I was under the impression that Digital IDs are not a picture you bring up and hand to LE - it’s a RFID token transfer that you tap to authenticate on a reader. That doesn’t mean that there won’t be LE officers who will bully people, or that people won’t be smart enough to recognize that the picture on their phone isn’t their ID, but that not how digital IDs (are supposed to) work.
In Riley v. California, the Supreme Court unanimously held that police need a warrant to search through cell phones, even during otherwise lawful arrests. But if you hand over your unlocked phone to a police officer and offer to show them something, “it becomes this complicated factual question about what consent you’ve granted for a search and what the limits of that are,” Brett Max Kaufman, a senior staff attorney in the ACLU’s Center for Democracy, told The Verge. “There have been cases where people give consent to do one thing, the cops then take the whole phone, copy the whole phone, find other evidence on the phone, and the legal question that comes up in court is: did that violate the scope of consent?”
If police do have a warrant to search your phone, numerous courts have said they can require you to provide biometric login access via your face or finger. (It’s still an unsettled legal question since other courts have ruled they can’t.) The Fifth Amendment typically protects giving up passcodes as a form of self-incrimination, but logging in with biometrics often isn’t considered protected “testimonial” evidence. In the words of one federal appeals court decision, it requires “no cognitive exertion, placing it firmly in the same category as a blood draw or fingerprint taken at booking.”
it’s unbelievable that there is a distinction in US caselaw between giving up your biometrics and giving up your password, and your essentially unchangeable biometrics are somehow the one you’re probably obliged to give to the cops if they ask. just an incredibly goofy system
Law enforcement has been collecting fingerprints for over 100 years now, and the history of using fingerprints for other reasons goes even further back.
The error here is that we decided to start using an easily obtainable piece of data as a “lock” on our phones and computers. For many reasons, it’s better to use a password or PIN.
i don’t believe stored fingerprints can actually be used on modern devices
It’s much more worrying how often face unlock works with a simple photo.
The MyColorado FAQ explicitly states that an officer cannot take your phone, even if they think your digital ID is fraudulent. This whole article is a ton of fear mongering. Digital IDs do not require you to give your phone to anyone, they do not require you to unlock (unless it’s a state specific app), and even if its a state specific app the cops aren’t allowed to take it anyway.
I have a question: Is a FAQ case law?
The MyColorado FAQ explicitly states that an officer cannot take your phone, even if they think your digital ID is fraudulent. This whole article is a ton of fear mongering.
no offense but: even if you were to grant the notion that this is an exaggerated problem–cops are not well known for their rigorous adherence to the law or proper legal procedure. they routinely fuck up and violate civil liberties, up to and including murdering people for arbitrary reasons. and unless police are held accountable (which they almost never are for a variety of systemic reasons), what a state says they cannot do is effectively meaningless. it’s just words on a screen, really.
I would agree with you if we’re talking about something like the ability to search a car, where the cop is not allowed to without the owner’s permission (assuming no probable cause or warrant). In that case the cop usually figures out a loophole to manufacture probable cause or manipulate the owner into agreeing to a search. And then there’s nothing a lawyer or judge can do later, because it’s the cop’s word vs yours.
But if we’re talking about a law that actually says the cop cannot take your phone no matter what, and they do, then any public defender would be able to point it out and the judge would certainly have to enforce it. I can’t think of a way the cop would abuse their power because, in this case they don’t have it.
I could be convinced based on the actual wording of the law, though.
But if we’re talking about a law that actually says the cop cannot take your phone no matter what, and they do, then any public defender would be able to point it out and the judge would certainly have to enforce it. I can’t think of a way the cop would abuse their power because, in this case they don’t have it.
they can abuse their power because they’re a cop, with a badge and gun, and the right to maim or literally kill you with it (and probably get away with it even if it’s not strictly legal) if you don’t comply with their demands in the moment. again: cops consistently do not care about or follow legal procedures they’re supposed to, frequently fuck up those procedures even when they do, and most cops probably don’t even think of it as their job to secure some airtight case that stands up to legal scrutiny. it’s not a profession that lend itself to the kind of charitability that’s being given here, and the record of the profession makes it even less deserving of that charitability.
If you have an iPhone, you tap the power button 5 times to make an emergency call, after that cancel it and the PIN is required to open the phone.
Or hold the power button and any volume button for 3 seconds. Same result.
Never use biometrics. It’s just not worth the tradeoffs.
Something you have, something you are, something you know. Are you willing to give up proper security for your cause?
When it’s being employed properly, it’s absolutely an important tool, but the way they’re presented to most users, such as on-device biometric data stores (e.g. Apple’s secure enclave, or a TPM verification), aren’t the proper implementations. Nor is using biometrics as your primary auth method.
It’s supposed to be “something you have and something you know and something you are”, not “have or know or are”.
NIST standards for biometrics require the biometric data be stored on a secure remote server, and that the scanner device check against that during auth. Putting the biometric data on the device means that you’re losing a big part of your non-repudiation.
And it’s even worse when you’re using a secondary factor (biometric) as your primary or only factor (e.g. a phone unlock), that grants access to your other factors like password store and OTP tokens.
Biometrics are never supposed to be a single-factor auth method when used properly, but that’s how most people use them now, and it degrades their security.
If your phone requires a passcode, a TOTP grant, and a biometric scan, by all means, please do employ biometrics, but if it’s going to be your only factor, DO NOT.
Or, for simplicity to the average forum reader:
Never use biometrics. It’s just not worth the tradeoffs.