Slashdot Mirror

← Back to Stories (view on slashdot.org)

Phone Passwords Protected By 5th Amendment, Says Federal Court

Posted by timothy on from the good-luck-arguing-this-at-the-border dept.

Ars Technica reports that a Federal court in Pennsylvania ruled Wednesday that the Fifth Amendment protects from compelled disclosure the passwords that two insider-trading suspects used on their mobile phones. In this case, the SEC is investigating two former Capital One data analysts who allegedly used insider information associated with their jobs to trade stocks—in this case, a $150,000 investment allegedly turned into $2.8 million. Regulators suspect the mobile devices are holding evidence of insider trading and demanded that the two turn over their passcodes. However, the court ruled, "Since the passcodes to Defendants' work-issued smartphones are not corporate records, the act of producing their personal passcodes is testimonial in nature and Defendants properly invoke their fifth Amendment privilege."

4 of 178 comments (clear)

  1. A sudden breakout by fishscene · · Score: 5, Insightful

    ...of common sense no doubt! I love hearing stories of correct implementations.

  2. But your finger prints is not protected by Anonymous Coward · · Score: 5, Interesting

    by the fifth Amendment.
    http://time.com/3558936/fingerprint-password-fifth-amendment/

  3. Work Issued by The+Raven · · Score: 5, Funny

    While I agree with the ruling, I must say that any idiot who uses a work issued phone to conduct illegal business is a special kind of idiot. There is no bus short enough.

    --
    "I will trust Google to 'do no evil' until the founders no longer run it." Hello Alphabet.
  4. Re:Finally by ArmoredDragon · · Score: 5, Informative

    No, not at all.

    Anybody who is even slightly versed in proper IT security terminology knows the difference between "who you are", "what you have" and "what you know" authentication factors. (Along with the difference between authentication, authorization, and accountability, and the concepts of integrity and nonrepudiation. If you don't know any one of these, then you haven't been properly trained in information security.)

    A key is "what you have", whereas a fingerprint is "who you are". You can't claim the 5th on either of those. You can however claim the 5th on "what you know" which is what a password is. However if you, for example, write down the password somewhere, that can be considered a "what you have" and wouldn't be protected by the 5th.