|
|
|
|
|
|
by drags
3694 days ago
|
|
|
My understanding is that the "testimony" would be in the text of the password: compelling someone to reveal the password could be self-incriminating if _the password itself_ led them to additional evidence (e.g. a password of "I hid the revolver in the Conservatory"). [1] I can't think of a case involving a fingerprint where there's a similar risk since the fingerprint is arbitrary data. [1] https://en.wikipedia.org/wiki/United_States_v._Hubbell#Summa... |
|
|
However, when the prosecution has no specific knowledge that the evidence they seek exists, US courts have ruled that the defendant cannot be compelled to decrypt the storage device, since doing so would be forcing the defendant to reveal that incriminating evidence actually exists.
Applying your fingerprint to an iPhone is an act that, without argument, decrypts data on an encrypted storage media, as the act of applying your finger to the sensor instructs the device to retrieve the actual cryptographic information necessary (your passcode/passphrase, plus other hardware-specific data) to access the cleartext of the data.
The more and more I think about this, the more confidant I am that a fingerprint, while "something you have", forces you to disclose, by proxy, "something you know" to your phone.
I guess the question then is twofold: If you have a combination safe that may contain incriminatory evidence, and a safety deposit box that contains only the combination to your safe, can the courts compel you to give them the key to the safety deposit box? And if so, should they be able to?