Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Encryption Passphrase Protected by the 5th Amendment

Posted by CmdrTaco on Sat Dec 15, 2007 01:46 PM
from the my-password-is-password dept.
Government The Courts Encryption Security News
Takichi writes "A federal judge in Vermont has ruled that prosecutors can't force the defendant to divulge his PGP passphrase. The ruling was given on the basis that the passphrase is protected under the 5th amendment to the United States Constitution (protection against self-incrimination)." The question comes down to, is your password the contents of your brain, or the keys to a safe.
+ -
story

Related Stories

Submission: Encryption passphrase deemed protected by the 5th by Takichi (1053302)
[+] Examining the Search and Seizure of Electronics at Airports 699 comments
Angus McKraken brings us a Washington Post story about how travelers are seeking more well-defined policies and rules about the search and seizure of electronic devices by U.S. Customs officials. The EFF has already taken legal action over similar concerns. We recently discussed the related issue of requiring people to disclose their passwords in order to search their private data. From the Post: "Maria Udy, a marketing executive with a global travel management firm in Bethesda, said her company laptop was seized by a federal agent as she was flying from Dulles International Airport to London in December 2006. Udy, a British citizen, said the agent told her he had 'a security concern' with her. 'I was basically given the option of handing over my laptop or not getting on that flight,' she said. 'I was assured that my laptop would be given back to me in 10 or 15 days,' said Udy, who continues to fly into and out of the United States. She said the federal agent copied her log-on and password, and asked her to show him a recent document and how she gains access to Microsoft Word. She was asked to pull up her e-mail but could not because of lack of Internet access. With ACTE's help, she pressed for relief. More than a year later, Udy has received neither her laptop nor an explanation."
[+] News: Judge Rules Man Cannot Be Forced To Decrypt HD 775 comments
I Don't Believe in Imaginary Property writes "In Vermont, US Magistrate Judge Jerome Niedermeier has ruled that forcing someone to divulge the password to decrypt their hard drive violates the 5th Amendment. Border guards testify that they saw child pornography on the defendant's laptop when the PC was on, but they made the mistake of turning it off and were unable to access it again because the drive was protected by PGP. Although prosecutors offered many ways to get around the 5th Amendment protections, the Judge would have none of that and quashed the grand jury subpoena requesting the defendant's PGP passphrase. A conviction is still likely because prosecutors have the testimony of the two border guards who saw the drive while it was open." The article stresses the potential importance of this ruling (which was issued last November but went unnoticed until now): "Especially if this ruling is appealed, US v. Boucher could become a landmark case. The question of whether a criminal defendant can be legally compelled to cough up his encryption passphrase remains an unsettled one, with law review articles for the last decade arguing the merits of either approach."

Update: 08/19 23:49 GMT by KD : Several readers have pointed out that this story in fact did not go unnoticed.
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Encryption Passphrase Protected by the 5th Amendment 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • But but but! (Score:4, Insightful)

    by skulgnome (1114401) on Saturday December 15 2007, @01:50PM (#21710020)
    Terrorists!

  • If not anything else... (Score:5, Insightful)

    by Bones3D_mac (324952) on Saturday December 15 2007, @01:52PM (#21710032)
    "I forgot."

  • Interesting development (Score:5, Interesting)

    by rickthewizkid (536429) on Saturday December 15 2007, @01:53PM (#21710036)
    So.... this tells me two things... first, that the government cannot force you to give up your PGP passphrase.... but possibly more important, the government (currently) cannot break PGP encryptopn.

    Hmmm....

    • So.... this tells me two things... first, that the government cannot force you to give up your PGP passphrase.... but possibly more important, the government (currently) cannot break PGP encryptopn.

      Hmmm....

      Well the government of Vermont can't at least.

      • Re:Interesting development (Score:5, Insightful)

        by Tumbleweed (3706) * on Saturday December 15 2007, @02:13PM (#21710252) Homepage
        >So.... this tells me two things... first, that the government cannot force you to give up your PGP passphrase.... but possibly more important, the government (currently) cannot break PGP encryptopn.

        Hmmm....

        Well the government of Vermont can't at least.

        It was a Federal judge.

        It was also probably not worth bothering the NSA with. I wouldn't take this to mean much of anything about how quickly the Feds can crack PGP.

    • Re:Interesting development (Score:5, Informative)

      by swillden (191260) <shawn-ds@willden.org> on Saturday December 15 2007, @02:19PM (#21710306) Homepage Journal

      So.... this tells me two things... first, that the government cannot force you to give up your PGP passphrase.... but possibly more important, the government (currently) cannot break PGP encryptopn.

      No, it doesn't tell you the second. If the government has the knowledge required to break the ciphers used by PGP, they would be very unlikely to reveal that for something as unimportant as this court case.

      Personally, I strongly doubt that the NSA can break PGP, but this decision doesn't say anything one way or the other about the question.

      • Re:Interesting development (Score:5, Insightful)

        by tomz16 (992375) on Saturday December 15 2007, @02:02PM (#21710142)

        O... the government can break it. It's just that the DOJ doesn't have access to the computers required to do so. Nor does it want to spend the money on buying a multi-billion dollar computer if it doesn't need to.
        ? What leads you to this conclusion? There's absolutely NOTHING to indicate that strong encryption can be defeated by ANYONE on the planet at this moment.

            • Re:Interesting development (Score:5, Insightful)

              by tomz16 (992375) on Saturday December 15 2007, @04:43PM (#21711574)
              Statements such as these are often made by paranoid conspiracy nuts and dutifully repeated by people that have no absolutely no clue about how science works. There are some things money just can't buy today... A quantum computer entails decades worth of research in physics, chemistry, materials research, etc. etc. It's not really a task possible by a secret group of people working separately from the main academic community.

              If there is anything that you should have learned from reading all of those articles about quantum computing, is that it's friggin HARD. Any quantum device complicated enough to even be remotely useful in breaking encryption is many decades away. This is because it will take centuries of man hours and armies of graduate students in multiple fields to crack this nut. There still need to be tens of thousands of PhD's written on related topics before you can even dream of starting construction.

              In order to have a secret working quantum computer, the US government would have had to have been actively working on the technology since long before traditional silicon computing took hold... hell, long before the idea of quantum computing for decryption even tickled our imaginations. They would have had to independently train a clandestine army of engineers and physicists that far outclassed our brightest minds in academia. These people would have had to replicate ALL of our modern advances decades earlier (which, btw. is not apparent from any other military technology). The resources required for a project like this are simply staggaring, and I estimate that the financial costs would have EASILY been in the trillions of dollars.

              We certainly do spend enormous amounts of capital on military R&D in the USA, and there are many important technologies where the military is years ahead of commercial efforts. However from numerous projects that have bee declassified over the years, this advantage usually only involves the effective weaponization / improvement of currently existing/proven technologies. The military is only ahead in the little details of practical implementations, and not the fundamental scientific principles. In short, claiming the existence of some secret quantum computer is akin to claiming the US military had Joint Strike Fighters before the Wright brothers even made their first flight.

                • Re:Interesting development (Score:5, Insightful)

                  by TheRaven64 (641858) on Saturday December 15 2007, @08:36PM (#21713264) Homepage Journal
                  Do you have even a basic understanding of maths? There are 2^2048 possible 2048-bit keys. If you split it between 2 computers, each has to do 2^2047. If you split it between 256 (2^8) then each has to do 2^2040. Split it between 1024 (2^10)? Each is still doing 2^2038. Maybe you've got over four billion computers. In that case, you only need to do around 2^2006 on each one.

                  In case you still have no concept of how big this number is, there are estimated to be around 10^80 atoms in the universe, which is around 2^266. That means that each of your four billion computers is having try 2^1740 keys for every atom in the universe.

                  To put it another way: Let's assume each of your four billion computers is a few orders of magnitude faster than anything I know of and can try four billion keys a second, giving you a total of around 2^64 keys tried per second. This means you can do around 2^76 per day. At this rate (and don't forget that we are assuming that you have almost as many computers that are orders of magnitude faster than anything real as there are people in the world) it will take you 2^1972 days to do an exhaustive search (although on average it will only take you 2^1971 days to find the key). For those following at home, that's around 2^1962 years. For reference, the universe is approximately 13.7 billion years old, which is a shade under 2^34 years.

                  In summary, if every atom in the universe was a computer that ran orders of magnitude faster than anything we can build today, and it ran for the life of the universe to date, you would not be able to crack a single 2048-bit message. If, however, you have a quantum computer, then you might be able to.

        • Re:Better use of a botnet? (Score:5, Interesting)

          by swilver (617741) on Saturday December 15 2007, @03:11PM (#21710782)
          Botnets cannot break decent encryption either.

          What a lot of people fail to realise is that encryption can be made unbreakable even by brute force by simply choosing a large enough encryption key. What people also fail to realise is that 256 bit encryption doesn't take twice as long to crack as 128 bit encryption. It in fact takes 2^128 times as long to crack.

          Let's for a second assume that 128 bit encryption is crackable by your own personal home computer in a period of 1 hour.

          136 bit encryption would take 2^8 times as long (250 times as long)... so we use 250 computers, and crack it in 1 hour still.

          144 bit encryption takes again 250 times as long, so instead we use 250 superpowerful server computers and crack it in 1 hour.

          156 bit encryption takes another 250 times longer, so we use a top-secret government super computer the size of the Pentagon and still crack it in 1 hour.

          164 bit encryption takes.. you guess it, 250 times longer to crack. All the governments in the world pool their top-secret super computers and crack your content in.. 1 hour.

          172 bit encryption takes 250 times longer to crack. We use all the computers on the entire planet and manage to crack it in 1 hour.

          180 bit encryption takes 250 times longer to crack. We use all those computers, but let them run 250 hours (10 days) instead.

          188 bit encryption takes 250 times longer to crack. We let those computers run 6 years to crack your password.

          192 bit encryption takes 250 times longer to crack... never mind, we're not THAT interested in your personal photo album.

  • Sad state. (Score:3, Interesting)

    by 7-Vodka (195504) on Saturday December 15 2007, @01:56PM (#21710084) Journal

    It's a sad sad day in America that the truth of the 5th ammendment and the constitution itself is even called into question in this way. Thanks to the judge who supported the constitution, unfortunately there are laws shredding it up as we read this news.

    http://www.govtrack.us/congress/bill.xpd?bill=h110-1955 [govtrack.us]

    Welcome to the police state.

    • Re: (Score:3, Insightful)

      by Kelz (611260)
      Cute sentiment, but still a bit off-topic. I find this a good ruling for me personally, though honestly the ruling could have gone either way. What I find intriguing about it is how confused the judicial system seems about how to apply pre-internet laws to crimes. Should a cyber-crime be treated like a robbery? Should encrypted data be treated like a safe holding potential evidence?

  • A good ruling but... (Score:4, Interesting)

    by russotto (537200) on Saturday December 15 2007, @02:39PM (#21710502) Journal
    ...once it gets to appeals court it will hold up as long as a geek in waterboarding session. Certain kinds of utterances have been determined to be "non-testimonial" and not eligible for Fifth Amendment protection, and encryption keys are IMO almost certain to be found as such by the current Supreme Court, since it isn't the key which is incriminating, but the evidence protected by the key.

  • Plausible deniability (Score:5, Interesting)

    by Diomidis Spinellis (661697) on Saturday December 15 2007, @02:41PM (#21710518) Homepage
    If the passphrase is considered keys to a safe, and you are therefore likely to be forced to divulge it, then you can avoid trouble by using an encryption system, like TrueCrypt [truecrypt.org], that supports plausible deniability [wikipedia.org]. Inside the encrypted volume, blank space is always filled with random data, which can also be another nested encrypted volume. Without the correct passphrase, nobody can prove that the random bits are anything more than random bits.

        • Re:Plausible deniability (Score:4, Informative)

          by mattwarden (699984) on Saturday December 15 2007, @09:19PM (#21713540) Homepage
          Not only that, but it is possible to make it hard or impossible to tell that you have even used TrueCrypt:

          Q: Is it possible to use TrueCrypt without leaving any 'traces' on Windows?

          A: Yes. This can be achieved by running TrueCrypt in traveller mode under BartPE. BartPE stands for "Bart's Preinstalled Environment", which is essentially the Windows operating system prepared in a way that it can be entirely stored on and booted from a CD/DVD (registry, temporary files, etc., are stored in RAM - hard disk is not used at all and does not even have to be present). The freeware Bart's PE Builder can transform a Windows XP installation CD into BartPE. As of TrueCrypt 3.1, you do not need any TrueCrypt plug-in for BartPE. Simply boot BartPE, download the latest version of TrueCrypt to the RAM disk (which BartPE creates), extract the downloaded archive to the RAM disk, and run the file 'TrueCrypt.exe' from the folder 'Setup Files' on the RAM disk (the 'Setup Files' folder should be created when you unpack the archive containing TrueCrypt).

  • write up at Volokh, by guys who are lawyers (Score:5, Insightful)

    by oliphaunt (124016) on Saturday December 15 2007, @02:43PM (#21710542) Homepage
    The blog post is here. [volokh.com]

    This case is a very interesting overlap between 4th Amendment "right to privacy" cases and 5th Amendment "right not to self-incriminate" cases. I personally think that if the government can't break the encryption to "prove" what is hidden from them, they have no right to force the owner to do their work for them. People have a right to keep stuff private, and if they've hidden it effectively, then tough shit for the cops.

    I acknowledge that child porn is inherently harmful to the children involved, and that laws targeting possession of child porn are therefore valid so far as they aim to protect children by destroying the market for the exploitative and harmful material. And there is no first-amendment protection for child porn. But the cops still can't break into your house without a warrant just because they they think you have pictures of naked kids inside, and they can't wiretap your internet connection without a court order (heh, they can't LEGALLY, even though it's probably going on right now OMGHI2NSA). Those are 4th amendment rights. But the 5th amendment kicks in to say that even with a court order and a valid warrant, the cops in your house can't force you to tell them which floorboard is the loose one with the bloody knife hidden under it. If you refuse to tell them, they have to find it on their own-- and if they can't find it, they can't use it as evidence against you. That's exactly how the 5th amendment is supposed to work.

    A police force with the power to compel self-incriminating testimony becomes the enemy of any citizen who wishes to lawfully express dissent with any policy of government. The 5th Amendment is the most powerful safeguard citizens have against confessions extracted via torture finding purchase in US courts.

    From the decision itself (lifted from that post at Volokh Conspiracy), bolded emphasis is mine:

    Entering a password into the computer implicitly communicates facts. By entering the password Boucher would be disclosing the fact that he knows the password and has control over the files on drive Z. The procedure is equivalent to asking Boucher, "Do you know the password to the laptop?" If Boucher does know the password, he would be faced with the forbidden trilemma; incriminate himself, lie under oath, or find himself in contempt of court. Id . at 212.
    The Supreme Court has held some acts of production are unprivileged such as providing fingerprints, blood samples, or voice recordings. Id. at 210. Production of such evidence gives no indication of a person's thoughts or knowledge because it is undeniable that a person possesses his own fingerprints, blood, and voice. Id. at 210-11. Unlike the unprivileged production of such samples, it is not without question that Boucher possesses the password or has access to the files.
    In distinguishing testimonial from non-testimonial acts, the Supreme Court has compared revealing the combination to a wall safe to surrendering the key to a strongbox. See id. at 210, n. 9; see also United States v. Hubbell, 530 U.S. 27, 43 (2000). The combination conveys the contents of one's mind; the key does not and is therefore not testimonial. Doe II, 487 U.S. at 210, n. 9. A password, like a combination, is in the suspect's mind, and is therefore testimonial and beyond the reach of the grand jury subpoena.
    The government has offered to restrict the entering of the password so that no one views or records the password. While this would prevent the government from knowing what the password is, it would not change the testimonial significance of the act of entering the password. Boucher would still be implicitly indicating that he knows the password and that he has access to the files. The contents of Boucher's mind would still be displayed, and therefore the testimonial nature does not change merely because no one else will disc

  • Horrible case law (Score:3, Interesting)

    by Anonymous Coward on Saturday December 15 2007, @02:45PM (#21710558)
    This is horrible case law. I get search warrants for the data on the machine. Therefore it should be held under the same rules as getting access to a safe or a house.

    Encryption keeps getting easier and easier to use - someday my job wont be possible without good case law forcing defendants to give up encryption keys. The only other option is to step up the use of no-knock search warrants and live acquisition. Problem is... when a daughter accuses her step-dad of molesting her and taking pictures - there is usually a family fight long before law enforcement gets involved. This leaves the subject days to encrypt and clean any evidence he has.

    I know that most people think that the police go around taking peoples' machines without any cause but I can tell you from my experiences (and the experiences of everybody else I've run into in this field) we don't go around looking for new cases. We are completely understaffed, under-budgeted, and flooded with horrible crimes. Plus, its not easy to get a search warrant. You need to satisfy probable cause in order for the judge to sign off on your warrant.

    • Re:Horrible case law (Score:5, Interesting)

      by QuoteMstr (55051) <dan.colascione@gmail.com> on Saturday December 15 2007, @02:58PM (#21710648)
      I had a hard time deciding whether to reply to your comment or moderate it "interesting." I emphatically disagree with your post, but you make a good point. True, forcing defendants to give up their encryption keys would result in more convictions.

      But as a society, we place a higher priority in personal liberty than on catching the maximum number of criminals. There are states that invert these two concepts: we call them "police states". I, for one, would rather live in a society where a few guilty people walk free because we can't crack their encryption than live in one where I can hide nothing from the government. It's a question of priorities.

        • Re:Horrible case law (Score:5, Interesting)

          by SirTreveyan (9270) on Saturday December 15 2007, @04:50PM (#21711640)
          The point is the government has no business prying into the personal affairs of its citizens. The reason for the the 4th and 5th Amendments to the Constitution and the requiring of warrants to perform a search is to prevent government intrusion by over zealous government officials. Unfortunately, today more and more people believe that security is more important than liberty. Too many have forgotten, or perhaps never really been taught by our 'government schools', why our forefathers fought the American Revolution. Taxation without representation was a minor difficulty, compared to the injustices that were perpetrated by the English troops and King's Representatives that were stationed in the Colonies. Searches and seizures that were illegal by English law occurred daily. Imprisonment without trial, sometimes for years, was common. Basic rights that were afforded to all the Kings subjects in England by the Magna Carta and all subsequent English law were not afforded citizens of the American Colonies simply because they did not live in England.

          Unfortunately this situation is becoming more and more common in the practice of law today. For example, imprisoning someone for "contempt" is unjust. Where is the accused's right to a trial? There is none. What about appeals? There are none, you are in jail until you grovel enough to satisfy judge. No evidence...no trial...just the judge's opinion. God forbid you ever have to stand in front of a judge who decides to grind his ax on your ass.

          Back about 40-50 years ago, law enforcement and prosecutors could be held liable for misconduct. Then came the so called "shield" laws, which gave immunity to prosecutors and law enforcement in the event of misconduct. We are finally seeing the result of these 'fine' laws; Convictions being overturned because of fabricated evidence, withheld evidence, and tampering of witnesses by officers of the court. Peoples lives are being ruined because some court officers feel it is more important to get a conviction at all costs, instead of by the weight of the evidence. These 'shield' laws protect the wrong doer from any kind of repercussion. Nifong, of the Duke rape case infamy, is an exception to this, mostly because he was so vocal about the case, calling national attention to the case. However, while his career is in shambles, he has yet to pay any restitution to the boys he so vehemently accused, or face perjury charges for the false claims he made in court.

          All in all, there are a lot of reasons to keep government out of the personal affairs of it people.

  • The spirit of the 5th amendment (Score:5, Insightful)

    by Orestesx (629343) * on Saturday December 15 2007, @02:49PM (#21710584)

    I always thought the 5th amendment served two main purposes:

    1. Prevent the government from compelling individuals to confess (through torture, or other means).
    2. Give weight to confessions by ensuring that they were not obtained through torture.

    Perhaps it will be illustrative to take the computer out of it, since we tend to get distracted by the technology. To me it seems pretty clear that if someone is arrested carrying a letter that was encoded with a cipher with information that may or may not be relevant to the case, that the person could not be compelled under law to explain how to decrypt the letter, whether to law enforcement or in court. Of course that couldn't stop the officials from attempting to break the cipher. But just because modern encryption is more difficult to crack than a hand cipher, I don't believe that changes the nature of the situation.

  • There's a bit more to it (Score:4, Interesting)

    by crimguy (563504) on Saturday December 15 2007, @03:14PM (#21710818)
    Since it's protected under the 5th Amendment, not only can it not ordered disclosed, it can't be commented on by the prosecutor if the defendant refuses to divulge it.

  • People who actually forget their passwords (Score:4, Insightful)

    by Rick17JJ (744063) on Saturday December 15 2007, @03:37PM (#21711046)

    What if someone actually did forged their long, complicated pass phrase? In that case, prosecutors would be trying to force someone to divulge a passphase that they don't even know.

    On several occasions, I have briefly played around with encryption programs and made an extra copy of unimportant stuff and then encrypted it. Since it was usually just for practice, I did not always bother writing the passphrase down on the sheet of paper which lists all my passwords and passphrases. I may have not always got around to deleting those encrypted practice files and they may still exist somewhere on one of my old hard disks or on a USB key or somewhere or in the box of CDs that I have burned. I would have no idea what the password or passphrase was for those old practice encryption files.

    I could easily imagine some prosecutor putting me in jail for not being able to come up with a passphrase to some old encrypted practice file. Then eventually, after getting out of jail, perhaps I would eventually find the passphrase on some old scrap of paper and they would discover that it was just an encrypted folder full of dozens of free 80 year old Gutenberg.net ebooks.

    A person, such as myself, who has have never actually bothered to use encryption on a routine daily basis, would someone who is most likely to forget their passphrase. Perhaps I should dispose of all my old hard disks or wipe all the data with Darik's Boot and Nuke [sourceforge.net] Of course, if there were indications that someone has recently used their encrypted partition, folders or files recently, that would be different. A recent time stamp on the file or folder would be one such clue.

    • Re:I was wondering... (Score:5, Informative)

      by explosivejared (1186049) <{moc.liamg} {ta} {deraj.nagah}> on Saturday December 15 2007, @01:54PM (#21710052)
      Read the article:

      If the subpoena is requesting production of the files in drive Z, the foregone conclusion doctrine does not apply. While the government has seen some of the files on drive Z, it has not viewed all or even most of them. While the government may know of the existence and location of the files it has previously viewed, it does not know of the existence of other files on drive Z that may contain incriminating material. By compelling entry of the password the government would be compelling production of all the files on drive Z, both known and unknown.

      By giving the government his password, the judge held, that the defendant was incriminating himself by opening up all of his files that weren't pertinent to the investigation. That was my take on it. *I am not a lawyer, but I scored high on critical reading on the SAT's, for what it's worth.

      • Re:I was wondering... (Score:5, Insightful)

        by snarkh (118018) on Saturday December 15 2007, @02:01PM (#21710138)
        By giving the government his password, the judge held, that the defendant was incriminating himself by opening up all of his files that weren't pertinent to the investigation.

        Quite the opposite. By giving the password the defendant may incriminate himself by opening files containing incriminating (and pertinent) information, but unknown to the government prior to that.

        • Re:I was wondering... (Score:5, Insightful)

          by cayenne8 (626475) on Saturday December 15 2007, @02:07PM (#21710208) Homepage Journal
          "Quite the opposite. By giving the password the defendant may incriminate himself by opening files containing incriminating (and pertinent) information, but unknown to the government prior to that."

          Thank God...FINALLY, a score for US privacy rights...and upholding our Constitutional rights!!!

          You just don't see that much any more.....

            • Probably forever, since Congress can't amend the Constitution.

              • Uhh ... no (Score:5, Informative)

                by icedevil (450212) on Sunday December 16 2007, @03:53AM (#21715348)
                This is simply incorrect, from http://www.archives.gov/national-archives-experience/charters/constitution_transcript.html [archives.gov]

                Article. V.

                The Congress, whenever two thirds of both Houses shall deem it necessary, shall propose Amendments to this Constitution, or, on the Application of the Legislatures of two thirds of the several States, shall call a Convention for proposing Amendments, which, in either Case, shall be valid to all Intents and Purposes, as Part of this Constitution, when ratified by the Legislatures of three fourths of the several States, or by Conventions in three fourths thereof, as the one or the other Mode of Ratification may be proposed by the Congress; Provided that no Amendment which may be made prior to the Year One thousand eight hundred and eight shall in any Manner affect the first and fourth Clauses in the Ninth Section of the first Article; and that no State, without its Consent, shall be deprived of its equal Suffrage in the Senate.

                How the hell did the parent post get a +5 informative of all things?!

                    • Re:Wanna bet? (Score:5, Funny)

                      by garbletext (669861) on Saturday December 15 2007, @03:58PM (#21711238)

                      That is assuming a higher court doesn't reverse this decision in some manor.
                      I think the best court rulings come out of Wayne Manor, because that way the justices can ask Batman's advice. Let's face it, he's got more jurisprudence in one compartment of his utility belt than the average judge can fit into an oversize novelty gavel.

          • Re: (Score:3, Insightful)

            by Tim C (15259)
            I think you two are talking at cross purposes. The post you're replying to says "(and pertinent)" - ie files that *do* relate to the case.

            You're saying "he can't be made to release incriminating files that are nothing to do with the case", while the poster you're replying to is saying "he can't be made to release incriminating files even if they are related to the case".

            • Re: (Score:3, Informative)

              by snarkh (118018)

              That's exactly right. As far as I understand, the main concern is that by opening the disk he would potentially give the government access to the incriminating files not seen by the customs agents.

                • Re:I was wondering... (Score:5, Interesting)

                  by sumdumass (711423) on Saturday December 15 2007, @04:00PM (#21711256) Journal
                  The Law blocking a criminal investigation thing stems from years of torture to confess something. The Salem witch trials and the Spanish inquisition would be a classic example but there are others directly related to the struggles between colonist and England as well as examples outside US history. the person was tortured or otherwise compelled into admitting guilt- Whether they were guilty or not.

                  Basically, if you have the right to not incriminate yourself, then they can't force you to "confess". And if it happens, then any convictions should be turned over by a higher courts assuming that things go according to plan. This also carries the problem of blocking a criminal investigation but the necessity of not being forced to confess out ways the setback to criminal investigations. Many people support this idea if not simply because they don't want the cops showing up at their front door demanding you to tell them something you did that was illegal and later claiming it was part of an investigation.

                  As for me, I think it is a necessary evil that protects people in many ways above any benefit from a criminal investigation. If there is sufficient cause for the criminal investigation, then there will be other evidence outside that aspect that will eventually show up if it isn't already there.

                  One way they get around the 5th amendment is to grant immunity from prosecution for anything found or disclosed which seems to have the same effect of the 5th amendment. Something like that would be useful in convicting others involved by letting one person escape justice.

                  • Re:I was wondering... (Score:4, Interesting)

                    by Egdiroh (1086111) on Saturday December 15 2007, @05:02PM (#21711728)
                    It's more then just confessions. The police can't decide you are a thief and then ransack your house on the hopes of finding something stolen. When they search they have to know what they are looking for, and have reason to believe that they will find it.

                    Here they are saying that he has files that they know nothing about. Because those files are unknown, he is protected from having to provide them.

                    Thinking about it, I'm surprised that we haven't heard of cases getting thrown out because of computer evidence collected outside of the scope of any search warrant poisoning too much of the subsequent evidence. I could imagine a warrant to look on your computer for a warez program they think you have turning up an ssh known_hosts file entry for a warez server. Since they weren't looking for that evidence (maybe because they thought the computer had not been networked, or was not involved in warez transmission, just storage) then they can't use it, and if they then go hunting the logs of that remote server to find the connection that can't be used either because it was evidence they only knew to look for because of evidence they weren't allowed to have anyway. And because you can't un-know information once you have tainted evidence you have to show that any subsequently gathered evidence did not come from knowledge of that evidence or at least would have eventually been discovered by other means.

                    However I must offer the following disclaimer: I am not a lawyer (nor do I do anal like so many of you non-lawyers), but I have watched a lot of Law & Order. Disclaimer: Not being a lawyer, much

                • Re:I was wondering... (Score:5, Insightful)

                  by jthill (303417) on Saturday December 15 2007, @08:01PM (#21713034)

                  I can't understand the USians saying that it's OK for the law to block a criminal investigation

                  You advocate punishing people for not confessing a crime?

                  Get a grip.

                    • Re:I was wondering... (Score:4, Insightful)

                      by snarkh (118018) on Saturday December 15 2007, @04:30PM (#21711490)

                      So if they can be compelled to testify against themselves, what methods
                      are appropriate for that? Nothing life-threatening, surely, but perhaps a bit
                      of waterboarding is in order?

          • Re:I was wondering... (Score:4, Insightful)

            by SmoothTom (455688) <Tomas@TiJiL.org> on Saturday December 15 2007, @05:52PM (#21712108) Homepage
            But in getting that "key to the safe" in response to a search warrant there isn't a wide open "fishing expedition" granted.

            If the warrant is to gain access to, for example "the twelve pornographic photographs known to be in the safe" that does not allow the investigators to also review the contents of all the accounting books also in the safe.

            Since the original officers who looked at the images probably have no idea which files they were, I suspect that they will rifle through EVERYTHING in that drive if they had the opportunity, just to make sure they found the ones he saw.

            By doing so they will likely find other things that may pose a problem to the owner of the drive the government now possesses, and US law has always said that one can't be made to incriminate themselves.

            Very picky points, but in this case I actually think the judge may be right within very narrow confines.

            (If the original investigator can remember the actual file names/paths, I suspect the defense could be asked to product THOSE files, but lacking that...)

            --
            Tomas

        • Re:I was wondering... (Score:5, Insightful)

          by Anonymous Coward on Saturday December 15 2007, @02:25PM (#21710384)
          Yes, and it's perfectly legal for those investigators to try to decrypt your files themselves. What they CAN'T do is say, "Tell us where the incriminating evidence in your house is, or we'll put you in jail," or "Give us an itemized list of every single thing in your house so we can decide what is incriminating, or we'll put you in jail." Neither can they say, "Give us your encryption password or we'll put you in jail."

          This is so painfully obvious that I'm somewhat concerned that it took so long for a judge to rule in this manner. On the other hand I am relieved it has finally happened.

          • Re:I was wondering... (Score:4, Insightful)

            by pboulang (16954) on Saturday December 15 2007, @02:41PM (#21710520)
            Well, maybe because a better analogy is "I have a warrant to search your whole house. You need to give me the key to the locked room in the back." I'm not sure it is "painfully obvious" but this is the correct decision in the end.

    • Re:I was wondering... (Score:5, Informative)

      by Anonymous Coward on Saturday December 15 2007, @02:26PM (#21710390)
      Well, there is that whole pesky link in TFA to the decision.

      But I'm nice and I found it an interesting read, so I will summarize it. There are a great many of cases involving what and when the government can force someone to turn over documents. Generally, things which don't represent what's in your mind can be forced over. An example would be a key to a lock as compared to a combination lock. The former exists, and is known to exist, and the latter's turnover requires the suspect to devolve information contained within his mind, which would be tantamount to testifying.

      In this case, there is some splitting of legal hairs, and my description will be less than sound. While IANAL, I am marrying one ;) This password is similar to a combination lock. However, in this case, the government had already seen some of the files contained within his encrypted drive. There is a question as to whether the government's knowledge of the preexisting files would be enough to force the turnover of the password. The government argued that they would allow the suspect to enter the password without supervision, meaning that the government wouldn't be able to use the entry itself in court. In the past, the government has tried to prosecute someone when they had immunity for turning over documents by arguing that said documents themselves were incriminating,. not just that the suspect kept them. The supreme court found that reasoning to be bull. Someone is protected via the 5th amendment by all fallout of their testimony via immunity.

      As I already rambled here, the government argues that they knew of the files, and that they had already seen the files. As such, the defendant needed to turn over the password. Something similar has been done previously, where the government knew that a suspect had a document in his possession,and the court forced its turnover. In this case, however, the judge unacknowledged that the prosecution has seen only a small number of the files on the encrypted drive, and that they were almost certainly incriminating. As such, the judge decided that he couldn't order the defendant to turn over the password as the governmetn would have access to new files it knew nothing about.

      So, the lesson here is to just not talk to the police without your lawyer present, and don't fricking enter passwords to your files without a court order.
    • No they don't.
      Just like any other serious crime the police should be investigating it correctly and building a case without needing to look around the suspects' house first.

    • Re: (Score:3, Insightful)

      by X0563511 (793323)
      Yes, it will protect them, as it should. They are not terrorists until PROVEN so, not because we suspect them to be - just like you are not necessarily a selfish jerk, even though I suspect you are.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.