[Spivak]

"I'm sorry sir, as personal encryption is classified as a munition there is a legal requirement that you must take proper care to ensure that you are able to respond to all lawful requests for decryption. This carries a penalty of 2-5 years in prison and a fine of $10,000."

[gojomo]

Being charged, convicted, and sentenced in that way could be a preferable result – compared to indefinite detention without charges or trial!

[michaelmrose]

This is a terrible precedent people don't always throw away old computers and are bad at remembering passwords

[Spivak]

I'm not saying that this would actually become a reality but its just to point out that technology alone can't solve what is really a human problem.

Assuming that the courts maintain the 'safe' metaphor over the 'speech' metaphor for encryption I would expect a court to have some criterion like the the following.

The prosecution must prove beyond reasonable doubt that:

(0. That the search of the encrypted data is lawful)

1. There is actually encrypted data on the drive.

2. The data has not been modified or corrupted.

3. That the defendant actually knows the password.

Because you're completely right that people do forget their passwords all the time. You could being thousands of IT people on the stand who will rant all day about how their users cant remember a stupid eight character password without a post-it note. So the prosecution would have to give evidence that shows that the defendant is lying and knows the password. For example, if they're trying to access the defendant's computer the could show a video of them logging into it right before it was seized.