If we're to believe the rumors, Apple's new iPhone may include a fingerprint scanner. In conjunction with — or perhaps in lieu of — a traditional passcode lock, users might soon be able to use their thumbs to gain access to their phones.
But what's supposed to become an added layer of security might present new vulnerabilities in terms of privacy. How much depends on the way Apple designs its system and the state of the current laws, but there are a few ways biometric data could shift the privacy landscape.
The first way has to do with how everyone's fingerprints are stored. There's a slim chance Apple could store your prints in a massive database in the cloud, but that'd be expensive and not a little dangerous. More likely is that your own fingerprints would be stored locally on your device, not in a repository of some kind, according to security researcher Bruce Schneier.
"If the system is centralized," writes Schneier, "there will be a large database of biometric information that’s vulnerable to hacking."
That raises some other questions. Even if the iPhone stores your fingerprints locally, will Apple still have access to the prints on your device? If so, then the company would likely begin to see law enforcement requests for the prints, much as some Internet companies reportedly have received government requests for user passwords in the past.
Fingerprints are a lot like passwords in that they're a piece of data used to secure other data. But passwords are a form of knowledge, whereas it's nearly impossible to "know" someone's fingerprint just by looking at someone's thumb. (You could probably do it using some software, but it'd take at least some work.)
And that could have legal implications. For example, in some cases, courts have held that forcing a defendant to provide the password for an encrypted hard drive violates the defendant's Fifth Amendment privilege against self-incrimination. That protection is unlikely to apply to fingerprint data, which the police can obtain merely by scanning a suspect's thumb.
Another important question about fingerprint scanners is whether other applications will be able to make use of them. Just as apps like Instagram can currently take advantage of hardware such as the camera and the built-in GPS of a phone, Apple could decide to give developers access to the scanner. Doing that could bring benefits. It might, for example, kickstart a new app industry that leverages the unique identifying information of a fingerprint.
But there are also dangers associated with giving apps access to the fingerprint scanner (and more importantly, the stored fingerprints). Your password can be changed. Your fingerprint can't. So once your fingerprint is leaked to third parties, it may become practically impossible to control who gains access.
And every application a user downloads creates some additional risk. Gen. Michael Hayden, the former NSA chief, was visiting a Virginia Apple store recently when he was approached by a sales rep boasting about how many apps were in the App Store. According to Der Spiegel, Hayden then turned to his wife and remarked, "This kid doesn't know who I am, does he? Four-hundred-thousand apps means 400,000 possibilities for attacks."