Slashdot Mirror
Encryption Debate at Mitnick Trial
A number of people have written about the latest twist in the Mitnick case. Kevin wants to get his data back, but the government is refusing to do so until he gives them the key. Apparently, the government is unable to crack the encryption that he's got on it - you'd think after having the data for five years, they'd be able to brute-force the darn thing. It's a NYT article - free login required.
Seriously now, Kevin has the right not to incriminate himself. This includes not turning over a key. This is all 5th Amendment.. the government is just trying to set a precident here so they can steam-roller it. g'luck, I have a small amount of faith that the supreme court will shoot it down.
Maybe the entertainment industry should have hired this guy to write the next version of DVD playback protection.
You can't handle the truth.
If they could decrypt it, would they tell us? They didn't need the data to get Mitnick convicted, so they would have no reason to reveal that they know what the files contain, especially if they are something that isn't terribly valuable to the government (but might be to Kevin). On the other hand, by not admitting to have decrypted the files, they can keep Kevin from getting them back.
Probably most seriously though, is if the government admitted they could crack the encryption, it would not be good for the government. It would encourage more people to use more heavy-duty encryption. It would put more political pressure on the government to further laxen the export rules, which is not something they would like. By not admitting to being able to crack the encryption (assuming for a moment they really can), they give other people a false sense of security. All in all, it would be a loss for the government to make the admission with very little upside for them.
I am a lawyer, but this is not legal advice.If you need legal advice, see an attorney licensed in your area.
You've turned the presumption of innocence sideways. He was convicted; there is no longer a relevant presumption.
He was convicted for stealing electronic information. It takes a stretch of the imagination to think that there is more than a remote chance that the data does not include the fruits of his crime.
The state does *not* have have to prove a connection to each and every apparent proceed of his criminal enterprise--*especially* when there is a simple way to check.
He *has* been convicted, and it defies logic to suggest that that this data isn't part of his crime. *He* now has the burden of proof, not the government.
This is not an erosion; I believe that this is exactly the outcome you would see from a court staffed by the founding fathers. I'm just about all the way out to the extreme on the rights of individuals in the face of the government (just l like the folks who wrote the Constitution and Bill of Rights), but in this case the law is on the government's side.
The data was encrypted, so their was no way to copy it. Or were you asleep when the DVD CCA explained this? ;-)
This is widely believed but for good or for bad, it is not true. You are entitled to the presumption of innocence in court, i.e. before the judge and jury at your trial. However, the rest of the system is entitled to presume you guilty with reasonable suspicion. That's why the police can get warrants to search, that's why they can arrest you and that's why they can hold you in jail if they think you are harmless but probably will run away.
I think morally and as a courtesy it is nice for the public at large to also give you a presumption of innocence, but it's clear that the only way to run the bureaucracy is pretty much they way that it is run.
I am not familiar with the Mitnick case specifics, but it is quite common for defendants to give up the right not to self incriminate as part of a plea-bargain. If he agreed to cooperate, for example, then I can see both sides of this dispute.
Also, it is interesting: encryption brings up a question that does not exist in meatspace so new law might be required: we don't give burglary tools back to burglars. Encrypted files have this weird property that you can hold them in your hands but not be able to tell what they are. I believe that if the government offers him immunity from any new prosecution, that he may not claim the right not to self incriminate because he would not be. Then it becomes a privacy issue and there really is very little law protecting actual privacy.
Encryption is bad. Don't use encryption.
Thanks,
The US Government
Paranoid ramblings from a paranoid person... but after all, isn't that what the Mitnick case is all about, setting precedents?
All the creatures will die, And all the things will be broken. That's the law of samurai. (Jubai, 1605)
...and then he'd have an advantage, as he would no longer care that they could nuke his data.
Or maybe he did.
--------
"I already have all the latest software."
First off, the standard disclaimer: IANAL. But I can use Google to find and read what Lawyers have already written.
Item 1:
A. Michael Froomkin, Associate Professor, University of Miami School of Law writes in his article "The Metaphor is the Key": Simply putting something into a safe does not, however, ensure that it is beyond the law's reach. It is settled law that a criminal defendant can be forced to surrender the physical key to a physical safe, so long as the act of production is not testimonial.{706} Presumably a similar rule compelling production would apply to a criminal defendant who has written down the combination to a safe on a piece of paper. There appears to be no authority on whether a criminal defendant can be compelled to disclose the combination to a safe that the defendant has prudently refrained from committing to writing, and in Fisher v. United States,{707} the Supreme Court hinted that compelling the disclosure of documents similar to a safe's combination might raise Fifth Amendment problems.{708} Perhaps the combination lock problem does not arise because the police are able to get the information from the manufacturer or are simply able to cut into the safe. These options do not exist when the safe is replaced by the right algorithm. Although brute-force cryptography is a theoretical possibility,{709} neither safe cracking, nor number crunching, nor an appeal to the manufacturer is a practical option when the armor is an advanced cipher. The recently released Federal Guidelines for Searching and Seizing[Page 872]Computers{710} suggest that "[i]n some cases, it might be appropriate to compel a third party who may know the password (or even the suspect) to disclose it by subpoena (with limited immunity, if appropriate)."{711}
(The numbers are footnotes to specific cases)
Item 2:
The Crypto and Self-Incrimination FAQ simply lists (for America... it also covers a few other countries): "The Fifth Amendment of the Bill of Rights reads: "No person (...) shall be compelled in any criminal case to be a witness against himself". The Supreme Court has restricted this to giving evidence "of a testimonial or communicative nature". ". It also lists several cases that apply.
--
Evan --
"$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
Iam a lawyer, but this isn't legal advice. If you need any, see a lawyer licensed in your jursdiction.
You're close. Let me elaborate (hmm, how could you possibly stop me?)
Speech cannot be coerced, but "attributes" can. You can't be forced to give information, but you can be forced to provide a blood sample, a handwriting sample, or even to repeat a phrase in a lineup (I've never heard of this used for anything other than identification by a witness. I can't back it up, but I believe that that's about as far as it can go).
So here he can be forced to turn over the data, but he can't be forced to communicate the code. However, if perhaps there were sensors on the keyboard to verify identity, he could probably be required to type a *particular* code.
But as you and others are suggesting, the fifth amendment only applies to him surrendering the code--it has nothing to do with getting back the data, which would be a fourth amendment issue.
How is *that* relevant -- suppose they confiscated a physical device from you which they were unable to understand -- would you be forced to explain it before it was returned to you?
For all we know your honor, this mysterious cylindrical object could be a weapon -- it makes an ominous vibrating noise when powered up!
Shut up, be happy. The conveniences you demanded are now mandatory. -- Jello Biafra
If this were a case of say, a bomber, and the government had confiscated his chemical fertilizer, which he may have obtained legally, and may only intend to use for farming, would the government be required to return it?
If yes, then there is no reason by which Mitnick's data can be held.
If no, the government could keep it under "reasonable suspicion" or "danger to the public", then the government should have the right to withhold the data.
"You can't get something for nothing." - my grandfather, on the stock market and Reaganomics.
The judge added that if Mitnick would "tell the government how to read" the files, then the government would turn over the files in decrypted form.
Mitnick's lawyers immediately objected to this condition on the grounds that it would force him to waive his Fifth Amendment right against self-incrimination to obtain evidence he needed and that he had a legal right to see. The judge rejected this point and repeated her ruling.
It seems that the right not to incriminate yourself is solely testimony based from what I have read. So your writings can be used to incriminate you in a court of law...even if they are private (i.e. a journal). It seems the government is treating the files like property (i.e. it can be searched/seized) instead of testiomony.