How to hide files from the law

Summary:You encrypt your data to protect it from spying eyes, including the government's. Can you be forced to decrypt it and thus incriminate yourself? A US appeals court says NO. This may drive the full-disk-encryption market.

Good news for TrueCrypt The 5th Amendment says, in part, that no person ". . . shall be compelled in any criminal case to be a witness against himself. . . ." Thanks to this decision our computers are not necessarily witnesses against us as well.

The story The defendant, a John Doe, was accused of possessing child pornography. He was ordered to produce the unencrypted contents of his notebook hard drive and an additional 5 external drives. Mr. Doe, representing himself, refused, citing the 5th.

The U.S. Attorney then requested limited immunity for Mr. Doe, which did NOT protect him from using the drive's contents against him in a criminal prosecution. Mr. Doe again refused to decrypt the drives he was found in contempt of court and jailed. He appealed.

Mr. Doe spent almost 8 months in jail before his appeal succeeded.

The data that isn't there A property of good encryption is that not only can you not tell what the data is, you also can't even know if data is encrypted. Using forensic tools all you can see is a lot of random gibberish, whether data is encrypted or not.

Thus the government couldn't even prove that there might be data on the disks, let alone what the data might be. Update: Mr. Doe used TrueCrypt, an open source encryption product, to preserve his secrets. End update.

What is "testimony"? The district court judge didn't think decrypting the drives would constitute "testimony" under the 5th. Why did the appeals court disagree?

To win protection under the 5th, an individual must show three things: compulsion, a testimonial communication or act, and incrimination. Obviously the court was using compulsion, and the government expected incrimination.

Thus the key question: does the act of producing decrypted content constitute "testimony?" After all, simply handing over incriminating documents, as required by discovery proceedings every day, is not "testimony." The files themselves, should they exist, aren't protected under the 5th.

Would Doe’s act of decryption and production be testimonial? This is where the reasoning becomes subtle.

The appeals court reasoned that an act becomes testimonial when it requires you to use the contents of your mind to communicate some statement of fact. Surrendering the key to your safe deposit box doesn't qualify. Nor does handing over documents that the government can show with "reasonable particularity" it already knows exist.

In Mr. Doe's case, the court held that the decryption would require the use of the contents of his mind and is not simply a physical act, like handing over a key to a safe. Furthermore, the fact that the government did not know - could not know - whether any files were on the hard drives, meant that they failed the "reasonable particularity" test too.

The court then noted that if Mr. Doe had been given full immunity they could have compelled him to produce all the contents of the drives. But since they didn't, the 5th Amendment offered him more protection and thus his use of it was justified.

The Storage Bits take If computer privacy is of special interest I recommend reading this well-written and closely reasoned opinion (pdf). While the "conservative" wing of the current Supreme Court happily throws out decades of precedent on ideological grounds - 2 1 Supreme doesn't think women are entitled to equal protection under the Constitution? - the 5th is Constitutional bedrock. Update: Only 1 originalist Supreme, Scalia, has so opined. My wetware conflated him with Thomas, another staunch originalist. End update.

It will be interesting to see if this is appealed to the Supreme Court and, if it is, if they accept the case. If not, we can expect this ruling to be a major influence on other circuit courts.

This ruling may be a shot in the arm for the struggling full-disk-encryption market. With FDE, people only have to remember not to open the drive for law-enforcement to view, and not to talk to others about what may be on the drive. Either of these actions can create a "foregone conclusion" that allows the government to compel decryption.

Note also that Mr. Doe - a lawyer I'm guessing - won, but only after 8 months in jail and the related loss of income. Defending our rights is rarely easy, which is why they erode.

Courteous comments welcome, of course. I'd be surprised if this applied to customs inspection of notebook computers. You'd be better off placing encrypted copies in the cloud, deleting the originals, and downloading after returning to the US. Oh, and nothing in this post should be construed as legal advice.

Topics: Hardware, CXO, Government, Government : US, Security

About

Harris has been working with computers for over 35 years and selling and marketing data storage for over 30 in companies large and small. He introduced a couple of multi-billion dollar storage products (DLT, the first Fibre Channel array) to market, as well as a many smaller ones. Earlier he spent 10 years marketing servers and networks.... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.