Florida appeals court orders man to surrender iPhone passcode
A Florida man accused of voyeurism can be forced to share the passcode of his iPhone 5, the state's Second District Court of Appeals ruled this week, potentially challenging established interpretations of the Fifth Amendment.
The suspect, Aaron Stahl, originally gave verbal consent for police to search his iPhone for photos, but withdrew it before sharing his passcode, Courthouse News said. Police obtained a warrant for the phone, but were still unable to access its contents -- since iOS 8, the encryption on iPhones makes it virtually impossible to extract data without a passcode or Touch ID, especially since a device can be set to auto-erase after 10 failed passcode attempts.
In some other U.S. cases police have been able to compel people to supply a Touch ID unlock, but the iPhone 5 lacks the appropriate sensor, and regardless there's only a limited window in which iOS will accept Touch ID input without re-entering a passcode.
A trial judge initially denied a state motion that would force Stahl to surrender his passcode, saying it would violate Fifth Amendment protections against self-incriminating testimony. Precedent for this was set in a 1988 Supreme Court decision, which suggested that while a person could be forced to turn over a key to a strongbox, for instance, they couldn't be made to share the combination to a safe.
Writing on behalf of a three-judge panel however, appeals court judge Anthony Black questioned "whether identifying the key which will open the strongbox -- such that the key is surrendered -- is, in fact, distinct from telling an officer the combination," as well as the viability of any such argument with growing advances in technology.
"Unquestionably, the State established, with reasonable particularity, its knowledge of the existence of the passcode, Stahl's control or possession of the passcode, and the self-authenticating nature of the passcode. This is a case of surrender and not testimony."
Such disputes have intensified in the past year following Apple's refusal to write a backdoor into the iPhone of San Bernardino shooter Syed Rizwan Farook. To date Apple and other encryption supporters have typically come out on top, but are still facing challenges from politicians, spy agencies, and law enforcement concerned that criminals and terrorists may be "going dark" to surveillance.
The suspect, Aaron Stahl, originally gave verbal consent for police to search his iPhone for photos, but withdrew it before sharing his passcode, Courthouse News said. Police obtained a warrant for the phone, but were still unable to access its contents -- since iOS 8, the encryption on iPhones makes it virtually impossible to extract data without a passcode or Touch ID, especially since a device can be set to auto-erase after 10 failed passcode attempts.
In some other U.S. cases police have been able to compel people to supply a Touch ID unlock, but the iPhone 5 lacks the appropriate sensor, and regardless there's only a limited window in which iOS will accept Touch ID input without re-entering a passcode.
A trial judge initially denied a state motion that would force Stahl to surrender his passcode, saying it would violate Fifth Amendment protections against self-incriminating testimony. Precedent for this was set in a 1988 Supreme Court decision, which suggested that while a person could be forced to turn over a key to a strongbox, for instance, they couldn't be made to share the combination to a safe.
Writing on behalf of a three-judge panel however, appeals court judge Anthony Black questioned "whether identifying the key which will open the strongbox -- such that the key is surrendered -- is, in fact, distinct from telling an officer the combination," as well as the viability of any such argument with growing advances in technology.
"Unquestionably, the State established, with reasonable particularity, its knowledge of the existence of the passcode, Stahl's control or possession of the passcode, and the self-authenticating nature of the passcode. This is a case of surrender and not testimony."
Such disputes have intensified in the past year following Apple's refusal to write a backdoor into the iPhone of San Bernardino shooter Syed Rizwan Farook. To date Apple and other encryption supporters have typically come out on top, but are still facing challenges from politicians, spy agencies, and law enforcement concerned that criminals and terrorists may be "going dark" to surveillance.
Comments
What Apple needs to do is let the user setup a "self-destruct" passcode that, if entered, deletes user data for all/selected apps. (Tying this to a specific fingerprint wouldn't hurt things either.)
Being able to delete selected applications or wipe application data is key, as typically you'd like the authorities to think they're looking at an ordinary phone, while in reality you've deleted all of the app data for Message or Facebook or Twitter or Mail, protecting that information and those communications and contacts.
Wait...
Talk about twisting the law to meet your own needs. I don't condone what this person is alleged to have done but you don't set legal precedent on a case like this. One person's voyeurism is another's business (paparazzi), and a well paid one at that! Add all the YouTube videos drunken young (and older) adults posts and why is this person even in court? They have witnesses who saw him take the photos, just fine him for a misdemeanor and quit wasting our taxpayers money.
For the "liberty or death" types, what if this was a ticking time bomb that might kill or maim you friends or family, for instance? Would you feel differently? Similarly, for the "allow the police to see the iPhone's content at all times" types, what about the slippery slope that essentially invites government intrusion of all sorts into your private life, including family communications, lawyer communications, finances, health records, trade secrets, browsing habits... in fact, why not just allow the government to tap all connected devices all the time and store everything in a giant database?
As always, it is a matter of balance. That is why we have courts. Hopefully, an efficient process can be set up, and it is one that looks at the modalities of a particular case to decide. Of course, this assumes that we have courts and judges that are sensible, and not like the brazenly craven FISA court that is a rubber stamp for the spooks in the executive branch.
Agreed, this functionality would be really nice in iOS. It would be hard to justify, though.
Everyone knows that
https://en.wikipedia.org/wiki/United_States_v._Kirschner
The ticking-time-bomb scenario is easy to dramatize but difficult to encounter. It's extraordinarily chancy that the combination of factors would occur: law enforcement actually catching someone in the act, gaining control and accurate knowledge of all aspects of the situation, except for one terrible thing that will still happen and can't be stopped in any way except with a passcode in exclusive possession of one person they also have control and accurate knowlege of. This is one-in-a-billion stuff — absolutely not what policy should be based upon, because the routine use of that policy will be in much more mundane, non-emergency situations that lack similar emotional urgency.
But I'm puzzled about one thing: how old is his iPhone? Because if he has fingerprint control turned on, they don't need his passcode, only his finger. I wonder why this didn't come up in court - even if the court ruled that he "has to" provide the passcode, would he be forced to use his finger to open the phone?
There is always a way for authorities to get you, if they REALLY want.