eDiscovery Daily Blog

Law Enforcement Has Found a New Way to Put a Finger on iPhone Evidence: eDiscovery Trends

A dead finger, that is.  Believe it or not, cops are now opening iPhones with dead people’s fingerprints.

A couple of days ago Sharon Nelson (on her excellent Ride the Lightning blog) covered a Forbes article that discussed a suspect who mowed down a group of people in his car, went on a stabbing spree with a butcher’s knife and was shot dead by a police officer on the grounds of Ohio State University.  To try to access the phone to learn more about the assailant’s motives, an FBI agent applied the bloodied body’s index finger to the iPhone found on the deceased suspect.

In that case, it didn’t work as the iPhone had gone to sleep and when reopened required a passcode.  But, this technique is working in many other cases.  Separate sources close to local and federal police investigations in New York and Ohio, who asked to remain anonymous as they weren’t authorized to speak on record, said it was now relatively common for fingerprints of the deceased to be depressed on the scanner of Apple iPhones, devices which have been wrapped up in increasingly powerful encryption over recent years. For instance, the technique has been used in overdose cases, said one source. In such instances, the victim’s phone could contain information leading directly to the dealer.

Not surprisingly, there are concerns about whether a warrant should be required. Greg Nojeim, senior counsel and director of the Freedom, Security and Technology Project at the Center for Democracy & Technology, said it’s possible in many cases there would be a valid concern about law enforcement using fingerprints on smartphones without any probable cause. “That’s why the idea of requiring a warrant isn’t out of bounds,” Nojeim added.

Think having an iPhone X that replaces the fingerprint security with facial recognition technology will keep law enforcement at bay?  Think again.  It could be an easier way into iPhones than Touch ID. Marc Rogers, researcher and head of information security at Cloudflare, told Forbes he’d been looking at Face ID in recent months and had discovered it didn’t appear to require the face of a living person to work – apparently the technology can be deceived simply using photos of open eyes or even only one open eye on the suspect.  “In that sense it’s easier to unlock than Touch ID – all you need to do is show your target his or her phone and the moment they glance it unlocks,” he stated.

Or open the eyes of the dead suspect.  Dead men tell no tales?  Maybe they do after all.

So, what do you think?  Should a warrant be required to access phones with fingerprint or facial recognition technology?  Please share any comments you might have or if you’d like to know more about a particular topic.

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.