Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Sorry, I've Forgotten My Decryption Password' is Contempt Of Court, Pal - US Appeal Judges (theregister.co.uk)

Posted by msmash on from the know-your-rights dept.

Thomas Claburn, reporting for The Register: The US Third Circuit Court of Appeals today upheld a lower court ruling of contempt against a chap who claimed he couldn't remember the password to decrypt his computer's hard drives. In so doing, the appeals court opted not to address a lower court's rejection of the defendant's argument that being forced to reveal his password violated his Fifth Amendment protection against self-incrimination. In the case under review, the US District Court for the Eastern District of Pennsylvania held the defendant (referred to in court documents as "John Doe" because his case is partially under seal) in contempt of court for willfully disobeying and resisting an order to decrypt external hard drives that had been attached to his Mac Pro computer. The defendant's computer, two external hard drives, an iPhone 5S, and an iPhone 6 Plus had been seized as part of a child pornography investigation.

36 of 522 comments (clear)

  1. Contempt of the court... by ruir · · Score: 5, Insightful

    I do not even know any of the passwords I use either at home or work....random passwords+2FA. I could not even remember them, even if my life depended on it.

    1. Re:Contempt of the court... by Midnight_Falcon · · Score: 4, Insightful

      But you have some way to summon them through a password manager, and a Court would simply order you to release those credentials.

    2. Re:Contempt of the court... by Mashiki · · Score: 4, Interesting

      All you need is a lawyer who's willing to argue that police lost evidence of this during arrest/warrant sweep. Happens quite often and there's a lot of case law on it.

      --
      Om, nomnomnom...
    3. Re: Contempt of the court... by Calydor · · Score: 3, Insightful

      A friggin' mole hill would still be higher than what the rest of the world thinks of Comrade Trump.

      --
      -=This sig has nothing to do with my comment. Move along now=-
    4. Re:Contempt of the court... by Altrag · · Score: 3, Insightful

      Well someone, somewhere needs to have the ability to decrypt them. They're rather useless otherwise and you may as well just delete the files. And if you have a way to decrypt them at all, then they could easily extend this ruling of contempt to include any intermediate steps required.

      The only way "I don't know how to decrypt them" really holds up even in a hypothetical is if you were using an asymmetric key to generate the encrypted files for an anonymous third party that you have no direct contact with, and they managed to get you at just the right time between purging your local copies and shipping off the encrypted ones.

      And even then, you'd have to have some way to get the data to said third party which means a trail of some sort (albeit possibly a cold trail if it leads out of the country or something.)

      Sadly your best bet in a situation like this is to appeal to the constitution.. somewhere between the 4th and 5th amendments in this case.. but even that's on shaky ground as the courts are still trying to figure out how (or even if) 200 year old laws should be applied to modern digital devices.

    5. Re:Contempt of the court... by nobuddy · · Score: 3, Interesting

      No, but you can set your encryption to scramble the key if there are (X) false attempts. Or even to scramble if a certain password is entered instead of the real one. And, if you used reasonably secure encryption, once that is done, its toast. I cannot ever be decrypted with today's technology. And likely can never be decrypted, ever.

      judge won't like it. Prosecution won't like it. But it is easy to prove that this is a fact.

    6. Re: Contempt of the court... by Anonymous Coward · · Score: 5, Informative

      No, you cannot "set your encryption" to do that. Your shit will be imaged.

    7. Re:Contempt of the court... by Dread_ed · · Score: 4, Informative

      We don't need to mod you down. Just present facts. Not that I am a Trump supporter, but I can tell from how you write that you are unhinged due to rampant bias. It is affecting your mind. Specifically, but not limited to, your ability to process data, form correct opinions, and see facts as they are.

      Case in point:

      District Judge: Honorable L. Felipe Restrepo

      He is an Obama appointee who made the original ruling and whose ruling the third circuit court of appeals upheld.

      Please tell me how an Obama appointee is part of a vast right wing republican conspiracy to attack Americans.

      --
      When the only tool you have is a claw hammer every problem starts to look like the back of someone's skull.
    8. Re:Contempt of the court... by rtb61 · · Score: 3, Informative

      It's the law, innocent until proven guilty. So the judge failed to prove the person did remember the password, hence the judge is in contempt of justice. In order to prosecute for failure to remember and state a password, the court must prove the defendant does remember it, otherwise they a just fucking guessing because that is what they want, a really horrific corruption of the justice system.

      Think of the ramifications, the court claims you saw something with no evidence of proof of that claim, you say you did not and they imprison you until you say what they want you to say. You can not legally force memory, to force people to remember and just to be clear, how many you idiots got 100% on every exam you ever took, well, according to shit for brains judge, you put down the incorrect answer on purpose. Courts are not for fucking guessing, want to make a fucking claim, then fucking prove it.

      --
      Chaos - everything, everywhere, everywhen
    9. Re:Contempt of the court... by dougmc · · Score: 5, Insightful

      This is not a Constitutional question — the guy is not asked to testify against himself. What he is to say is not under oath and will not be used against him.

      It is indeed a Constitutional question. He's accused of a crime, and he's being asked, er forced to aid the prosecution. What happened to his right to remain silent, his right against self-incrimination?

      And yes, I do believe it is the goal of the prosecution to use any passwords he provides to find stuff that *will* be used against him. They are *demanding* that he aid their prosecution of him by divulging secrets ... how is that not testifying against himself? Next, are they going to waterboard him for the passwords?

      What is demanded of him is a key to the premises, for which a perfectly valid search-warrant has already been issued.

      If they were demanding a physical key, he could refuse to tell them where that is too. That said, without that ... they'll just knock down the door.

      Also ... has a search warrant been issued to search his brain?

      This stinks to high heaven. I thought that it was already established by case law that you did not have to say anything to aid the prosecution in any way, that your right to remain silent was absolute in a criminal case?

    10. Re: Contempt of the court... by Xest · · Score: 4, Funny

      No man, you just tell your encryption don't take that shit, don't let yourself be imaged, encryption. Stand firm in the face of these fascists, encryption, and do right by me man.

    11. Re:Contempt of the court... by William+Baric · · Score: 3, Insightful

      If you show me an encrypted disk drive that was connected to my Mac, either I know the password, or it's stored in the keychain of the Mac so you can access it with the keychain password.

      People who call me because they have forgotten the password of their own computer and who want me to reset it is not unusual. Do you think those people are lying and they only call me to hear my beautiful voice? Don't get me wrong, I'm pretty sure the guy remembers his password, but a justice system where someone can be put in prison only because I'm pretty sure of something, without any kind of evidence, is not something I want.

    12. Re:Contempt of the court... by AmiMoJo · · Score: 3, Insightful

      Trump's travel bans ran into difficulty because Trump himself said that they were Muslim bans and targeted at Muslims. After the first one failed his staff started talking about how they could make minor, cosmetic changes that meant it was still a Muslim ban but addressed the very narrow point in law that the first ruling was based on. Naturally, the courts didn't fall for it, especially as all this was said in public.

      Trump's executive orders keep failing because he is an idiot, surrounded by idiots, and none of them know how to run a government or write a legally sound executive order. Nothing to do with the judges' opinions of Trump, and everything to do with the fact that he basically argued the plaintiff's case for them outside the court so they could simply submit his speeches and tweets as their evidence.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. What if by markdavis · · Score: 4, Insightful

    >"upheld a lower court ruling of contempt against a chap who claimed he couldn't remember the password to decrypt his computer's hard drives"

    I am not saying that is the case here, but what if a defendant really doesn't remember the password? Throw him in jail forever? Some devices don't need a key/password UNLESS they are disconnected or reset, and it is very plausible someone might have been using something for a long time without knowing.

    1. Re: What if by Anonymous Coward · · Score: 4, Funny

      Perjury, obviously, for claiming to be a Slashdot reader with a girlfriend.

    2. Re:What if by ShanghaiBill · · Score: 4, Interesting

      what if a defendant really doesn't remember the password? Throw him in jail forever?

      Sure. Why not? The criteria is "reasonable doubt" not "certainty". In practice, the standard for "reasonable doubt" is not very high. When DNA evidence first became valid in court, the Innocence Project reviewed thousands of old cases, and determined that about 10% of them could not possibly have committed the crimes for which they were convicted. One case overturned was the Central Park Five, which EVERYONE, including our president, was absolutely certain were guilty. There are many, many other cases with no DNA evidence, but there is no reason to believe the false conviction rate is any lower for those.

      So if 90% certainly is good enough to lock up some poor black kids for life, why isn't it good enough for a rich white guy with a Macbook Pro?

    3. Re:What if by Altrag · · Score: 3, Informative

      Presumably by the time the courts are ordering decryption, the computer has gone through forensics by actual computer forensics people.

      Your possibility might apply to the cop who's beating down your door and just trying to get a quick takedown but if you refuse that initial step it will go to people who know what they're doing long before it goes to a judge.

    4. Re:What if by ShanghaiBill · · Score: 5, Insightful

      How about we work on improving justice for all without regard to socioeconomic status or race.

      Sure. But if we fix it only for the rich white guys, then they no longer have any motivation to fix the system for others, and it is they that are empowered to do so. We should indeed fix it for everyone. But we need to start at the bottom.

  3. That's not good law by Baron_Yam · · Score: 5, Insightful

    This amounts to "We know you're guilty even though we can't prove it so we're not going to bother with proof", and worse, they're using that to apply a potentially unlimited sentence.

    Just because the guy is accused of having a child porn collection doesn't mean the niceties of law shouldn't apply.

    I'm actually not so much for the right against self-incrimination, but I am very much for the right to a fair trial based on evidence and not what people 'know'. I'm also very much on finite sentences proportional to the needs of protecting society, punishing enough to scare the next guy, and attempting to reform the convicted if possible... but there shouldn't be a sentence at all without a just conviction.

    1. Re:That's not good law by MrDoh! · · Score: 5, Interesting
      That was how the UK version of this law was made to look silly (even though it later passed of course).

      An admission of a crime was made, written up, encrypted, and put on a USB(CD maybe) and sent to the Home Secretary. The police were then contacted and informed that the Home Secretary has, in his possession, an admission of a crime that requires a custodial sentence.
      Technically, that he never had the keys to unlock it was irrelevant. He had an item that was an admission of a crime, he was duty bound to hand it over and unlock it, even though there's no way on earth he could. But the way the law was written, he was the one in trouble.

      If this is allowed to stand, we now have the way for someone/anyone to send you an encrypted file (email/cookies), that will then get you found in contempt of court as you are unable to prove you can't unlock it.

      --
      Waiting for an amusing sig.
  4. Direct violation of the Constitution by nightfire-unique · · Score: 3, Insightful

    Nothing more to say, really.

    --
    A government is a body of people notably ungoverned - AC
  5. In fairness by HeckRuler · · Score: 5, Insightful

    So when are the politicians going to be charged with contempt of court when they "do not recall"?

  6. Contemptible. by msauve · · Score: 5, Insightful

    I agree, it's contempt of court. As well it should be, since the court is contemptible. The right against self-incrimination is absolute - you don't have to testify against yourself, you don't have to unlock that (combination) safe, you don't have to decrypt files. You have the right to remain silent.

    That is, unless it's the physical key to a safe, or some hardware encryption key. That's physical, and subject to seizure. But a combination or encryption password is a product of the mind, and forcing it out is forcing self-incrimination.

    Sure, law enforcement has a right, with the proper warrant, to break into the safe or attempt to decrypt the contents themselves, but failing that, they're simply SOL.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  7. Destroy code? by PCM2 · · Score: 3, Interesting

    Seems like encryption systems need to have two passwords; one that decrypts the volume and another that wipes the keys and images a fresh filesystem. When they compel you to enter your password, you enter the "destroy code."

    Sure, you could be charged with tampering with evidence if they realized what you'd done. But maybe that would be preferable to indefinite incarceration for contempt of court.

    --
    Breakfast served all day!
    1. Re:Destroy code? by Kardos · · Score: 5, Insightful

      No, it is not even fantasy to have a "destroy everything" password. Even a rookie investigator knows to make a copy first. If you provide self-destruct keys it'll be blatantly obvious.

    2. Re:Destroy code? by silas_moeckel · · Score: 4, Interesting

      This is very hardware dependent. Plenty of systems out there that require a passkey to unlock but nuke themselves with a few bad tries. They are not clonable (unless you're the NSA and even then some go to lengths to prevent chip lapping and other methods from working). In essence it's a small computer that you can not practically copy with a hardened interface that stores the actual decryption keys.

      Even the TPM chips tied to hard drives should support that.

      --
      No sir I dont like it.
  8. Does this case fit the precedent? by nctritech · · Score: 4, Interesting

    There is precedent for this when the defendant has already decrypted the drive for authorities and then refuses to do so for the court. In that case, the contents are considered a "foregone conclusion" and there is no question that the defendant both acknowledges the encrypted volume and knows the key to decrypt it. This is a reasonable balance against Fifth Amendment protections.

    If he has not ever revealed the password to authorities, the Constitution absolutely prohibits this action by the court. A man cannot be compelled to self-incriminate, the court may not presume guilt (innocent until proven guilty), and the court can only establish guilt through due process of law (everything from investigation to conviction) and with equal protection under the law (the law is applied the same way to everyone). This ruling blatantly violates most of these basic rights if the contents of the drive are not a "foregone conclusion."

    1. Re:Does this case fit the precedent? by nctritech · · Score: 4, Interesting

      They can't criminally charge you for not taking the sobriety field test. They can and will take your license away. That's not a criminal process, it's a regulatory one. Different states may have different variations but the song generally remains the same. Driving is legally considered a privilege, not a right. It isn't the same thing.

      I agree with your second part. Civil asset forfeiture is a blatantly unconstitutional thing that is constantly abused. It's still not a constitutional action, but the guys with the guns make the rules in the end.

    2. Re:Does this case fit the precedent? by Anubis+IV · · Score: 3, Informative

      Ruling that it's a "foregone conclusion" is exactly what happened here, but for different reasons.

      While the defendant hadn't provided the Mac Pro and hard drive passwords previously, the investigators managed to figure out the password to his Mac Pro and were able to use that access to determine that it had been used to visit child porn sites and download thousands of files that matched the hashes for recognized child porn files. Those files weren't found on the Mac Pro, but the defendant's sister testified "that Doe had shown her hundreds of images of child pornography on the encrypted external hard drives". Between the download history, hash matches, and testimony about the location of the files, the judge ruled that it's a foregone conclusion that the drives contain child porn and that turning over the password is not testimonial in nature as a result.

      I'm not sure that I necessarily agree with that assessment (it could be that providing the passwords is still testimonial in nature with regards to crimes they don't know about that his knowledge of the passwords would implicate him of), and the article points out that it's likely this case will go all the way to the Supreme Court.

  9. Re:This is bullcrap by Marc_Hawke · · Score: 4, Insightful

    The Courts (and Law Enforcement) have gotten really lazy, and it's confusing to me why they don't see it.

    During the San Bernardino iPhone stuff and other such stories, there were so many 'seemingly intelligent' people saying how encryption shouldn't be allowed because it made law enforcement difficult. Since when has it been easy? Wearing gloves makes it hard to pickup fingerprints. Should you outlaw gloves as well? However, these people are saying, "You should be forced to live in a way that makes it simple for us to track you all the time." "Papers Please!"*

    Two statements:
    "As more and more people are using encryption these days it's much more difficult for us to obtain evidence." - legitimate
    "As it impedes our abilities to gather evidence encryption in consumer devices should be restricted or should include a law enforcement backdoor." - completely not legitimate

    *(Actually with the 'papers please' that's more about proving you're allowed to be there, rather than checking to see if you shouldn't be there. So it really doesn't apply to the situation.)

    --
    --Welcome to the Realm of the Hawke--
  10. Only one way out... by tinkerton · · Score: 5, Funny

    My password is "sorry I've forgotten my password". They won't be able to claim I didn't tell em!

  11. I can relate by AaronW · · Score: 3, Insightful

    I had a couple of encrypted partitions on my Linux setup that I rarely accessed that became inaccessible after a Linux update. In my case I did remember the password but Linux would not accept it. I eventually reformatted it and restored the data from a backup.

    Any time you are arrested you should always choose to remain silent and request an attorney even if you are innocent.

    --
    This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
  12. Re:Rubber-hose cryptanalysis by Anonymous Coward · · Score: 4, Interesting

    As a victim of a rubber hose attack by the American government I can offer some insight into how it works and how everyone looks at the issue wrong. The government usually gets it hands on you somehow and threatens you with some ridiculous mandatory minimum prison sentence. Its a somewhat civilized approach to the rubber hose attack.

    You go hire a big buck attorney who starts to work on the case. Next thing you know the government is offering you immunity for whatever is on your computer in exchange for the passwords. Of course your attorney says give them the passwords and this thing will likely go away. You hand over the passwords and it goes away, the statute of limitations ticks off a few years later.

    Now if you are the main target of their interest they will wait until they can nail you to the wall and do this step to anyone they think may be able to help.

    A better approach would be to use a wifi accessible ssd hidden in a wall or elsewhere it wont be found. Most of the time they are in and out of your house in under a hour, it is very rare, without an informants telling them all of your opsec secrets that anything well hidden will be found.

    Cops are humans, most humans are lazy and have mixed feelings about their job, remember that. Encrypted disks in the hands of the government should be treated as the starting point in negotiations.

  13. Re: Happens quite often... by slashrio · · Score: 3, Interesting

    Like the sticker note with the password on the bottom of the laptop.
    "I don't know the pw, it's on the bottom of the laptop."
    Police: "..." Unless of course they filmed the whole arrest and house visit.

    And about the 'forgone conclusion' and the fact they aren't simply starting the trial based on the evidence that led to this conclusion:
    I think it's quite possible that law enforcement told the judges, confidentially, that they already have hacked the disks using a secret back-door or other procedure, but just can't (won't) make that public. In that case a trial wouldn't work either.

    And where is the proof that the files are actually on his HD and that he hasn't deleted them already?
    He could admit downloading them (out of curiosity), but erasing them immediately upon discovering their true nature.
    Which leaves the testimony of his sister to deal with, who must have been really pissed off by the pictures she's seen on his phone--maybe her own child was involved, that she witnessed against her own brother?

    --
    "Trump!!", the new Godwin.
  14. Re:Rubber-hose cryptanalysis by dougmc · · Score: 3, Interesting

    .Perhaps some type of expiry after 30-60 days of non-use for sensitive encrypted drives might protect against this, since there's no way the person could decrypt the drive after that threshold.

    You aren't imagining the defendant's computer in a nice neat room with his drives plugged in and a cop sitting at it trying to guess the password, are you?

    No, the drives will have been imaged through a hardware device that blocks all attempts to write, and their work will be on their own computers running their forsensic software against the images of his drives, with his original drives safely in the evidence lockup.

    And if criminals start using drives with custom firmware to foil this (they've already read the first GB sequentially? return gibberish and erase everything!), the cops will then be removing the control boards and subsituting their own before they do the imaging.

    "Self destructing crypto" will just be something else for them to work around. It might foil the local police department, but if the FBI/NSA/CIA/etc. really wants your data, that's not going to foil them any more than straight strong crypto will.

  15. Re: Happens quite often... by Mashiki · · Score: 3, Insightful

    Possibly. That's the real question here, while I've read the case info provided in the article there's a bunch of things that are unclear until I get a chance to read the initial case. But, local police forces which is what this case is doesn't usually have the resources to backdoor things like this unless they're commonly known exploits. And if I remember the cases correctly, if they were seized as part of evidence in the original warrant and they were able to get the information off the drives without his co-operation it wouldn't matter anyway. Since it would have already proven that he was in possession of CP. So that doesn't really matter, in the rare cases where something like this happens they can seal part of the court case to protect the disclosure of things like that which would lead to the compromising of on-going investigations.

    The real thing is is what you pointed out though, where the proof. There is none really. The prosecution states they have "known hashes" but that doesn't mean much beyond that. It's more likely that the sister saw actual CP, and that's it. That in itself leads weight to it, but it still doesn't mean too much without the actual evidence.

    I wouldn't be surprised if this keeps moving through the court system, or their lawyer simply tells them to take the contempt charge which he'll likely serve on weekends and get on with his life. The contempt charge itself could be an entirely new ball of wax especially if it's contested which wouldn't surprise me. The lawyer(s) in question could make their career defining case off of it. Since then the court will have to prove that he knowingly engaged in contempt.

    --
    Om, nomnomnom...