The point is something being "against the 5th" ain't gonna change anything if those that have the power want to do it.
What does help is the power balances - how strongly the people will protest, it coming from one party and the other fighting it, and so on.
And to answer the flagged guy:
"so that means, as a regular citizen, I can interpret the laws how I want? since they are also words on paper."
No, it obviously means those that have the political power can interpret the laws how they want. So unless you have that kind of power, you'll need to stand by the interpretation others make of it.
To be fair, discourse is an important element of power, because political institutions are held up by norms. This is why even totalitarian and authoritarian regimes will often attempt to find legal precent and jutsification for their actions.
Sure but under the current system the 5th still applies in other cases, granted in the context of this thread it was ruled that it does not, but it still went through the courts. OP was wrong because a fingerprint isn't really speech, I'm guessing.
In theory sure, in practice no. Laws and precedents stand for long, long times, including this one which is not even close to a groundbreaking or controversial ruling.
Nobody was compelled to give evidence against themselves. Fingerprints are external, physical features - it's no different than being made to give up a key to a locked door pursuant to a warrant. And parolees are released under supervision, with law enforcement having greater authority to search them and their property.
You missed the bit about the guy in the story being in parole - parolees have fewer 4th amendment protections than other citizens, as a condition of their early release from prison. Different situations are different.
No it doesn't. This is a parole who is only out of prison because he accepted that cops can search his property at any time. If he doesn't agree to that he can go back to jail and serve out his sentence.
As I understood it, the police can not compel you to tell them something you know because this would be analogous to testifying against yourself, however, they can require you to give them something you have (or something they would find with a warrant) because it is a physical thing, not testimony.
It's the difference between being required to give up a safe combination which the police can not compel you to tell them, vs, a key to a safe which the police could search you for and take from you and use to open the safe within the bounds of a warrant (or some other theoretical circumstances).
> The point is that the police can't prove you do or do not remember a code. Consequently, they can't compel you to use that code.
Also, they can't coerce you to reveal the code even if they can prove you know it. Confessions extracted under torture by inquisitors was a recent memory when the Bill of Rights was drafted.
Well, at least in the USA; in the UK the Regulation of Investigatory Powers Act 2000 (RIPA), specifically under Part III - a Section 49 notice can be issues, which legally requires an individual to disclose passwords or encryption keys, though I can only see a few folks prosecuted for failure to disclose.
> Payne's Fifth Amendment claim "rests entirely on whether the use of his thumb implicitly related certain facts to officers such that he can avail himself of the privilege against self-incrimination," the ruling said. Judges rejected his claim, holding "that the compelled use of Payne's thumb to unlock his phone (which he had already identified for the officers) required no cognitive exertion, placing it firmly in the same category as a blood draw or fingerprint taken at booking."
> "When Officer Coddington used Payne's thumb to unlock his phone—which he could have accomplished even if Payne had been unconscious—he did not intrude on the contents of Payne's mind," the court also said.
I think that is a pretty reasonable interpretation.
From a practical point of view these kinds of cases are interesting to me, because, coming from an iPhone this seems like it would largely be a non-issue.
If my phone was handed to or taken by an officer, I would either quickly do the 5-tap on the lock button which will require a password (not faceid or touchid) next time, or, simply by them handling it, faceid would be locked out.
Is that not a thing with Android? I've seen articles where a suspect is requested or compelled to unlock a phone with biometrics which was held in evidence for months!
Does Android (and I know this is a much broader question than with iPhone) just allow touch/face ID in perpetuity with no locks on it?
Stock Android doesn't have a shortcut to disable thumbprint, to my knowledge, but it does require passcode on reboot. So a long hold of the power button would avoid this 5th amendment loophole.
I had a chuckle at this being a "non-issue". Where I am from, you'll get a severe beating (or worse) if you refused to provide the authentication credential, whatever it might be. It's like we're living on different planets. I can only humbly suggest fighting for your rights tooth and nail while you have them.
It always seemed like the 'fake' encrypted data, e.g. hidden volumes on veracrypt[1] seemed like one of the better options for these situations. Obviously phones don't have them and the data has to be believable, but it gives you an out.
1 - (I'm not sure what this is technically called)
One of the older and more entertaining names is Rubber hose encryption.
When faceless Zombie thugs of a military junta beat you with a rubberhose you can give up successive passwords to deeper and deeper "secrets" until finally(???) your embarrasing stash of midget donkey necro porn is revealed!! .. and no one can ever establish whether there is yet another password that hides your local contacts in the resistance.
The success of this may vary in practice and black site .. but mathematically the theory is sound.
Today we have the less evocative name Deniable encryption.
Fun Trivia:
Rubberhose (also known by its development codename Marutukku) is a deniable encryption program which encrypts data on a storage device and hides the encrypted data. The existence of the encrypted data can only be verified using the appropriate cryptographic key. It was created by Julian Assange, Suelette Dreyfus, and Ralf Weinmann as a tool for human rights workers who needed to protect sensitive data in the field and was initially released in 1997.
I've spent 25 years fighting against intrusions in our rights. Admittedly, quietly and sadly, mostly unsuccessfully as every year things are eroded further and further.
I don't think the US will ever devolve into a scenario where the police will beat you for refusing to provide your password, I don't even think we will end up in a situation where police can legally compel you to give up your password. I think we will end up where cloud providers will be legally compelled to provide data on request (banning E2E) and consumers will be incentivized (both in unnatural and natural ways) to more deeply rely on cloud services.
Also on LineageOS, and probably any close-to-AOSP Android. You have to enable "extended power menu" or something like that, though, and I don't remember the setting being super obvious.
Yeah, I just checked my Samsung tablet (also Android), and it required enabling it somewhere in settings. I wish they'd enable it by default. I'm not sure why it wouldn't be that way.
I don't see why the police couldn't keep an iphone in evidence for months while they attempt exploits to gain access. That's already happened right? I'm guessing that law enforcement will continue to push for companies to install backdoors for them in their devices as well.
I think the point was that after more than a couple of hours you should not be able to unlock a device using biometrics alone. I would tend to agree. Biometrics are a convenience, but also a weakness.
On iOS, you can quickly ditch the current FaceID/TouchID session, and require a passcode for the next unlock, by holding power and volume buttons simultaneously for several seconds until the "power off" screen appears.
The only similar thing I know of on Android is that 4 failed attempts with an unknown finger disables fingerprint unlock. So I can lock my phone out in a few seconds using my middle finger.
IANAL. But I believe it's not that easy. First it would have to be a foregone conclusion that you had contraband on your phone before merely locking it could be construed as obstruction. Then they'd have to demonstrate that you locked the phone at a time when you had reason to believe that you might be coerced to unlock it because it was a foregone conclusion that you had contraband. Are those likely circumstances? Probably not, though it will happen to someone, sometime, but when it does it will be because they did something stupid or because the cops overstepped their authority (in the latter case the process is the punishment, and it wouldn't be the cops getting punished).
iPhone periodically disables biometrics until you enter your passcode. They aren’t going to be able to prove that the reason the phone is asking now isn’t that.
Android, or at least Pixel, similarly has a "Lockdown" mode, reached by long-pressing power. Unfortunately I think you do need to enable it in advance.
1. Check your “Emergency SOS” settings. It is possible to set it so that holding down those buttons like that initiates a countdown to an emergency call. Depending on the exact settings this may also be accompanies after a few seconds with a loud alarm.
If you are trying to surreptitiously disable biometrics this might be irksome.
2. I think these procedures were different on earlier phones or iOS versions, so test it out.
3. It also works to click the power button rapidly 5 times. That too can be set in the “Emergency SOS” setting to trigger an emergency call so check that before using it.
Holding power-volume-up for a second to reach the “power off?” screen is enough to kill Touch / Face ID instantly, at which point you can let go without having fired an alarm (unless you’ve gone and altered your alert settings, so test this when a loud noise won’t endanger you).
yet no warrant required to search your records and files, do they at least need probable cause? yet I don’t even know what probable cause would be for digital files, it’s not like they can smell drugs coming out of your phone
Bad cops (and I assume this can easily worm its way into the culture of a department/division/unit rather than being a strictly individual bias) have a long history of using just about any convenient lever within reach to apply more scrutiny to people who they already believe are guilty of something, regardless of whether the justification is supported by any objective facts or sound reasoning. Classic examples include planting evidence, "smell of marijuana", and "furtive movements", but there are countless other tactics.
The "good" cops might be reluctant to push back on this pattern because they see value in having such tactics in their back pocket for extraordinary circumstances (cf. the various "is torture justified in a ticking-time-bomb scenario" debates and thought experiments, or just most seasons of 24).
It will be interesting some day if the line becomes blurred between "what you know" and "what you are" and you could be compelled to turn over something against your will. Because that boundary is if anything getting less clear over time?
For example, if your voiceprint were required to unlock your phone, but not a particular passphrase. Could you be compelled to speak (or just recorded speaking) general statements in order to unlock?
I'd argue that the solution then is the same as the solution now. Do not use or depend on biometrics for security or privacy. Stick with pins and passwords and you can't be compelled to give up that information just as you can't be compelled to give up the combination to a safe.
I'd bet that law enforcement will be routinely using backdoors to gain access to our devices long before the laws that protect us from giving up a password are changed.
> I'd argue that the solution then is the same as the solution now. Do not use or depend on biometrics for security or privacy. Stick with pins and passwords and you can't be compelled to give up that information just as you can't be compelled to give up the combination to a safe.
This is practically impossible. IMO it has been impossible for as long as phones have fused the decryption key and the screen unlock key into the same thing. (Some older Android ROMs let you have separate unlock and deception keys; does anyone know of any that still do?)
Either you choose a strong encryption key, in which case you have to spend a ton of time typing it in every time you want to unlock your phone, or you choose something easy to type in which case the key becomes easy to crack.
And in either case you have to do it over and over again in front of other people or security cameras constantly recording you.
Are passwords/passcodes really the only form of entropy used when generating encryption keys for an iphone? I'd expect that a longer password would only increase your security but that even the shortest password wouldn't leave the encrypted data trivial to crack.
> And in either case you have to do it over and over again in front of other people or security cameras constantly recording you.
That's partly prevented by having keys randomize their position on the screen so that your movements don't give away your code, and also by occasionally changing your password. Obviously if a camera is looking directly at the screen while you enter your password you're probably screwed.
> Are passwords/passcodes really the only form of entropy used when generating encryption keys for an iphone?
I don't believe I ever claimed that.
> I'd expect that a longer password would only increase your security but that even the shortest password wouldn't leave the data encryption trivial to crack.
How short are you talking? Most people do like 4-6 digits. That's not going to protect you against anyone brute-forcing keys on the raw encrypted data. Your only real hope is the TPM holding the real key and being physically secure, which you have no way to ensure. And that still fails due to cameras etc. as mentioned.
> That's partly prevented by having keys randomize their position on the screen
That's almost security theater. It really only protects you from laymen, not state actors. It forces you to use numeric digits if you want that, which itself makes your key much weaker.
> Obviously if a camera is looking directly at the screen while you enter your password you're probably screwed.
Which is guaranteed to happen at some point when you're in public.
You can be compelled to provide some information, but I'm not sure you can be compelled to voice it aloud, even if that is the usual means of conveying it.
The right to not self-incriminate is very limited. Historically if it is a foregone conclusion that you have contraband hidden or locked away then you can be coerced by the courts to reveal the location and/or furnish the key to unlock it. The theory is that handing over a key is not testifying. Therefore neither is providing your biometrics testifying either, and possibly even revealing your passcodes would be testifying either.
And of course 'The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated' aka the fourth amendment doesn't apply.
I already knew there was a legal separation between biometric access and password access. But what I’m still confused about is whether someone who is very security or privacy focused would ever willingly want to use Face ID or Touch ID.
Also, I believe things are different in civil trials too. I heard you might be compelled to give up a password and could even get in trouble if you claim you forgot it. It was a plot point in the Cryptonomicon novel.
Is it really so hard to believe that people who use biometric authentication might want to be particular about their security and privacy? Lots of folks who aren't tech super users care about that stuff.
Someone who might want to be particular about their security and privacy could still use biometric authentication without knowing that it weakens both, but presumably someone "very security or privacy focused" would be aware that using biometric authentication exposes them to more risks and would avoid it for that reason.
Whether or not biometric authentication exposes you to more risk depends on what your threat profile looks like. If it includes governmental action, then yes, biometrics are a weak spot. On the other hand, if your risk profile includes the government, then you should be taking much more extreme steps to protect yourself than a lockscreen, and using biometrics would really impact things much. If the cops unlock your phone (if you're comfortable taking the inherent security risk of even having a phone), they would still not find anything important that isn't encrypted separately.
> Whether or not biometric authentication exposes you to more risk depends on what your threat profile looks like. If it includes governmental action, then yes, biometrics are a weak spot.
Even if it doesn't include the government biometrics still leave you much more vulnerable. You leave your biometric information everywhere you go. Your face is easily found in photographs. Fingerprints are left on everything you touch. Your voice is easily recorded and deepfaked. Attacks on biometric authentication are well documented and while some seem pretty impressive (https://www.bleepingcomputer.com/news/security/scientists-ex...) others are embarrassingly unsophisticated (https://www.marketwatch.com/story/heres-how-easily-hackers-c...). Unlike passwords your fingerprints can't be changed following a compromise either.
I can also set a unique password for every device/service I use. Even if you managed to guess my hackernews password, that password would be useless to you for anything else. The face/voice/fingerprint that unlocks one device will forever be identical to the one that unlocks everything else someone has or will secure with it.
biometrics sacrifice huge amounts of security for the sake of convenience and an appearance of being "high tech" and "fancy".
I was just thinking that the average person's risk is going to be either casual snooping by people they know, or common theft for resale. In both of those cases, the weaknesses that biometrics present don't strike me as being a huge problem. They do exist, though.
Biometrics are effective at preventing snooping of your password.
Before biometrics, I would eventually know everyone in my home's pin unless I made a conscious effort to always look away each time they unlocked their phone.
I'd be cautious to use anything but biometrics on a crowded train.
> But what I’m still confused about is whether someone who is very security or privacy focused would ever willingly want to use Face ID or Touch ID.
I'm much more security-focused than most, and I don't use these features. I don't think that using them presents a real security problem for most users or anything, though.
The reason I don't use them is that I don't think they increase security enough to be worth the additional hassle and battery drain.
I don't think they're really intended to increase security over passwords. They're intended to increase convenience by operating nearly like there's no authentication rather then requiring a bunch of typing.
From memory (and I am not a lawyer), in civil cases you are allowed to infer negatively from a refusal to provide a password, and I think in criminal cases that is not allowed.
Payne was required as a part of his parole to reveal the passcode/password to his electronic devices. He had already told, when asked, the officer the color and location of his phone, then when asked for the passcode he denied the phone was his. That's when the officer physically forced him to unlock it with his thumb (this is the contentious part in the case).
The fourth amendment challenge against the search starts on page 10, and the fifth amendment challenge on page 21. The fact that he was a parolee substantially factors into the decision regarding the fourth amendment challenge.
Police can already unlock your phone using your face/finger prints. Been that way since at least 2018. But... they can't force you to tell them what to use
Forcing me to apply my thumb to a fingerprint reader is, to my mind, no different than forcing me to empty my pockets to provide a key that unlocks something the court has ordered be unlocked.
Parolees have restrictions placed on them as part of their release, including the right of police to inspect things on their person and property. If parolees find those conditions burdensome, they are more than welcome to reject parole and finish their sentence as it was originally imposed.
The title says "suspect", but in the article it's about a parolee, which seems is a bit different than just "a suspect" in the eyes of the law? Clickbait title strikes again.
Parolees are subject to all sorts of restrictions and obligations that a regular citizen is not, even when they're not a suspect in a new crime. That's the issue, their rights are already abrogated, and that's settled law.
Is the question of blooddraws and fingerprints drawn from that fact? That is to say, was that a valid argument for compelling the fingerprint-unlock because parolees supply their fingerprints? I'm not American and had formed the impression that simply being remanded could involve fingerprinting in some states?
No, it'd definitely clickbait. The person wasn't just a regular citizen, he was a parolee. They left out this crucial detail from the headline, and it changes everything.
The word "parolee" is mentioned 99 times in the judgement. This is very much about someone who is on parole, who agreed to let law enforcement access their devices, and not about an average person that isn't under parole.
Eh it's kind of a technicality that passwords are protected at all. It's not a privacy thing.
If you keep incriminating documents in a safe, the police have every right (with a warrant) to cut it open and get the documents. If the safe has a code, you don't have to share the code, but only because SHARING the code requires you to be "a witness against yourself" in violation of the 5th amendment, not because you have a right to privacy in the safe.
It's hard to justify giving a fingerprint as being a "witness against yourself". So with a warrant or other relevant due process it's hard to object.
I disagree with this idea myself. I believe that any compelled action that leads to your incrimination should be considered being a witness against yourself. I realise this isn't the established caselaw, and I already have some obvious potential reasons bubbling up in my mind as to why. For instance how can you give someone a breathalyser test if they refuse? It defnitely creates problems.
That said, I think bigger problems with this standard are coming down the line eventually.
"any compelled action" would also preclude giving ID at a traffic stop. Maybe even stopping for police at all. A line needs to be drawn somewhere, and I think it must be a balancing of the various interests rather than a hard and fast rule. For example privacy vs successfully convicting wrongdoers vs preventing convicting the innocent vs preventing abuse of power vs public safety etc etc.
Something like "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated"
127 comments
[ 46.4 ms ] story [ 242 ms ] threadWhat does help is the power balances - how strongly the people will protest, it coming from one party and the other fighting it, and so on.
And to answer the flagged guy:
"so that means, as a regular citizen, I can interpret the laws how I want? since they are also words on paper."
No, it obviously means those that have the political power can interpret the laws how they want. So unless you have that kind of power, you'll need to stand by the interpretation others make of it.
How so? What witnesseth a fingerprint?
The point is that the police can't prove you do or do not remember a code. Consequently, they can't compel you to use that code.
However, since your thumbprint definitely exists, they can compel you to use it.
As I understood it, the police can not compel you to tell them something you know because this would be analogous to testifying against yourself, however, they can require you to give them something you have (or something they would find with a warrant) because it is a physical thing, not testimony.
It's the difference between being required to give up a safe combination which the police can not compel you to tell them, vs, a key to a safe which the police could search you for and take from you and use to open the safe within the bounds of a warrant (or some other theoretical circumstances).
Also, they can't coerce you to reveal the code even if they can prove you know it. Confessions extracted under torture by inquisitors was a recent memory when the Bill of Rights was drafted.
> "When Officer Coddington used Payne's thumb to unlock his phone—which he could have accomplished even if Payne had been unconscious—he did not intrude on the contents of Payne's mind," the court also said.
I think that is a pretty reasonable interpretation.
If my phone was handed to or taken by an officer, I would either quickly do the 5-tap on the lock button which will require a password (not faceid or touchid) next time, or, simply by them handling it, faceid would be locked out.
Is that not a thing with Android? I've seen articles where a suspect is requested or compelled to unlock a phone with biometrics which was held in evidence for months!
Does Android (and I know this is a much broader question than with iPhone) just allow touch/face ID in perpetuity with no locks on it?
1 - (I'm not sure what this is technically called)
When faceless Zombie thugs of a military junta beat you with a rubberhose you can give up successive passwords to deeper and deeper "secrets" until finally(???) your embarrasing stash of midget donkey necro porn is revealed!! .. and no one can ever establish whether there is yet another password that hides your local contacts in the resistance.
The success of this may vary in practice and black site .. but mathematically the theory is sound.
Today we have the less evocative name Deniable encryption.
Fun Trivia:
https://en.wikipedia.org/wiki/Deniable_encryptionhttps://theconversation.com/profiles/suelette-dreyfus-1102/a...
I've spent 25 years fighting against intrusions in our rights. Admittedly, quietly and sadly, mostly unsuccessfully as every year things are eroded further and further.
I don't think the US will ever devolve into a scenario where the police will beat you for refusing to provide your password, I don't even think we will end up in a situation where police can legally compel you to give up your password. I think we will end up where cloud providers will be legally compelled to provide data on request (banning E2E) and consumers will be incentivized (both in unnatural and natural ways) to more deeply rely on cloud services.
https://www.androidcentral.com/apps-software/how-to-disable-...
This is perhaps off topic, but does this mean you put your phone in your pocket with the screen facing outward? I do the opposite, am I weird?
EDIT: I suppose maybe you meant when the phone was on a table or something
it's kinda a fun trick when I'm showing people something on my phone and need to unlock it :)
1. Check your “Emergency SOS” settings. It is possible to set it so that holding down those buttons like that initiates a countdown to an emergency call. Depending on the exact settings this may also be accompanies after a few seconds with a loud alarm.
If you are trying to surreptitiously disable biometrics this might be irksome.
2. I think these procedures were different on earlier phones or iOS versions, so test it out.
3. It also works to click the power button rapidly 5 times. That too can be set in the “Emergency SOS” setting to trigger an emergency call so check that before using it.
Was very common for drug dealers to break their phones on being caught
The "good" cops might be reluctant to push back on this pattern because they see value in having such tactics in their back pocket for extraordinary circumstances (cf. the various "is torture justified in a ticking-time-bomb scenario" debates and thought experiments, or just most seasons of 24).
For example, if your voiceprint were required to unlock your phone, but not a particular passphrase. Could you be compelled to speak (or just recorded speaking) general statements in order to unlock?
I'd bet that law enforcement will be routinely using backdoors to gain access to our devices long before the laws that protect us from giving up a password are changed.
This is practically impossible. IMO it has been impossible for as long as phones have fused the decryption key and the screen unlock key into the same thing. (Some older Android ROMs let you have separate unlock and deception keys; does anyone know of any that still do?)
Either you choose a strong encryption key, in which case you have to spend a ton of time typing it in every time you want to unlock your phone, or you choose something easy to type in which case the key becomes easy to crack.
And in either case you have to do it over and over again in front of other people or security cameras constantly recording you.
> And in either case you have to do it over and over again in front of other people or security cameras constantly recording you.
That's partly prevented by having keys randomize their position on the screen so that your movements don't give away your code, and also by occasionally changing your password. Obviously if a camera is looking directly at the screen while you enter your password you're probably screwed.
I don't believe I ever claimed that.
> I'd expect that a longer password would only increase your security but that even the shortest password wouldn't leave the data encryption trivial to crack.
How short are you talking? Most people do like 4-6 digits. That's not going to protect you against anyone brute-forcing keys on the raw encrypted data. Your only real hope is the TPM holding the real key and being physically secure, which you have no way to ensure. And that still fails due to cameras etc. as mentioned.
> That's partly prevented by having keys randomize their position on the screen
That's almost security theater. It really only protects you from laymen, not state actors. It forces you to use numeric digits if you want that, which itself makes your key much weaker.
> Obviously if a camera is looking directly at the screen while you enter your password you're probably screwed.
Which is guaranteed to happen at some point when you're in public.
Also, I believe things are different in civil trials too. I heard you might be compelled to give up a password and could even get in trouble if you claim you forgot it. It was a plot point in the Cryptonomicon novel.
Even if it doesn't include the government biometrics still leave you much more vulnerable. You leave your biometric information everywhere you go. Your face is easily found in photographs. Fingerprints are left on everything you touch. Your voice is easily recorded and deepfaked. Attacks on biometric authentication are well documented and while some seem pretty impressive (https://www.bleepingcomputer.com/news/security/scientists-ex...) others are embarrassingly unsophisticated (https://www.marketwatch.com/story/heres-how-easily-hackers-c...). Unlike passwords your fingerprints can't be changed following a compromise either.
I can also set a unique password for every device/service I use. Even if you managed to guess my hackernews password, that password would be useless to you for anything else. The face/voice/fingerprint that unlocks one device will forever be identical to the one that unlocks everything else someone has or will secure with it.
biometrics sacrifice huge amounts of security for the sake of convenience and an appearance of being "high tech" and "fancy".
I was just thinking that the average person's risk is going to be either casual snooping by people they know, or common theft for resale. In both of those cases, the weaknesses that biometrics present don't strike me as being a huge problem. They do exist, though.
Before biometrics, I would eventually know everyone in my home's pin unless I made a conscious effort to always look away each time they unlocked their phone.
I'd be cautious to use anything but biometrics on a crowded train.
I'm much more security-focused than most, and I don't use these features. I don't think that using them presents a real security problem for most users or anything, though.
The reason I don't use them is that I don't think they increase security enough to be worth the additional hassle and battery drain.
Edit: spelling
Payne was required as a part of his parole to reveal the passcode/password to his electronic devices. He had already told, when asked, the officer the color and location of his phone, then when asked for the passcode he denied the phone was his. That's when the officer physically forced him to unlock it with his thumb (this is the contentious part in the case).
The fourth amendment challenge against the search starts on page 10, and the fifth amendment challenge on page 21. The fact that he was a parolee substantially factors into the decision regarding the fourth amendment challenge.
https://www.forbes.com/sites/thomasbrewster/2021/11/29/fbi-n...
Press and hold side button + volume up (or down) button until you see a slide to power off screen.
You don't have to do anything - at that point biometrics have been disabled and only a pin will unlock the phone.
Parolees have restrictions placed on them as part of their release, including the right of police to inspect things on their person and property. If parolees find those conditions burdensome, they are more than welcome to reject parole and finish their sentence as it was originally imposed.
The word "parolee" is mentioned 99 times in the judgement. This is very much about someone who is on parole, who agreed to let law enforcement access their devices, and not about an average person that isn't under parole.
If you keep incriminating documents in a safe, the police have every right (with a warrant) to cut it open and get the documents. If the safe has a code, you don't have to share the code, but only because SHARING the code requires you to be "a witness against yourself" in violation of the 5th amendment, not because you have a right to privacy in the safe.
It's hard to justify giving a fingerprint as being a "witness against yourself". So with a warrant or other relevant due process it's hard to object.
That said, I think bigger problems with this standard are coming down the line eventually.