Cyrus Farivar of Ars Technica reports that Senator Al Franken has been asking Apple CEO Tim Cook some good questions. Here’s part of the Senator’s letter:
Does Apple consider fingerprint data to be the “contents” of communications, customer or subscriber records, or a “subscriber number or identity” as defined in the Stored Communications Act?
(10) Under American intelligence law, the Federal Bureau of Investigation can seek an order requiring the production of “any tangible thing[] (including books, records, papers, documents, and other items)” if they are deemed relevant to certain foreign intelligence investigations. See 50 U.S.C. § 1861.
Does Apple consider fingerprint data to be “tangible things” as defined in the USA PATRIOT Act?(11) Under American intelligence law, the Federal Bureau of Investigation can unilaterally issue a National Security Letter that compels telecommunications providers to disclose “subscriber information” or “electronic communication transactional records in its custody or possession.” National Security Letters typically contain a gag order, meaning that recipients cannot disclose that they received the letter. See, e.g., 18 U.S.C. § 2709.
Does Apple consider fingerprint data to be “subscriber information” or “electronic communication transactional records” as defined in the Stored Communications Act?(12) Does Apple believe that users have a reasonable expectation of privacy in fingerprint data they provide to Touch ID?
I look forward to Apple’s answers.