Your privacy, fingerprints and the Fifth Amendment

January 2017: With the current political climate, we feel now is a great time to remind everyone about their right to privacy and where it ends. This post was originally published in May 2016 but it's just as important now, if not more so, than it was then.

Being able to unlock your phone with your fingerprints is a really good thing. It's not the most secure method you can use, and there are issues about having only one set of fingerprints if you ever need to change your login credentials, but the convenience factor means more people will keep their phones locked when they're not using them. That means your privacy is protected, as well as the privacy of everyone in your contacts or people you're networked with through social media when and if someone else gets their hands on your phone.

We all should thank Motorola for trying it, and Samsung and Apple for making it good. Biometrics used to verify identity isn't exactly new, but getting everything working on a tiny pocket computer surely wasn't easy. We've also seen Iris scanning on the Alcatel Idol 3 and short-lived Note 7. We'll probably be going through this same scenario when iris scanning tech takes off, too.

If you're in the U.S., though, there's another snag that not everyone knows about — law enforcement can force you to place your finger on your phone and unlock everything. A precedent was set by the Circuit Court of Virginia in October 2014, and recently upheld and reinforced by a federal court in February 2016, that makes it clear that while you can't be forced to provide a passcode for an electronic device, your fingerprints and using them to unlock the same device is not protected by the fifth amendment of the U.S. Constitution.

You can be forced to incriminate yourself by providing anything and everything on your phone to law enforcement by using your fingerprint as long as a warrant was requested and received. This will almost certainly be challenged as a direct violation of the fifth amendment (and possibly parts of the fourth amendment), but for now, this is the law.

You can be compelled to provide your fingerprint and unlock your phone, under current U.S. law

I want to be clear on a couple things here. Nobody at Android Central is condoning any criminal behavior, nor do we judge anyone for their feelings on how they want to help law enforcement investigate any case. If you want the U.S. government to have access to the data a person involved in an investigation has on their phone, that's fine. You should realize that not everyone feels the same way, as well as know that you don't have to be a law-breaker to value your privacy.

If you, or a peace officer in any capacity, would get access to my phone you'll find nothing that puts me at risk of prosecution, and probably be bored looking at pictures of my family and my dogs, see half-completed documents I'm working on and maybe an expense report or two. But that's my stuff, and I don't want anyone rifling through it. It's OK to feel differently.

But this leads us into ideas of how we can protect that privacy if we're using our fingers to open the secure container that holds it all. And there are a few things you can do.

You'll need a backup method to unlock your phone if you are using a fingerprint scanner. A four digit PIN works well here. It's not too difficult to break, but protections that make your wait between incorrect attempts and a self-destruct feature where data is wiped after a certain number of attempts mean that getting past a PIN will prove to be difficult. Like using a fingerprint in the first place, it's a nice balance between security and convenience.

PIN settings

The real benefit here is that you can require this PIN to be entered before your phone will start. You'll see this option when you set up a phone as new, or when you go into the security settings and change the PIN itself. This means that every time your phone is started until the correct PIN is entered, it's completely dead. No data is decrypted, no calls can come in, and no software outside of the bootloader itself is running.

Because a PIN is either required to start the phone (if you choose to use this feature) or unlock the screen for the first time after it starts up, you can't unlock it with just your fingerprint — your fifth amendment protected PIN is required. And with all current Android phones and iPhones, a piece of hardware embedded in the system-on-chip that houses the CPU keeps things locked up and inaccessible through standard software hacking.

If you see the blue lights, just hold the power button and shut down your phone.

Now, this isn't going to help if you're a fugitive and subject to being detained on sight or caught in the act doing something shady. But if you're just a regular person who doesn't want anyone to get information about you or the people you keep company with it's pretty effective. If you're able to do this, it means you get to decide if you want to share what is on your phone with "the man."

If you see the blue lights, just hold the power button and shut down your phone.

Android phones with unlocked bootloaders also pose a risk. Don't think that even your local constable doesn't have access to people just as savvy with Android as the folks you find at XDA. If your bootloader is unlocked, anyone can dump the software and all the data from your phone onto a computer without ever having to use the lock screen. With enough incentive, even an encrypted image that has a key to unlock it stored in the protected hardware of the original phone can be cracked. Chances are there's not much incentive to go through this for a regular middle-aged dude like myself, but what if I had a random Twitter interaction with someone who is worth the trouble?

The internet connects the world, and that funny meme you liked on Facebook could have been posted by anyone. Facebook is obliged (rightfully so, in my opinion) to provide any and all publicly available data (the public part is important) about a user when the right warrant is served. If you liked a post from a person of interest, the people who want to know more about you don't care that you claim to have a phone filled with texts from your friends and cat pictures — they want to see for themselves. Keeping the bootloader locked means it's almost impossible for them to have a look, and they likely won't even try.

I want the police to put people doing horrible crimes in prison where they can be rehabilitated, or at least be kept from doing more harm to society. Most of us aren't one of those people, and getting arrested or detained for drag racing or having a tiny baggie of weed in your pocket or any other minor offense doesn't make you Charles Manson or the Zodiac Killer. Neither does peacefully protesting against a government overstepping their bounds. We all have rights and a reasonable expectation of privacy. If the courts won't decide to uphold our fourth and fifth amendment rights when it comes to what we have on our phones, then we should do everything we can to protect them ourselves.

I just want to share my data on my terms, and want the same for you.

Jerry Hildenbrand
Senior Editor — Google Ecosystem

Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.

  • I've done the opposite when pulled over and when I've gone threw a DUI check point. I set my phone in the cup holder pointed towards the window and instantly start recording. I personally think every encounter with law enforcement should be recorded for your safety. Living In An Android World
  • Totally agree! Posted via the Android Central App
  • A potential idea might be to just use a fingerprint you don't have registered a couple times in a row so the device locks out and requires a PIN, then start recording. That way your stuff is protected behind a PIN, but you can also record for your own safety.
  • U can quick launch ur camera and keep ur phone locked at the same time.. At least with the Nexus 6P u can by double pressing the power button. Posted via the Android Central App
  • That's exactly what I'm suggesting. You want to make sure the biometric authentication gets locked-out so your device now requires a warrant to be searched, and then you launch the camera from the lock-screen so you can still securely record. If you start recording without first making sure your finger print is locked out, they could still seize your phone in the middle of a traffic stop and force you to unlock it (As the article says). I was merely suggesting a way to get the best of both worlds: The security of recording the traffic stop (For your own protection), and the security of making sure your biometric signatures are locked out (Also for your own protection). For example, on my Lumia 950 XL that I have set-up to work with my retinas: I would just purposefully let Windows Hello time-out three times, and then it will no longer accept an iris scan, and require me to enter my (16-digit) passcode. Then I can securely press the camera button and begin recording the traffic stop. In this scenario: I get not only my phone being locked out to cops until a warrant is issued, but also I can record the traffic stop to make sure they don't get away with anything shady.
  • First of all, always have your camera on medium resolution, keep extra room available in internal storage, default location for pics-video should be on phone not external SD. Now when you get pulled over like I do 3 times a month, all you have to do is go to Settings, Security, Fingerprint, and disable. Reboot phone before cops gets to car. Quick launch Camera and start recording. Cops have actually taken my phone to get the video footage erased and even removed my SD card to get at the footage.
  • What color are you?
  • 1/4 White, 1/4 Hispanic, 1/2 Black. I get affected by it all.
  • Sadly, I just tried this on my note 5. Used an unregistered finger until PIN was required. Then double-tapped home button to go into camera, and took a picture. After leaving the camera, I was able to unlock the phone with a registered finger.
  • Just tried it on my Note 4. It's simply a time-out, sort of like a way of deterring one from snooping on ones device. Posted via the Android Central App
  • @SwimSwim: this sounds like obstruction of justice. Also while you are not supposed to be forced to give your password, you could be held in jail like this guy
  • I'm curious: How would disabling biometrics so that a PIN is required be an obstruction of justice? As far as I can tell, it's no different than declining to let police search my home until they have a warrant. No warrant: No search. The way I understand it (And I'm not a lawyer, so I might very well be misinformed here) is that obstruction of justice would be if I locked out my phone so police needed a warrant to search it, but then before they got the chance: I wiped the memory on it so any evidence would be destroyed.
  • As a matter of fact, it doesn't have to be the index fingerprint you use to unlock your phone. It could be any finger. And there's a setting to lock up the phone after five swipes from a non-matching finger.
  • It's sounds paranoid but the one time you really wish you'd recorded the stop, you will probably REALLY wish you'd recorded the stop. They should build stop recorders into cars.
  • Exactly Living In An Android World
  • Are the cops really that bad in America? Blackberry Priv
    Nvidia Shield "Portable"
    Sony Xperia Z3 Tablet Compact
  • i'm probably going to receive a lot of grief for this...but no, they're not...there's some corrupt cops, but most cops are just trying to do their job....they're like bees, most of them, in that if you don't give them a reason, they won't screw with you beyond a typical every day stop...most of the videos you find online start up at the precise moment to make the police officer in question look like a monster, with no way of knowing what preceded the recorded events
  • Pollyana
  • YouTube corrupt cops and see how many videos you get... Then pay attention to how many videos have black cops being corrupt. Then pay attention to how many of these encounters end up with the cop being cleared of any wrong doing, despite video evidence. Then BE HAPPY YOU'RE WHITE.
  • Worse than you can imagine.
  • Depends on who you are and where you are.
  • I agree
  • What about using a pattern lock/unlock? I'm with you Jerry, I really have nothing to hide on my phone or electronics. But, I don't want to freely allow law enforcement or others to browse through my stuff without a warrant or probable cause. Majority of my pictures are of family and various family outings or unfinished projects around the house!! I have instructed my teenage son about sending and receiving "stuff" and his online usage (Facebook, Snap Chat, Memes) . My rule is , if you receive anything I would lecture you about , delete it, don't save it, and don't forward. Additionally, if at school and an administrator asks for your phone, comply, but you are not required to cough up your passcode. If this persist or involve school police, respectfully ask them to contact your parent. He uses a pattern lock.
  • I do believe pattern lock is protected.
  • I don't see why it wouldn't be. Entering in a number sequence on a pin pad is a pattern and they cannot force you to disclose that.
  • Also tell him to go into Bootloader mode and dump the entire cache. Just because you deleted it doesn't mean it's still not on your phone. Need a new OK Google phrase while hands free, OK Google factory reset my phone
  • I believe a pattern lock would be protected like a PIN or password. The key difference here is that what is needed to unlock it is in your head (PIN, password, pattern), not part of your body.
  • Yes, but don't trust a judge or law enforcement to see it that clearly. Just look how they've twisted the law to allow them to force us to unlock a phone using our fingerprint if the phone is secured with a fingerprint.
  • If they have a warrant, they can fingerprint you, and then take that fingerprint card, and use it to open your phone. So they'll still be able to open your phone, and you'll have fingerprinting ink all over your phone in the process.
  • I don't think an image of a fingerprint will work.
  • I had this idea when Jerry had me thinking about fingerprints and security and all that. Wouldn't be great if fingerprints could be used as "unsecure" method in conjunction with smart lock? In short, you have a 25 character password to keep your phone safe. But that's a bit much to type all the time, so you use fingerprints to bypass it. Just like smart lock does with other things. This in turn could be configured the same way as smart lock normal is, only when I'm at home, when I'm moving etc. Even without fingerprints it would be great to use a strong password and then a 4 digit pin when I'm at a secure location. Something Google could add in Android O =)
  • Very interesting idea. Would be nice to have as another option. Hopefully Google is kicking this around (or something like it) as the whole security genre has received a lot of attention lately.
  • in theory that is good. but im gonna play devils advocate. suppose i took a walk to the store and have a heavy bag of groceries. i'd have to type 25 characters into my device.
  • At my company, we had Airwatch (device management software) installed. The company required a pin lock on all phones which is common. I was the Airrwatch administrator and was able to apply that to my, and my bosses phones. When in a certain geographic location, pin was required. When I was at home or out of that area, no pin was required. Was pretty cool actually. ...Thinking back on it, that may have utilized a google feature, trusted locations.
  • A wonderful article. My concern as a parent, and a spouse, is that it takes you off the grid when you may need to be on the grid. Start TRON music ....... Posted via the Android Central App
  • *standing ovation* Thank you Jerry for this article and its knowledgeable and valuable information. I like how you mention multiple times that its OK for everyone to think/feel differently, while at the same time this article expresses your personal opinion. It's not preachy or pointing everyone in one direction over the other. You strike a nice balance between informative and selection. Very well written. Now, for the article itself. Thank you for explaining all options in detail so that everyone who reads this can make an informative decision on what they want to do... or in the very least, know that they have a last minute option if they see blue lights behind them. I love reading articles like this from you and look forward to the next one.
  • Interesting article Jerry.. Thanks for sharing. Posted from my AT&T LG v10
  • Question about fingerprint locks:
    Is the fingerprint stored on the device only or can the phone manufacturer/law enforcement agencies (NSA) "see" my prints when I set up my phone? SiDi™
  • THIS! Posted via the Android Central App
  • Your fingerprint is analyzed by the software, and turned into an encryption token. The token itself is stored on what's called a TEE module in the phone hardware (those haven't been cracked yet) and referenced by a separate token in software that points to the TEE when authentication is needed. The actual fingerprint data isn't stored or saved anywhere, just the result of analysis.
  • Thanks for the article and thanks for the reply!! SiDi™
  • Thank you for clearing that up. I had no idea where my fingerprints were being stored. I actually haven't used my fingerprint sensor because of that. I might give it a try now. Living In An Android World
  • @jerry
    OK. You did say "never cracked..." - if someone was to break in , is there any way to put all that data together and actually have your fingerprints? Moto XPE/VZW Moto X DE/N7
  • No. But what they would have is just as bad — the token your fingerprints generate through the algorithm, or even worse — a way to fake it. Getting your actual fingerprints is easy. They're on your mailbox or your car door handle.
  • Lol. But in that case (mailbox drive by :)) you would have to be specifically targeted.
    Wow that's interesting. At least, not having that data stored in a cloud feels somewhat safer. Moto XPE/VZW Moto X DE/N7
  • The other neat thing about fingertips, is (especially for optical sensors) pressure affects the spacing in the papillary ridges, which effects the deltas between those ridge spacings, which yields a different 'fingerprint' (a human looking at the print itself can notice, and a computer can compensate for the variations) but a simple optical reader can't. So a 'hard fingerprint' and a 'soft fingerprint' can appear to the computer/phone to be two different people. This also explains why when you angrily slam your finger against your biometrically controlled optical reader on the time clock - it doesn't always read.
  • When it comes to security, always assume that it can be compromised. But to answer, per Google it's stored locally, encrypted, at least on Nexus devices:
  • Thanks for the link! SiDi™
  • Thank you so much for the link. I've been very very very curious about fingerprint security. Living In An Android World
  • The fifth amendment and such don't apply to me, and I actually have no idea if I can legally be compelled to surrender my fingerprint (though I would assume so). However, regardless of legality it's good to bear in mind that it's infinitely easier to physically force someone to surrender a fingerprint than a password. Especially if someone is unconscious. It's best to assume I'm being sarcastic. if I'm ever serious I'll type "/s" to make it clear.
  • Nothing sarcastic about that, it's absolutely true. The finger print feature is great for convenience, but it is NOT secure by any means. No method is 100% secure but some are better than others.
  • Was thinking the same thing. Would love a hands free phrase for your phone, OK Google factory reset my phone, if you were being forced to unlock your phone. Or a personalized phrase in Star Trek, OK Google complete Picard Alpha 4 then your phone automatically factory resets.
  • Might be doable using Tasker.
  • Nova Launcher has an option to lock your phone and require a password, and this action can be set to a gesture. For example, use fingerprint unlock normally, but if you anticipate being pulled over just double tap your screen to password lock it. I also recommend a full password rather than a pin. Use fingerprint unlock for convenience and the regular password as your more secure backup security method. Posted via the Android Central App
  • Does anyone know of vanilla Android has a similar feature? Posted via the Android Central App
  • With the screen off, press the lock button. Then tap the "lock" at the bottom center of the lock screen. This will require you to enter your pin/pattern/password (which ARE protected under the 5th amendment) to get past the lock screen. It will also temporarily turn off any smart lock features (trusted devices, trusted places, on-body detection). Posted via the Android Central App
  • Nah that will still you log in with a finger print Posted via the Android Central App
  • Yeah. Idky I was thinking that it would lock out fingerprint scans. Posted via the Android Central App
  • Locks it out on my V10
  • Never mind. Using this method you can still get in with a fingerprint scan. It only locks out the "smart lock" features. Posted via the Android Central App
  • I use Nova Launcher and love this feature. I have mine set to lock the phone when I double-tap the screen. If I were ever pulled over, I simply unlock with my fingerprint, then double-tap the screen. Locked up all safe and secure with my 7 digit pin. My pin is required on startup as well.
  • Jerry, I like and respect you even more for this article. You've articulated the issue very well. Posted via the Android Central App
  • Great article, thank you Jerry! Posted via the Android Central App
  • Three things: 1. Great article. Well written and informative. You're just the right amount of paranoid, and I appreciate that. 2. A two factor authentication for startup on Android phones would be awesome. (Authentication factors are something you have, something you know, or something you are.) After startup, single factor would be fine just to keep things snappy. 3. If you raise enough red flags, the gov't absolutely will break your encryption and own your device no matter high security you get. If you knock off a 7-11, you will probably be ok, but if it gets to a federal level, your fingerprints, pin and encryption won't stop Uncle Sam from getting all in your business. If this is new information to you, then you haven't been paying attention. Posted via the Android Central App
  • 2. - If you need two factor authentication, what happens if your phone restarts or you turn it off when you aren't next to your computer?
  • Start up your phone with PIN and fingerprint. (Something you know and something you are.) After that, phone requires only fingerprint until restart. This is a signature.
  • Hmmm ~Android Central
  • I'd be curious to see if this covers all biometric options, including iris scanners. I do know that on the Lumia 950 series if you restart the phone, the iris scanner doesn't work at first boot asks you for your pin. So by powering the phone off, it does the trick Jerry mentioned in covering your rights. I'm curious to see if other OEMs look into other biometric options besides fingerprint scanners for differentiation, what the law will say about those as well... G4 Approved
  • Can I do this on my OG Nexus 5? Can't seem to find it.
  • I agree about the Charles Manson analogy, but we could still be the Zodiac Killer. They never caught that guy. Posted via the Android Central App
  • No, I'm pretty sure I read that they know who the Zodiac Killer is, he just dropped out of the Republican presidential nomination race.
  • The reason the law says they can get a warrant for your fingerprint and not incriminate yourself, is the same way the law can get a warrant for a cotton swab of your mouth and saliva for DNA. Your fingerprint is a part of you, just like saliva. But your pin code or pattern code is a part of your memory, and that is what is protected by the 5th amendment and the law cannot ask you to unlock your phone with a pin or pattern code without incriminating yourself. I have been telling people for the last couple of years about this kind of security risk to themselves after the law said in 2014 that they could get a warrant for your fingerprint. Everyone I have told is an upstanding citizen, but even common people need to know and understand their rights. Never give out your phone to a police officer or teacher or anyone unless they have a warrant, and even then, make sure you have some kind of lock screen. Protect yourself and others that you interact with.
  • Very smart Living In An Android World
  • Great article, Jerry. I don't have anything to hide myself, but I do value my privacy, and I was just thinking about this after the recent court rulings. I was glad to find that in the Nexus Imprint support docs it says that you will have to enter your backup method (PIN, password, or pattern) at least once every 48 hours. That explains why I have been seeing a message periodically that says something like "Please provide your PIN for additional security" - at which point I cannot unlock my phone with my fingerprint until I've entered my PIN. I would like to see Google make the fingerprint entry method in Android more like Smart Lock. It would be nice to be able to tap on the fingerprint icon at the bottom of the screen to disable fingerprint unlock temporarily, making it necessary to enter the backup method instead. That option already exists with Smart Lock, and I would occasionally use it when Bluetooth unlock was enabled but someone was in the car with me. That seems more reasonable than ensuring privacy by shutting the device off entirely, but I'm curious how Direct Boot changes in Android N might affect all of this also.
  • Idk but I'm still not comfortable storing my fingerprints in the phone or any device, especially when we have so many options available (at least on Android) - PIN, 20 character Passwords, Pattern, BT devices, Location, NFC chips. Moto XPE/VZW Moto X DE/N7
  • Your fingerprints don't get stored.
  • So how does it work then? Moto XPE/VZW Moto X DE/N7
  • It converts the attributes of your fingerprint to a bunch of statistics which are then hashed and stored. When you put your finger on the sensor to unlock a hash is again generated and compared to the stored hash. If they are smart they will use a device-specific salt as part of the hash algorithm. That way even if someone were to obtain the stored hashes they would not work on other devices.
  • [345]
  • Good article, Jerry. It's nice to see articles like this on AC (instead of the completely un-researched "best SD card" type articles.) I would like to add a couple of points, however, regarding your suggestions: First, if you're device decrypts data on boot up, a password or PIN won't protect your decrypted data. It makes it slightly annoying to get to, but it's not overly difficult. This was implied in the article, but stating it directly nicely leads to... Second, if you choose the option to prevent the device from decrypting on boot up until a password/PIN is entered, be sure that your phone is running VERY stable firmware. As mentioned, the phone is essentially a brick until the decryption takes place - and if your firmware (or some app on your device) causes unexpected reboots, you won't get any calls, text messages, VM notifications, or anything else until you notice that your phone rebooted and enter that password/PIN. This can also occur if your carrier likes to FORCE firmware updates (which usually involve a reboot.) Take care
  • Jerry mentioned:
    "Android phones with unlocked bootloaders also pose a risk."
    "With enough incentive, even an encrypted image that has a key to unlock it stored in the protected hardware of the original phone can be cracked."
    I like to keep my bootloader unlocked (so that I could from time time to time to boot into TWRP) but unrooted. It is my understanding that cracking Android encryption even if you have access to dumped image is supposed to very challenging and I'm counting on it.
    I would like somebody to chime in regarding reliability of Android encryption in context of unlocked bootloader. I have not seen on XDA something like "How-To Cracking Android encryption.
  • Hypothetically, any encryption can be cracked. I don;t know of anyone who has cracked an encrypted device, and the few people who have made the claim were found to be less than truthful. But that doesn't mean it can't (or hasn't) been done. We often think of bumbling idiots working at government offices, but I can tell you that some extremely bright and innovative people work in US intelligence around the DC area. Exactly the type of people who could find a way to break in.
  • Aww, thanks Jerry! You're a smart cookie yourself. ;) This is a signature.
  • I can confirm that is exceptionally challenging to gain access to data even with an unlocked bootloader and a using something like TWRP. I know, I just went through trying reinstall a new ROM on a rooted phone with encryption turned on. TWRP couldn't even gain access to the data, let alone decrypt it. I think Jerry's point is, if the boot loader is unlocked, the entire storage drive can be moved over to a computer with the encryption intact. Then the computer has special software and the brute power to then decrypt that data from there. Locked boot loader will not allow any data to be moved, thus someone would have to crack that encrypted data using the phone, which is very time consuming and expensive.
  • What are so many doing that you're worried being stopped by the police and then worried about the phone being searched? I've been stopped once and it was because I acknowledge I was flying down the road. My phone never became the focus of the police. Posted via the Android Central App
  • It's called securing our freedoms and liberty's. It pays to be an informed citizen. Would you let the cops search your house for no reason at all? Living In An Android World
  • I never implied that I wouldn't cooperate with law enforcement. But that should be my decision, not theirs. I'll take the choice between complying or jail over not having a say in the matter.
  • I abide by the law as i was law enforcement for quite a while. I have nothing to hide. But i will not/should not surrender my personal stuff unless its accompanied by a search warrant. Then and only then, should they be allowed, by law, to obtain any and all information stored on my electronics.
  • Yes, Gator 352, but even a warrant has its limitations.. and one of those limitations comes in the form of the Fifth Amendment.
  • If they have probable cause for specific items listed on the warrant to search, they can search as it is court ordered. Amendments at this time is suspended until search of said items is complete. But for digital items such as phones, at this time is mundane and needs to be revamped to coincide with the times.
  • I'm not sure the warrant can be for things in your head, can it? If they have a warrant for the phone, by all means, you turn it over to them and allow them to search it. If they are unable to understand its contents (because it's encrypted, or you took notes in a foreign language that they don't understand, or you took all of your notes in a language that you made up and only you know?) that is their burden to overcome.
  • It works like this: Police get warrant for phone. You hand over phone and then You have two choices. Either unlock the phone to let them search it or not. If you don't unlock it, they can charge you with obstruction and they will break into phone anyways. Now bear in mind this is for a warrant only....not a
    random search. With random searches, they cant make you unlock if you use a pin code. But yes your right about contents. Once the phone is unlocked and being searched and you took notes in a foreign language, it is thier burden to understand it. That goes for anything. Picture locations, bank accounts, phone numbers, and etc.
  • And forgot to mention, the warrant has to be specific. If they want a video from your phone the warrant will indicate video/videos. That is all they are allowed to search. They can't search banking records, messages and etc. If they want to, they have to get another warrant for those items even if they "stumble" upon another crime.
  • I'm not a lawyer, but it doesn't seem to always work that way even with a warrant. For example, my quick search yielded this: A warrant was issued, but the act of decrypting the device in question (not a phone, but contents of a computer) was determined to be testimonial in nature "...I conclude that Feldman’s act of production, which would necessarily require his using a password of some type to decrypt the storage device, would be tantamount to telling the government something it does not already know with “reasonably particularity”—namely, that Feldman has personal access to and control over the encrypted storage devices. Accordingly, in my opinion, Fifth Amendment protection is available to Feldman. Stated another way, ordering Feldman to decrypt the storage devices would be in violation of his Fifth Amendment right against compelled self-incrimination." According to the 11th Circuit: "...the decryption and production of the hard drives would require the use of the contents of Doe's mind and could not be fairly characterized as a physical act that would be nontestimonial in nature. We conclude that the decryption and production would be tantamount to testimony by Doe of his knowledge of the existence and location of potentially incriminating files; of his possession, control, and access to the encrypted portions of the drives; and of his capability to decrypt the files." In re Grand Jury Subpoena, 2012 WL 579433 at *8 Different courts seem to have ruled different ways on this, though. My understanding is that it boils down this, basically: If the government can show with "reasonable particularity" that it already knows what is on the device and where it is on the device, and producing the unencrypted contents will reveal nothing that the government didn't already know, then it is considered a "foregone conclusion" and nontestimonial. Edit: Here's a good article where I found one of the quotes I used in my post:
  • You must not live in the US then.
  • It's not a matter of doing anything wrong. It's a matter of the officer having no right to snoop into my personal data bases simply because I was stopped while driving. If they feel my phone has any relevancy in a criminal case, then there are legal routes to follow. But Officer Jones does not have the right or need to know allowing him to simply snoop around in my personal data.
  • With those with Nexus devices. Just turn off your phone since every bootup your pin or pattern has to be the first thing that must be registered and not your fingerprint. So no matter how many times they ask you to unlock it with your fingerprint the phone will not allow it #TeamFrosty Nexus 6P
  • I read the iPhone has a timeout period where you have to use you pin even if finger print unlock is enabled. Does Nexus Imprint have that option? Posted via the Android Central App
  • "Sometimes you might need to use your backup PIN, pattern, or password:
    -After more than 48 hours have passed since you last unlocked using your backup method" Source:
  • I've never been a fan of using a fingerprint to unlock a device. I would prefer a fingerprint to be the equivalent of a username... who I claim that I am. And still require a PIN or password to PROVE that I'm the person I'm claiming to be.
  • Yup, it's not good practice to use something you are (bio-metrics), and that can't easily be changed, as a single security method. They really should only be used in conjunction with other security methods (ex. something you know: PIN/password and/or something you have: token/badge).
  • Your article was picked up by Nice.
  • Jerry, I completely agree with you! Thanks for advocating for a reasonable expectation of privacy! Posted via the Android Central App
  • Thanks Jerry - this is the kind of reporting I expect out of a site like Android Central.
  • This article is also relevant to devices WITHOUT a fingerprint scanner running Android 5+. If you use Smart Lock "Trusted Face" the same problem comes up... SiDi™
  • Here's an idea: Don't commit a crime or act of terrorism. The was some people talk about this, you'd think that law enforcement just goes around randomly selecting individuals asking them for their data (which would not have a legal leg to stand on even if they did).
  • The problem is, not every officer is honest or has the best of intentions. I say that as someone who has friends on several police forces and in the FBI. 95% of the time public interactions are good, but what about the times that are not so good, like when offices attempt to incriminate and plant or alter evidence? Or what about when prejudice takes over. Something is wrong when officers let dozens of cars drive by with burned out lights, then pull over a non-caucasian, pull him out of the car, and cuff him face down in the dirt... for a burned out liscense plate light. I'm Scottish myself, but I recognize that not everyone is treated justly, and not every officer is just. Protecting yourself, within the law, is not something that anyone should have a problem with. Posted via the Android Central App
  • Randomly, no. Sometimes mistakenly, yes.
  • Do you have any idea how many felonies you commit every day without realizing it? Also, newsflash... Hillary Clinton STILL isn't in jail!
  • Do you want cops just waltzing into your house whenever they please? If not, why not? After all, I assume you haven't committed a crime.
  • You can commit a crime and not even know it.
  • Such as the officer who was sending photos to himself from a woman's iphone, he had been snooping through during a traffic stop? This has nothing to do with criminal acts, it is all about a reasonable expectation from an invasion of privacy. I believe the overwhelming number of officers and law enforcement officials are honest and behave ethically, but it's the dishonest ones that we need to be protect ourselves from. It's similar to the concept of not leaving your wallet laying on the front seat of your car with the windows down, while you're inside of 7-11 going to the bathroom, lock the car and roll up your windows, even better is also taking your wallet into the store with you.
  • Brain washing of people to believe that "if you haven't done anything wrong, you should have nothing to hide" is coming from every