Apple is expected to unveil its new flagship iPhone today, and some of the most notable changes—aside from that rumored $1,000 price tag—are new software features that will make it harder for law enforcement and others to get into customers’ devices.
The features are likely to reinforce Apple’s reputation for protecting privacy, and could create new controversies in courtrooms and at the border. Here is an overview of the security changes (which Apple is expected to confirm today), why they matter, and what people are saying about them.
What are the new security features?
According to leaked reports, the upcoming version of Apple’s mobile operating system, iOS 11, will bring three changes to make devices more secure. The first is an option to make an “SOS” call to emergency services or a trusted contact by rapidly pressing the power button five times. Doing so will also disable the TouchID system, meaning a locked phone can only be opened with the passcode instead.
The second is facial recognition software that will reportedly replace the TouchID system on high end iPhone models (and maybe all of them). This means that, instead of using a finger or thumb to unlock the device or verify a transaction, the user will use the camera to scan their face.
The third feature is arguably the most important. It will require a passcode to be entered when the phone is paired to a new computer. Right now, a user (or a cop or a border agent) can simply tap “Trust this Computer” on an unlocked device when plugged into an unfamiliar computer. Now that person will need to know the passcode.
When do the new features arrive?
The features were described in a series of third-party reports, most notably from the ElcomPost security blog that came out prior to Apple’s official announcement. As such, they need to confirmed by Apple. The facial recognition feature will come with some of the new phones when they go on sale next month later this fall. The other two features will be available to all iPhone owners when Apple releases the iOS 11, which will reportedly take place on September 19.
Why are the new features so important?
The new facial recognition technology, if it is successful, will provide a more secure and convenient way for users to unlock their phone and authorize certain actions. The technology could also be used with third party apps, like banking software, to conduct transactions.
The SOS feature, meanwhile, appears less significant because it is already relatively easy for a user to make an urgent call or to disable Touch ID.
Meanwhile, it is the third feature—the changes to “Trust This Computer”—that are drawing the biggest attention in security circles. This is because it makes it much more difficult (as explained below) for law enforcement to download the contents of someone’s iPhone.
What does this have to do with cops and borders?
Right now, civil libertarians are concerned that it’s too easy for police officers and border agents to suck up the contents of an iPhone (which contains a huge trove of personal data) just because they can. Under the current version of iOS, law enforcement can download an iPhone’s contents by persuading a user to unlock it or by forcing them to use their thumbprint (which is legal). Once the phone is unlocked, they can plug it into a computer and simply click yes to the “Trust this Computer?” prompt.
Now, however, law enforcement must know the password to transfer the iPhone contents to a computer. And, unlike with thumbprint unlocking, there is a legal grey area—concerning Fifth Amendment rights over self-incrimination—over whether cops can force suspects to disclose a password.
Get Data Sheet, Fortune’s technology newsletter.
What are the reactions to the new security features?
The feature that is receiving the most attention (in part because Samsung has had facial recognition for awhile) is the new “Trust this Computer” requirements. According to Pepijn Bruienne, a senior engineer at Duo Security:
[T]his is a very welcome addition to both protect the owner against law enforcement attempts to casually acquire data from the device without permission or authorization (again, this depends on their ability to force passcode entry) and may also work as something of a passcode-enabled “USB Condom” for situations where the user may not have been expecting a connection request to their device (public charger, airplane, etc) and could raise the awareness that a simple “Trust this device?” prompt might not.
Meanwhile, Jameel Jaffer, a prominent civil rights lawyer had high praise for Apple:
The border-search doctrine is an anachronism and a First/Fourth Amendment travesty. @Apple is doing God's work. https://t.co/KDVOG7ImeO
— Jameel Jaffer (@JameelJaffer) September 8, 2017
Finally, Nicholas Weaver, a computer scientist who wrote about the new features on the LawFare blog, noted, “This will be a welcome change for those–like myself—uncomfortable with the extent of border searches, but it will surely cause a few law enforcement headaches.”
