Mass. Supreme Court Says Defendant Can Be Compelled To Decrypt Data

Trailrunner7 (1100399) writes ... Security experts have been pounding the drum about the importance of encrypting not just data in transit, but information stored on laptops, phones, and portable drives. But the Massachusetts Supreme Judicial Court put a dent in that armor on Wednesday, ruling that a criminal defendant could be compelled to decrypt the contents of his laptops. The case centers on a lawyer who was arrested in 2009 for allegedly participating in a mortgage fraud scheme. The defendant, Leon I. Gelfgatt, admitted to Massachusetts state police that he had done work with a company called Baylor Holdings and that he encrypted his communications and the hard drives of all of his computers. He said that he could decrypt the computers seized from his home, but refused to do so. The MJSC, the highest court in Massachusetts, was considering the question of whether the act of entering the password to decrypt the contents of a computer was an act of self-incrimination, thereby violating Gelfgatt's Fifth Amendment rights. The ruling.

I lost the password

[pjh3000]

I lost the password in a hard drive crash.

Re:I lost the password

[pjh3000]

... the hard drive was recycled.

Re:I lost the password

[grahamm]

But having opened the safe, can they force you to 'decode' the entries on a paper document which are written in a code or cipher? If not, then they should not be able to force you to decrypt an electronic document which is written in 'code'.

Re:I lost the password

[jythie]

A safe can also have a combination lock or keypad, more frequently then a physical key.

Re:I lost the password

[Defenestrar]

No, as the series of court rulings have gone, the Fourth Amendment does not protect you from lawful search and seizure (such as a safe or hard drive). The combination to the safe, or encryption key to the drive, is not incriminating evidence and providing it to allow for lawful search and seizure does not violate your rights. They can admit evidence produced by oneself into court (such as two sets of books in one's own handwriting for a case of fraud) and that is not a violation of the Fourth (or Fifth) - just so with information one puts on a hard drive. What they can not compel one to do is testify against oneself (which is the Fifth by the way) nor assume guilt because you do not take the stand (not that a prosecutor won't toe that line with the jury). So, if one can keep all details of a crime in one's head and manage to destroy all other evidence which could be subject to lawful search and seizure - then you've got a shot at being a criminal mastermind.

I'm not sure I entirely agree with the line of thought - but I can certainly follow the logic as well as the precedence.

What would be interesting is if one's pass-code was material evidence with respect to the case - but a possible way around that would be limited immunity or ruling it as inadmissible evidence...It would make for an interesting case study.

Re:I lost the password

[Jane+Q.+Public]

No, as the series of court rulings have gone, the Fourth Amendment does not protect you from lawful search and seizure (such as a safe or hard drive). The combination to the safe, or encryption key to the drive, is not incriminating evidence and providing it to allow for lawful search and seizure does not violate your rights.

In most circumstances, this is just plain false. As explained (but not very well) in TFA.

Unless it is already known "with particularity" that the drive or safe contains some specific illegal or incriminating material, a judge cannot compel someone to hand over a decryption key or combination. Because those are the only circumstances that would not compel him to incriminate himself. This has nothing to do with the Fourth amendment at all, it's just the Fifth.

Having said that: if they have probable cause or a warrant, they can force open a safe without violating either the 4th or 5th Amendments. The 4th only requires probable cause, and it doesn't require the suspect to incriminate herself, so the 5th isn't violated.

However, with decent encryption there is no way to do that with a hard drive, so the circumstances are very different and the 5th Amendment comes into play. The court cannot compel speech, or "a product of the mind" like a combination or encryption key, if in doing so the individual would incriminate himself. The exception -- the ONLY exception -- is when specific evidence or illegal material is already known to be inside, "with reasonable particularity" as the courts have put it. ONLY in those circumstances is a suspect not being forced to incriminate himself. (And of course if the court did compel disclosure, and the material in question turned out to not be there after all, then the witnesses who said it was would be in some very serious trouble.)

Simply suspecting something is inside is not sufficient. Probable cause is not sufficient. It is a far higher standard of evidence.

Re:I lost the password

[TheCarp]

Not only that either.... he admitted not only that he COULD but, that the communications that they were looking for were, indeed in those encrypted volumes.

As I understand, previous arguments and rulings have centered upon the idea that decrypting data would potentially give away information that the police didn't have already: like that you have the key and are associated with the contents.

If the police find a USB key in my drawer, and I refuse to talk about it, they only know that I posessed it. They don't know whats on it...or that I actually know whats on it. For all they really know, it could be an empty encrypted parition that I setup and lost the key to (yes, I have done this a coupel of times), it could even be a drive someone asked me to hold onto.

OTOH if I give them that information, then they can connect me directly with the unencrypted data, this makes a good amount of sense in that case.

Re:I lost the password

[KevReedUK]

OK... so the fact that they have a 6 month retention policy is one thing, and does, indeed, pretty much invalidate Rigel47's post.

BUT it does raise a perhaps more important question...

IANAL, but I believe the IRS can audit you after up to 6 years. Bearing this in mind, and the fact that I think it is highly unlikely that they would accept the excuse of "I only have a 6-month retention policy on my receipts" as sufficient to allow you to get away without providing the relevant documentation, it does lead me to wonder... If they are forcing and enforcing long retention policies on those that they serve, why do they get away with only having to accommodate a twelfth of the retention period themselves?

Lois Lerner Method

[bhlowe]

Take the 5th and say your computer crashed. That works for the IRS.

Ruling doesn't change much.

[timrod]

If you read the ruling, the court admits that the only reason they said the defendant could be compelled to decrypt his data was because he had already admitted to the police that he was involved in the case, and that the details of his involvement were on the hard drive. I'm sure if he had kept silent the entire time and told them nothing, it would've been a different story.

Re:Ruling doesn't change much.

[Rary]

You may not agree, but it seems to be well established in law that once you admit to the crime and identify the existence and location of evidence, you've waived your 5th Amendment right.

I lost the password

if it's good enough for the IRS....

Important Caveat

[Rary]

Haven't read the entire ruling, only scanned it, but there is an important caveat in it:

We now conclude that the answer to the reported question is, "Yes, where the defendant's compelled decryption would not communicate facts of a testimonial nature to the Commonwealth beyond what the defendant already had admitted to investigators."

Seems like this guy has said "I did this, this, and this, and these files show that, but I don't want to let you see them", and the Court has ruled that he has to, because he's already admitted to those things, and therefore he would not be incriminating himself in doing so.

Of course, the reality may be that there's evidence of further illegal activities that he hasn't admitted to in the encrypted files. That might make the case for self-incrimination. I'd have to read the full ruling to see what, if anything, they said about that possibility.

criminal defense attorney and programmer here

This is why you don't talk to the cops, especially if you find yourself in the fortunate situation of having illegally acquired 13 million dollars and encrypted all of the evidence. If you say nothing to the cops, you win. The only way you lose is if you brag to them about how awesome a job you did at getting away with the crime.

The people up here who are saying "tell them you lost the key" "tell them it was scrambled not encrypted, etc" are all idiots. Lying to the cops is a crime. Telling them nothing is the superior response.

Cop executing search warrant: "it's asking for a password"
Def: "I want a lawyer, I'm not talking to you"
Cop: "You encrypted it, didn't you?"
Def: "lawyer lawyer lawyer"
Cop: "We'll just get a warrant anyway and you'll go to jail. Help us help you."
Def: "did't you hear me? I want a lawyer"

That being said, I'm in FL so I'm covered by the 11th circuit ruling. Either way, silence is golden. I'd say that at least 30 percent of my cases would have turned out much better if clients hadn't consented to searches, admitted to elements of crimes or just generally blabbed when they should have remained silent.

Re:Except, of course, they have to prove you can

[Penguinisto]

From TFS:

He said that he could decrypt the computers seized from his home, but refused to do so.

Just because he was a dumbass doesn't mean the rest of us have to be.

But let's say you want to be honest - here's a conceptual idea:

Encrypt your stuff on a drive with two-factor auth. The first is a key that expires after x number of days, renewing the expiration every time you access it (let's say 3 to 14 days, tops.) The second factor is a passphrase. Shouldn't be hard to cook up if you use a high-bit-count SSL certificate as your key, and the encryption software checks the date. Keep the key on a separate but random-looking USB stick, SD chip, whatever. When you're not using it, stick it in a camera, unused smartphone, or similarly hidden. To prevent BIOS/EFI tinkering, insure that the encryption software double-checks that the system time is within the window (between last successful access and new expiry date) on boot, and destroys the key if the date is outside that window. Same with insuring that the HDD is in the same hardware it originally sat in, destroying the key if the software detects that a series of MAC addys and serial numbers don't match up.

After the keypair expires (after all, you've been in jail all this time and unable to access it, so...) you can truthfully say that the data is unreachable by any means (though I do suggest that your statement not end with the phrase "...so suck it, copper!") Of course, this means *you* can't access it either, but one would hope you had a backup of the data stashed somewhere beyond the reach of a warrant or the authorities' knowledge, yes?

Fun mental exercise either way. :)

Digital vs Physical

[Quantus347]

I get the legalese argument the guy as trying to make and the narrow line they tried to draw with the ruling, but Im not sure why it even got past the original judge.

If it had been the exact same situation, just a combination lock on on physical file cabinet in his office, once a proper court subpena was issued Law Enforcement might have asked for the combination as a courtesy but would have been perfectly within their rights to simply cut the thing open. And if they found evidence of some unrelated crime, that is long been fair game just like a drug bust during a traffic stop.

Maybe it's different by State, I dont know

He walked into this one

[MikeRT]

I think the correct response here would be to say that you can plead the 5th on the question of whether you can decrypt it or not, and if you claim the 5th compulsion is illegal. However, once you make an affirmative statement you waive the right to not be compelled. In terms of a key, it would be like if you had an almost impenetrable door that used a single key. The police ask you if you are in possession of said key while they have a valid warrant. You say yes, which means they have a right to compel you to hand over the key per the valid warrant. However if you shrug and plead the 5th it should not be on you at that point.

Re:Except, of course, they have to prove you can

[Sarten-X]

As an accused boot-licking pro-establishment government-and-big-business shill, I agree.

As a relatively sane individual who tends to think for myself, I also agree.

As someone with passing familiarity with 4th-amendment case law, I also agree.

This guy was a first-class idiot. An encrypted hard drive is little different from a locked safe. A court can order you to open it to reveal evidence, but the police need sufficient probable cause to convince a judge to issue that order. Saying "All the evidence is in there and I have the key" is pretty convincing probable cause that there's important relevant evidence in the safe (or disk). Saying nothing is a good way (and the only really safe way, as far as I know) to ensure that you're not giving the cops any additional assistance in proving your guilt.

As a lawyer he should have known better

[Arker]

The ruling appears flawed, I sympathize with the dissent, but yeah. This guy screwed himself, in typical lawyer fashion, with excess arrogance.

He did not have to tell the police anything here, he has probably lectured his clients many times on exactly why they should never talk to the police, does not matter if you have nothing to hide, does not matter if you think you have done nothing wrong, and if you have done something but think you can talk your way out of it you are a fool. Ask for your lawyer then shut your mouth, and do not answer any questions, I dont care if they ask you about the weather, the reply is 'ask my lawyer.'

From the language used in the opinion, if he had simply shut his mouth and not started bragging/volunteering information, he would be in a very different situation today.

Re:Except, of course, they have to prove you can

[Safety+Cap]

He should have remained silent. Being a lawyer he should have known that.

He must be a pretty shite lawyer. (Hopefully he isn't a criminal defense lawyer, because then he really IS a shite lawyer.)

FTFA:

“During his postarrest interview with State police Trooper Patrick M. Johnson, the defendant stated ... ‘[e]verything is encrypted and no one is going to get to it.’ The defendant acknowledged that he was able to perform decryption.”

What a dumb-bumble-fark. He deserves to burn for bragging/taunting the cops.

Rules for Talking to Cops

ONE Don't talk to cops, except what you are legally required to say (you must ID yourself, to whatever extent your state's laws specify) TWO The only thing that should come out of your piehole from the time your are arrested (especialy during any "post-arrest 'let's get the suspect to incriminate himself' interview") are the words: "I wish to remain silent and I want a lawyer." TREE STFU until you get a lawyer FOUR Remember that Everything you say will be used to burn you. Cops can lie and get away with it, and if you lie to a cop, you're fried. Do not believe anything they say, and don't try to talk your way out of it because you'll lose. NaN Getting (and following) legal advice from random people on the internets is about the stupidest thing you could do.

Same lie, two people, different outcome

Judge thinks you are lying. You're a geek, who presumably knows how to secure information on a computer. You saying "I lost the data" is equivalent to saying "My whole life is a lie and I don't actually know how to do any of the things I always talk about." Bullshit. You didn't lose the data. Your RAID6 didn't have a three-drive failure, and your backups weren't untested.

Same judge can think Lerner is telling truth. Lerner is an administrator, and she uses an iPhone and thinks the "e" on her desktop is the Internet, Her saying "I lost the data" is equivalent to her saying "I think the car's oil might be low, but I haven't looked. but the problem really could be oil, because I read a story in Readers Digest about a couple who saw some smoke coming out their hood, and when they finally got to town for someone to check it out, it turned out they were low on oil!" Her act is consistently dumb enough that no dumbness could be out of character.

When Lerner is asked the airspeed of an unladen swallow, she smiles helplessly, shrugs, and says "I don't know. What did you swallow?" When you're asked, you smugly immediately instinctively counter with "African or European?" and when the judge says "European," your eyes suddenly dart around and you say, unconvincingly, "Uh... I don't know anything about swallows."

Re:Same lie, two people, different outcome

[TheCarp]

> You saying "I lost the data" is equivalent to saying "My whole life is a lie and I don't actually know how to do any
> of the things I always talk about." Bullshit. You didn't lose the data.

Funny you would say that because.... you know I have a bunch of encrypted partitions, some of which I actually can't open. Some of it is encrypted with keys that I deleted because they were not needed. For example I have one particular one I can't open, because I never saved the key....it was only a temporary place to pull some data off encrypted tape to search for something.... after I no longer needed it, I just unmounted it. At the time I meant to go back and look for more, I never did, then I forgot the key....big deal....I have the tape still.

Course, I could never prove to anyone else that the data in there is the same as is on the tape....but.... frankly, that wasn't one of my concerns when i created it....I just didn't want to write it all to unencrypted disk and leave it sitting there.

I also have a few emails encrypted to my pgp key from the 90s. I can't seem top decrypt my key even though I thought i remembered the password. I only keep it around because someday I might guess right and there would be some minor use to having it.

Guess my whole life is a lie because I lost some data. I better go resign my day job right now!

Re:Except, of course, they have to prove you can

[mysidia]

Destruction of evidence is a separate crime, and simply having some type of electronic dead man's switch on it does not get one off the hook.

A self-destroying/expiring system is not illegal.

But the real problem with Penguinisto's idea is it won't work. When computer equipment is seized; the power is immediately removed, and the software can do nothing.

Power removal and system reboots are common enough, that there's no way the only copy of important data is in RAM; although, even if there is, authorities might attach a Firewire/PCI/Thunderbolt device, and use Inception to RAM dump the lower 4GB to write-only media.

Which brings me to the next point..... after the seized computer is shipped to a lab; the first thing they will do is remove the storage media from the computer, hook it up to a Write blocker (Which is a special hardware dongle that is inserted into the I/O path and blocks any Write operations, Security commands, or other destructive messages from being sent to the hard drive), before powering the system back on, booting from a read-only USB stick, and dumping a complete backup image of the entire disk to archive.

In the event that there is an ATA security lock/ATA password setup on the drive; the lab can disconnect the normal disk drive controller, and attach a custom one. If this is an encrypted SSD; they will have equipment and details from the drive manufacturer (obtained under lawful order), required to read the keys off the controller's PRAM chips.

They can also, lift the platters out of the drive, and have those imaged --- in case they suspect attempt to overwrite files with all zeros.

In short: The idea of using two factor in software with expiring keys for data stored on a HDD is extremely naive, if you think a LEO's lab will screw up and lose the data because of it.

Your only chance is if you have a really tamper-resistant HSM with a self-destruct mechanism, and the LEO cannot identify the manufacturer, or work out how to safely get in; considering the fact, forensic labs have many advanced diagnostic tools available that can be used to analyze unknown media modules, and chances are good they can cut in and analyze the logic and data stored on even so-called tamper proof electronics...

Re:Except, of course, they have to prove you can

[stox]

http://forensic.belkasoft.com/...

"Solid State drives (SSD) introduced dramatic changes to the principles of computer forensics. Forensic acquisition of computers equipped with SSD storage is very different of how we used to acquire PCs using traditional magnetic media. Instead of predictable and highly possible recovery of information the suspect attempted to destroy, we are entering the muddy waters of stochastic forensics where nothing can be assumed as a given."

Re: known data isn't there

[TaoPhoenix]

All this is making me start to think of some kind of more clever "panic mode" encryption.

You'd have to make it really fast, such that it's reg proto-encrypted two ways, one normal, and the panic mode. So say something really fast like shift-control-alt-F11 instantly flips the "panic bit".

We as geeks could put all kinds of awesome stuff into it, smashed into a kind of digital Klein Bottle with milk for Schrodinger's cat.

"Do you know how to decrypt it?"
"No"
"Why not?"
"Because it's time-locked with a code that cannot be found until next September."
"Do you know what documents are on there?"
"The ones you are looking for are not there because they were broken into component parts that only the computer knows, tied to a code that September code. Meanwhile other documents you did not know were there, are there, because they were created by algorithms the moment I hit the Panic Button and not a moment before. And the base of the September key is an English phrase which may or may not admit a crime. You don't know."
"So what if the case is dismissed?"
"I can do other work until September. What's important is that it cannot be broken right now."