US Appeals Court Upholds Suspect's Right To Refuse Decryption

An anonymous reader writes "The U.S. 11th Circuit Court of Appeals has found that forcing a suspect to decrypt his hard drive when the government did not already know what it contained would violate his 5th Amendment rights. According to Orin Kerr of the Volohk Conspiracy, 'the court's analysis (PDF) isn't inconsistent with Boucher and Fricosu, the two district court cases on 5th Amendment limits on decryption. In both of those prior cases, the district courts merely held on the facts of the case that the testimony was a foregone conclusion.'"

Re:Only when they don't already know?

[Lumpy]

Sounds great, I'll support that as soon as they put a penalty for the law enforcement being wrong.

This is the problem, they CAN go on fishing expeditions without any recourse. They can smash down a door and kill the family dog on accident and the family does not get all damages covered, they get told "sucks to be you"

As soon as I get to sue the Cops that did the deed and the city department for all damages and legal costs I'll support that warrants are legitimate.

11th Circuit Court of Appeals

[wcrowe]

What I find heartening is that this is the 11th Circuit Court (Alabama, Georgia, Florida) -- i.e., not a court known for "wacky" decisions. If it were the 9th Circuit I would be more worried that this fight isn't over.

I particularly liked how the court used the government's own analogy of a combination to a safe to make their ruling. The ruling explained that the Truecrypt software shows random characters even if nothing exists on the hard drive, so if the hard drive is like a safe -- as the government contends -- then it can be full of incriminating evidence, or completely empty. There is no way for the government to know without opening the safe. Therefore the government cannot use the argument that the evidence was a foregone conclusion. Additionally, the court (thankfully) acknowledged that just because the defendant owns a safe, is not an indication that any criminal activity is going on. The ruling both turned the government's analogy on its head, and revealed that the court has a fairly good understanding of the technology.

 

Simple: the data no longer exists

Posting AC, but there's one simple difference:

With a safe, if it's locked, the contents still exist.

If I encrypt a disk, the original data quite literally no longer exists. The encrypted disk is not a "container" for my data -- it is a completely different set of data.

The original data can only be recreated on cue if I supply my encryption passphrase. Therefore, by supplying the passphrase I am creating or assisting in the creation of evidence against me. I'm pretty sure the Fifth Amendment has something to say about being forced to do that.

Re:Only when they don't already know?

[Jessified]

The key is in your mind, and you have to make words to give it to others. It's not entirely the same.

But let's assume you can be compelled, whether they know what's in the container or not. I have been trying to think about ways to get around this. From an academic point of view of course :P

What if the pass key itself was incriminating (i.e. "I killed a guy in 1994 and his body is under the bridge.")? Could you plead the 5th? Might be a bit of a risk. (I mean...killing is bad.)

Truecrypt allows the plausible deniability with the drive in a drive. Give them the wrong code and it opens a second container with something more innocuous in it. For those who are actually afraid of giving in (to torture? desperation?) the under duress password could have the function of changing the real password to 500 random characters, thereby making it permanently inaccessible to anyone.

Another idea is to have a daily or weekly maintenance password. That is, you are required to type in a password once a day or once a week, and if you don't, the passkey changes to some random 500 characters and is permanently inaccessible. If your stuff is seized or you are arrested, all you have to do is sit back and relax. While I am sure it would be a problem for you to go around actively destroying evidence, I'm curious to see if you get in trouble for this. First of all, you aren't destroying evidence per se, rather it is being rendered inaccessible (automatically I might add). Second, while you can't actively destroy evidence, can you get in trouble for not actively preserving it for the authorities?

Re:Only when they don't already know?

[Reverand+Dave]

All cynicism aside, we as a People need to find a way to allow the government to prosecute real criminals but also protect John Q. Citizen.

In all seriousness, as soon as the government starts making a distinction between real criminals and John Q. Citizen we can start letting our guards down on this but until then we should always err on the side of less power and intrusion.