Utah's state Supreme Court has upheld a court of appeals ruling, finding in the State v. Valdez that the Fifth Amendment right against self-incrimination allows criminal suspects...
Utah Supreme Court says suspects can refuse to hand over phone passwords to the police | Other state Supreme Courts disagree and the case would wind up before the US Supreme Court::undefined
Yea. And most of the data is already cloud backed up anyway. Which means you can restore it. Also means it’s not really your data either and someone else has access to do what they want with it.
If you’re worried about losing access cuz you lost your 2 factor FIDO2 key or One Time Password or whatever you can print off “backup codes” and put them in your lock box.
But if you don’t backpack your data locally then whomever you delegated backups to can cut you off at any time for any reason.
5A protections SHOULD cover divulging passwords or being forced to supply biometrics as a password.
Now, if the police/feds can take fingerprints obtained at booking and use a 3d printer to simulate that finger and then use that fake finger to open a lock, then I dont think 5A would protect that. Thats just crafty detective work.
Yeah biometrics historically haven’t been protected by the 5th amendment. I have seen other people argue that not supplying the password if the police obtain a warrant can result in obstruction of justice charges. I like to think it wouldn’t. They have the phone and a warrant it’s up to them to figure it out, a person doesn’t have to point out where they hide things in their home to police.
…Exactly. The laws in the USA don’t really reflect modern digital technology that well. Many of our legislators don’t understand the tech and the government is so divided that getting anything to pass seems impossible.
If one had a warrant then you just force the suspect to give over. Just like forcing them to give fingerprints. Isn’t the whole discussion moot if they have a warrant?
So when you offer a path to get into the phone without a warrant it’s just like breaking into a “house” without a warrant. Technically easy - just go through the window or use the fingerprint from booking. It if we agree with due process either is wrong.
For all those who may be wondering “Hey Siri, who’s phone is this” will lock it as if you had just booted the phone. This then requires the full pass code and not just a face scan or finger scan.
Unfortunately I don’t know the equivalent for Android.
We need some kind of multi-account that loads up according to what password gets used. I wouldn’t be surprised if this is something that already exists in rooted androids.
I doubt that’s how the password is used for. More like they copy all contents of the phone and ask the password to go through encryption. The data is already there, accounts don’t matter.
This is also the reason why it’s no good to have a dead man’s switch or the like, as in a certain password just wipes everything. You’d just get arrested for destroying evidence and they continue from a copy.
I had something similar on my laptop with encrypted volumes and duress passwords. So my documents folders were all on an encrypted volume and opened by the standard super hard password. The duress password was much easier and contained a skeleton structure to look legit. The idea was that if anyone brute forced the password it would just find the duress folder first and hopefully no one would look further. Seems like overkill but I was traveling to China for business so necessary. I did however use a burner phone as opposed to my real cell.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@lemmy.world
This is a most excellent place for technology news and articles.
i hope mexico implements this new law feature!! it can protect privacy but it can be harmful because criminals can keep illegal information…
You can just set your phone to wipe after X wrong attempts and do that, ending the issue.
Until your 5 years old manage to get his hand on your phone unsupervised at least
Every security mechanism is also a potential denial of service vector.
Yea. And most of the data is already cloud backed up anyway. Which means you can restore it. Also means it’s not really your data either and someone else has access to do what they want with it.
If you’re worried about losing access cuz you lost your 2 factor FIDO2 key or One Time Password or whatever you can print off “backup codes” and put them in your lock box.
But if you don’t backpack your data locally then whomever you delegated backups to can cut you off at any time for any reason.
Google shut off access to this parents account after he took a photo of his child’s genitals for teledoc and sent it to his wife over Google chat: https://www.nytimes.com/2022/08/21/technology/google-surveillance-toddler-photo.html
5A protections SHOULD cover divulging passwords or being forced to supply biometrics as a password.
Now, if the police/feds can take fingerprints obtained at booking and use a 3d printer to simulate that finger and then use that fake finger to open a lock, then I dont think 5A would protect that. Thats just crafty detective work.
Yeah biometrics historically haven’t been protected by the 5th amendment. I have seen other people argue that not supplying the password if the police obtain a warrant can result in obstruction of justice charges. I like to think it wouldn’t. They have the phone and a warrant it’s up to them to figure it out, a person doesn’t have to point out where they hide things in their home to police.
But if you don’t open the safe, they can destroy it to retrieve the contents. They could destroy your phone too in the process.
…Exactly. The laws in the USA don’t really reflect modern digital technology that well. Many of our legislators don’t understand the tech and the government is so divided that getting anything to pass seems impossible.
How is your “crafty detective work” really any different than sneaking in through a window even though you don’t have a search warrant?
I never said they wouldnt have a warrant, I dont understand the comparison
If one had a warrant then you just force the suspect to give over. Just like forcing them to give fingerprints. Isn’t the whole discussion moot if they have a warrant?
So when you offer a path to get into the phone without a warrant it’s just like breaking into a “house” without a warrant. Technically easy - just go through the window or use the fingerprint from booking. It if we agree with due process either is wrong.
removed by mod
Well they can try. As someone already pointed out…I forgot.
For all those who may be wondering “Hey Siri, who’s phone is this” will lock it as if you had just booted the phone. This then requires the full pass code and not just a face scan or finger scan.
Unfortunately I don’t know the equivalent for Android.
We need some kind of multi-account that loads up according to what password gets used. I wouldn’t be surprised if this is something that already exists in rooted androids.
I doubt that’s how the password is used for. More like they copy all contents of the phone and ask the password to go through encryption. The data is already there, accounts don’t matter.
This is also the reason why it’s no good to have a dead man’s switch or the like, as in a certain password just wipes everything. You’d just get arrested for destroying evidence and they continue from a copy.
Yeah, pretty much any first year police IT is going to make an exact copy of the phone first.
I had something similar on my laptop with encrypted volumes and duress passwords. So my documents folders were all on an encrypted volume and opened by the standard super hard password. The duress password was much easier and contained a skeleton structure to look legit. The idea was that if anyone brute forced the password it would just find the duress folder first and hopefully no one would look further. Seems like overkill but I was traveling to China for business so necessary. I did however use a burner phone as opposed to my real cell.
Police: What’s your password
Me: i forgor 💀