IAPP-GDPR Web Banners-300x250-FINAL


By Lindsey Partridge, CIPP/US

Unless you were hiding under a rock or were in a coma, chances are you caught the news announcing the release of the new iPhone 5s. Perhaps the most newsworthy piece of the new mobile device is its fingerprint sensor, allowing for biometric securing of what’s becoming one the most personal devices people own. Many people oohed and ahhed, and techies lined up to place their orders. Others immediately set their sights on cracking the biometric sensor. For me, it was nothing but privacy alarms. To understand why, we need to do a quick primer on biometrics.

Biometric Data: What Makes You, You

Biometric data elements are obtained by measuring the “biological or behavioral characteristic(s)” of an individual for recognition or identification purpose, which, according to an Intech-Open piece, can also be used for online recognition. Biometric data elements include facial features such as the distance between your eyes, etc.; fingerprints; iris prints; voice patterns, and retinal prints. These elements are unique to each of us—and inherently personal. This is why, when used for identification purposes, like purchasing an item from the iTunes store on your home network or entering a secured area, they can be used for identification or verification purposes.

Verification v. Identification 

While verification and identification are related processes, they are technically different. Verification involves the use of a single-template, single-user system—whereby the biometric imprint is checked against the template on file. Much like a key fits into a specific lock, the templates match to unlock the system.

Identification involves collecting biometric data and creating a template comprising the markers contained within, which are then coupled with the individual’s related biographical data. This is then compared to the existing templates on file. The identification templates are used in two possible data modes: Open-set and Closed-set.

An Open-set is sometimes considered a “watch-list.” In an Open-set, it is not known whether the individual’s information is in the system. An example of this would be a latent fingerprint found at the scene of the crime when it is run against the existing templates in the criminal database. The investigators are unsure of the print’s status until a definitive match or lack thereof is determined.

A Closed-set is what is used for identification purposes on most systems, like the iPhone 5s. When the system is set up, you can enroll “trusted” users into the phone’s database by scanning their fingerprint. When you or another party places a finger on the sensor, it runs the template against those that are already in the system. If there is a match, it unlocks. Generally the user is known to be in the system, so this involves a fairly short confirmation turnaround.

The Core Concern Over Apple’s Fingerprint ID Technology

So, now that we’ve got the terms and definitions down, let’s look at what Apple is doing. Apple is, unquestionably, an innovative company. From phones to tablets and laptops, theirs is the top-of-the-line standard to meet. While innovative, however, even the late Steve Jobs admitted, “Sometimes when you innovate, you make mistakes.” Is the new fingerprint technology on the iPhone 5s an innovative success or a mistake?  

According to their announcement:

    […] Touch ID uses a laser cut sapphire crystal, together with the capacitive touch sensor, to take a high-resolution image of your fingerprint and intelligently analyze it to provide accurate readings from any angle. Setting up Touch ID to recognize your fingerprint is easy, and every time you use it, it gets better. The Touch ID sensor recognizes the touch of a finger so the sensor is only activated when needed, preserving battery life. All fingerprint information is encrypted and stored securely in the Secure Enclave inside the A7 chip on the iPhone 5s; it’s never stored on Apple servers or backed up to iCloud. Touch ID can also be used as a secure way to approve purchases from the iTunes Store®, App Store or iBooks Store.

Apple’s design page explains the layout of the Capacitive fingerprint sensor through a layered diagram (below).

So it reads and recognizes your fingerprint; does that mean someone could steal it and have a copy?

As it turns out, they cannot obtain your fingerprint from the iPhone. Thanks to some lovely explanations by Discovery and Bioelectronix.com, this process is understandable. People will just have to amputate your finger to unlock your phone, or—well, we’ll get to that.

When you place your fingerprint on the home button, the stainless steel detection ring signals to initiate the sensor, allowing the capacitive single touch sensor to scan the fingerprint. Once the fingerprint is scanned and the ridges and valleys are recognized, it converts the biometric data into binary code which is cross-referenced with the codes stored in the A7 chip when you first set up the phone.

However, the Chaos Computer Club has already claimed that they have obtained access to the phone by fooling the fingerprint recognition system with a forged print. Basically, instead of cutting off your finger, they just grab it off a drinking glass. The group’s spokesman, Frank Rieger, released a statement regarding their justification for hacking the phone:

    "We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can’t change and that you leave everywhere every day as a security token."

Whether or not it puts to rest the hopes of the biometric enthusiasts remains to be seen, but one thing is certain: Biometric identification triggers the Big Brother vibe in even the most enthusiastic of techies—and for good reason. When the uniqueness of identification is coupled with the result of a recent appeals case where the Justice Department defeated privacy advocates in a Fourth Amendment case, many iPhone users are sure to take a step back.

In the Fifth Circuit case IN RE: Application of the United States of America for Historical Cell Site Data, the 2-1 decision held that historical cellphone location data is a business record, and as such, it is not subject to Fourth Amendment protections. The data in question, they ruled, is covered by the Stored Communications Act (SCA), 18 U.S.C. §§ 2701-2712, and is not content-based but rather location-based. This means that if you are in the midst of a robbery and unlock your iPhone 5s to text someone, investigators do not need to show probable cause to obtain a warrant to acquire the record of your location.

A warrant for the locational data under the SCA may be obtained by a showing of “specific and articulable facts.” The justification for this comes down to your personal choice to carry your cellphone. In US v. Skinner, the Sixth Circuit held that there is no “reasonable expectation of privacy in the data given off” by a “voluntarily procured” cellphone. This case seems to be separate itself from US v. Jones—where the court held that the warrantless placing of a GPS tracker on an SUV constituted an unlawful search—by looking at choice. You choose to activate your phone to send text messages or make phone calls. In the original case, the Department of Justice sought access to the location of the phone in its idle state as well, but it found that cellphone providers do not record this data.

In coupling the government’s right to access where our cellphones are located with the identification features of our—biometrically-personalized—iPhones, we are one step closer to a world without anonymity. This de-anonymization occurs when you activate your phone with a biometric identifier and, say, download an application or send a message; the identifier activates the phone, allowing you to send a message, by triangulating you between local towers, which allows the government to obtain your location at the time the message was sent. Which they could do before. The difference now is the verifiable identity based on your biometrics. No longer can you claim you lost the phone or lent it to a friend who later sent a message while in the midst of a robbery.

The phone is now in a very real way more “you” than it was before.

While the biometric identification of the iPhone is nifty and practical, especially for those of us who forget our passwords, it does move the privacy line, especially when the fingerprint also enables downloads from iTunes. How many of us download items at home or while we wait for our kids at the park? A consumer’s daily routine is easily track-able, and when it is stored as a business record on the company server, it is also hack-able.

Had the CPO been consulted, would he or she have suggested that designers hold off on the biometric sensor until more jurisprudence can be established? Probably not. The process of, and choices for, unlocking the iPhone 5s are much like the Fifth Circuit case: It all boils down to personal choice; even the simplest of users can bypass the biometric sensor for the standard PIN should they so choose.

However, being fully transparent might indicate an explanation to users that when they use biometrics to unlock their phone, Uncle Sam knows where they are.


If you want to comment on this post, you need to login.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Advertise in IAPP Publications

Find out how to get your message in front the people you want to reach. Download a media kit now.

Get more News »

Find a KnowledgeNet Chapter Near You

Network and talk privacy at IAPP KnowledgeNet meetings, taking place worldwide.

Women Leading Privacy

Events, volunteer opportunities and more designed to help you give and get career support and expand your network.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

The Training Post—Can’t-Miss Training Updates

Subscribe now to get the latest alerts on training opportunities around the world.

New Web Conferences Added!

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Staff

Get your team up to speed on privacy by bringing IAPP training to your organization.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.

Learn more about IAPP certification »

Get Close-up

Looking for tools and info on a hot topic? Our close-up pages organize it for you in one easy-to-find place.

Where's Your DPA?

Our interactive DPA locator helps you find data protection authorities and summary of law by country.

IAPP Westin Research Center

See the latest original research from the IAPP Westin fellows.

Looking for Certification Study Resources?

Find out what you need to prepare for your exams

More Resources »

GDPR Comprehensive: Registration Open

New! Intensive two-day GDPR training led by the sharpest minds in the field. It's a can't-miss event.

The Congress Is Cancelled

The IAPP Europe Data Protection Congress 2015 is cancelled. Click through to learn more.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

Exhibit at an Event

Put your brand in front of the largest gatherings of privacy pros in the world. Learn more.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»