Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Patents Crime IOS Iphone Operating Systems Privacy Security Software Apple Technology

Apple Patenting a Way To Collect Fingerprints, Photos of Thieves (appleinsider.com) 90

An anonymous reader quotes a report from Apple Insider: As published by the U.S. Patent and Trademark Office, Apple's invention covering "Biometric capture for unauthorized user identification" details the simple but brilliant -- and legally fuzzy -- idea of using an iPhone or iPad's Touch ID module, camera and other sensors to capture and store information about a potential thief. Apple's patent is also governed by device triggers, though different constraints might be applied to unauthorized user data aggregation. For example, in one embodiment a single failed authentication triggers the immediate capture of fingerprint data and a picture of the user. In other cases, the device might be configured to evaluate the factors that ultimately trigger biometric capture based on a set of defaults defined by internal security protocols or the user. Interestingly, the patent application mentions machine learning as a potential solution for deciding when to capture biometric data and how to manage it. Other data can augment the biometric information, for example time stamps, device location, speed, air pressure, audio data and more, all collected and logged as background operations. The deemed unauthorized user's data is then either stored locally on the device or sent to a remote server for further evaluation.
This discussion has been archived. No new comments can be posted.

Apple Patenting a Way To Collect Fingerprints, Photos of Thieves

Comments Filter:
  • TFA doesn't say why this would be legally fuzzy.

    • TFA doesn't say why this would be legally fuzzy.

      I don't see what's legally fuzzy about this either. Since when did privacy rights of thieves trump owner's rights to recover their property?

      • A burglar in someone else's house has no expectation of privacy. A thief using someone else's property has no expectation of privacy.

        • Re: Privacy (Score:4, Interesting)

          by BlackSabbath ( 118110 ) on Thursday August 25, 2016 @07:50PM (#52772681)

          Is that a legal opinion or a "common sense" one?
          I don't have a clue what the law is on this matter and am genuinely interested.

          • IANAL but I don't think you need to even get to the "right to privacy" legal theory. It's your device, and you can give it permission to capture and store biometric data and upload it to the cloud. If somebody picks up and uses your device, any information they give it, biometric or otherwise, becomes your information provided it isn't trademarked or copyrighted, and even if they somehow manage to do those things for their biometric data and likeness of their face, capturing it for your own personal use (su

          • by Anonymous Coward

            It can get fuzzy. Generally, from EU laws, the thief has rights to their own data. For example: I steal your phone, I wipe it and put my data in there, and that data belongs to me and cannot be disclosed to the original owner. Sharing of such data tends to require law enforcement requests. Same if someone is dumb enough to hack an online account and enter their personal details.

          • by JBMcB ( 73720 )

            Guests in someone else's home do not have an expectation of privacy. I'd say a burglar certainly doesn't.

            https://www.law.cornell.edu/su... [cornell.edu]

            Not to much of a stretch extending that to a thief using someone else's computer/phone/etc...

        • by Macdude ( 23507 )

          And a thief who hurts himself breaking into your house shouldn't be able to sue you for damages but he can. In general taking a picture isn't an issue (although that might depend on what else is in the picture) but recording their voices would be.

        • by Anonymous Coward

          So what of the good samaritan who finds the device and accidentally brushes the fingerprint reader in his efforts to return it to its rightful owner. Has said do-gooder accidentally given up his rights of privacy and biometric security in so doing? Will apple share this data with all the LEO's without said nonuser's permission?

          • You have to bring the lock screen up and then carefully hold your finger on the button while it scans. A simple accidental brushing of the scanner wouldn't suffice.

      • This could be abused to collect fingerprints from non-theives by allowing them access to the device. It could get legally fuzzy where children are involved.

        • by jtgd ( 807477 )

          The FBI's dream come true — collect the fingerprints of every citizen.

          You know it will happen.

          • The FBI's dream come true — collect the fingerprints of every citizen.

            You know it will happen.

            or at least a thumb print.

      • by GuB-42 ( 2483988 )

        Because the software doesn't know who is a thief and who is a legitimate user. It only track authentication errors.
        It is probably legal but Apple has to be careful before implementing it especially if it is on by default.

        For example, imagine you are drunk, you try to unlock your phone and fail (because you are drunk). The phone takes a picture of you and sends it to where you don't want drunk pictures of you to end up. If it is the default behavior, I think you can claim some invasion of privacy.

    • Apple may have to come very clean about how this works or it may not hold up in court.

      • by Jeremi ( 14640 )

        Apple may have to come very clean about how this works or it may not hold up in court.

        I doubt it is intended to hold up in court. More likely the idea is to provide the phone's owner (perhaps in conjunction with the police) with information about who took their phone, so that they then know where to look to find more solid evidence.

        • Well it's interesting since the iDevices don't store a fingerprint. They store a hash of the results of a fingerprint sensor. It's not like they can reconstruct a real fingerprint and send it to the FBI. For it to be useful in a forensic sense it the perp would have to put her finger on an 'Apple fingerprint hash device' whose internals were open enough to satisfy a well heeled defense team and Apple use the device to say this person was or was not the person who fingered the phone at a certain time. S

          • Probably isn't intended for individual thefts. Instead it'd be an interesting way to associate a single individual with a large number of thefts.

            Also if that individual has his own iPhone, they can compare the hashes and tell the FBI who has likely been pickpocketing folks at the such and such venue. Then they can just trail him and catch him in the act, or use it as probable cause to do a search of the location the phone is currently in.

            It could also be interesting to assume the "thief" is acting in good f

    • by Anonymous Coward

      This is *really* fuzzy. This means there's a private company gathering fingerprint data without the consent of the people whose fingerprints they're gathering.

      Imagine this: you friend gives you his iPhone to hold for a second while he does something, and your finger is read by the Touch ID system. This means Apple now has your biometric data without your consent and your options to make sure it's deleted and/or not misused are very limited.

      The adoption of this type of system would mean a lot of legal troubl

    • by Anonymous Coward

      TFA doesn't say why this would be legally fuzzy.

      Your 14 year old daughter tries to answer a text while changing out of her bathing suite at the pool, because her fingers are prune-ey the phone doesn't recognise her finger print so it snaps a photo of her and uploads it to your family iCloud account so you can identify the "thief" and because she was in a state of undress at the time you're now guilty of having kiddy porn on your iCloud account.

  • Why do I feel like (Score:5, Insightful)

    by waspleg ( 316038 ) on Thursday August 25, 2016 @07:19PM (#52772557) Journal

    this will just be used to collect biometric data of anyone who touches the phone and then be coupled later with other data to mine for ad scum and other equally vile and nefarious purposes?

    I think it's interesting that Tim Cook comes out as some big privacy advocate but iDevices have unique advertiser ids and they're doing shit like this. It's more like who-can-be-most-evil-first race to the bottom of totalitarian turn key nightmare waiting to happen.

    • by PhunkySchtuff ( 208108 ) <kai@autoSLACKWAR ... .au minus distro> on Thursday August 25, 2016 @07:24PM (#52772573) Homepage

      Oh, you mean the unique Advertising Identifier that's in every iOS device? Yes, that one that you can reset at any time?
      https://support.apple.com/en-a... [apple.com]

      • by AmiMoJo ( 196126 )

        Is there an app to reset it every 5 seconds?

    • If this is something you worry about (I do too) I sincerely hope you don't use Android or other Google products. Unlike Google, Apple has no incentive to collect and mine your personal information. They make money off hardware, not profiling you and selling your eyeballs to, literally, the highest bidder. Even the advertising identifier, which you can reset, is an attempt to reign in user tracking. Apple Pay generates a unique ID for each transaction rather than handing your information over to the store
    • by AHuxley ( 892839 ) on Thursday August 25, 2016 @08:48PM (#52772961) Journal
      Its a stingray (IMSI-catcher) with more options for anyone using the phone, on any network.
      Voice prints, logs, text, images, remote mic on, gps, facial recognition and now fingerprints. Ready in a nice gov spy app from any local contractor.
      Parallel construction will never be more easy to get unexpected fingerprints from any user on any cell phone connected.
      It will all be sold as security for the consumer, the national security part been hidden deep in the fine print again.
  • by hcs_$reboot ( 1536101 ) on Thursday August 25, 2016 @07:29PM (#52772589)
    - Oops sorry, we thought you were a thief
    • by AmiMoJo ( 196126 )

      It might be illegal in the EU, due to data protection laws. The police have specific exemptions for collecting evidence, but Apple doesn't.

  • by turkeydance ( 1266624 ) on Thursday August 25, 2016 @07:39PM (#52772623)
    Timothy? you, again?
  • by Anonymous Coward

    So, since those little utilities of the 90s and 00s that used your web cam to snap a picture whenever someone logged in and/or every X minutes of computer usage weren't designed for cell phones, Apple is allowed to patent the same thing but on a mobile device.

  • by Gadget_Guy ( 627405 ) on Thursday August 25, 2016 @07:49PM (#52772669)

    How is this deserving of a patent? It's blindingly obvious to use the sensors available on a device to do their job? And activating the sensors has been done before, like activating a camera remotely [smh.com.au] or the feature built-in to phones now to get the GPS remotely. As soon as I heard about them adding fingerprint sensors to phones I immediately about how useful it would be to get the fingerprints of thieves.

  • by Anonymous Coward

    My dad's house just got robed a few weeks ago, some idiot stole some electronics and vandalized the place, the police told him there wasn't time or manpower to look for fingerprints. My dad found a good set around a door frame and photographed it himself, they told him they were not interested in pursuing the case because there were murders and drug cases much more important.
    The FBI said if there wasn't anything stollen more than $50k, they wouldn't do anything.
    He's a retired ex-vietnam vet now with a vende

  • Given the idea (which is old) 'wouldn't it be nice to be able to find people who steal phones' - the idea of 'let's use all the sensors in the phone to do so' is what occurs to anyone with the tiniest modicum of a clue in under a second.
    http://wiki.openmoko.org/wiki/... [openmoko.org]
    http://wiki.maemo.org/User:Mar... [maemo.org]
    'What's working

    Geolocation info
    Network info
    Take screenshot
    List of running programs '
    Are just

  • There have been several articles on /. about high-profile people taping off [slashdot.org] their laptop cameras [slashdot.org] as they're afraid of it being switched on without them knowing, recording whatever they're doing.

    Laptop cameras have an LED to indicate they're active - some may be circumvented and switched on without triggering that indicator, sure, but not all and it's not that easy. Mobile phone cameras don't even have such an LED, there is no way to see when I look at my phone whether a camera is active or not. A camera, as

  • #whatcouldpossiblygowrong
  • by Anonymous Coward

    I thought most fingerprint readers were by design not supposed to reveal a whole fingerprint image, only representative data for matching purposes (whorl/junction info). For legal purposes, don't they need to capture the true fingerprint image though, for later unimpeded matching? Otherwise the only way to match thief to data would be to have an iDevice ID machine at a police station for the perp to swipe prints with to see if the data matches. Unless Apple is offering to pregenerate their data from FBI fin

  • by Anonymous Coward
    When the iPhones first introduced the fingerprint reader we were assured that customer's biometrics were protected because they'd never leave the phone, that the phone itself only stored the algorithmic results of the user's fingerprints, not the fingerprints themselves. Now we're seeing this...

    As for offloading the biometric data, Apple says server-side systems may be able to cross reference fingerprint and photo information with an online database containing information of known users.

  • So Apple products become toxic: Don't touch it! Don't point even! And you haven't seen enough of that one, before it saw you.
  • To lock out people who aren't their customers from anti-theft tech. Big hearted guys.
  • My iPhone was stolen recently; I put it in "lost mode" as soon as I could, and two days later it surfaced 1'000 km (and 2 countries...) away. I would have been nice if it could have captured the thief's fingerprint. As long as this feature is only actived in "lost mode", I don't see legal issues.

    I don't think that such a feature would have a great impact on how many stolen iPhones are recovered; however, it may reduce the number of stolen ones.
  • i only have my thumb and middle fingers in my phone, on purpose, and still accidentally pointer finger it sometimes. boy is apple going to be surprised when i accidentally use my penis.
  • Cerberus (and probably others) has had the ability to take a photo on failed auth for at least a few years, and if I remember correctly, it's configurable as to how many auth attempts it takes before it snaps a photo.

  • Oh the jokes could just roll on and on with this one.

How many hardware guys does it take to change a light bulb? "Well the diagnostics say it's fine buddy, so it's a software problem."

Working...