Biometric ID Request Opens Legal Questions in California Court Case

In February, the FBI took a fingerprint of a woman with a criminal record to open her locked iPhone. That action opens many questions.

FBI, biometric identification, iPhone, identity theft, murder case, biometric ID

A 29-year-old California woman with multiple criminal convictions recently had her fingerprint taken by the FBI so that the agency could access the data on her iPhone as part of an investigation.

And while such incidents are relatively rare today, they could become more prevalent in the future as law enforcement authorities look to use smartphone data to solve criminal cases and gain information on suspects, according to an April 30 article by The Los Angeles Times.

In the California case, the woman, Paytsar Bkhchadzhyan, was allegedly the girlfriend of a man who is a member of a gang, Armenian Power, and her iPhone was seized in a raid on the man's home in Glendale, the article reported. The FBI secured a court order to compel the woman to allow them to take her fingerprint just after she pleaded no contest to a felony count of identity theft and was sentenced in the case on Feb. 25, according to the article. Soon after, an FBI agent took her fingerprint, giving the agency access to the data on her phone.

"Why authorities wanted Bkhchadzhyan to unlock the phone is unclear," the article reported. An assistant U.S. attorney would only say that "the search was part of an ongoing probe," the story said. "Other court documents in the case were filed under seal."

Those details make the case even more interesting because the reason for the search has not been announced.

In March, another FBI case made big headlines when the agency and the U.S. Department of Justice got into a legal battle with Apple when the government sought to compel the company to unlock an iPhone that belonged to one of the terrorists who killed 14 people and injured 22 others in a December 2015 attack in San Bernardino, Calif. The government wanted Apple's help in accessing and reading the encrypted data on the iPhone, but Apple refused, citing privacy laws. Eventually, that case apparently became moot when the FBI found a way to access the information on the iPhone without Apple's help.

Later in March, the FBI worked with prosecutors in Arkansas to help them unlock an iPhone 6 and an iPod that were tied to a local murder case. Arkansas officials sought assistance so they could analyze a locked iPhone 6 and an iPod belonging to two suspects in the murder investigation of Robert and Patricia Cogdell, according to an earlier eWEEK story.

These kinds of cases involving smartphones and other electronic devices and their biometric or password protections will become increasingly pervasive due to the needs of law enforcement authorities, Jeff Child, an associate professor of communications and privacy expert at Kent State University, told eWEEK.

"I think this is the next frontier of privacy and legal regulations that we're going to have to face," said Child. "So ask someone to put their biometric fingerprint onto a phone without just cause or a subpoena and it feels like a violation of their privacy."

At the same time, though, on the other side you can argue that there are already many ways that one's movements and data are being tracked—using cell phone towers, GPS and social media platforms that people use willingly, he said. "It all questions, can we truly be anonymous anymore? We just have an illusion of control over actual control" of that information.

People who are doing something illegal need to know that their actions can be tracked and traced, said Child, but knowing the information is available doesn't mean that others should access it without cause.

The problem is when authorities want to look at data without knowing exactly what they are seeking, he said. In that case, which he believes is the situation in the Bkhcadzhyan case in California, "to go snooping without a reason feels like a violation of privacy."

Mark Rumold, a senior staff attorney with the Electronic Frontier Foundation privacy group, said that in the past, "providing fingerprints for comparison and identification purposes has been considered a physical act that the government can compel" a person to do. "In contrast, the government hasn't been able to compel someone to provide a password or a combination to a safe."

In the latest California case, it's not so cut and dry, said Rumold. "A case like this—where a fingerprint is serving as a password—tends to blur that line a bit. And the fact that the fingerprint protects information on a person's phone, which, for many people, is essentially a window into people's lives, further complicates the picture."

The EFF hopes that "courts will start thinking carefully about the consequences of decisions like this," said Rumold. "The Fifth Amendment used to be more protective of people's privacy, and we think it's important to move the law back in that direction."