U.S. Court Extends Fifth Amendment to Encrypted Data

[Therumancer]

My basic thought on the subject is that the goverment should be able to force people to decrypt files gained during a legitimate search. I understand why a lot of the anti-goverment, anti-law enforcement sorts on these forums will disagree, but the bottom line here is that to do otherwise is to basically say it's okay to commit crimes a long as you can hide the evidence well enough that the police can't access it.

I understand the bit with the 5th Amendment, but it's really a semantics game, and is definatly violating the spirit in which it was intended. I think it was Thomas Jefferson who mentioned that the Constitution/Bill Of Rights needed to be redone every 19 year or so, and this kind of shows why ours dearly needs an update as this is so far out of context to what that law had in mind and the spirit in which it was intended as to be ridiculous.

I'd point out that coded documents and such were not unknown to our founding fathers even that early, and when they captured guys like whits (British Loyalists) they didn't just say "oh well, I guess we can't break the code and prove anything, so we'll let it go" no, they tortured the guy until he decrypted it or died. It's been a while but I've read some stuff about how ruthless our founding fathers are and what their intent was, never mind when I took Criminal Justice and read about the early days of US law enforcement which was closer to the intent. I don't think we should go all the way back to that level of barbarity, but someone pleading the 5th Amendment here shouldn't work or be taken seriously. Someone needs a thump in the head.

Simply put if common sense eludes everyone, they should probably put it into law that legal seizure of data includes access to that data. Meaning any protection this guy had to protect his privacy/property was overruled by the warrent. It's not "self incrimination" as the information was already theirs. Either the person decrypts the data for analysis and the trial continues, or he suffers the full weight of the accusations against them. Basically if it's someone involved in a real estate scam and the records key to the whole thing are encrypted and the person refuses to provide that information, the trial proceeds as if the documents reinforced the most beneficial case to the prosecutor. This would motivate people to cooperate because even if found guilty they are not nessicarly going to be nailed by the worst possible interpetation of the data and accordingly suffer maximum penelties.

To put it into perspective if you were the victim of say a real estate scam, like the lady mentioned above (the secondary case, not the primary one the article is about) is accused of, I doubt you'd be in support of her getting away with it because she protected her records too well for the cops. As far as I'm concerned if a Judge already approved a warrent (which can be difficult to get in the US) that's good enough for me.

I'm not making some half arsed "only the guilty need to fear" arguement here, because I'm big on pivacy as a general principle. It's all about context with the computers having already been seized legally under warrent, and the case apparently going to court. This isn't the police randomly snooping through computers or anything, it's a stupid technicality based on an antiquidated law to which it is out of context to, being used to avoid the repercussions of crimes.

I mean you can't even really argue unrelated data, because in general such searches are limited by scope. If they saw open a computer for real estate charges and find kiddie porn, as much as I'd like to see the person charged, I'd imagine the limited scope of the warrent (to seek out information related to... ) would probably prevent it from being used. Of course then again I don't know how that applies to data, it's been a while. If it would allow them to be prosecuted I wouldn't much care mind you, as I've always thought warrents and search and seizure laws limited the police too much. One of the reason why our country is so frakked up is we play too many games letting the guilty go free, and get away with stupid crap.

 

[Telperion]

Hm...I use TrueCrypt...so, yay?
Nice to know that the software actually works!
And, no: I only crypt stuff that's really important to me. Nothing criminal.

 

[mrdude2010]

This is a great day for all who value the right to data privacy.

And great day for fraudsters, drug dealers, corrupt politicians, the various mobs, hit men, the Ku Klux clan, the Aryan nation and the other terrorist groups out there. So if Enron had just encrypted all their data they could have walked away scot free after defrauding ten of thousands of poeple. Rod Blagojevich should have sent an encrypted email instead of selling Obama's senate seat on the phone and he wouldn't be doing 14 years and the democratic process would have been for sale. But hey data privacy is way more important than protecting the democratic process.

"They who can give up essential liberty to obtain a little temporary safety deserve neither"- Benjamin Franklin

 

[Athinira]

But hey data privacy is way more important than protecting the democratic process.

You could make the same argument for warrantless phone taps, searches without any sort of probable cause and pretty much anything else. How far are you willing to go in the name of security? What are you willing to sacrifice?

Well, I'm a bit on edge about this ruling, as it particularly is something that has so much criminal potential. Plus your day to day lay-person doesn't encrypt your computer, which pretty well separates this from phone tapping.

My computer (and hard drives) are encrypted by TrueCrypt as well (with a strong password) and I'm your day to day lay-person. Except maybe a bit of pirated material (which isn't much) i have nothing illegal on my computer. No child porn or anything.

Don't make assumptions about what the "average" person does. Plenty of people who have done nothing wrong encrypts their computer. It protects your data in the case of theft. Also, encryption is becoming rapidly available to the everyman. Not only are several laptop-companies (ASUS, HP, Fujitsu Siemens) offering laptops with encryption capabilities (for example through BitLocker, which comes with the Ultimate/Enterprise-editions of Windows 7, or sometimes their own encryption software), but even hard-drive or SSD-companies build in encryption into their products. For example Intels SSD series has built in hardware-based encryption which can be activated and then requires a password before the drive can be used. It's readily available to the everyman who buys their SSD's (i have an Intel 320 series SSD myself, although i don't use the Encryption there in favor of TrueCrypts protection).

Encryption is becoming very common, including for your everyday-man.

Also...

I can't help but have a slight fear that arrest rates on child pornographers will probably take a drop after this. Hopefully it won't be too bad, and while I'm not particularly incensed by this, I hope other things of this ilk don't happen. I'd say we're just on the line.

You, and some other people, also seem to be misunderstanding what this ruling means. You see, even if the court had ruled against the man, the FBI would still not be able to decrypt the files without his help. Sure, they would be able to throw him in jail for not decrypting the files (contempt for court), but they still wouldn't be able to prove that there was actually something illegal on the computers/hard drives until they are actually decrypted. So all that would succeed doing is putting a possibly innocent man (or woman) in jail.

In addition, this would open up for innocent people being thrown to jail for not decrypting content they are unable to decrypt (on the basis that the court BELIEVES they are able to decrypt it, even if they are not). This could be the result of having forgotten the password (unlikely, but possible), lost the keyfiles for the encrypted content (much more likely) or simply not having been the person who encrypted the stuff in the first place (also a possibility).

Imagine the following scenario: The FBI arrests you and confiscates some computers from your home because they believe you have committed some sort of digital crime. One of the computers confiscated actually belongs to someone else (could be a friend who left it there), but the FBI believes despite your claims that it belongs to you. It's encrypted, so the feds ask the court to order you to decrypt it. You testify that you cannot decrypt it because it's not yours. The court doesn't believe you, and jails you for contempt of court. This is the type of can you'll be opening if people cannot invoke the 5th amendment in these cases.

Constitutional rights are there for a good reason.

 

[Marcus Thomas]

In addition, this would open up for innocent people being thrown to jail for not decrypting content they are unable to decrypt (on the basis that the court BELIEVES they are able to decrypt it, even if they are not). This could be the result of having forgotten the password (unlikely, but possible), lost the keyfiles for the encrypted content (much more likely) or simply not having been the person who encrypted the stuff in the first place (also a possibility).

You forgot to mention the possibility that empty space on a drive (perhaps left by securely deleting a file) might be mistaken for encrypted data.

 

[Olrod]

What would have happened if he just claimed he didn't know HOW to decrypt his data?

 

[Athinira]

You forgot to mention the possibility that empty space on a drive (perhaps left by securely deleting a file) might be mistaken for encrypted data.

For the sake of argument, we are assuming that it's conclusively proven that the encrypted content exists and can be located (even if it's not decryptable).

 

[Athinira]

What would have happened if he just claimed he didn't know HOW to decrypt his data?

If someone knows how to encrypt data, they also know how to decrypt them.

The problem here, as mentioned in my first post, is if the accused denies being the owner/user of the electronic equipment, and therefore denies being the one who encrypted it. The court, if capable of overruling the 5th amendment, will then have to decide whether or not that's a plausible explanation.

If the police can prove, however, that the equipment belongs to the accused, then that excuse won't last him in court.

 

[Marcus Thomas]

You forgot to mention the possibility that empty space on a drive (perhaps left by securely deleting a file) might be mistaken for encrypted data.

For the sake of argument, we are assuming that it's conclusively proven that the encrypted content exists and can be located (even if it's not decryptable).

From the opinion filed by the EFF:
"In his testimony on cross-examination by Doe, however, McCrohan
conceded that, although encrypted, it was possible that the hard drives contain
nothing."

I think this means that in this particular case only the use of encryption has been proven, not the existence of any encrypted files.

 

[Athinira]

Simply put if common sense eludes everyone, they should probably put it into law that legal seizure of data includes access to that data. Meaning any protection this guy had to protect his privacy/property was overruled by the warrent. It's not "self incrimination" as the information was already theirs.

If you decrypt any data seized during a search, you admit to:
- Knowing of the data
- Being a user of the medium the data was located on
- Being the one who encrypted the data

That's self-incrimination in every aspect.

 

[samsonguy920]

If encrypted data was all the FBI had to go on against this guy, then they had nothing to begin with. Sounds more like a case of the Feds trying to shortcut their way to a quick and easy arrest without breaking a sweat. They don't do it all the time, but the fact that they do some of the time still makes them smell worse than the Kardashian household.
I call this a legit argument. There are plenty of other ways to bring down someone than blackmailing them into decrypting their own files.

This is a great day for all who value the right to data privacy.

And great day for fraudsters, drug dealers, corrupt politicians, the various mobs, hit men, the Ku Klux clan, the Aryan nation and the other terrorist groups out there. So if Enron had just encrypted all their data they could have walked away scot free after defrauding ten of thousands of poeple. Rod Blagojevich should have sent an encrypted email instead of selling Obama's senate seat on the phone and he wouldn't be doing 14 years and the democratic process would have been for sale. But hey data privacy is way more important than protecting the democratic process.

That's giving a lot of ignorant and unimaginative people a lot of credit there, friend. Consider that Blagojevich was of the mind that he was above the law at the time and the justice system wouldn't bother itself to deal with a matter like that. He still carries that attitude even after getting caught and found guilty. I would imagine Enron did secure a lot of their files. It was the stuff that was unsecured that got them busted, stuff that would have done them no good if they did secure it.
It doesn't matter what you encrypt, there is going to be plenty of other evidence to be found to nail your ass to the wall if you are guilty. As I stated at the start, the feds were looking for a short cut and got themselves stomped to the curb again.

 

[Athinira]

You forgot to mention the possibility that empty space on a drive (perhaps left by securely deleting a file) might be mistaken for encrypted data.

For the sake of argument, we are assuming that it's conclusively proven that the encrypted content exists and can be located (even if it's not decryptable).

From the opinion filed by the EFF:
"In his testimony on cross-examination by Doe, however, McCrohan
conceded that, although encrypted, it was possible that the hard drives contain
nothing."

I think this means that in this particular case only the use of encryption has been proven, not the existence of any encrypted files.

He conceded to the hard drives being encrypted, meaning they was encrypted and can therefore be considered encrypted content. Whether they hard drives CONTAIN something is an entirely different matter, but it's conclusive that they are encrypted. It's perfectly possible to have an encrypted empty drive or partition.

 

[Marcus Thomas]

He conceded to the hard drives being encrypted, meaning they was encrypted and can therefore be considered encrypted content. Whether they hard drives CONTAIN something is an entirely different matter, but it's conclusive that they are encrypted. It's perfectly possible to have an encrypted empty drive or partition.

Yes, but producing the contents of the encrypted drives is testifying to the existence and contents of those drives, and that part is what the court ruled as protected by the fifth amendment.

 

[Albino Boo]

If you are ordered by a court to produce a printed document you shred it not only are you guilty of contempt the shred document can be put together and used in evidence against you. Why should the process of encryption be treated any different from shredding? It is also clear that he was ordered to by a court after due process. The FBI didn't walk and demand he decrypt without a warrant is the same way that they bugged Rod Blagojevich phone. Why should it be treated any different, in both cases due process occurred. In encryption case he actually knew that and order was beginning potentiality made against him and had an opportunity defend himself in court which is more than Rod Blagojevich had. Why should data held on disk have greater legal protection than the same information held on paper or the same information exchanged by spoken word?

But encrypted data does get the same legal protection as other documents. A court can't just order someone to turn over documents that might not even exist, that would be like ordering someone to make up false evidence just to incriminate themselves. In this case the FBI seized his computers with a warrant, but they don't know that there is actually any evidence in the encrypted volumes, if anything at all. All they know is that he is using Truecrypt.

Small but rather important point they do make orders to turn over to the police any document relevant and failure to produce a document in a tax case for instance that supports your case means that you are the that case against you is proved. I.E you make a claim for expenses and you cant produce any evidence of the expenditure you risk criminal prosecution for fraud. THERE IS NO DIFFERENCE, it just supports your own personal prejudices. All you guys hate fox news but you are no different, as long something attunes with your own prejudices you do not give a dam about how illogical or extreme the consequences of the thing you support.

 

[Athinira]

He conceded to the hard drives being encrypted, meaning they was encrypted and can therefore be considered encrypted content. Whether they hard drives CONTAIN something is an entirely different matter, but it's conclusive that they are encrypted. It's perfectly possible to have an encrypted empty drive or partition.

Yes, but producing the contents of the encrypted drives is testifying to the existence and contents of those drives, and that part is what the court ruled as protected by the fifth amendment.

I would say that producing the contents of the encrypted drives is testifying to your knowledge and ownership of the existence and contents of the drives, which is slightly different.

In most cases where encryption software (or hardware) is in use, It's perfectly possible to determine if something is encrypted. It's the fact that decrypting the contents links you to it that's in question.

So in fact, it's very far from the point you originally argued (that empty space could be mistaken for encrypted content). It's two entirely seperate issues.

 

[Marcus Thomas]

Small but rather important point they do make orders to turn over to the police any document relevant and failure to produce a document in a tax case for instance that supports your case means that you are the that case against you is proved. I.E you make a claim for expenses and you cant produce any evidence of the expenditure you risk criminal prosecution for fraud. THERE IS NO DIFFERENCE, it just supports your own personal prejudices. All you guys hate fox news but you are no different, as long something attunes with your own prejudices you do not give a dam about how illogical or extreme the consequences of the thing you support.

But in this case the defendant is not making an unsubstantiated claim, instead the burden of proof lies with the prosecution. How can they compel him to turn over documents if they can't even prove they exist?

 

[Marcus Thomas]

I would say that producing the contents of the encrypted drives is testifying to your knowledge and ownership of the existence and contents of the drives, which is slightly different.

In most cases where encryption software (or hardware) is in use, It's perfectly possible to determine if something is encrypted. It's the fact that decrypting the contents links you to it that's in question.

So in fact, it's very far from the point you originally argued (that empty space could be mistaken for encrypted content). It's two entirely seperate issues.

His use of encryption has been proven by this point, but TrueCrypt is designed in such a way that without the password(s) the encrypted data is indistinguishable from random junk. So the examiner's claim that that he had over 5 TB of encrypted data cannot be proven without the password(s).

 

[Athinira]

I would say that producing the contents of the encrypted drives is testifying to your knowledge and ownership of the existence and contents of the drives, which is slightly different.

In most cases where encryption software (or hardware) is in use, It's perfectly possible to determine if something is encrypted. It's the fact that decrypting the contents links you to it that's in question.

So in fact, it's very far from the point you originally argued (that empty space could be mistaken for encrypted content). It's two entirely seperate issues.

His use of encryption has been proven by this point, but TrueCrypt is designed in such a way that without the password(s) the encrypted data is indistinguishable from random junk. So the examiner's claim that that he had over 5 TB of encrypted data cannot be proven without the password(s).

The installation of Truecrypt + 5 TB of random data is enough for the court to make the safe assumption that the "random data" is encrypted. Especially if TrueCrypt is installed in boot-mode (where it is stored in the first track of the hard drive, which indicates System Encryption).

Whether they are encrypted by him or if he is even capable of decrypting it - and whether or not he can be ruled to so - is entirely separate issues. But since there is no crime involved with simply using encryption, there is nothing wrong with the court assuming (based on the indications) that the equipment is encrypted. If encryption itself was a crime, the situation would of course be different.

Also, while the developers have done a very good job, material encrypted with TrueCrypt DOES in fact have some distinguishing features that can support the suspicion of encryption being employed, especially if there is talk of encrypted containers (files), rather than encrypted partitions/drives/systems since these files have some giveaways (related to size and the method in which those random data are generated).

Also, if TrueCrypt is employed on an SSD, the use of the TRIM-command makes it fairly easy to determine if the drive is encrypted, even if it just looks like random data. The only thing that is secret there is a hidden operating systems, because TrueCrypt specifically blocks the TRIM-command while a hidden operating system is in use to keep it a secret.

 

[Therumancer]

Simply put if common sense eludes everyone, they should probably put it into law that legal seizure of data includes access to that data. Meaning any protection this guy had to protect his privacy/property was overruled by the warrent. It's not "self incrimination" as the information was already theirs.

If you decrypt any data seized during a search, you admit to:
- Knowing of the data
- Being a user of the medium the data was located on
- Being the one who encrypted the data

That's self-incrimination in every aspect.

However, I do not think the spirit of the law was intended to prevent this.

To me, it all comes down to an antiquidated law, that is being used neither in the context in which it was created, or updated for current technologies, being abused to create a loophole.

See, the founding fathers probably would have just tortured the guy until he broke the code or died. Like it or not their intent and practices were nothing like ours. I don't believe in doing something that barbaric, but I *DO* believe in a case where the property was already seized legally that the person should be made to either break the code or suffer the full penelties for whatever they were accused of with no chance of reprieve or reduction (ie they can't chooe later to decrypt the files in hopes of a lesser sentence once convicted this way).

That's by no means nice, but it's one of those cases where I feel this is a ridiculous technicality and by this point in the game (item seized, already at trial) access to that data is a right of the court. I feel the victims of crimes have rights, and basically saying that someone involved in a real estate scam being able to get away with whatever they did if their data can't be decrypted is ridiculous. That's pretty much declaring open season for white collar criminals to exploit anyone they want do if their ecryption is powerful enough.

Lesser of evils and all of that.

The intent of the fifth amendment is to prevent someone from having to give verbal testimony against themself. Largely because being on trial for one crime does not nessicarly give you immunity to others. Basically if you witness a murder, but did so in the process of burglerizing the house the murder took place in, you could refuse to testify because in doing so you'd effectively get youself arrested for crimes you hadn't been caught performing. You can't lock someone in jail for refusing to confess to an unrelated crime.

As this involves seized property I believe that protection is effectively already in place. The scope of the search probably includes what kind of data they are after, a computer is a likely hiding place. If your in for say a real estate scam, but there is evidence of other crimes on that system, but nothing about the real estate scam, by decrypting it the scope of the serch would prevent you from being held liable for that crime.

It's one of those situations where the spirit of the law and examples of it's enforcement by those who invented it are overlooked in favor of it's wording, allowing for a lot of technicalities. The Constitution and Bill Of Rights were never intended to be in force in their current forms for this long, and the wording was not all that carefully phrased because it was not intended to stand the test of time or be applied to issues and situations two centuries down the line. Yes it's amazing how well these documents hold up nowadays, but it's equally amazing how poorly they apply to current issues and situations, especially as they get further afield from their original intent.

While it doesn't apply to this directly, look at freedom of religion for example. The original idea was pretty much intended to prevent warfare between Catholics and Protestants or the persecution of freemasons. Not to protect say witches, satanists, cultists, or those who practice a religion like Islam based in theocratic cultures that currently want the destruction of the country. In fact, the founding father actively encouraged hunting down those practicing "pagan" religions like witchcraft and satanism. The idea of them intending it to be protected by that law is utterly ridiculous.

A lot of people might dislike this point, but the idea was that with the constitution being changed and updated every 19 years or so, exceptions and revisions to the core concepts could be added. Such as specifying what religions could be considered free, excepting religions and religious cultures opposed to the US, and similar things. That was the basic idea.

Likewise, understand that a lot of the current social issues are a non-issue. See people will say there is nothing in the constitution specifying the primacy of American culture within the US. BUT at the same time the founding fathers felt there was no need, and a lot of the people with subcultures causing a problem in the US were not even considered fully human by this nation of slave owners. China and India were far off and not considered a factor, blacks were slaves, etc... The idea being that civil liberties could be adjusted to protect the country and it's core people as time changed. These guys were not paragons of tolerance.

Now don't misunderstand, I like a lot of the progress we've made, and I don't think we should bring back slavery, or witch hunts, or other assorted things. I simply think we need to modernize things and remove a lot of the stupidity, and that includes a lot of civil protections that provide technicalities to hide behind when they shouldn't be able to. While Islam and profiling it/singling it out is a big issue under freedom of religion for example, we've had all kinds of crazy incidents with cults hiding behind freedom of religion to brainwash people, run rape prisons in sealed compounds, and put rattlesnakes in baby cribs, and everything else. Obviously we need to put some serious limits on that, and those screaming it's against the intent of the constitution, should be laughed at because well.. the INTENT of the constitution was quite differant as shown by it's actual practice early
on as I explained. Basically, freedom of religion should not put someone beyond criticism, protect them from investigation, bring about special considerations because of faith, or let the people do stupid crap like pass around rattlesnakes to test whether god wants them or their kids to live. Basically liberals who think that freedom of religion should count as a passcard to do nearly anything, especially if your not christian, and that anyone or anything should be allowed to be turned into a religion, are absolutly insane. When we have a country where you can become an ordained minister in a legal sense like 30 minutes, and with the right preparation start your own religion dedicated to worshipping a utility pole as the god of lightning... there is a problem. A point proven by all the joke religions people start and occasionally exploit the existance of for "lulz".

 

[Marcus Thomas]

The installation of Truecrypt + 5 TB of random data is enough for the court to make the safe assumption that the "random data" is encrypted. Especially if TrueCrypt is installed in boot-mode (where it is stored in the first track of the hard drive, which indicates System Encryption).

Whether they are encrypted by him (or if he is even capable of decrypting it, and whether or not he can be ruled to so, is entirely separate issues. But since there is no crime involved with simply using encryption, there is nothing wrong with the court assuming (based on the indications) that the equipment is encrypted.

Also, while the developers have done a very good job, material encrypted with TrueCrypt DOES in fact have some distinguishing features that can support the suspicion of encryption being employed, especially if there is talk of encrypted containers (files), rather than encrypted partitions/drives/systems since these files have some giveaways.

Also, if TrueCrypt is employed on an SSD, the use of the TRIM-parameter makes it fairly easy to determine if the drive is encrypted, even if it just makes it look like random data. The only thing that is secret there is a hidden operating systems, because TrueCrypt specifically blocks the TRIM-parameter when a hidden operating system is in place to keep it a secret.

While it would be reasonable to expect this guy to have some amount of encrypted data, the prosecution seems to have the idea that he has used every last bit of these drives capacity. If he were to turn over content that was smaller that the expected 5TB they might think he was withholding information from them, and if he did withhold some content there would be difficulty proving that.