Earlier this week, Apple unveiled its new flagship smartphone, the iPhone X. Its marquis feature is a front-facing array of sensors it calls the TrueDepth camera, designed to recognize and track a user’s face. It replaces the fingerprint scanner as the biometric method for unlocking the phone. The iPhone X isn’t the first device to include this feature.
Windows Hello (which is mainly for laptops and tablets), and the Samsung Galaxy S8 also incorporate a facial recognition login, though the latter is based around an iris scanner rather than a whole face match. But Apple has especially made the security of its iPhone a critical aspect of its marketing, refusing in 2016 to unlock the San Bernardino gunman’s iPhone.
And while it’s still unclear whether or not facial recognition is technically secure enough to provide lasting protection, facial recognition can compromise user’s security in another way – legally.
Call it the Law and Order effect. Because of television police procedurals, most of us can seamlessly utter the phrase “You have the right to remain silent. Anything you say can and will be used against you in a court of law.” The phrase, the beginning part of the Miranda Warning, is an outgrowth of the Fifth Amendment – the right against self-incrimination.
That right is why a criminal defendant can’t be made to testify unless he or she wants to. Our right to choose not to provide testimony against our self-interest is literally enshrined in the constitution. But that right does more than provide protection against what we say, the Fifth Amendment also protects us from having to unlock our phones for police – even if they have a warrant. But that protection only applies if the phone in question protected by a pin or a passcode, not if you use a biometric like fingerprint or facial recognition
“The law is pretty settled at this point,” says Nate Cardozo a Senior Staff Attorney at the digital free speech organization the Electronic Freedom Foundation. “Absent some extraordinary circumstances law enforcement cannot make you disclose your password or enter your password.”
“The theory is that’s an attribute of the body and not the contents of the mind and so it’s not covered by the Fifth Amendment,” says Cardozo. “Even though you know your blood might show intoxicating substances and that might lead to your conviction it’s not considered self-incriminating testimony. It’s not testimony – it’s just a thing.”