It only seemed a matter of time before a law enforcement agency would use the iPhone’s Face ID technology to unlock the device and access information vital to a criminal investigation. In August, the FBI became the first agency to use Face ID to unlock an iPhone X, according to Forbes.
Suspected of either receiving or disseminating child pornography, 28-year-old Columbus, Ohio resident Grant Michalski cooperated with the FBI when asked to unlock his phone via Face ID. The FBI raided his home using a search warrant, allowing investigators to open his device and comb through his messages and online footprint. So far, Michalski has been charged with “receiving and possessing child pornography” along with another defendant with whom he communicated on Craigslist. No trial date has been set so far, per Forbes.
The FBI’s methods pose many interesting legal implications when it comes to gathering data that might prove useful when investigating a crime. Since technology companies started using biometric information as a personal security measure, it has been a hotly litigated question of how and whether law enforcement can to compel suspects to hand over biometric data used to unlock their devices. Apple’s introduction of Face ID with the launch of the iPhone X brought the question into starker relief.
Under the Fifth Amendment, which protects against self-incrimination, there’s a distinction between security measures like passcodes and biometric information such as finger prints and facial scans. According to The Verge‘s Adi Robertson last year, courts have treated the two criteria differently, allowing police to unlock devices with fingerprints as far back as 2014 and in several more recent cases. Hacking circles have been skeptical of fingerprint scans for years for exactly these reasons and Apple introduced a feature in iOS 11 that allows users to surreptitiously and quickly disable biometric login. The iPhone X also allows users to squeeze their iPhone before handing it over to temporarily disable Face ID login.
In 2016, the FBI struggled to unlock the iPhone of one of the terrorists who killed 14 people in San Bernardino. Apple wouldn’t budge, so the FBI ultimately paid nearly $1 million to an outside company to help divert the passcode.
In the Ohio child porn case, the FBI’s investigation was bold, but it hit a routine snag because it didn’t have Michalski’s passcode. While the Face ID unlock allowed investigators to go through Michalski’s phone manually, they were unable to extract the full data of the device as that activity still requires a passcode. According to Forbes, however, the Columbus Police Department and the Ohio Bureau of Investigation have tools able to bypass an iPhone’s security code altogether.
Originally posted on Popular Mechanics