California Judge Makes Major Decision in Biometric Privacy Rights

BY Mandy Wakely

California Judge Makes Major Decision in Biometric Privacy Rights


A California judge ruled that the government can not force any person involved in an investigation to use biometric means, such as a fingerprint, thumbprint, face or iris scan, to unlock a phone or other device. This decision is potentially major, and could affect personal privacy rights everywhere in the future.

US Magistrate Judge Kandis Westmore of the Northern District of California ruled that federal authorities were potentially in violation of the Fourth and Fifth Amendments by coercing an individual to unlock a device for search with biometric means. This had been allowed previously despite passwords and PIN numbers being protected under the Fifth Amendment.

A New Frontier

The government had considered using a thumb press or facial scan to unlock a device the same as submitting a fingerprint or a DNA sample. The thinking was that since investigators could require an individual to give their fingerprints as evidence they could also ask them to use their fingerprints to open a phone or device. Westmore’s decision forbids this and classifies biometrics as testimonial like passwords and PINs which must be spoken to be given, and are therefore protected by the Fifth Amendment.

Biometric access to a device can confirm ownership or use of the device and therefore makes arguing against any incriminating information that’s found difficult. This is another violation of established Fifth Amendment rights, yet this has been largely untested.

Technology Moves Faster than the Law

The order comes as the result of a case involving extortion carried out through Facebook Messenger in which two individuals allegedly threatened to release an embarrassing video of the victim unless he paid them. In its investigation of this case the government applied for a warrant that included all phones and computers on the premise, regardless of to whom they belonged, and the stipulation that these devices all be unlocked using biometric means in order to be searched.

Westmore deemed this too broad a request and a violation of the Fourth and Fifth Amendments. She cited Supreme Court case Carpenter v United States, which dealt with advancing technology and the Fourth Amendment. “Courts have an obligation to safeguard constitutional rights and cannot permit those rights to be diminished merely due to the advancement of technology. Citizens do not contemplate waiving their civil rights when using new technology, and the Supreme Court has concluded that, to find otherwise, would leave individuals ‘at the mercy of advancing technology,’” Westmore said in her order.

Going Forward

Westmore’s order could set a precedent across the nation. As biometrics become more popular and have more applications, such as for authorizing payments or transactions, cases involving their use will increase. A US Magistrate judge in Illinois made a very similar decision in 2017, one cited in Westmore’s order. These two cases were perhaps the first in biometrics privacy law but certainly not the last.

American Civil Liberties Union attorney Brett Max Kaufman, who was involved with Carpenter v United States, feels confident that this is only the beginning of such cases since we have widely adopted biometrics as a way to protect devices. “I think we’re going to see a lot more judges take on this analysis,” he says.

Mandy Wakely

Mandy Wakely is a contributor for Bigger Law Firm.


WordPress Plugins for Law Firms

Supercharge Your Law Firm’s Website: 5 Must-Have WordPress Plugins!

Are you looking to maximize your law firm’s website’s potential? You’re in the right place. WordPress offers a wealth of plugins that can improve your website’s functionality, from search engine optimization to online event scheduling. Here are five must-have plugins for law firms: Gravity Forms – Communication is key when it comes to your law…

Security vulnerability infected websites

WordPress Security Breach Used Vulnerabilities in Plugins in Themes

Over one million WordPress websites have been infected by a malware campaign called Balada Injector since 2017, according to cybersecurity firm GoDaddy’s Sucuri. The attackers behind the campaign use all known and recently discovered vulnerabilities in WordPress themes and plugins to breach sites. They typically play out their attacks in waves once every few weeks,…

Law firm partner learning about SEO

How to talk to the partners about SEO

As a law firm marketing director, you understand the importance of SEO in driving traffic to your website and generating leads for your firm. However, convincing the partners of your law firm to invest in SEO can be a daunting task, particularly if they do not understand its benefits. Here are some tips on how…