The Washington Post

Everyone calm down about the iPhone’s fingerprint scanner

This isn't quite how things are likely to play out. (reddit user schemingraccoon)

There were a lot of jokes to be had about the NSA and the fingerprint scanner announced for Apple's newest iPhone -- including the one above courtesy of Internet meme machine reddit. But you can put away your tinfoil hat, because the technology used in most identity-based digital fingerprint scanners means the data they store is very different than the kind desired by law enforcement agencies.

"Databases of fingerprints keep full images of all 10 fingerprints so that future techniques for feature detection can be used," according to Joseph Lorenzo Hall, the senior staff technologist at the Center for Democracy and Technology.

But for mobile devices, "the enrollment or registration will take a few scans to detect features and determine the center of the print, then it will turn the detected features into a reference data structure (a biometric template) that lists features and positions on the print.," Hall explains. It would be that template, rather than a full featured scan that the device stores -- and likely of only one or two fingers, like say both thumbs so you have a back up.

Because it's only storing a few data points on select fingers, this data is very unlikely to be useful to law enforcement for things like matching a partial print from crime scene to an individual. So unless Apple did something radically different than earlier types of fingerprint scanners, the type data it will collect and store isn't something that would likely be used to build some sort of huge fingerprint database.

And just in case that doesn't put you at ease, Apple claims fingerprint data stored as part of the Touch ID will stay on the phone rather than be uploaded to some central database. It's unclear if Apple will still have access to fingerprints despite that state of affairs, but assuming it doesn't, it would be hard for the NSA to subpoena Apple for that biometric data.

Besides, law enforcement is doing a pretty good job creating their own biometric databases. The FBI's Integrated Automated Fingerprint Identification System (IAFIS) claims to have prints for more than 70 million subjects in its criminal master file and more than 34 million "civil prints." And the records in that database also include "corresponding criminal histories; mug shots; scars and tattoo photos; physical characteristics like height, weight, and hair and eye color; and aliases" that are available 24 hours day, 365 days a year to their local, state, and federal law enforcement partners. The FBI is also working on a Next Generation Identification (NGI) program that will go beyond fingerprints to include things like iris scans and face and vocal recognition.

Of course, none of this completely erases concerns about the larger implications of using fingerprint scanners instead of passwords on electronic devices like an iPhone. As my colleague Brian Fung noted, there are potential legal consequences for the switch from passwords to fingerprints for unlocking devices. For instance, some courts have ruled that forcing a defendant to provide the password for an encrypted hard drive is a violation of the defendant’s Fifth Amendment privilege against self-incrimination. It seems unlikely that the same level of protection would apply to fingerprint scans because the police can obtain them merely through access to a suspect's thumb.

Andrea Peterson covers technology policy for The Washington Post, with an emphasis on cybersecurity, consumer privacy, transparency, surveillance and open government.



Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments
Most Read



Success! Check your inbox for details.

See all newsletters

Your Three. Videos curated for you.
Play Videos
Making family dinnertime happen
How to make Sean Brock's 'Heritage' cornbread
A veteran finds healing on a dog sled
Play Videos
Drawing as an act of defiance
In search of the Delmarva fox squirrel
The most interesting woman you've never heard of
Play Videos
This man's job is binge-watching for Netflix
The Post taste tests Pizza Hut's new hot dog pizza
5 tips for using your thermostat
Play Videos
Philadelphia's real signature sandwich
5 ways to raise girls to be leaders
Full disclosure: 3 bedrooms, 2 baths, 1 ghoul
Next Story
Caitlin Dewey · September 11, 2013

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.