Skip to main content

The FBI used a suspect’s face to unlock his iPhone in Ohio case

The FBI used a suspect’s face to unlock his iPhone in Ohio case


There is a legal difference between a passcode and something like Face ID

Share this story

A woman using Face ID
Photo by Dieter Bohn / The Verge

When Apple debuted Face ID with the iPhone X last year, it raised an interesting legal question: can you be compelled to unlock your phone by looking at it? In an apparent first, Forbes reports that the FBI got a suspect to unlock his phone during a raid in August.

In August, the FBI raided the home of Grant Michalski, looking for evidence that he had sent or received child pornography. They were armed with a search warrant [warning: this documentation contains explicit descriptions of sexual abuse] which allowed them to search Michalski’s computer for evidence, and during the raid, agents recovered his iPhone X.

The agents who found the iPhone asked Michalski to unlock the device via Face ID, which he did. They “placed the [phone] into airplane mode and examined it by looking through the files and folders manually and documenting the findings with pictures.”

There is a difference between a passcode and a facial or fingerprint recognition system

As my colleague Adi Robertson noted last year, courts have ruled that there’s a difference between something like a facial or fingerprint recognition system, and a passcode that you type into your phone. As Apple and other companies have pushed for facial recognition systems, it was only a matter of time before a case like this would pop up.

While Michalski cooperated on the scene, the FBI was locked out of the device, because they didn’t have his pass code. They asked for and were granted a second search warrant, which grants them the authority to conduct a more thorough search of the device. It doesn’t appear that they will use Michalski’s face again to unlock the phone; the affidavit notes that both the Columbus Police Department and Ohio Bureau of Criminal Investigation possess devices that would allow them to bypass a phone’s passcode.