Skip to main content

Sen. Al Franken letter grills Apple’s Tim Cook over Touch ID fingerprint sensor

iPhone 5s Touch ID confirmation
Image used with permission by copyright holder

Apple says your fingerprint data stored on your new iPhone 5S is encrypted and secure. But Sen. Al Franken (D-MN) just wants to double check.

In a letter sent to Apple on Thursday, Franken asks Apple CEO Tim Cook all the important questions about the company’s fancy new fingerprint sensor, which is embedded in the Home button of the iPhone 5S. Can third parties use Touch ID data to recreate a user’s fingerprints? Will third-party app developers have access to fingerprint data? Can the FBI make someone unlock their phone? And so on.

Recommended Videos

If Cook responds to these questions in full – and he should – we will no longer have any lingering doubts and about the safety, security, and privacy issues that surround the sensor known as Touch ID.

“Passwords are secret and dynamic; fingerprints are public and permanent,” wrote Sen. Franken. “If you don’t tell anyone your password, no one will know what it is. If someone hacks your password, you can change it – as many times as you want. You can’t change your fingerprints. You have only 10 of them. And you leave them on everything you touch; they are definitely not a secret. What’s more, a password doesn’t uniquely identify its owner – a fingerprint does. Let me put it this way: if hackers get a hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life.”

In addition to addressing concerns about “hackers,” Franken delves into very specific questions about the ways in which law enforcement, including the FBI, can use our fingerprints, and the Touch ID unlocking mechanism against us.

For example, U.S. law allows FBI agents to force a person to turn over “tangible things” through the use of a court order. “Tangible,” in this case, means physical or digital items that you can see or touch. What the FBI cannot do, thanks to the Fifth Amendment’s protection against self-incrimination, is make someone reveal something they KNOW. This is an crucial distinction, as it relates to Touch ID. An FBI agent could not demand that you unlock your iPhone, if you’ve locked it with the 4-digit pin (which is still an option, BTW). But what about the fingerprint lock? A fingerprint is, after all, something you can see, and is not knowledge in the same way a 4-digit pin is – a point Electronic Frontier Foundation Staff Attorney Marcia Hoffmann recently drilled home at Wired.

While this will surely be an issue for the courts to decide eventually, Franken wants to get Apple’s take on the record, asking, “Does Apple consider fingerprint data to be ‘tangible things’ as defined in the USA Patriot Act?”

Franken even goes so far as to ask, “Does Apple believe that users have a reasonable expectation of privacy in fingerprint data they provide to Touch ID?” That term “reasonable expectation of privacy” is key – a legal phrase that defines what types of data or information law enforcement may access without search warrant under the Fourth Amendment. If there is no reasonable expectation of privacy, there is no search.

We’ll be waiting to see how Cook (i.e. Apple’s lawyers) answer these questions, which every Apple iPhone 5S customer deserves to know. However, for now, we’re not going to let ourselves get worked up. Apple has put a lot of effort into making our fingerprints safe. And besides, if the FBI wants our prints, they can get ’em – we leave them everywhere we go.

Read Franken’s full letter here.

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
One of the largest U.S. states is supporting driver’s licenses in Apple Wallet
Apple Wallet showing a California digital ID.

The wait is finally over — the state of California is beginning to roll out support for digital driver’s licenses and state IDs in the Apple Wallet app on both iPhone and Apple Watch, Apple announced today.

Yes, if you live in the Golden State, you will soon be able to get your digital ID in Apple Wallet.

Read more
How to add your driver’s license to Apple Wallet
Person accessing a state ID using the Apple Wallet on an iPhone.

Apple has broken new ground by allowing iPhone users' Apple Wallets to serve as official identification if equipped with a driver's license or state ID. There isn't currently a huge use case for the tech, as only a handful of states -- including Arizona, Colorado, Georgia, Maryland, and Ohio -- recognize Apple Wallet as legitimate ID. However, Apple has a whole list of other states in the U.S. that the company expects will follow in the coming months.

Read more
Elon Musk tells Tim Cook he doesn’t want Apple’s ‘creepy spyware’
elon musk stylized image

Elon Musk has lashed out at Apple’s plan to partner with OpenAI to bring artificial intelligence features to the iPhone, telling Apple CEO Tim Cook directly to “stop this creepy spyware” and threatening to ban iPhones on the premises of his companies -- SpaceX, Tesla, and X (formerly Twitter).

Apple announced the partnership with the ChatGPT maker on the opening day of its Worldwide Developers Conference (WWDC) on Monday. But just a few hours later, Musk fired off a number of X posts expressing his annoyance at the plan, calling it “an unacceptable security violation.”

Read more