The legal situation is more complex and nuanced than the headline implies, so the article is worth reading. This adds another ruling to the confusing case history regarding forced biometric unlocking.
Reminder that on an iPhone, if you hold the Volume Up and Power buttons simultaneously for several seconds, the phone will vibrate and will require the PIN or password next time you unlock it, not Face/TouchID. This happens whether the screen is on or off, so you can discretely do it in your pocket.
And then some random dude takes a peek at you entering said password, and steals the phone :/
GrapheneOS has an option to scramble the numbers on the unlock screen. I don’t know if that’s a base android thing or available on IOS
In order to turn off the Find My iPhone functionality, you need the Apple ID password, so this isn’t even a real concern. You can even remotely lock the phone with a new password. Apple has made stealing an iPhone and making it work afterwards very hard.
So you know what it is? I just tried both volume keys and all I got was TalkBack (Google’s screen reader).
it’s called lockdown mode. on my phone you press and hold the power button and select the option. you might have to enable this in settings.
Nope.
Samsung A50 doesn’t have this option.
Will keep an eye out for it though.
Depends on the rom. It’s in Android since 9. Samsung definitely has it, but you have to enable it
If you don’t, just force power restart it. You can search this up online for your model.
https://www.hardreset.info/devices/samsung/samsung-galaxy-a50/softreset-second-method/
Not sure about all phone models, but at least with mine, if I switch it off then it requires a PIN, rather than biometrics, upon being switched back on. Thus if the police arrive, immediately switching off your phone could be a sensible thing to do
On iPhone, maybe Android too, you click the power button 5 times and you have enter the pin.
This isn’t new. I’ve been on the passcode to unlock train for a long time because of this. It’s only news in that it’s been codified by the court. You can’t be compelled to reveal info.
On iPhone: press and hold the lock button and either volume button for 1-2sec. It’ll force a passcode despite biometrics.
Careful locking your device before the cops get there. It could be considered tampering with evidence.
Source: his arse?
Even then, in his arse, they’d have to prove the person locked it.
But what’s worse, getting a tampering with evidence charge, or giving them everything?
Still would like to see his source.
Evidence is not a thing until you are at least accused of a crime or detained.
That’s not completely true. In most states if they are knocking down your door with a search warrant and you flush a kilo of heroin down the toilet, you’re getting an evidence tampering charge that will hold up in court.
Makes perfect sense to me (not a lawyer, not a US person)… what doesn’t make sense is how many people still think biometric is high security (maybe because of how cool they make it look in the movies?)
Idk… you being forced to use your body against your will to reveal secret and private things sounds pretty awful to me
Idk… you being forced to use your body against your will to reveal secret and private things sounds pretty awful to me
Hopefully it gets overturned and your compulsion to stick your finger on the devices requires a warrant.
I’m in partial agreement with @gomp@lemmy.ml, they should be allowed to take your fingerprint and then apply that fingerprint to a device. Or get a warrant to make you stick you finger on the device. Recording your fingerprint is just collecting data to investigate a crime, it generates a record. Sticking your finger on a device is making you participate in the investigation, and generates no investigative record other than “device did/didn’t unlock”.
If the popo suspect you killed your wife and find you sitting on top of a chest freezer refusing to come off, should they be allowed to force you?
Biometric is high security against thieves and nosy girlfriends, not kidnappers or cops apparently. You need to be physically present for most of them which means it can’t be done without you knowing. The problem arises when the person who wants access also has access to you.
Also not a lawyer or a US person, but from listening to American tech media, this has been an issue of some debate for a decade or more now.
The trick lies in their 5th amendment right against self-incrimination. Police cannot require you to give your PIN because that would violate 5th amendment rights. It has been ruled in some parts of America (but the ruling in other parts has been the opposite, IIRC) that you can be forced to give biometric unlocks. In my opinion this is kinda silly and inconsistent. It might be in line with the letter of the law, but it’s certainly not in keeping with its spirit.
As an American and avid rights understander, it is not the 5th Amendment which this risks violating (which you did cite correctly), but the 4th Amendment, which guarantees protection from undue searches and seizures of your person, property, or effects. This is the whole reason for the warrant requirement and the reason you hear us bitching whenever something comes up that lets police or agents of the government acquire non-public access to information or property in a warrantless way.
An example: the police are investigating Mary’s death and suspect you of having planned the murder in the Notes app on your phone, so they want to get into your phone. Without a court order (warrant), you have to give them permission. With the court order, you must give the passcode and/or unlock the phone.
Now, at this point, if your passcode happened to be ‘I killed John02&’ you could argue 5th Amendment protection because divulging the information would incriminate yourself in the crime, or a different crime.
I believe the reason the 5th is usually referenced is that this usually comes up in situations where the 4th is already not relevant. Either because there already is a warrant, or because you’re crossing a border (which IMO seems like an incredibly sketchy excuse and would likely not have been accepted by those who originally penned the 4th amendment, but is at least well-established law at this point).
With the court order, you must give the passcode and/or unlock the phone
The thing is, case law has determined that this is not the case. Passcodes are fairly well protected, from what I’ve heard. You cannot be made to divulge them anywhere in the US, because of the 5th amendment, even with a warrant. Case law is more split on whether biometrics should be offered the same protection.
Though again, this is all my understanding of it having heard it third hand from Americans. Mostly from Americans who themselves are not legal experts, though I think I’ve at least a couple of times heard it directly from lawyers.
The bigger problem IMO is that the Constitution does not universally apply at or within 100 miles of a border, which is where apparently 72% of the population lives.
Yeah, it’s like if you kept a bunch of illegal things in a safe the authorities have the authority to force you to unlock the safe.
Authorities with a warrant can drill into a safe to get to its contents. That’s legally distinct from forcing someone to unlock the safe by entering the combination. It takes some mental effort to enter a combination, so it counts as “testimony”, and in the USA people can’t be forced to testify against themselves.
The parallel in US law is that people can be forced to unlock a phone using biometrics, but they can’t be forced to unlock a phone by entering a passcode. The absurd part here is that the actions have the same effect, but one of them can be compelled and the other cannot.
It’ll be interesting to see if it applies to facial recognition. In iOS, at least, you need to look at the phone to unlock it. That’s an intentional action. If you look to the side or close your eyes, it won’t work.
So if you’re conscious, you can’t easily be forced to unlock the phone with your face and eyes if you’re able to resist. But if you’re unconscious, then maybe they could use your face (assuming your eyes aren’t rolled back into your head because the cops gave you brain damage.)
Nobody cares. It’s easy. Folks aren’t out getting arrested in mass, even in the United States. Unless youre out selling drugs or protesting while breaking shit it has no functional effect on your life in any way.
Ah, yes, if you’ve done nothing wrong argument.
I still care whether government is being properly restrained in applying it’s power against any individual citizen, because that citizen represents all of us.
Innocent until proven guilty, and all that
I don’t care. I’m just saying the why.
TBH privacy advocates have largely put themselves into the position of the window ME UAC prompt. They are deaf to it and IMO it’s a large part of the privacy community treating everything like an 11 and refusal to look towards a user friendly threat model.
Enter pin
“I don’t know what happened, it’s the right code, might be broken.”
That pin was device self sanitiziation trigger for preventing information from falling in the hands of the enemy.
Then buy enough claymores to make sure there will not be a second encounter with enemy forces.
Not as part of core GrapheneOS, but an app called “Private Lock” can detect sudden force via accelerometer and disable the fingerprint based unlocking for next unlock.
But yeah, an erase passcode feature with opening a decoy profile would be a great feature to have.
E: grammar
A duress password to remove selected profiles would be amazing. So it still unlocks but quietly removes the profiles you are worried about.
Not even remove them, honestly. Just unlock the phone into a sanitized, honeypot account that has no access to the secured accounts contents!
