On Feb 24, 2012, at 2:30 57PM, James A. Donald wrote:
> Bottom line is that the suspect was OK because kept his mouth zippered,
> neither admitting nor denying any knowledge of the encrypted partition.
>
> Had he admitted control of the partition, *then* they would have been able to
> compel production of the key.
>
> The court did not concede any right to refuse to decrypt a drive if you admit
> possession of the contents.
>
> So: Don't talk to police about the contents of your drive, or indeed
> anything of which they might potentially disapprove.
No, I don't think that that's quite what the ruling said. It's a long, complex
opinion; what you said is close to one aspect of it, but not (in my non-lawyer
opinion) precisely what the court said.
The first point, not addressed in your note but quite important to the ruling,
is that the key has to be something you know, not something you have. If the
keying material is on a smart card, you have to turn that over and you're not
protected. If a PIN plus smart card is needed, you still have to turn over the
smart card but not disclose the PIN.
Second, and going to the heart of your point, what's essential is whether or
not they already know in reasonable detail what's on the encrypted drive;
depending on the circumstances, they may already have that knowledge regardless
of what you've said. The issue of admitting possession is not what this case
focused on; in fact, the prosecution tried to finesse that point by granting
limited immunity on that point. Quoting from the opinion:
'The U.S. Attorney requested that the court grant Doe immunity limited
to “the use [of Doe’s] act of production of the unencrypted contents” of the
hard drives. That is, Doe’s immunity would not extend to the Government’s
derivative use of contents of the drives as evidence against him in a criminal
prosecution. The court accepted the U.S. Attorney’s position regarding the
scope of the immunity to give Doe and granted the requested order. The order
“convey[ed] immunity for the act of production of the unencrypted drives, but
[did] not convey immunity regarding the United States’ [derivative] use” of the
decrypted contents of the drives.'
In other words, the fact of control of the encrypted data -- aka knowledge of
the key -- was not at issue; the prosecution had agreed not to use that. What
was important was the files on the drive. This is what distinguishes this case
from Boucher (a case discussed in the opinion).
The other current case is Fricosu, where a trial judge has ordered her to
decrypt her laptop. The Court of Appeals for that circuit -- the 10th; the
opinion I cited is from the 11th, and hence not binding on this court --
declined to hear her appeal, not on the merits but because as a matter of
procedure they won't intervene at this point in a trial. If she's convicted,
she can appeal on the grounds that her Fifth Amendment rights were violated,
but not until then. It's worth noting that the trial judge made his ruling on
the same basis as the 11th Circuit Court of Appeals: did the government have
enough prior knowledge of the contents that her rights were not infringed? An
appellate court may find that he didn't rule correctly on that point, or it may
decline to adopt the 11th Circuit's reasoning -- but the fundamental legal
reasoning is the same; what's different is the facts of the case. (Btw,
Fricosu did not talk to the police; however, she made injudicious statements to
her husband in a monitored jailhouse call...)
--Steve Bellovin, https://www.cs.columbia.edu/~smb
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
