[rayiner]

> Why is that when the government says "But, but computer!" judges abandon common sense and case law.

It's exactly the opposite. It's technologists that say "but, but computer!" and demand special treatment for computers are involved.[1] Judges generally treat computers in terms of real-world analogies to concrete things, and these analogies often clash with idealistic notions held by technologists.

This case is actually an excellent example of that phenomenon. I've heard people say that their laptop/phone/etc is an "extension of their mind" or something to that effect. Because the 5th amendment only applies to testimonial incrimination (because of the use of the word "witness" in the text of the 5th), you need that nexus to the mind in order to justify concluding that forcing someone to give up an encryption key is equivalent to forcing them to testify against themselves.

The more obvious (to me, anyway) analogy is that a laptop/phone is like a backpack or briefcase. I keep documents, photos, notes, etc, in my laptop just as I would keep them in a briefcase. Well, under the case law it is not prohibited under the 5th amendment to force someone to unlock a briefcase! That act has no nexus with a person's internal thoughts and is thus not testimonial.

[1] Other examples include various CFAA-related things. Nobody would defend just walking into peoples' houses and saying "hey, your locks suck!" but defend analogous behavior with regard to computer security all the time. You also see it in the e-mail context. E.g. most people who complain about the government possibly subpoenaing e-mails they store on Google's servers would not see the problem with the government subpoenaing Enron's records they stored at their accounts' premises. Technologists generally want to ignore the obvious physical analogies in favor of ones based on how they perceive the electronic world (i.e. it's "my personal documents" even though it's stored on a cloud and dozens of engineers and sysadmins have access to them).

[kinghajj]

An unencrypted hard drive may be akin to a briefcase, but what about an encrypted one? Wouldn't that be more like a safe with a combination lock? IIRC, courts still cannot compel one to disclose the combination to unlock a safe, only to provide a key to a lock, exactly because safe combinations exist solely within the defendant's mind--just like most encryption keys. Disclosing the key implies that one has access to the data, which may be incriminating in and of itself with certain data. Even if the key is not provided, and the defendant is allowed to enter their password privately so that prosecutors may inspect the unencrypted data, the act of entering the password in and of itself provides evidence that one is aware of the contents, and thus may be used as evidence against oneself.

[tedunangst]

One can imagine the possibility that you are required to decrypt the documents, but that fact is itself not admissible in court. The prosecutor would have to demonstrate some other link to prove the files are yours. For instance, if they want to introduce an email found on your encrypted disk, they would claim it belongs to you because your name appears in the To/From field.

[kinghajj]

What if there is no evidence that the file belongs to the user other than the user knew the key to decrypt it? Would prosecution not be possible? I mean, what if you provide the combination to a safe that contains contraband--drugs or guns or undisclosed cash, but no ledger saying "this is the property of X"--wouldn't the combined facts of discovering of the safe in the possession of the defendant and their disclosure of the combination incriminate them?

[tedunangst]

I suppose. Even if you don't disclose the combination, I imagine the jury would be quite curious how you came to be in possession of a safe but not its combination.