[djackson]

It's easy to see why you wouldn't want someone to decrypt your laptop.

What about Bernie Madoff? Wouldn't you be furious if all data produced by a corrupt hedge fund manager was encrypted? Wouldn't you want the DOJ to be able to hold them in contempt of court? If you hamstring your government, you aren't allowed to complain that it is ineffective.

[muuh-gnu]

"The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all." -- H.L.Mencken

[djackson]

Yeah... no.

There's a line, and past that line, law enforcement has no power to enforce laws at all. Removing the DOJ's ability to collect evidence is, in some cases, the equivalent to denying a detective access to a crime scene. If all productions of electronic evidence can be encrypted, and the defense is not forced to decrypt those files, then dirty corporations only need to encrypt everything to defend themselves in court.

Defense: "We produced everything you asked for."

Prosecution: "We can't even verify that statement. Decrypt it"

Defense: "We don't have to."

Case closed.

[andrewcooke]

rights are rights because they allow you to do what would otherwise be illegal.

for example, there's no need for a right to free speech if you're only going to say things that everyone thinks should be said.

rights exist because some things are so important they are worth the cost of abuse.

At first blush it may be thought surprising that one should have a right to do that which one ought not. Is it not better to confine rights to that which it is right or at least permissible to do? But to say this is to misunderstand the nature of rights. One needs no right to be entitled to do the right thing. That it is right gives one all the title one needs. But one needs a right to be entitled to do that which one should not. It is an essential element of rights to action that they entitle one to do that which one should not. To say this is not, of course, to say that the purpose or justification of rights of action is to increase wrongdoing. Their purpose is to develop and protoect the autonomy of the agent. They entitle him to choose for himself rightly or wrongly. But they cannot do that unless they entitle him to choose wrongly. - Joseph Raz, The Authority of Law (p 266)

the final sentence of the quote above is hugely important.

[djackson]

Nobody has the right to avoid a reasonable search in the United States. You are protected by the fourth amendment from unreasonable searches, but you aren't going to convince me that a detective has no right, with a warrant in hand, to search a suspect's home for a murder weapon.

Similarly, you aren't going to convince me that a prosecutor, warrant in hand, has no right to search a computer for evidence of credit card fraud.

[evilduck]

You still make the assumption that the prosecuted knows the password and is implicitly guilty.

Imagine for a second that I was less technically minded and didn't use encryption and I purchased a used laptop from someone who did, I then get caught up in the legal system (guilty or innocent for the charged crime, it doesn't matter, but I did not use encryption) and some prosecutor has a warrant to compel me to unlock that encrypted volume, else I be held in contempt. What now?

[boucher]

But, in the hypothetical counter example where the prosecution had evidence of you using the encrypted volume (let's say, a convincing photograph or video), would you then grant the prosecution the right to compel the decrypted information?

[sorbus]

You would have explained the origin of the encrypted data on the laptop, and they would either drag the person who was the origin into the case as a defendant or have him testify. It's really quite simple; they're not just asking "what is the password?" and ignoring any answer that isn't the password, as you seem to think.

If you were to refuse to give the password under the grounds that someone you refuse to identify sold you the computer with the encrypted data already on it, then you would rightly be considered to be lying because that's the most plausible case for that behavior.

[andrewcooke]

all i'm saying is that you can't say a right cannot exist because it lets bad things happen.

in this case, there may be a right to silence. i don't know (i am not american) if that "really is" a right. but if it is a right then it exists even if it allows, say, a paedophile to escape justice (through remaining silent). it's not nice, but it's the price you pay to help guarantee freedom.

[edit: it's perhaps worth adding that you could make rights more complicated. you could say that there is (or should be) a "right to silence except when it's a password", for example. there's no prima facie reason why rights should be simple. but there is a strong practical reason why rights should be simple: they need to be simple so that they are easy to understand, easy to defend, and easy to use. again, this is because rights - real rights - are critical, might-be-needed-to-save-the-world things. and that is also why there should only be a few of them.]

[djackson]

This case is not about rights, it's about a specific entity, the Department of Justice of the United States of America, having a specific investigative power, namely, that they don't have to keep a horde of expensive consultants on retainer to decrypt people's boring, completely legally irrelevant documents. On the off-chance that they lose that power, they'll still get whatever it is they want from your laptop, it'll just take longer and cost more.

Nobody is revising the Bill of Rights, the Fourth or Fifth Amendments.

[anonymous246]

I think you're missing the conflict between allowing reasonable search and the right against self-incrimination when the thing being searched is an encrypted laptop.

At least agree that there is a conflict here; otherwise you're just being dense.

AFAIK the govt. cannot compel (legally) anybody to reveal the combination to a ticking time-bomb; or the location of a murder weapon etc. How the hell is asking for a passphrase any different? Do you really not understand the nuance here?

The other point is that AFAIK the govt. has never asserted the right to compel a handwritten note to be deciphered. The govt. doesn't assert the right to systematically read people's mail (even postcards); but they do so wrt electronic comms. I think we can safely state that almost all comm. is going to be electronic in the future. That's why this is important. This is yet another example of the govt. trying to trim back rights that the hoi polloi have enjoyed for a couple of centuries.

As to why this is important: you might have read the quote that six lines by any man's hand are enough to hang him.

Sorry, I meandered a little there.

[djackson]

I don't think that in the case that someone has your laptop in hand you can still plead the fifth. If there is evidence pertinent to the case on the physical drive obtained by the government, then they already are in possession of the container holding that evidence. Beyond that, it's a matter of litigation expense to crack it. It's up to you, at that point - unlock the laptop and allow a search or force them to hire a consultant (lawyers and cops are shitty hackers) to dig into it for them.

The hand-written note argument doesn't hold water, in my eyes, because it is the encryption of all of the evidence, not any one document, that is at issue. As was mentioned, the government has compelled people to open safes.

[someone13]

See, here's the issue. The burden of proof, in our court system, lies with the prosecutor. If I could just say "I know you killed that person, so bring me to the murder weapon and body", and charge the accused with contempt of court if they said "no", then there's a massive potential for abuse. For example, if the accused didn't actually do it, then they would get charged with contempt (or obstruction, or whatever), because they have nothing to show.

Passwords to encrypted containers are slightly different - they're not as simple as a key to a safe, and not as obviously protected as my above (contrived) example. However, the same problem exists. If I compel you to decrypt an encrypted volume, and you don't actually have the password (i.e. it's a friends', or whatever), then it's similar enough to the example above.

I'm not a lawyer, nor am I well-versed in law. But I know enough to say that it's not nearly as cut-and-dried as some people think.

[tomjen3]

At present, all you have to do is bury it in the woods.

Sorry your honor there were no incriminating papers found.

[pielud]

These protections extend to everyone, no matter how despicable.

In order for good people to be free, some bad guys might also get away. Such is the price of a free society.

[djackson]

Do you think the government should have subpoena power in order to collect evidence? Do you think they should be able to search a murderer's home for the weapon? I'm not saying they should have this power without a warrant, but nobody has the protection from a _reasonable_ search.

[pielud]

Do you think the government should have subpoena power in order to collect evidence? Do you think they should be able to search a murderer's home for the weapon?

Of course they should. But that's no the issue here. The issue at hand is whether or not the government can compel you to give them information.

Consider this. You have a box, buried in the Mojave desert, with some documents in it. You've memorized the gps coordinates of this box. Should they be able to compel you state those coordinates?

Sure, they could search 100s of square miles looking for your box, and they might stumble upon it. But they shouldn't be able to force your to tell them where it is.

An encryption key is the same. They can try to brute force it if they wish. They're just looking for a much smaller box in a much bigger desert.

[danvet]

In all the discussion here, I think yours is the absolutely best analogy. Perfectly illustrates the cost of brute-forcing versus the accused just revealing the crucial little information. Even informed guessing of the password is covered (the accused was seen lately in that corner of the Mojave, maybe the box is there?).

[djackson]

I don't think you understand what a subpoena is.

A subpoena is a compulsory order to produce all documents related to a matter, whether the government knows they exist or not. So yes, if you believe in subpoena power, you agree that you should have to produce that box.

[SoftwareMaven]

And you are failing to understand the 5th Amendment. You do not have to give up that information, if it is only in your head, regardless of the subpoena. That is the entire point of the 5th. You can't stop the government from doing its search, you can't actively hide it, but you don't have to give them the information if it will incriminate you.

[jancona]

And you are failing to understand the legal questions at issue...

The Fifth Amendment, as currently interpreted, doesn't provide the protection you describe. It protects against giving self-incriminating testimony and essentially the question is whether the password is "testimony." Keep in mind that the government is not asking him to disclose it, just to type it into the computer. Here's a good discussion: http://volokh.com/posts/chain_1197670606.shtml (There seems to be a CSS problem with that page, but the text is fine.)

[djackson]

They have the information. They have your hard drive. You have a key, or they can brute force the information out with decryption software. This is not a Fifth Amendment case. They don't want or care about the password itself. They can't use the information you provide (the password) to incriminate you, no matter what the password is.

[dexen]

Quoting DavidSJ's http://news.ycombinator.com/item?id=2751333

> US v Hubbell makes clear that the government cannot compel production of documents (except under immunity to prosecution) which it does not know, ahead of time, to exist.

Dunno if that's true (as IANAL), just quoting.

[VladRussian]

"If you hamstring your government, you aren't allowed to complain that it is ineffective."

Then what in your theory would be an explanation for an ineffective government of practically unlimited power?