Judge: Americans can be forced to decrypt their hard disks at FBI's request
100 replies, posted
[img]http://asset1.cbsistatic.com/cnwk.1d/i/tim/2012/01/23/Phil03_270x360.jpg[/img]
[I]Colorado Springs attorney Phil Dubois, who once represented PGP creator Phil Zimmermann, now finds himself fighting the feds over encryption a second time.
[/I]
[quote=source]
[b]American citizens can be ordered to decrypt their PGP-scrambled hard drives for police to peruse for incriminating files, a federal judge in Colorado ruled today in what could become a precedent-setting case. [/b]
Judge Robert Blackburn ordered a Peyton, Colo., woman to decrypt the hard drive of a Toshiba laptop computer no later than February 21--or face the consequences including contempt of court.
Blackburn, a George W. Bush appointee, ruled that the Fifth Amendment posed no barrier to his decryption order. The Fifth Amendment says that nobody may be "compelled in any criminal case to be a witness against himself," which has become known as the right to avoid self-incrimination.
"I find and conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer," Blackburn wrote in a 10-page opinion today. He said the All Writs Act, which dates back to 1789 and has been used to require telephone companies to aid in surveillance, could be invoked in forcing decryption of hard drives as well.
Ramona Fricosu, who is accused of being involved in a mortgage scam, has declined to decrypt a laptop encrypted with Symantec's PGP Desktop that the FBI found in her bedroom during a raid of a home she shared with her mother and children (and whether she's even able to do so is not yet clear).
"I hope to get a stay of execution of this order so we can file an appeal to the 10th Circuit Court of Appeals," Fricosu's attorney, Phil Dubois, said this afternoon. "I think it's a matter of national importance. It should not be treated as though it's just another day in Fourth Amendment litigation." (See CNET's interview last year with Dubois, who once represented PGP creator Phil Zimmermann.)
Dubois said that, in addition, his client may not be able to decrypt the laptop for any number of reasons. "If that's the case, then we'll report that fact to the court, and the law is fairly clear that people cannot be punished for failure to do things they are unable to do," he said.
Today's ruling from Blackburn sided with the U.S. Department of Justice, which argued, as CNET reported last summer, that Americans' Fifth Amendment right to remain silent doesn't apply to their encryption passphrases. Federal prosecutors, who did not immediately respond to a request for comment this afternoon, claimed in a brief that:
Public interests will be harmed absent requiring defendants to make available unencrypted contents in circumstances like these. Failing to compel Ms. Fricosu amounts to a concession to her and potential criminals (be it in child exploitation, national security, terrorism, financial crimes or drug trafficking cases) that encrypting all inculpatory digital evidence will serve to defeat the efforts of law enforcement officers to obtain such evidence through judicially authorized search warrants, and thus make their prosecution impossible.
While the U.S. Supreme Court has not confronted the topic, a handful of lower courts have.
In March 2010, a federal judge in Michigan ruled that Thomas Kirschner, facing charges of receiving child pornography, would not have to give up his password. That's "protecting his invocation of his Fifth Amendment privilege against compelled self-incrimination," the court ruled (PDF).
A year earlier, a Vermont federal judge concluded that Sebastien Boucher, who a border guard claims had child porn on his Alienware laptop, did not have a Fifth Amendment right to keep the files encrypted. Boucher eventually complied and was convicted.
Prosecutors in this case have stressed that they don't actually require the passphrase itself, and today's order appears to permit Fricosu to type it in and unlock the files without anyone looking over her shoulder. They say they want only the decrypted data and are not demanding "the password to the drive, either orally or in written form."
Because this involves a Fifth Amendment claim, Colorado prosecutors took the unusual step of seeking approval from headquarters in Washington, D.C.: On May 5, Assistant Attorney General Lanny Breuer sent a letter to Colorado U.S. Attorney John Walsh saying "I hereby approve your request."
The question of whether a criminal defendant can be legally compelled to cough up his encryption passphrase remains an unsettled one, with law review articles for at least the last 15 years arguing the merits of either approach. (A U.S. Justice Department attorney wrote an article in 1996, for instance, titled "Compelled Production of Plaintext and Keys.")
Much of the discussion has been about what analogy comes closest. Prosecutors tend to view PGP passphrases as akin to someone possessing a key to a safe filled with incriminating documents. That person can, in general, be legally compelled to hand over the key. Other examples include the U.S. Supreme Court saying that defendants can be forced to provide fingerprints, blood samples, or voice recordings.
On the other hand are civil libertarians citing other Supreme Court cases that conclude Americans can't be forced to give "compelled testimonial communications" and extending the legal shield of the Fifth Amendment to encryption passphrases. Courts already have ruled that that such protection extends to the contents of a defendant's minds, the argument goes, so why shouldn't a passphrase be shielded as well?
Fricosu was born in 1974 and living in Peyton as of 2010. She was charged with bank fraud, wire fraud, and money laundering as part of an alleged attempt to use falsified court documents to illegally gain title to homes near Colorado Springs that were facing "imminent foreclosure" or whose owners were relocating outside the state. Some of the charges could yield up to 30 years in prison; she pleaded not guilty. Her husband, Scott Whatcott, was also charged. [/quote]
typical day in the US
source: [url]http://news.cnet.com/8301-31921_3-57364330-281/judge-americans-can-be-forced-to-decrypt-their-laptops[/url]
Whoops, I [I]"forgot"[/I] the passkey.
Don't like that? well boohoo.
What if you "forget the shared key"?
I'll just be like Romney and destroy my hard drive if this kind of thing happened to me.
Does the 4th Amendment even exist anymore?
[QUOTE=hegrec;34379175]What if you "forget the shared key"?[/QUOTE]
You are promptly stripped of your US citizenship and indefinitely detained in Guantanamo Bay without further trial
Well, if they got a search warrant and obtained the hard drive i can't see the issuue. But I don't think a criminal is just going to give it up, they're already in deep shit.
I can't see anything like this hurting normal people. It isn't like they can just come in and rip your Hard-drive out.
Like others had mentioned, how could they prove you know the password? I've honestly encrypted shit before using truecrypt (or whatever it's called) and forgot the password before. I'd say they would have to prove beyond a doubt that you know the password.
They still need a warrant or whatever to search the computer in the first place, right? If so, I'm not seeing the problem; it's the same as them demanding a key to open a door which is preventing them from searching some place that they have a warrant to search.
[QUOTE=LegndNikko;34379193]Does the 4th Amendment even exist anymore?[/QUOTE]
bill of rights? never heard of it
back to your cell, terrorist, no more questions
Well if the FBI has a warrant then feel free. Otherwise no.
If it truly is a matter of "national importance" then it shouldn't be hard to get the warrant.
If someone wrote a letter confessing their murder in a code, a judge probably wouldn't make it a requirement for the writer to reveal the code. This shouldn't be any different. It's just easier.
[del]If that's how they're going to play, it's best to keep a handful of magnets ready.[/del]
[editline].[/editline]
Oh crap, they'll just get you for destroying the evidence. Keep a handful of cyanide pills instead.
[QUOTE=MR-X;34379198]Well, if they got a search warrant and obtained the hard drive i can't see the issuue. But I don't think a criminal is just going to give it up, they're already in deep shit.
I can't see anything like this hurting normal people. It isn't like they can just come in and rip your Hard-drive out.[/QUOTE]
yes but we have the right to not self-incriminate, if the FBI are investigating you and they demand you to decrypt your harddrive or be faced with more charges that will stick no matter what, but if you decrpyt the harddrive and there's incriminating evidence then you're incriminating yourself
[QUOTE=DaMastez;34379253]They still need a warrant or whatever to search the computer in the first place, right? If so, I'm not seeing the problem; it's the same as them demanding a key to open a door which is preventing them from searching some place that they have a warrant to search.[/QUOTE]
The difference being that in this case the lock is (practically speaking) unbreakable and it's easy enough to lose the key.
If they had any reason to search my hard drive, i'd smash it and grind it to bits before then, or at the very least attach a magnet or put a fork-bomb in it.
Fuck this country, I'm outta here.
Also, suck on the giant dick of Truecrypt's plausible deniability, chumps.
[QUOTE=DaMastez;34379253]They still need a warrant or whatever to search the computer in the first place, right? If so, I'm not seeing the problem; it's the same as them demanding a key to open a door which is preventing them from searching some place that they have a warrant to search.[/QUOTE]
They can ask for the key, but you are not obligated to give it to them. At no time are you required to aid in your own incrimination. Even in this case, the defendant can simply say "no fuck off" and push the case up to the next tier where it will almost undoubtedly be overturned. There is a long history of similar cases on the books establishing the exact opposite precedent.
No need to sound the alarm bells.
I don't think you should tell the police to "fuck off".
[QUOTE=JohnnyMo1;34379455]Fuck this country, I'm outta here.
Also, suck on the giant dick of Truecrypt's plausible deniability, chumps.[/QUOTE]
The only problem with having your main decrypted volume hidden is that you have to continually maintain and use your decoy one or the authorities will wonder why your main PC is just a clean install of Windows that hasn't been used in 6 months.
[editline]24th January 2012[/editline]
[QUOTE=A B.A. Survivor;34379667]I don't think you should tell the police to "fuck off".[/QUOTE]
It's your duty as a citizen to tell the police exactly that when they're violating your rights.
[QUOTE=Zeke129;34379691]The only problem with having your main decrypted volume hidden is that you have to continually maintain and use your decoy one or the authorities will wonder why your main PC is just a clean install of Windows that hasn't been used in 6 months.[/QUOTE]
That's why you just transfer a bunch of stuff over from your main partition to make it look like you are using it.
[QUOTE=Van-man;34379171]Whoops, I [I]"forgot"[/I] the passkey.
Don't like that? well boohoo.[/QUOTE]
Then they waterboard you until you "remember" it.
By then it'll be too late, at the first sign of police my computer is already in the pool
[QUOTE=Nikota;34379189]I'll just be like Romney and destroy my hard drive if this kind of thing happened to me.[/QUOTE]
So you'd print out every byte of data on your hard drive, destory the hard drive, then hand the FBI the paper representation of your hard drive?
I don't see what the problem with this is anyway. The Fifth Amendment allows people to refuse to testify against or incriminate themselves, but the data is already there in this case... it's just being obscured, and I see no problem with a court order forcing the person to relinquish the key.
[QUOTE=GhettoGeek;34379749]By then it'll be too late, at the first sign of police my computer is already in the pool[/QUOTE]
I keep my computer on a turned off scrap yard electromagnet just in case.
[QUOTE=A B.A. Survivor;34379667]I don't think you should tell the police to "fuck off".[/QUOTE]
They work for you. You can tell them whatever you want.
[editline]24th January 2012[/editline]
[QUOTE=SPESSMEHREN;34379823]I don't see what the problem with this is anyway. It's common knowledge that if you need encryption in the first place, you're trying to hide something.[/QUOTE]
Bullshit. Encryption protects you from identity theft if your laptop is lost or stolen. Just about every business that uses laptops will have encryption on it, to protect their data from thieves and the competition.
it would be handy if software like truecrypt had a feature where you could pick a special password to wipe the data completely and fill it with dumb decoy data
so if they ask for the password, you can give them the wipe-word and hope they dont catch on
[QUOTE=SPESSMEHREN;34379823]So you'd print out every byte of data on your hard drive, destory the hard drive, then hand the FBI the paper representation of your hard drive?
I don't see what the problem with this is anyway. It's common knowledge that if you need encryption in the first place, you're trying to hide something. The Fifth Amendment allows people to refuse to testify against or incriminate themselves, but the data is already there in this case... it's just being obscured, and I see no problem with a court order forcing the person to relinquish the key.[/QUOTE]
SPESS, when both me and Ridge disagree with something you say it's pretty obvious you're not on the left or the right wing, you've just fallen off the plane completely
lol, the "if you got nothing to hide then this won't matter" argument is the sure sign of stupidity
[QUOTE=Zeke129;34379993]
lol, the "if you got nothing to hide then this won't matter" argument is the sure sign of stupidity[/QUOTE]
I think what people usually mean by that is "well it doesn't affect me specifically so who gives a shit about anyone else"
[QUOTE=Quark:;34379982]it would be handy if software like truecrypt had a feature where you could pick a special password to wipe the data completely and fill it with dumb decoy data
so if they ask for the password, you can give them the wipe-word and hope they dont catch on[/QUOTE]
Close to this:
[url]http://www.truecrypt.org/hiddenvolume[/url]
Sorry, you need to Log In to post a reply to this thread.