If you agree that they can force you, so they can force you to throw up the evidence, if you have swallowed it by punching you hard in the stomach.

This is not how the justice should work. If there's encrypted hard drive, they should try to decrypt it themselves or find another evidence.

IF there's no other evidence, you can't force a suspect to deliver it as much as you can't force him to testify when there's no witnesses etc.


Another good example: they can't even force you to be active when fingerprint evidence is taken.

Police officer takes your hand and takes fingerprints by himself. You are not forced to help, you just have to be passive.

Well one should be careful, the police *can* prevent you from attempting destroy evidence as swallowing the evidence is not passive. However, I agree that is different from forcing a person to open a locked door or safe or de-encryption. Although ... interesting thought experiment, if the encryption is good enough and the police catch you trying to encrypt before they get to it, can they stop you on the basis of attempting to destroy evidence? Probably never come up since the person is more likely to try to delete said files, but it is an interesting thought.

I am in agreement that the court *probably* can't force you to open a safe/or decrypt a hard drive, but in that instance I am curious as to why the security consultant was against the safe analogy as if the police can't force you to open the safe, then that analogy actually helps, not hurts the cause that you can't be forced to decrypt data.

I wonder.


Why programs don't have two passwords?

One decrypts it and makes files usable.
second one deletes/messed them up beyond recovery.
and maybe third one hides everything but still turns on the system (that will be against border patrols looking for copyright infringement)

there is no way they would allow her then anywhere near the computer cause for police there wouldn't be any difference between first and second option.

In such case they could still accuse you to have bad intentions :D

WOW, that is f*cked up.

No, just binding to himself and the ones below him. Not the ones on his same level.

Hasn't the US also recently killed the habeas corpus with some anti terror law?

I hope they get their shit together soon, this is unbearable to watch.
This is also very controversial in Germany. The police always tries to legitimate this by saying that swallowed drugs present a health risk and by forcing the suspect to throw up, they are helping/saving them. I would need to check what the current ruling is, as many were opposed to that "interpretation".
I was afraif of that. This is one of the reasons I don't like common law.

I'm not so sure that people should be fixated on the safe analogy. "Whatever the law is for a safe must be the law for an encrypted hard drive" just isn't good reasoning. Hard drives and safes are just flat out different, even though they share some similarities. Technology is going to find it's own niche in the laws of the world...it just might take a while. In the meantime, unfortunately, our big governments don't quite know how to deal with technology just yet. While what they should be doing is keeping their hands off, instead they are choosing to try to control it. This is the battleground we face.

Why didn't her council just advise her to refuse?

It's still on the books as being illegal, it would have had to go to retrial, or a separate hearing to decide on the legality of the judges orders.... either way, she wouldn't have had to.

We're not talking about HDDs and safes, we are talking about encryption and safes - and they are identical.

They both secure their contents (protection).
They both require a key (authentication).
They are both breakable given enough force/time.

If they rules were different, which set of rules would a safe that has a digital storage device inside fall under? The safe one because it is a physical safe or the encryption one because it is protecting digital data? If you split the encrypted data between two devices (like RAID0), can you be forced to give the second device up even though its absence is physically protecting the data on the other one?

I don't see where the "analogy" comes apart.

What occurred to me right away, and was also hinted in the article, why doesn't the suspect simply say she(?) has forgotten the password? I have sometimes forgotten WinZip passwords, and at least once I've forgotten the hard disk decrypting password for one old Fedora Linux installation.

But then, I'm not sure if these systems have usually some kind of backdoor for those cases you forget the password, at least by contacting the company who made the software... but that would kinda defeat the purpose.

This.

Encrytion keys are very clearly covered under the fourth and fifth amendments. The defendant in the case has a very clear protection from that under the fifth amendment prohibition on self incrimination. One cannot be compelled to provide interpretation of evidence for the prosecution. It's one of the bedrock principles of the US justifice system and one of the main reasons why torture isn't common here. (Yes, I know GITMO and black sites, but those aren't generally tried in our courts, yes I know another problem with that)

The big problem with have is that SCrOTUmS tends to be pretty deferential towards the legislature and has a decidedly anti-defendant stance by make up. These are the same jokers that couldn't find any Brady violations despite Harry Connick himself admitting that there were Brady violations in his office that likely led people to be falsely accused when they couldn't use all the evidence available for defense.
Right and more than that, they can't compel a defendant to testify about any incriminating evidence if doing so would lead to self incrimination.

In this case the defendant would have to furnish the HDD or the encrypted file, but the police would have to figure out how to get inside it without the defendant's help.
The rules aren't different. The police are just whining because they can't employ a locksmith to crack somebody's head the way that they would employe a locksmith to crack a safe. And in some parts of the world there are laws requiring that encrypted files have a back door or that the files be unencrypted at the request of law enforcement.

The difference of course being that law enforcement can always crack a safe, but rarely can crack an encrypted file in time to use it at trial.
Because lying about that gets you an obstruction charge and refusing to say is legitimate under the fifth amendment.

Also, if you're concerned with that, use Truecrypt, it's known that the US government can't crack that one if you're using an appropriate cypher. Which is to say, that they can brute force it, but it would take so long for them to do so that chances are it would be beyond the statute of limitations by the time they were able to gain access.

I won't argue with you about the similarities and differences of a safe and encryption. I think we just won't agree about whether the legal analogy is proper. One stores digital data exclusively, the other can store a bunch more than that, including physical items. They are far from identical. Put an actual woman's head into "encryption."

A safe and encryption have similarities, but they are ultimately different. The legal system will accept this eventually and technology items like encryption will have it's own set of rules, and won't rely on comparisons to non technology items like safes.

I don't know why you put the word analogy in quotes. It is an analogy. Nothing can change that.

(Lying about forgetting the password.) How do they prove you're lying? Or is it really enough that the judge thinks you must be lying?