U.S. Court Extends Fifth Amendment to Encrypted Data
- Thread starter Andy Chalk
- Start date
Recommended Videos
If someone knows how to encrypt data, they also know how to decrypt them.Olrod said:
The problem here, as mentioned in my first post, is if the accused denies being the owner/user of the electronic equipment, and therefore denies being the one who encrypted it. The court, if capable of overruling the 5th amendment, will then have to decide whether or not that's a plausible explanation.
If the police can prove, however, that the equipment belongs to the accused, then that excuse won't last him in court.
From the opinion filed by the EFF:Athinira said:
"In his testimony on cross-examination by Doe, however, McCrohan
conceded that, although encrypted, it was possible that the hard drives contain
nothing."
I think this means that in this particular case only the use of encryption has been proven, not the existence of any encrypted files.
If encrypted data was all the FBI had to go on against this guy, then they had nothing to begin with. Sounds more like a case of the Feds trying to shortcut their way to a quick and easy arrest without breaking a sweat. They don't do it all the time, but the fact that they do some of the time still makes them smell worse than the Kardashian household.
I call this a legit argument. There are plenty of other ways to bring down someone than blackmailing them into decrypting their own files.
It doesn't matter what you encrypt, there is going to be plenty of other evidence to be found to nail your ass to the wall if you are guilty. As I stated at the start, the feds were looking for a short cut and got themselves stomped to the curb again.
I call this a legit argument. There are plenty of other ways to bring down someone than blackmailing them into decrypting their own files.
That's giving a lot of ignorant and unimaginative people a lot of credit there, friend. Consider that Blagojevich was of the mind that he was above the law at the time and the justice system wouldn't bother itself to deal with a matter like that. He still carries that attitude even after getting caught and found guilty. I would imagine Enron did secure a lot of their files. It was the stuff that was unsecured that got them busted, stuff that would have done them no good if they did secure it.albino boo said:
It doesn't matter what you encrypt, there is going to be plenty of other evidence to be found to nail your ass to the wall if you are guilty. As I stated at the start, the feds were looking for a short cut and got themselves stomped to the curb again.
He conceded to the hard drives being encrypted, meaning they was encrypted and can therefore be considered encrypted content. Whether they hard drives CONTAIN something is an entirely different matter, but it's conclusive that they are encrypted. It's perfectly possible to have an encrypted empty drive or partition.Marcus Thomas said:
Yes, but producing the contents of the encrypted drives is testifying to the existence and contents of those drives, and that part is what the court ruled as protected by the fifth amendment.Athinira said:
Marcus Thomas said:
Small but rather important point they do make orders to turn over to the police any document relevant and failure to produce a document in a tax case for instance that supports your case means that you are the that case against you is proved. I.E you make a claim for expenses and you cant produce any evidence of the expenditure you risk criminal prosecution for fraud. THERE IS NO DIFFERENCE, it just supports your own personal prejudices. All you guys hate fox news but you are no different, as long something attunes with your own prejudices you do not give a dam about how illogical or extreme the consequences of the thing you support.
I would say that producing the contents of the encrypted drives is testifying to your knowledge and ownership of the existence and contents of the drives, which is slightly different.Marcus Thomas said:
In most cases where encryption software (or hardware) is in use, It's perfectly possible to determine if something is encrypted. It's the fact that decrypting the contents links you to it that's in question.
So in fact, it's very far from the point you originally argued (that empty space could be mistaken for encrypted content). It's two entirely seperate issues.
But in this case the defendant is not making an unsubstantiated claim, instead the burden of proof lies with the prosecution. How can they compel him to turn over documents if they can't even prove they exist?albino boo said:
His use of encryption has been proven by this point, but TrueCrypt is designed in such a way that without the password(s) the encrypted data is indistinguishable from random junk. So the examiner's claim that that he had over 5 TB of encrypted data cannot be proven without the password(s).Athinira said:
The installation of Truecrypt + 5 TB of random data is enough for the court to make the safe assumption that the "random data" is encrypted. Especially if TrueCrypt is installed in boot-mode (where it is stored in the first track of the hard drive, which indicates System Encryption).Marcus Thomas said:
Whether they are encrypted by him or if he is even capable of decrypting it - and whether or not he can be ruled to so - is entirely separate issues. But since there is no crime involved with simply using encryption, there is nothing wrong with the court assuming (based on the indications) that the equipment is encrypted. If encryption itself was a crime, the situation would of course be different.
Also, while the developers have done a very good job, material encrypted with TrueCrypt DOES in fact have some distinguishing features that can support the suspicion of encryption being employed, especially if there is talk of encrypted containers (files), rather than encrypted partitions/drives/systems since these files have some giveaways (related to size and the method in which those random data are generated).
Also, if TrueCrypt is employed on an SSD, the use of the TRIM-command makes it fairly easy to determine if the drive is encrypted, even if it just looks like random data. The only thing that is secret there is a hidden operating systems, because TrueCrypt specifically blocks the TRIM-command while a hidden operating system is in use to keep it a secret.
However, I do not think the spirit of the law was intended to prevent this.Athinira said:
To me, it all comes down to an antiquidated law, that is being used neither in the context in which it was created, or updated for current technologies, being abused to create a loophole.
See, the founding fathers probably would have just tortured the guy until he broke the code or died. Like it or not their intent and practices were nothing like ours. I don't believe in doing something that barbaric, but I *DO* believe in a case where the property was already seized legally that the person should be made to either break the code or suffer the full penelties for whatever they were accused of with no chance of reprieve or reduction (ie they can't chooe later to decrypt the files in hopes of a lesser sentence once convicted this way).
That's by no means nice, but it's one of those cases where I feel this is a ridiculous technicality and by this point in the game (item seized, already at trial) access to that data is a right of the court. I feel the victims of crimes have rights, and basically saying that someone involved in a real estate scam being able to get away with whatever they did if their data can't be decrypted is ridiculous. That's pretty much declaring open season for white collar criminals to exploit anyone they want do if their ecryption is powerful enough.
Lesser of evils and all of that.
The intent of the fifth amendment is to prevent someone from having to give verbal testimony against themself. Largely because being on trial for one crime does not nessicarly give you immunity to others. Basically if you witness a murder, but did so in the process of burglerizing the house the murder took place in, you could refuse to testify because in doing so you'd effectively get youself arrested for crimes you hadn't been caught performing. You can't lock someone in jail for refusing to confess to an unrelated crime.
As this involves seized property I believe that protection is effectively already in place. The scope of the search probably includes what kind of data they are after, a computer is a likely hiding place. If your in for say a real estate scam, but there is evidence of other crimes on that system, but nothing about the real estate scam, by decrypting it the scope of the serch would prevent you from being held liable for that crime.
It's one of those situations where the spirit of the law and examples of it's enforcement by those who invented it are overlooked in favor of it's wording, allowing for a lot of technicalities. The Constitution and Bill Of Rights were never intended to be in force in their current forms for this long, and the wording was not all that carefully phrased because it was not intended to stand the test of time or be applied to issues and situations two centuries down the line. Yes it's amazing how well these documents hold up nowadays, but it's equally amazing how poorly they apply to current issues and situations, especially as they get further afield from their original intent.
While it doesn't apply to this directly, look at freedom of religion for example. The original idea was pretty much intended to prevent warfare between Catholics and Protestants or the persecution of freemasons. Not to protect say witches, satanists, cultists, or those who practice a religion like Islam based in theocratic cultures that currently want the destruction of the country. In fact, the founding father actively encouraged hunting down those practicing "pagan" religions like witchcraft and satanism. The idea of them intending it to be protected by that law is utterly ridiculous.
A lot of people might dislike this point, but the idea was that with the constitution being changed and updated every 19 years or so, exceptions and revisions to the core concepts could be added. Such as specifying what religions could be considered free, excepting religions and religious cultures opposed to the US, and similar things. That was the basic idea.
Likewise, understand that a lot of the current social issues are a non-issue. See people will say there is nothing in the constitution specifying the primacy of American culture within the US. BUT at the same time the founding fathers felt there was no need, and a lot of the people with subcultures causing a problem in the US were not even considered fully human by this nation of slave owners. China and India were far off and not considered a factor, blacks were slaves, etc... The idea being that civil liberties could be adjusted to protect the country and it's core people as time changed. These guys were not paragons of tolerance.
Now don't misunderstand, I like a lot of the progress we've made, and I don't think we should bring back slavery, or witch hunts, or other assorted things. I simply think we need to modernize things and remove a lot of the stupidity, and that includes a lot of civil protections that provide technicalities to hide behind when they shouldn't be able to. While Islam and profiling it/singling it out is a big issue under freedom of religion for example, we've had all kinds of crazy incidents with cults hiding behind freedom of religion to brainwash people, run rape prisons in sealed compounds, and put rattlesnakes in baby cribs, and everything else. Obviously we need to put some serious limits on that, and those screaming it's against the intent of the constitution, should be laughed at because well.. the INTENT of the constitution was quite differant as shown by it's actual practice early
on as I explained. Basically, freedom of religion should not put someone beyond criticism, protect them from investigation, bring about special considerations because of faith, or let the people do stupid crap like pass around rattlesnakes to test whether god wants them or their kids to live. Basically liberals who think that freedom of religion should count as a passcard to do nearly anything, especially if your not christian, and that anyone or anything should be allowed to be turned into a religion, are absolutly insane. When we have a country where you can become an ordained minister in a legal sense like 30 minutes, and with the right preparation start your own religion dedicated to worshipping a utility pole as the god of lightning... there is a problem. A point proven by all the joke religions people start and occasionally exploit the existance of for "lulz".
While it would be reasonable to expect this guy to have some amount of encrypted data, the prosecution seems to have the idea that he has used every last bit of these drives capacity. If he were to turn over content that was smaller that the expected 5TB they might think he was withholding information from them, and if he did withhold some content there would be difficulty proving that.Athinira said:
And this practice your advocating is, to me, the signs of antiquidated laws (or rather, antiquidated customs from a time where humans were barbarians).Therumancer said:
You seem to make out a lot about what the "founding fathers" intended with the amendments they passed, but fact is most of these amendments are "timeless", meaning that they are rather common sense whether we are talking the 17th, 18th, 19th, 20th, 21st or 22nd century. Are you honestly going to claim that the 13th amendment doesn't stand the test of time? The 14th? The 15th? The 1st? The 4th? You might think that the 5th amendment makes no sense in the digital world, but my last response to you makes in fact makes it perfectly clear why it makes sense. Like i said, decrypting contents is a testimonial act that acknowledges that you have control over the encrypted mediums. The 5th amendment does exactly what it's supposed to do.
Like i also mentioned in an earlier post, this opens up a big tuna-can of ways that an innocent person can be convicted. If a person claims that they can't decrypt a drive, and the court doesn't believe them, then they might send an innocent person to jail for contempt of court. There are plenty of reasons why someone might not be able to decrypt a seized drive. Forgotten password (unlikely, but not impossible, especially if it's a long court case and the accused hasn't had access to the mediums in a long time. It could also be that the password was written down, but lost during the search), lost keyfile (more likely than forgotten password. Some encrypted content requires keyfiles), or even claiming that the encrypted mediums isn't or wasn't under their control (either because the equipment doesn't belong to them, or they let someone else use it).
Your proposals are violating the very basic court principles that for centuries (both inside and outside the United States) have kept innocent people from going to jail. That is more antiquidated than the laws you are accusing of the same. If courts start making assumptions to the left and right about encrypted content that the accused refuses to (or worst case scenario, are unable to) decrypt, then people are gonna start going to jail for crimes they did not commit. The prosecution can basically claim the encrypted files contain whatever they dream up, and the accused will just have to swallow it. That's not how a 'justice' system works.
In fact, by that logic, we might also start prosecuting people for not confessing. After all, what's the difference between evidence that you can't get to on a hard drive, and evidence you can't get to in a persons mind ('evidence' in this case being what the prosecution CLAIMS are there, but they can't prove are there). Someone also made a comparison earlier to a handwrittendiary written in code seized during a search. If the prosecution can start claiming that you know what it means, and then prosecute you for not revealing it (despite your claim to not know what it means), then that is again not fair legal proceedings.
The ideal solution is the solution that is still in place today: That the prosecution gathers evidence from other sources (aka. through standard solid police work) and use that to prosecute their case. That is the basic principle of how law systems worked before encryption (and after the exclusion of torture and coercion). After all, something must have led them to the accused in the first place, so in most cases they will be able to dig something up. Yes, sometimes guilty people walk. That's a price we have to pay to keep innocent people out of jail. People who are truly guilty typically screw up again at a later stage, so there will always be a second chance to get them there, but there is no way to redeem the years an innocent man has lost in prison because of terrible court procedures.
From what I remember of a book I borrowed from a friend who is doing law, it is pretty much the same (it goes against our rights and whatnot) but it is more apparent than in the states. Basically, the same thing will happen (you won't have to decrypt your stuff) but with less dancing around through the courts.Redlin5 said:
But I think it is circumstantial, like if they already know what is on your hard drives... I'll have to see if I can find that book again.
A man's laptop is his property, his cut of cyberspace. If you want to search it with a warrant, FINE, but he's not showing you the gun cabinet, the secret hooch compartment, the illegal immigration tunnel, or the dead bodies hidden behind a wall of if-then statements. As with all things in a court of law, the prosecution must discover these things as per their empowerment to do so. No findy drugs? No have drug charges. No find incriminating data? No can make case on them. A locked computer that they can't figure out on their own may as well be the same as finding no axe, no blood, and no victim. You no haz evidence.
Again, we're dealing with a situation where by the time the case has gone to court the evidence in question has already been picked up through due search and seizure. The court has the right to that information, and if the person refuses to decrypt it they are impeding the investigation.Athinira said:
It is highly unlikely that something would be deemed relevent and have a person pleading the 5th if it was unaccesible to them to begin with. To be seized it's going to be a computer routinely used by the accused for business puirposes or whatever.
I understand your reasoning here, I just happen to disagree with it. My point about the founding fathers is simply that these laws are NOT timeless, and they even said so themselves. I think it was Thomas Jefferson who mentioned the bit about re-doing the constitution every 19 years.
The differance is you don't care if the criminals get away, largely because your not a victim in a case like this. In my case I tend to side more with the victims and law enforcement. A big part of why is simply because all anti-police paranoia aside, the system just doesn't have the resources to throw everyone in jail, or waste it's time screwing with people on a power trip. It has no active desire to put innocent people in jail for the lulz.
In most cases with the 5th Amendment it's dealt with by offering immunity for things unrelated to the crime in question, and that is part of what lets it work. But in a case like a real estate scam you can't provide immunity to that kind of evidence.
As far as police work goes, again, the point is that the police work lead to the files on that system.
I consider simply finding the person guilty for not cooperating in that case and ending it right there a perfectly reasonable and civilized alternative.
As far as forgetting the password or being unable to enter the data, that's not a 5th Amendment plea, the 5th stands on it's own without justification or saying why your making the plea. See if someone said "I can't do it" that would have to be evaluated on it's own merits situation by situation, but on it's own saying "well I won't open that because it will incriminate me and I know this" (the 5th) that is something entirely differant.