.” Oddly, however, the warrant did not authorize agents to search or seize any computers found in the apartment — only cellphones.
In the original request for the warrant, ATF special agent Robert Jacobsen told the judge that gun traffickers tend to use cellphones to do business, and unlike drug dealers who often use “burner” phones, tend to maintain the same phones for longer periods of time and even transfer data when they upgrade to new models. Jacobsen explained in the request that in order to search devices like iPhones, “law enforcement needs to be able to use the fingerprint ID of the phone’s user to get into the device because officers don’t know the passcode.”
Attempting to unlock the relevant Apple device(s) is necessary because the government may not otherwise be able to access the data contained on those devices for the purpose of executing the requested search warrants.ATF Special Agent Robert Jacobsen
According to the report, Judge Dein signed off on the requested search warrant, agreeing with the ATF agent’s reasoning and authorizing federal agents to search the Cambridge apartment in the daytime by May 2. However, Law360 was unable to determine if the search warrant has been executed.
Much of the discrepancy between rulings may be a function of the attitudes of judicial officials in different states. The January decision denying the use of biometric authentication in a requested search warrant was made by Judge Kandis Westmore in the U.S. District Court for the Northern District of California, a state which has historically been more apt to rule in favour of privacy and Fifth Amendment rights, which protects users against self-incrimination. In effect, Judge Westmore put biometric authentication on the same level as demanding users give up passcodes, suggesting that law enforcement was going “overboard” in compelling a user to unlock their phone, as it would still be violating the Fifth Amendment to “force suspects to incriminate themselves with their biological features.”
However, it would seem that courts in the state of Massachusetts have fewer qualms in this area. Judge Dein’s decision follows a case last month where the state’s Supreme Judicial Court ruled that the accused in a sex trafficking case could be compelled to unlock his LG phone with his actual passcode, a move that one justice denounced as the “death knell” for digital privacy; despite concurring with the decision, Justice Barbara A. Lenk argued that the state should also be required to prove that it knows what it will find on the device. The majority, however, emphasized that the narrow case placed before the Supreme Judicial Court only concerned the phone password, not the contents of the phone itself.
Ultimately, courts still remain strongly divided on exactly what an accused suspect can be compelled to do when it comes to disclosing personal data stored on digital devices, with most still following the general principle that defendants cannot be compelled to give up their actual passcode, as this is considered “testimonial evidence” that would basically amount to the defendant testifying against themselves in violation of the Fifth Amendment. However, many courts have deemed biometric authentication to be fair game as fingerprints and faces are considered “non-testimonial physical characteristics” that are equivalent to physical keys rather than information that needs to be “divulged through mental processes.”