[kinghajj]

An unencrypted hard drive may be akin to a briefcase, but what about an encrypted one? Wouldn't that be more like a safe with a combination lock? IIRC, courts still cannot compel one to disclose the combination to unlock a safe, only to provide a key to a lock, exactly because safe combinations exist solely within the defendant's mind--just like most encryption keys. Disclosing the key implies that one has access to the data, which may be incriminating in and of itself with certain data. Even if the key is not provided, and the defendant is allowed to enter their password privately so that prosecutors may inspect the unencrypted data, the act of entering the password in and of itself provides evidence that one is aware of the contents, and thus may be used as evidence against oneself.

[tedunangst]

One can imagine the possibility that you are required to decrypt the documents, but that fact is itself not admissible in court. The prosecutor would have to demonstrate some other link to prove the files are yours. For instance, if they want to introduce an email found on your encrypted disk, they would claim it belongs to you because your name appears in the To/From field.

[kinghajj]

What if there is no evidence that the file belongs to the user other than the user knew the key to decrypt it? Would prosecution not be possible? I mean, what if you provide the combination to a safe that contains contraband--drugs or guns or undisclosed cash, but no ledger saying "this is the property of X"--wouldn't the combined facts of discovering of the safe in the possession of the defendant and their disclosure of the combination incriminate them?

[tedunangst]

I suppose. Even if you don't disclose the combination, I imagine the jury would be quite curious how you came to be in possession of a safe but not its combination.