The truly interesting bit, will be when a case of (real or alleged) multiple hidden encrypted volumes is publicized.
If the government feels the information they want is on a laptop, the laptop's owner would suddenly find themselves forced to prove a negative (there are no more hidden volumes), lest they be held in contempt.
If they can seemingly compel you to reveal something they can't proven even exists and lock you up until you can prove that it doesn't, the door for abuses isn't even wide open; it'll have been removed from its hinges along with most of the wall.
US v Hubbell makes clear that the government cannot compel production of documents (except under immunity to prosecution) which it does not know, ahead of time, to exist.
Every case is a little different, but investigators do need probable cause to search a laptop.
This is a mortgage fraud case involving years of criminal activity, so I'm guessing that it's probably not too hard for the prosecution to produce witnesses who can say "yes, she sold me that crappy mortgage and used her laptop when I went to meet with her.", or direct information of her internet usage (ISP, or logs from cable modem), or observation of her using the laptop by police during the investigation.
the DOJ have laptop (like a knife in a murder case). According to Miranda, the defendant have the right to remain silent (incl. all kinds of communications, ie. oral, keyboard typing, Morse alphabet using campfire smoke, etc... ) and, in particular, can't be compelled into communicating any information in connection with her/his using of the laptop (or murder knife), while the DOJ is free to have as much witnesses as they can describing defendant's usage of the alleged crime tool.
Miranda doesn't apply, here. That derives from the 5th amendment, but it pertains to police interviews after arrest. The ability to obviate the 5th amendment by offering immunity amounts to a way to compel potentially incriminating testimony. It's likely that eventually the question here is going to be the extent of the immunity required to compel testimony of the password: just immunity for information contained in the password itself, or for information contained in the files it unlocks?
So the moral of the story is, conduct your criminal activity via software running on an external server on a TrueCrypt partiton, and always interface with it via Tor?
Then they can't prove it's "your server" and thus order you to reveal the key.
(For example, if you have access to a credit card not in your name, you can set up an EC2 micro instance for free for a year. Then install TeueCrypt and be on your merry criminal way. What could the DOJ do?)
The DoJ would simply get a judge to sign an order giving their forensics lab a snapshot of the virtual machine with the key sitting decrypted in RAM. Amazon would be under a gag order not to tell you that they even had it (not that Amazon would even care to tell you anyway).
If they wanted to pin it to you, they could easily show timing correlations between your client system activity and the VM activity. Probably they would also go to the person who lent you their credit card and threaten them with prosecution unless they fingered you.
Cryptography is not going to save you from prosecution if you do any noteworthy crime. There is no security "in the cloud" from any government with a jurisdictional or financial relationship with the provider. (Though Tahoe LAFS is an interesting project).
The legal system allows them to do things analogous to that, such as compelling someone to open a safe to enable arbitrary access to the contents (as mentioned in the article). Presumably they must suspect that the safe contains documents relevant to the case.
So what if the govt suggests a document exists (claims to know exists) and therefore could be located on an encrypted volume is that grounds for them to force someone to decrypt that volume or be held in contempt of court?
If the government feels the information they want is on a laptop, the laptop's owner would suddenly find themselves forced to prove a negative (there are no more hidden volumes), lest they be held in contempt.
I think it will still be a requirement for the gov't to show that there's cause. In the same way that the gov't can't hold you if they suspect you know where a kidnapped victim is held, unless they have evidence that you do know where they're at (it's similar in that you don't have to prove a negative, rather the police must show that there's reason to hold you).
So they must have evidence that suggests there is another volume.
Suppose someone uses my wifi connection to hack into, say, a Sony server and retrieve a database of credit card information.
The government would have evidence and reason to believe I have that data. So, naturally, they'll get to seize my laptop and apparently can compel me to unlock it and allow them arbitrary access.
It seems to me that they don't know the stolen data resides on that laptop any more than they know whether I have a hidden volume that contains the data they're searching for. So if their evidence is good enough to compel me to produce a password, why would it not be good enough to insist a hidden volume contains the data and that I'm withholding the sought-after data?
If someone can simply say "nope, no hidden volumes here" and that's the end of it, it would be trivial to defeat a digital investigation.
In short, I'm skeptical about what defines the reasonableness of an investigation and this apparent power to compel arbitrary access to documents.
* The government 'knows' that you have a bunch of digital data, therefore it must be stored on a digital device. Therefore, all your digital devices are reasonably suspect.
* The government can't search your laptop without full access to files. If you have full-drive encryption (or even just homedir/per-user encryption), the government can reasonably claim that you haven't given then full access, with some amount of proof that there is encryption being used.
* Once you have unlocked your primary partition, the government would probably have a hard time convincing a judge that there is any reasonable way to know if you have a hidden partition, other than asking you with a polygraph... which I don't think you can be compelled to take.
I think the govt would have to use the same means it would use to prove that you know the whereabouts of a missing person.
They can't hold you forever (except maybe in enemy combatant like scenarios), much like if you picked up a girl from a club at midnight, and no one ever saw her again. Your claim is you dropped her off at her apartment at 3am, but there's no evidence of it. They can ask you what they want, but w/o more evidence they can't just lock you up forever.
But with more evidence, for example, if they find IMs where you mention that you've hidden something in hidden volumes, they may have more options open to them.
I guess my point is that this seems to fall into standard practice, more than this being a one off rule specific to hidden volumes.
Yea. Your point is that they can't lock you up forever based on the suspicion of a hidden volume. My point is that it would likely to be hard to them to reasonably assert a hidden volume, and even if they could assert a hidden volume, if you unlocked one but had several, they wouldn't be able to reasonably convince a judge of suspicion of several hidden volumes.
Then, having several is difficult since they all have to nest, and can't reside in parallel (i.e. the second hidden volume has to be inside the first hidden volume, it can't reside along side the first hidden volume within the top-level volume).
Thankfully that is not how truecrypt works. The volume would be reported as the full 2TB (or however large the container is), it is up to you to not use all the space (which you could do, it will just silently start overwriting the hidden volume. They would have nothing to go on other than you didn't fill the disk (who does?).
So, if my volume size is 100G on a 200G drive, I have 80G of data, If I write another byte, how Truecrypt knows it won't overwrite one byte of the hidden volume ?
No, since people everywhere don't use the full capacity of their hard drives. Hidden volumes look no different from empty space so that doesn't prove anything.
For her sake, she has a hidden & real TC volumes -- i.e. she has both a real and fake TC OS volume. I don't know of any other encryption methods that allow hiding a volume within another volume as such. Even so, if I boot up your fake volume and it's pretty apparent it hasn't been used in 8-months or simply has a blank My Docs folder, I don't know how that will go.
I suppose somebody could make the argument that all that unused space is slack or something like that ("Oh yeah I only use 20GB/200GB HDD). Though, as people have said, this is pretty new territory.
Perhaps I misread the article, but I didn't see a mention of whether this involved hidden TC volumes or not.
The standard method is to use one operating system in normal, day-to-day operations and another (in a hidden volume) whenever you're doing something sensitive or potentially illegal (you would also change the MAC address, not use it on your own wifi network, and so forth). However, it's probably too much to hope that most people actually realize this, especially criminals. Extremely paranoid people will have absolutely nothing incriminating on the computer, leave it unencrypted (to avoid suspicion), and use disposable flash drives with a small Linux image on them whenever they want to do something illegal. The flash drives are destroyed after one use.
Oh, and anyone smart enough to do that wouldn't describe their method on a public forum.
Also, your first sentence really irritates me: having the entire OS volume encrypted in no way means that you have two OS volumes, which you seem to be saying.
I didn't mean to imply that, I meant to imply one "should" have two different volumes with different operating systems as to ensure no artifices from your misdeeds are on the "day to day" volume (assuming said criminal is using Windows). I'm merely going off my understanding of the ideal TC setup, as I don't bother having one setup in such a manner.
I am of the opinion, as you stated, most criminals are not wise enough to go through the extra steps necessary to truly make TC hidden volumes reliable. From my experience, the extent of most peoples' tech savvy is running CCleaner or in the RAREST of cases Eraser. Though, I should say my experiences are 90% corporate.
IANAL ( Edit to include a reference for my opinions[1] )
The general argument for forcing someone to turn over the key to a door once compelled by the court is that it is commonly known there are other reasonable means by which to access the content the door protects that do not require the key:
1) Locksmith
2) Break the door down
3) Use a different door if one exist
These are reasonable methods as neither of them take a considerable amount of time, in many cases a reasonably consistent amount of time between unique cases, and are methods that are readily available in all markets and jurisdictions. This makes the case that the contents behind the door can be accessed through various methods, some of which do not require my involvement, therefor my not turning over the key is only nominally delaying the inevitable.
In the case of an encryption key that protects data, which once protected is only in the possession of the individual who also posses the key, this is very different IMHO.
It is very different for this simple reason:
If proper procedures have been followed, and certain encryption methods have been utilized, there is no reasonably consistent method for acquiring the original data other than information I posses in my mind.
I say reasonably consistent because if you had limitless resources and limitless time you could try every possible combination and at some point gain access. That is, however, unless the mechanism that relays the encryption key is not designed in a way as to destroy the data after N failed attempts.
In either case, no court can be reasonably certain of the time it would take to access the original data or if they would ever gain access at all. This directly conflicts with my right to a speedy trial and certainly conflicts with my right not to incriminate myself as I'm the only one who can provide access within a reasonable amount of time.
Right, so the Government's demand of my encryption key to unlock the contents of my "digital brain" is no less different than the Government forcing me to take some truth serum to force me to reveal something I don't wish too... because it would incriminate me.
And as far as I'm concerned, the 5th protects me from incriminating myself.
I think this was discussed here the other day (can't find the link, sorry). The thinking went something like this: a passphrase is equivalent to a combination wall safe and not to a lock with key: one requires a physical thing to open it, the other requires something within your head. The something within your head is equivalent to testimony.
The thing is, the court can compel you to open the safe. You don't have to reveal the combination but you do have to open it (or face contempt charges).
This is pretty much the same thing they are demanding from her - we don't want your password, we want access to your hard drive.
Technically it's not the same thing. Whether or not it is legally different is an entirely different matter - one that has not yet been resolved.
If the court decides that encryption is like a safe then, regardless of how impossible it is to open the safe without a key, the court can coerce you into decrypting your HD.
However, if the court decides that encryption is like a secret language that only you can translate (a more accurate representation of encryption, in my opinion) then they will likely rule that they cannot coerce you into decrypting the data.
I thought this quote by the DOJ was pretty ridiculous:
Public interests will be harmed absent requiring defendants to make available unencrypted contents in circumstances like these. Failing to compel Ms. Fricosu amounts to a concession to her and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases)
I don't like how they bring out the bogey-men of child pornography and terrorism to justify making her decrypt the drive.
Laying aside the emotional rhetoric, the point being debated is whether public interests will be harmed or not. What's clear is that prosecutorial interests will be harmed, but the entire point of constitutional rights is that sometimes there is conflict between the interests of those who prosecute crimes and the public interest.
For example, you could easily argue that having a lawyer present during interrogation harms public interests for exactly the same reasons: Child molesters, terrorists, and just plain naughty people will clam up and not give investigators information that could lead to a conviction.
We had that discussion, and south of the border you decided that public interests were harmed by not allowing a lawyer to be present and were further harmed by not warning suspects of their rights.
(Canada takes a different view with respect to the right to a lawyer for complex reasons.)
I can imagine that, like child pornographers, terrorists and drug traffickers, white-collar criminals leave a lot of incriminating evidence outside their own computers.
If Ms. Fricosu is so dangerous, if her crimes are so serious and widespread, sure there is evidence beyond the encrypted volumes in her computer. There is no crime without evidence. The DoJ should find the missing evidence and then, with a strong case, offer Ms. Fricosu a deal in that she gets some slack for revealing the exact extent and methods of her misdeeds.
As soon as I saw "...be it in child exploitation..." I skipped the entire content in parenthesis.
Whoever said that was not attempting to provide a logical argument, but to elicit an emotional response in the audience. The point would have (and should have) been made without the references to all manner of boogie-men.
Again, the best analog is a document handwritten in a made-up cipher. If someone finds a paper in a notebook that looks like it contains useful information but the actual glyphs used are unreadable to the masses, or the order of the letters are scrambled, or whatever other personal encryption scheme the defendant used when he wrote that note, can the government compel the defendant to reveal the key to his personal cipher? Can the government compel the defendant to not hand over the key to the cipher but provide a decoded interpretation of the message?
That is the correct analogy for this situation much more than safes or doors. Computer encryption is the same thing, just uses a common cipher and the information is encrypted millions of times faster than a human could crypt by hand.
I totally agree with you. And as I said in the other article about this, I simply don't believe it is the duty of citizens to help the government make their case.
The DOJ claims that allowing defendants to exercise their 5th amendment rights against self-incrimination would "make their prosecution impossible."
To which I say:
1. Your prosecutors are lazy and want to force criminals to prosecute themselves.
2. If the only external evidence of a crime is a private file on a hard drive, it seems to me that not much harm was done to society and we should leave these people alone.
It's worth it to trade letting some guilty people get away with it in order to have the freedom of conscience to write whatever we like in our computers and not be compelled to turn over our private writings.
If something bad was done to someone else, there's going to be evidence of it elsewhere: Contracts must be held by some other party, bank records, etc.
Is the prosecutor trying to claim the government needs access to the accused computer to convict her of a commercial crime? Are there no third parties involved who are in possession of useful records? No banks were involved in this mortgage fraud? Really???
"Decrypting the data on the laptop can be, in and of itself, a testimonial act--revealing control over a computer and the files on it," said EFF Senior staff attorney Marcia Hofmann.
I believe this is enough to get protection under 5th amendment. Giving password or providing decrypted content is already testimony against yourself saying that you control these files..
It's pretty astounding to me that if you write sometime in "code" (read: another language) you have to provide a way to "translate it" (into English I presume).
It's not my problem if others can't read my brain dumps.
What if she actually doesn't know the password? For example if it isn't her laptop or the password was written down and lost or it is an old encrypted volume which she doesn't use anymore, etc.
This is one of the reasons that I find the Fifth Amendment to be important. Without it, the DOJ could simply ask any murder suspect to reveal where they stashed the body and murder weapon, charging them with obstruction of justice or contempt of court if they didn't answer. This, of course, would be a serious problem if the accused didn't actually commit the crime.
Federal investigators and prosecutors aren't dumb. For all of those scenarios that you mentioned, it would be easy to tell whether or not this was a laptop that she used frequently.
Where did she get it from? (or from whom? - she should be able to say.) In what condition was the laptop found, on her desk? opened? screen saver on? or powered down? in a pile, covered in dust? any fingerprints or other signs of use? Any removable media present? They can look in her office for passwords written down. They can check her mobile devices for password managers and compel her to unlock those.
Understand for the case to even proceed to indictment (which happened last year), they have done all of this work to make sure that their case is pretty solid. There are pretrial hearings, and depositions and other things which lawyers do to answer all these questions about whether they can prove that she really should be able to provide the password.
None of those are reasonable or reliable indications that he/she is lying about having forgotten a password. There are fingerprints or signs of use? What if the defendant has been actively trying to remember the password, or has just done something as simple as moved the laptop's location to get it out of the way? Removable media present? What if it was left in there from when they did have use of the password and didn't have use for the media otherwise? And even if the computer is found on their desk, with the screensaver on, the defendant could have just forgotten the password, it happens and is expected especially if they tended to just barely remember the password before and just happened to forget it at that time.
The fact is, no matter how sure the prosecution is of the accused's guilt and the hard drive's content, the accused can still just have forgotten the password. That's it, just forgotten the password. and the accused could be innocent of the crime, and now facing inescapable prison time, all because they wanted to keep their personal financial documents safe and have an unreliable memory. That is not a reasonable way to carry about justice.
>None of those are reasonable or reliable indications that he/she is lying about having forgotten a password.
I agree fully, forgetting passwords happens. My AD account at work has a short, random password with a forgiving lifespan. Even though I have to enter it a few dozen times a day, following the long weekend I had for the 4th it took me 5 minutes of sitting at my desk before I remembered enough to make a few guesses at it.
If I went more than a week or so without opening my encrypted partition, the password is long, complicated and changed frequently enough that I will most likely forget it. I currently only know it by muscle memory.
Add to that that at least my muscle memory is especially flaky when I try hard to remember what I'm actually supposed to type and/or I'm otherwise under stress/nervous. Usually just not thinking about the password for 5 minutes works, potentially facing 10 years in prison is certainly not gonna help.
> Federal investigators and prosecutors aren't dumb. For all of those scenarios that you mentioned, it would be easy to tell whether or not this was a laptop that she used frequently.
Why doesn't the prosecutor ask banks and other parties for the records necessary to prove the accused is guilty? This is a mortgage fraud case right? Why can't they look at emails, contracts, bank records, and phone records that 3rd parties must have?
Since you can't defraud yourself, there has to be some other party involved who can turn over evidence against you.
If the prosecutor is so smart, why demand that the defendant incriminate himself? That is how the system in France works. Perhaps this prosecutor should move there.
Craig Price is a notorious serial killer from my hometown. They caught him when he was 15 and the law only provided that they could hold him till age 21. Sometime after the law changed to patch this hole, he was ordered the see a psychiatrist. Upon his refusal, he was held in felony contempt of court and sentenced to 10 years.
From the EFF: ""Decrypting the data on the laptop can be, in and of itself, a testimonial act--revealing control over a computer and the files on it"
This suggests to me that the prosecution has failed to prove that the laptop, or the data on the laptop, is hers. In which case, as I understand it, they would be unable to make a contempt charge stick.
Well, they can't force anything if only she knows the password. For what I've read they can only threaten with and convict for obstruction of justice, a felony.
So, depending on her mindset she can choose whether to become a convicted fraudster or a convicted but potentially innocent freedom and privacy fighter (with that 10-year sentence). I'm not saying that doing time isn't easy but...
Has anyone developed anything that would completely delete a disk when a decoy password is typed in, whilst displaying a fake OS instance filled with a legit looking my docs, internet history etc?
In that case you give them the decoy password and they clear your machine for you
This idea sounds nice, but in practice it will only be useful when the investigators are completely incompetent.
Any competent investigator will make backups of your disk, and work only on the backup. They'll probably also use their own tools to decrypt any content on the disk, rather than booting up the suspect's OS and relying on the suspect's tools.
Also, for trying something like this, you'll probably face additional destruction of evidence and obstruction of justice charges.
Use general-purpose computer parts, with some imagination.
One simple example:
Modify the power pins (in a USB keychain drive and a dedicated USB socket, naturally) such that +5v and ground are connected backwards.
Connect a diode in such a way that should the stick ever be plugged into an ordinary USB socket, power is applied to a small piece of nichrome igniter wire (model rocket store, or cannibalize any electrical heating appliance.)
The igniter wire is wrapped around a small magnesium ribbon glued to the exposed (use nitric acid) EEPROM die.
Make sure that the package still looks like a normal USB key from the outside, and is well-sealed to avoid unsightly smoke and light (if you do not take care to do this, you may well find "endangering a law enforcement official using an illegal pyrotechnic device" or the like added to the charges against you.)
And of course none of this will help if the enemy expects it. The above is merely an example.
OMG. With that much knowledge and creativity clearly you must be a terrorist. Or someone who grew up way back when the official US government policy was that kids should learn hands-on Science and Math.
In any case, you do something like that today you will frighten the living daylights out of enough technically-illiterate-but-powerful people that you will not get out of jail for a long long time, regardless of whether or not there is any reasonable justification for it.
Put it together correctly, and there will be no visible pyrotechnics. Just a USB stick which mysteriously fails to mount. AFAIK, most police agencies will not attempt chip-level data forensics, and perhaps no one will take the trouble to pry the stick open.
Know that any serious electronics tinkerer could come up with many tricks far more clever than this one.
And once again, one ought to compare the sentence for evidence destruction to that which your original crimes carry.
I don't think you can confine the energy you're talking about in the space of a USB stick without releasing some heat, light, noise, and/or smoke. The people handling your evidence are pretty sharp.
Once they notice anything funny, your "device" will be sent off to their bomb lab. They will have first-rate capabilities and, given the infrequency of actual bombs in the US, they'll probably have plenty of interested experts on hand.
There's a good chance that guy writing the report advising the judge of what you've done earned most of his hands-on experience with IEDs in Iraq.
I know you're not intending anything malicious, I'm just trying to explain to you the seriousness of what you're proposing.
I am a serious electronics tinkerer though and I find the idea of a secure-wipe facility interesting. You really want to look for ways to do it that don't set off any red flags.
Here's a good standard: If you wanted to productize such a device would you be able to get Underwriters' Laboratories to (UL) to safety certify it for use in the home?
> I don't think you can confine the energy you're talking about in the space of a USB stick
It is very much possible to incinerate a chip die within a compact, hermetically-sealed container without releasing smoke or other tell-tale signs. The US and other wealthy nations' armies use self-contained modules like this in their encrypted radio equipment.
Plus, if you need more room, you can mimic an external USB hard drive rather than a keychain drive.
> I'm just trying to explain to you the seriousness of what you're proposing
It is true that if your handiwork produces smoke, flame, noise, etc. I do not envy your fate. If it happens during arrest, the police might even shoot you. But if, on the other hand, nothing suspicious is seen when your equipment is seized, and weeks later detectives discover a few grams of molten slag where an EEPROM chip should be, I doubt you will be tried for having set off an illicit bomb.
You will still go to jail. A reason will be found to put you there - it isn't hard. "Give me six lines written by the most honest man..."
Perhaps it only makes sense to rehearse and plan for this data-destruction scenario if you possess secrets that remain important apart from any criminal case against you.
> If you wanted to productize such a device would you be able to get Underwriters' Laboratories to (UL) to safety certify it for use in the home?
This is very much the wrong question to ask.
Something like this can never become a consumer product. The government would never permit it to be openly sold, regardless of any safety considerations.
If you view law enforcement officials as your enemy, using unmodified off-the-shelf equipment, regardless of its rarity and expense, is simply stupid. Back doors are a near-certainty. And the only way I know of to securely and unambiguously wipe large amounts of data on short notice is combustion.
> And they're not going to jail for releasing smoke in a federal crime lab.
No, they merely stand to lose wars.
How long should a soldier expect to live if the enemy catches him in the middle of destroying encryption keys and understands right away that it is what he is doing?
> Name three hidden back doors from the US government. I can only think of one or two, making them pretty rare.
Are you serious?
Who are you trying to fool? This is an insult to the intelligence of every reader of this site.
How long should a soldier expect to live if the enemy catches him in the middle of destroying encryption keys and understands right away that it is what he is doing?
Cryptosystems are designed to protect military secrets, not an individual soldier in such a highly specific circumstance. It's not unheard of to have a "duress code" or other silent wipe functionality, but I doubt hiding the keypress effects from a local observer is a primary concern of infantry soldier gear.
The idea is that they would wipe the keys before they are captured. If they are captured in the act of wiping the keys that would be following standard orders. The radio operator would be worth more alive than dead, but he'd still better put his hands up when there's a gun in his face.
Are you serious? Who are you trying to fool? This is an insult to the intelligence of every reader of this site.
I'll take that as a 'no' then.
This back-and-forth is kind of frowned upon on this site. My email is in my profile if you'd like to continue the discussion.
Prosecutors stressed that they don't actually require the passphrase itself, meaning Fricosu would be permitted to type it in and unlock the files without anyone looking over her shoulder.
I wonder if anyone has thought of using more than one keys as a decryption possibility. I've always considered it, but never figured there'd be too much use. Say, have one correct key to decrypts data stored in one way, and another key to either "decrypts" into a pre-generated text, or another variation of what's stored. I guess it latter might be too content dependent.
And there is a system called Deniable Video extends that concept of plausible deniability to live audio & video. It's like TrueCrypt for real-time data.
Systems like PhoneBookFS, rubberhose and StegFS exist (or used to exist). They allow you to create volumes which can provide different data for different passwords, with no way to know the number of available passwords in advance. (You can look at the volume size, but there is some variability relative to the total amount of data stored, so that you can't really be sure.)
Will she need to be convicted first or can she go to the Supreme Court on what's happened so far? This seems like the perfect case to test the boundaries of electronic security.
IANAL, but from what I understand there have to be rulings from the lower courts first before a case can make it to the Supreme Court level. And even then the Supreme Court chooses which cases they want to hear and which they don't. So just because the case makes it to the Supreme Court, doesn't mean they'll decide to hear it.
What's even more frustrating is that the Supreme Court doesn't have to state any reasons for refusing to hear a case. They could just do it on a whim, or for some completely biased reasons and no one would ever know.
What we are actually seeing is how far behind the DOJ and FBI are behind in having competent computer forensics professionals as part of their human resources..
We saw the same thing with the Patriot Act..do not have proper staff? than by God make sure that the US constitution suddenly does not apply if traveling outside the US..
They have plenty of competent computer forensics guys and equipment. But even with all of that, proper encryption with a strong passphrase is infeasible to attack. Forcing the key holder to disclose the key is the easy, inexpensive first step.
What worries me about this precedent that your computer can be immediately taken from you and interrogated against your will, the computer will not be given any rights.
The computer needs the right to plead the 5th. One day far in the future, computers will be part of who we are. Basic Human rights was designed to protect humans, not the computers. When the computers integrate with us, I hope we can take back all the rights the courts have stolen. Pleading the 5th will be futile, as all the courts have to do is download your computer module and then scan the logs of what you did, where you did it, and what you were thinking when you did it.
This stuff is important, and needs a creative solution that stops the criminals while not making everyone a criminal.
Oh pedant, I thoroughly apologise for my ignorance. May my vegetables all die, my breath smell for eternity and my armpits flood with hair and engulf the earth.
There is a certain romantic man against the world sort of idea where I support this kind of privacy. Some kind of 1984 like scenario.. I'm thinking like someone writes some particular brand fiction for his own enjoyment, somehow it becomes illegal and he's now a criminal for his private thoughts or the contents of his private writings. Or practicing an outlawed religion in private or something. The reality of the most recent cases regarding this stuff is you've got some fairly petty thefts, child porn, and similar crimes. An investigation reached the point where a computer was seized, they drew suspicion,crimes may have been observed and recorded, it's not like they were randomly going through customs or pulled over by a police officer and the contents of their computer were requested. Are there any cases of note where the suspect or defendant has some sort of cause to champion?
If we accept that this encrypted space is protected by the fifth amendment, then why won't we just regulate that encryption needs a "law enforcement access key" or make such encryption just illegal? You can make a very compelling case that it's not serving any public good if you can list off criminals and crimes that have gone free because of it. That would make the very use of encryption potentially becomes a crime regardless of the encrypted information content. Is that not the logical next step?
I'll assert what I've asserted many times, here and other places: if you're breaking the law for some ideological reason and keep encrypted electronic records of it, you're way better not going to court and not being on any police or prosecution's radar than just banking on the encryption holding. Pirating movies on bit torrent isn't exactly civil disobedience either, that would mean doing so openly and publicly.
> it's not like they were randomly going through customs
> or pulled over by a police officer and the contents of
> their computer were requested
That happened in one case. The problem with that case, is that the guy unlocked the computer for customs, customs found child porn, they turned off the computer, and later on the guy refused to unlock the computer of them again. The issue with this is that the border agent already saw that there was incriminating evidence in the encrypted volume, which muddies the waters a bit. Granted, if he mentioned child porn in passing to the border agent, they couldn't force him to testify against himself and make that same statement later on (e.g. in court, or on video).
>If we accept that this encrypted space is protected by the fifth amendment,
the encrypted space isn't protected by the 5th Amendment. The content of your brain is. If the police finds the password written on post-it under the keyboard, they would have all the rights to use it.
>then why won't we just regulate that encryption needs a "law enforcement access key" or make such encryption just illegal?
1st Amendment. A right to produce all kind of communication garbage, incl. XOR-ed image of your brain with Antarctica map or quasi-scientific reasons against tax increases or this my post.
It's easy to see why you wouldn't want someone to decrypt your laptop.
What about Bernie Madoff? Wouldn't you be furious if all data produced by a corrupt hedge fund manager was encrypted? Wouldn't you want the DOJ to be able to hold them in contempt of court? If you hamstring your government, you aren't allowed to complain that it is ineffective.
"The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all." -- H.L.Mencken
There's a line, and past that line, law enforcement has no power to enforce laws at all. Removing the DOJ's ability to collect evidence is, in some cases, the equivalent to denying a detective access to a crime scene. If all productions of electronic evidence can be encrypted, and the defense is not forced to decrypt those files, then dirty corporations only need to encrypt everything to defend themselves in court.
Defense: "We produced everything you asked for."
Prosecution: "We can't even verify that statement. Decrypt it"
rights are rights because they allow you to do what would otherwise be illegal.
for example, there's no need for a right to free speech if you're only going to say things that everyone thinks should be said.
rights exist because some things are so important they are worth the cost of abuse.
At first blush it may be thought surprising that one should have a right to do that which one ought not. Is it not better to confine rights to that which it is right or at least permissible to do? But to say this is to misunderstand the nature of rights. One needs no right to be entitled to do the right thing. That it is right gives one all the title one needs. But one needs a right to be entitled to do that which one should not. It is an essential element of rights to action that they entitle one to do that which one should not. To say this is not, of course, to say that the purpose or justification of rights of action is to increase wrongdoing. Their purpose is to develop and protoect the autonomy of the agent. They entitle him to choose for himself rightly or wrongly. But they cannot do that unless they entitle him to choose wrongly. - Joseph Raz, The Authority of Law (p 266)
the final sentence of the quote above is hugely important.
Nobody has the right to avoid a reasonable search in the United States. You are protected by the fourth amendment from unreasonable searches, but you aren't going to convince me that a detective has no right, with a warrant in hand, to search a suspect's home for a murder weapon.
Similarly, you aren't going to convince me that a prosecutor, warrant in hand, has no right to search a computer for evidence of credit card fraud.
You still make the assumption that the prosecuted knows the password and is implicitly guilty.
Imagine for a second that I was less technically minded and didn't use encryption and I purchased a used laptop from someone who did, I then get caught up in the legal system (guilty or innocent for the charged crime, it doesn't matter, but I did not use encryption) and some prosecutor has a warrant to compel me to unlock that encrypted volume, else I be held in contempt. What now?
But, in the hypothetical counter example where the prosecution had evidence of you using the encrypted volume (let's say, a convincing photograph or video), would you then grant the prosecution the right to compel the decrypted information?
That actually was answered by a court quite recently, and is mentioned in the OP.
A guy going through border guards control somehow let them see he had illegal images on his laptop. The court concluded he is no longer protected by Fifth Amendment because of that, and ordered him to EITHER reveal the password OR give access to the (encrypted) content in question in some other way.
You would have explained the origin of the encrypted data on the laptop, and they would either drag the person who was the origin into the case as a defendant or have him testify. It's really quite simple; they're not just asking "what is the password?" and ignoring any answer that isn't the password, as you seem to think.
If you were to refuse to give the password under the grounds that someone you refuse to identify sold you the computer with the encrypted data already on it, then you would rightly be considered to be lying because that's the most plausible case for that behavior.
You would have explained the origin of the encrypted data on the laptop, and they would either drag the person who was the origin into the case as a defendant or have him testify. It's really quite simple
Assuming the original owner can be identified (I've bought a laptop off of craigslist with no way to find the previous owner even a day later), found (contact data is still valid, person is willing to cooperate with the investigation), is willing to corroborate your story (what if the laptop was, unbeknownst to the buyer, stolen property or the seller pleads the 5th and/or lies about the encrypted files), and that the prosecution is willing to believe the both of you.
It is simple, but relies on a WHOLE lot of faith in the system.
you would rightly be considered to be lying because that's the most plausible case for that behavior.
If you're going to be held in contempt (as the GP seems to be discussing) just for something that is the most plausible of options kind of destroys the judiciary's position of dealing with the complex unforeseen circumstances that arise in law. The most plausible situation is that OJ killed his wife, but we don't carry out justice with such imprecision.
>they're not just asking "what is the password?" and ignoring any answer that isn't the password, as you seem to think.
>If you were to refuse to give the password [...], then you would rightly be considered to be lying...
exactly. This is why you have the right to remain silent. You're not "refusing to give the password under the grounds", you're not giving "answers that isn't the password". You're just silent. A vegetable. Otherwise any answer, like you explained it yourself, can be used against you.
all i'm saying is that you can't say a right cannot exist because it lets bad things happen.
in this case, there may be a right to silence. i don't know (i am not american) if that "really is" a right. but if it is a right then it exists even if it allows, say, a paedophile to escape justice (through remaining silent). it's not nice, but it's the price you pay to help guarantee freedom.
[edit: it's perhaps worth adding that you could make rights more complicated. you could say that there is (or should be) a "right to silence except when it's a password", for example. there's no prima facie reason why rights should be simple. but there is a strong practical reason why rights should be simple: they need to be simple so that they are easy to understand, easy to defend, and easy to use. again, this is because rights - real rights - are critical, might-be-needed-to-save-the-world things. and that is also why there should only be a few of them.]
This case is not about rights, it's about a specific entity, the Department of Justice of the United States of America, having a specific investigative power, namely, that they don't have to keep a horde of expensive consultants on retainer to decrypt people's boring, completely legally irrelevant documents. On the off-chance that they lose that power, they'll still get whatever it is they want from your laptop, it'll just take longer and cost more.
Nobody is revising the Bill of Rights, the Fourth or Fifth Amendments.
I think you're missing the conflict between allowing reasonable search and the right against self-incrimination when the thing being searched is an encrypted laptop.
At least agree that there is a conflict here; otherwise you're just being dense.
AFAIK the govt. cannot compel (legally) anybody to reveal the combination to a ticking time-bomb; or the location of a murder weapon etc. How the hell is asking for a passphrase any different? Do you really not understand the nuance here?
The other point is that AFAIK the govt. has never asserted the right to compel a handwritten note to be deciphered. The govt. doesn't assert the right to systematically read people's mail (even postcards); but they do so wrt electronic comms. I think we can safely state that almost all comm. is going to be electronic in the future. That's why this is important. This is yet another example of the govt. trying to trim back rights that the hoi polloi have enjoyed for a couple of centuries.
As to why this is important: you might have read the quote that six lines by any man's hand are enough to hang him.
I don't think that in the case that someone has your laptop in hand you can still plead the fifth. If there is evidence pertinent to the case on the physical drive obtained by the government, then they already are in possession of the container holding that evidence. Beyond that, it's a matter of litigation expense to crack it. It's up to you, at that point - unlock the laptop and allow a search or force them to hire a consultant (lawyers and cops are shitty hackers) to dig into it for them.
The hand-written note argument doesn't hold water, in my eyes, because it is the encryption of all of the evidence, not any one document, that is at issue. As was mentioned, the government has compelled people to open safes.
See, here's the issue. The burden of proof, in our court system, lies with the prosecutor. If I could just say "I know you killed that person, so bring me to the murder weapon and body", and charge the accused with contempt of court if they said "no", then there's a massive potential for abuse. For example, if the accused didn't actually do it, then they would get charged with contempt (or obstruction, or whatever), because they have nothing to show.
Passwords to encrypted containers are slightly different - they're not as simple as a key to a safe, and not as obviously protected as my above (contrived) example. However, the same problem exists. If I compel you to decrypt an encrypted volume, and you don't actually have the password (i.e. it's a friends', or whatever), then it's similar enough to the example above.
I'm not a lawyer, nor am I well-versed in law. But I know enough to say that it's not nearly as cut-and-dried as some people think.
Do you think the government should have subpoena power in order to collect evidence? Do you think they should be able to search a murderer's home for the weapon? I'm not saying they should have this power without a warrant, but nobody has the protection from a _reasonable_ search.
Do you think the government should have subpoena power in order to collect evidence? Do you think they should be able to search a murderer's home for the weapon?
Of course they should. But that's no the issue here. The issue at hand is whether or not the government can compel you to give them information.
Consider this. You have a box, buried in the Mojave desert, with some documents in it. You've memorized the gps coordinates of this box. Should they be able to compel you state those coordinates?
Sure, they could search 100s of square miles looking for your box, and they might stumble upon it. But they shouldn't be able to force your to tell them where it is.
An encryption key is the same. They can try to brute force it if they wish. They're just looking for a much smaller box in a much bigger desert.
In all the discussion here, I think yours is the absolutely best analogy. Perfectly illustrates the cost of brute-forcing versus the accused just revealing the crucial little information. Even informed guessing of the password is covered (the accused was seen lately in that corner of the Mojave, maybe the box is there?).
A subpoena is a compulsory order to produce all documents related to a matter, whether the government knows they exist or not. So yes, if you believe in subpoena power, you agree that you should have to produce that box.
And you are failing to understand the 5th Amendment. You do not have to give up that information, if it is only in your head, regardless of the subpoena. That is the entire point of the 5th. You can't stop the government from doing its search, you can't actively hide it, but you don't have to give them the information if it will incriminate you.
And you are failing to understand the legal questions at issue...
The Fifth Amendment, as currently interpreted, doesn't provide the protection you describe. It protects against giving self-incriminating testimony and essentially the question is whether the password is "testimony." Keep in mind that the government is not asking him to disclose it, just to type it into the computer. Here's a good discussion: http://volokh.com/posts/chain_1197670606.shtml (There seems to be a CSS problem with that page, but the text is fine.)
They have the information. They have your hard drive. You have a key, or they can brute force the information out with decryption software. This is not a Fifth Amendment case. They don't want or care about the password itself. They can't use the information you provide (the password) to incriminate you, no matter what the password is.
>You have a key, or they can brute force the information out with decryption software. This is not a Fifth Amendment case. They don't want or care about the password itself. They can't use the information you provide (the password) to incriminate you, no matter what the password is.
You have the coordinates of the dead body, or they can dig and scan each square foot of the continent. This is not a Fifth Amendment case. They don't want or care about the coordinates itself. They can't use the information you provide (the coordinates of the dead body) to incriminate you, no matter what the coordinates of the dead body is.
> US v Hubbell makes clear that the government cannot compel production of documents (except under immunity to prosecution) which it does not know, ahead of time, to exist.
If the government feels the information they want is on a laptop, the laptop's owner would suddenly find themselves forced to prove a negative (there are no more hidden volumes), lest they be held in contempt.
If they can seemingly compel you to reveal something they can't proven even exists and lock you up until you can prove that it doesn't, the door for abuses isn't even wide open; it'll have been removed from its hinges along with most of the wall.