I draw the line using a "rag doll" model. They can compel fingerprints, physical keys, DNA, etc. insofar as they can manipulate your limp unresitive (albeit uncooperative) body to take fingerprints, extract keys from pockets, snip a hair, extract a blood sample, etc. They cannot, however, compel you to act on their behalf and against your own interests - to wit, they cannot demand you speak (type, write, press buttons) words the whole point of which can and will be used against you. A fair argument may be made for compelling you to provide the key/combination to a safe, but only insofar as they CAN tear the safe apart with blowtorches & diamond saws if you don't cooperate. But when it comes to the state's evidence hinging entirely upon the defendant's cooperation, no - that's why we have the 5th Amendment (gov't cannot compel one to testify against self).
And really, doesn't that mean it (whatever is obscured by a lack of cooperation) shouldn't be considered a crime? Kind of by definition?
not letting the police into your home is not in any way considered valid criteria for a judge to issue a search warrant, as i understand it.
Interesting argument.
Suppose I build a safe that costs $100 million to break open (because I spent $200 million of my ill-gotten money to hide $300 million more in ill-money).
Now you've found my safe during your tax evasion investigation, but you don't have close to $100 million in your budget. So you don't really have the ability to tear the safe apart. So they tell me I have to give them the combination.
Do I not have to help, in your opinion?
Short of dismissing the question out of hand, the point remains that it is still a mere matter of money - something which can be soaked out of taxpayers as needed. Even if we're talking a small jurisdiction with grossly insufficient funds, I'll meet your hypothetical with one where the US Military is invited to have a whack at it - and they can whack pretty hard. It's just a matter of money, and for all practical purposes through history that's been enough to crack any safe. ...and with that kind of money in that safe, I'm sure you could resolve the problem. Short of a scenario where forcing the safe would provably destroy evidence, or delays cause grave bodily harm, they can put the safe in the evidence warehouse and indefinitely assign someone to resolve the issue, while you cool your heels in Graybar Hotel until they open it or you save taxpayers the cost of doing so.
This in contrast to encryption, where any idiot can pick a good algorithm with a high-bitcount high-entropy key which could not be cracked using the resources of the universe. This isn't a hypothetical, this is the OP case. Here, the prosecution truly does hinge on the defendant incriminating himself: no cooperation = no conviction.
If you can prove a safe, like encryption, can't be cracked short of universe-scale efforts, I'll change my position.
- you can be banned or self-banned, irrevocably, from accessing your data;
- you can prove to the judge that you can't access your data;
- even with full forensic copies of your disk, you can't be un-banned.
You can do that by having part(s) of the key on server(s) online. Give yourself, a couple of trusted friends and optionally a script, the ability to wipe those keys: it will irrevocably seal your disk's content. Obviously, pick servers under foreign jurisdictions which dislike to collaborate.
Even better, there's no proof that you're the one who destroyed the keys: you can't be charged with evidence tempering.
The court doesn't really work this way. Just because you cross your fingers when you do something doesn't mean you aren't going to be charged with destruction of evidence.
Or to the point: if you use a remotely-stored encrypted volume with a dead man's switch as a day-to-day security policy, would it still be trivial to charge someone for evidence tampering?
Unless the judge can prove who did it, he can't condemn the 13 (12+you) of you because one of you did something wrong. Besides, the 12 innocents don't know who did it either, so they can't snitch.
It requires the wiping procedure to be impractically hard to trace back, but that can be done.
How much do you want to bet?
It really depends on the relative cost of having your data destroyed vs. having your data published, but I'm sure there are cases with a dead man switch is a good compromise.
You can also use a scheme like this to improve your chances of making your expired key data unrecoverable to forensic techniques.
The hard drive is encrypted and sensitive folders are identified by the user. When a password is given all contents are decrypted.
When a "under duress" password is given the sensitive folders are permanently wiped and all the (remaining, innoculous) contents are decrypted.
This stops them from finding hidden volumes or operating systems because there are none. Wouldn't that be a better model, and much harder to figure out?
No amount of hard-drive cloning will stop this. Paired with some other optional measures ("we delete the password unless you send an email every week" etc) and it's almost foolproof. You might still have a hard time arguing against destruction of evidence, though. I guess if your "don't delete the keys" email was "Please delete my encryption keys" you could be completely honest and they wouldn't believe you, resulting in your keys being deleted despite your complete cooperation.
The police would just use a copy of the program which forgets to delete when the "on duress" password is provided. I imagine it'd require commenting out all of, say, five lines and burning the modified version of YourCryptoNameHere onto a live CD.
If you're doing anything that risks getting pinched, it's probably better to take the obstruction rap than whatever it is you're being investigated for.
or like, dont break the law, or dont get caught.
And this lawyer, representing user, will have in agreement something like this "In case my client is under investigation or incriminated or ..." I will not be allowed to release OTP password.
Of course, this service will be based in country which treat law as a law, not inconvenience.
What I am missing? There are no such countries may be?
"the police had recorded a phone call between Fricosu and her husband in which she seemed to acknowledge ownership of the laptop and to reference incriminating material on it."
Without that recording, the prosecutions case would be a lot weaker. Sure, encrypt your files, but keep your mouth shut about it!
I certainly don't want to see mandatory decryption, but at the same time it doesn't make sense to let an accused completely skip out on discovery by simply truecrypt-ing the evidence either.
If that alone gets you thrown in jail, then you're going to be jailing a lot of innocent people. On the other hand, if that does not get you thrown in jail, then one can simply claim to have forgotten the password without repercussion.
Personally, I'd rather let people hide evidence by encrypting it than jail people for being forgetful, since those seem to be the only two choices.
I'm thinking about the case where a person never even knew the key to what they have. The example is a business laptop being carried through customs, that was encrypted by someone else, who will decrypt it upon your arrival (or something similar)
head -c 1048576 /dev/random >not_encrypted_I_promise
According to the article, Judge Blackburn's reasoning was that if defendants can be required to produce other documents, the existence of which is known, they can be required to "produce" encrypted documents via decrypting.
Using that you can have any number of passwords and any number of "partitions" inside your folder. This is not like hidden partition in TrueCrypt, where you can not prove it exists at all.
Yes, dead-man switches and whatnot always come up with cases like this - that's not really part of this ruling. This case includes: a) they have record of the defendant stating the information exists on the machine, which she stated she owns, and b) they have (a very good) reason to believe the drive can be decrypted.
All of this strikes me more as a search warrant than anything, in the same way that they can break locked doors if they have a warrant to search a location. That it's a cryptographic lock really has no bearing on the matter - if the documents were printed and put in a locked closet, they could be confiscated and searched. Why is this different?
The problem there is that the "hidden" OS is (by definition) undetectable from within the "decoy" OS. Therefore, you risk accidentally overwriting it. Some encryption software has workarounds for this, but that typically leaves you exposed while it's in use.
Whole-disk encryption is great for protecting credit card numbers, embarrassing information, and trade secrets from someone who should happen to steal your laptop. If you actually have anything so secret that you're worried about being coerced into decrypting it, I don't know how to help you.
I'm wondering what the legal ramifications might be if you set a secondary key that would wipe the drive in the most secure method possible and then provide that key. Or even the alternate boot sequence as suggested.
Destruction of evidence. http://en.wikipedia.org/wiki/Spoliation_of_evidence
There would be copies made and the drive that has the encrypted volume would likely be accessed with a "Write Blocker" forensic device, or in a virtual environment, etc.
This technique would only tip your hand that the volume contents changed after entering the password.
If you were incarcerated and you knew you might have to comply with an order to decrypt a hard drive, it might be in your best interest to create and shadow type many alternate passwords until you actually forget the important one. Then (hopefully) you're just a polygraph away from a not guilty in an obstruction charge.
So while this does present an interesting edge case in the fifth amendment (does evidence count as evidence if it's encrypted?), it shouldn't set off civil liberty alarm bells in your head nearly as badly as several other things currently going on in this country.
Just saying that a question of what a court can compel you to do as part of a trial (before sentencing) is a quite different than a fourth amendment issue of illegal search and seizure which it seems some people are conflating this with.
But the police had recorded a phone call between Fricosu and her husband in which she seemed to acknowledge ownership of the laptop and to reference incriminating material on it.
But the police had recorded a phone call between Fricosu and her husband in which she seemed to acknowledge ownership of the laptop and to reference incriminating material on it.
I'd like more details about this - without any clarification, this sounds extremely scary.
It's also worth noting that they would have needed a warrant to seize the computer itself to begin with. The question is whether, having been seized, they can require her to decrypt it for them.
For example, without having entered the 'everything is OK' password every week, the drive/encryption automatically destroys itself.
So if the drive is ever compromised, or you are separated from it, etc, the fact that you do nothing should cause the protected data to be destroyed.
In this context: what would happen in the case the crypto software deletes all the data after not logging in for 1 week? (It would be too short for the trial to happen i guess)