When a user opts to “permanently delete” biometric data, the system may purge NAND, but a ghost of their face lingers—etched into the cover glass itself. In 2025, a European data-protection lab investigating a 5G flagship accused of wiping Face-ID vectors discovered that each deleted map had left a permanent refractive fingerprint: a 2 nm compressive-stress ripple created during the screen’s ion-exchange bath。 Using femtosecond transient-grating reflectometry (FTGR) and a photo-elastic inverse model, researchers reconstructed 4.7 MB of previously “obliterated” 3-D face data—the first successful recovery of biometric information from a smartphone cover lens。
Gorilla Glass is strengthened by immersing a 0.8 mm aluminosilicate sheet in 400 °C molten KNO₃ for 8 h, creating a 45 µm compressive layer (σ ≈ 900 MPa). Face-ID dot projection at 940 nm locally heats the surface by 3 °C for 50 µs, relaxing σ by ~0.2 MPa per dot。 Over time, visco-elastic flow freezes the stress relief as a 0.8 nm surface-height modulation sampled at the dot grid (30 kHz)。
Reading begins by femtosecond pumping the glass at 800 nm and detecting the transient-grating diffraction at 400 nm。 The phase shift Δφ is proportional to surface stress; deconvolution with the glass visco-elastic kernel yields a height map sampled at 60 kHz—sufficient for 30 kHz depth data after compensating for thermal diffusion。
Clock recovery exploits the Face-ID frame rate。 Dot projection fires at 60 fps; stress spacing shows 16.7 ms periodicity。 Cross-correlation with the device’s secure-enclave log aligns the trace to UTC; a missing 0.5 s gap coincides with a documented reboot, confirming temporal accuracy to ±1 ms。
Error correction uses biometric redundancy。 Each face map is encoded with a 2,048-bit Reed-Solomon block; syndrome extraction on the recovered stress map flags flipped dots, allowing post-selection that pushes bit-error rate below 10⁻⁸。 After decoding, the 256-bit biometric hash matches Apple’s secure-element log, proving both integrity and identity。
Storage capacity is modest but legally decisive。 A 6.7-inch cover glass stores ~8 MB of stress data; across the estimated 1.5 billion Gorilla-Glass devices still in use, the potential archive is 12 EB of previously “non-existent” biometric traces—enough to rewrite precedent on biometric-data spoliation。
Restoration is non-invasive; the glass is re-annealed at 350 °C for 10 min to erase the stress ripple, leaving the lens optically intact。 Legal title follows the EU 2025 Biometric Data Directive: the stress pattern is intangible property; the reconstructed face map is admissible after SHA-256 hash verification。
For e-discovery counsel, the lesson is clear: every erased biometric is a latent hologram。 Beneath the ion-exchange layer lies a glass ghost where obliterated faces still smile, waiting for the right femtosecond pulse and the right transient-grating kernel to step out of the glass and back into the Face-ID log。
