Feds Want Judge to Force Suspect to Give Up Laptop Password; Judge orders woman to...

One thing bad about Truecrypt hidden OS (decoy OS) scheme is that it is easily recognized by law enforcement as being "Truecrypt hidden partitions". One partition shows as normal explorable. The other like a junk or raw data.

If you choose to encrypt the whole drive, then there is no hidden OS. Another bad thing about Truecrypt is that it has no destruction password.

 

Well, not everyone is accused of suspected mortgage fraud. She is. And indeed, her computer might contain evidence in that regard. So I don't see what the big fuss is and how liberties and whatnot are violated. People act as if the purpose of disk encryption is to beat the system and that she has a fundamental right to do so. Why?

And what is she is truly a criminal and has defrauded people in a mortage scam and now some families are living in the street with huge debts because of her or whatever? What then? What if the accused was a foreign nationalist suspected of terrorism? How would people react then?

Reading comments here sounds as if everyone is building a nukelar weapon in their backyard (see David Hahn on wikipedia). But seriously. What is the purpose of data encryption? It's to prevent exposure due to inadvertent data loss, like theft of a mobile device. It's not meant to make you a better criminal. And if you conduct business fraud from your home, well.

Mrk

 

Innocent until proven guilty.
Burden of proof defines the duty placed upon prosecutor to prove or disprove a disputed fact.

She is innocent until proven otherwise, no "what if". Prosecutor has the burden to prove she has done the thing she is being prosecuted for, she doesn't have to prove to be innocent, she allready is. Read rule 1.

p.s. Negative facts can't be proven. Laws of logics. No "what if" no "then what"

 

Exactly, and they need evidence for that - on her laptop.
She does not wish to provide incriminating evidence - hence?
Mrk

 

Hence nothing. She is innocent from the start on - by default-, until the court rules otherwise, and the verdict will come at the end of the trial, not at the start or in the midle.
--- Burden of proof defines the duty placed upon prosecutor to prove or disprove a disputed fact. ---
It is not her job to prove she is innocent, if the prosecutor wishes to find some evidence whereever, it is his duty to find them, not hers to provide the evidence, not hers to help him, not hers to find out who is guilty or otherwise "she is the one."

If i use extreme examples:
You are being suspected and charged of being a second shooter on JFK, or at least knowing who the shooter was.
I think... i "know" the evidence is in your possession and i want it from you.
You do not want to provide it.... then "hence" you are the shooter.
You can't provide it.... then "hence" you are lying, you are the shooter.
I can insert any activity in the upper example and bring the judgment that i wish for.

Again, negative facts can't be proven! It is simple logics (looks like not to everyone).

 

If the police have reason to believe that there's a dead body in my apartment they'll get a warrant and come in.

How is this different than them having reason to believe there's incriminating information on my HDD and getting a warrant (or subpoena) for the information?

It isn't.

They have to have some kind of reason for believing the information is there but if they have that reason they have the right to get it.

You can't say "Oh, I can't let you into my apartment I plead the fifth."

 

It's up to the court to decide. If it rules she must, she must. Simple. It makes no difference whether she keeps the evidence on an encrypted disk or in a shoebox that reads Cincinnati (Hot Tub Time Machine).
Mrk

 

"5th amendment"

shall not be compelled in any criminal case to be
a witness against himself or herself

she may had done the crime and I'm not defending her
but i would sit in jail before i would give them the password

 

I would rather see her go free if guilty than see them claim this is not a violation of someone's 5th amendment rights. It clearly is. If this person is guilty of something then there should be some other evidence of that fact. If the only potential evidence is something they are asking her to provide to incriminate herself, then someone is doing it wrong. Once they succeed in taking all of our rights, I am sure there is something they can find on ANY one of you to lock you up. The people defending her 5th amendment rights aren't advocating committing a crime and using encryption to get away with it. They are defending a person's right to be innocent until proven guilty, not assumed guilty unless and until you can prove otherwise.

 

good point

 

I don't see what the fuss is. Feds are asking the court to permit something.
If the judge decides it should be done, it should be done. Very simple.
Mrk

 

^If she claims to have forgotten the pasword, would that be 'contempt of court', in any way, in your opinion?
I don't see how the prosecutor/LAE can prove that you haven't forgotten it.
I guess the next step, after forcing someone to give up an encryption password in order for LAE to work on that person's prosecution, would be a law that will define not giving up the password/not-remembering a password as a criminal offense simply because of not complying with a court order.
That's when Bizarro world opens up imo...(like in the UK already, but they don't even have a constitution...).

 

It is not at all clear that being ordered to provide a password is a violation of the right not to incriminate oneself. That right was intended primarily to allow people not to testify against themselves, either because there was a risk that such testimony might be coerced, or because an innocent person might become ensnared by the questioning. A password is not itself incriminating knowledge; it is a kind of key to access evidence.

A much closer parallel to handing over a password is a search warrant: if the police have reason to believe your home contains evidence of a crime and they succeed in persuading a judge to issue a search warrant then they are entitled to search any safes you have in your home. If a safe is locked you are obliged to hand over the key or provide the combination. A computer or other storage device that is encrypted is effectively a digital safe locked by a key in the form of a password. It is not unreasonable to expect such a device to be subject to the usual judicial search processes.

Of course, as others have pointed out above, a person may claim to have forgotten the password, although this may lead to prosecution for contempt.

The current situation in the USA is that a federal court in Denver has ruled that a defendant must hand over a password and that this is not a violation of the Fifth Amendment. If there are more cases like this, and surely there will be, it is likely that the issue will be escalated to the Supreme Court, or a new law will be needed, or both.

In the UK, the RIPA law of 2000 explicitly provides that a defendant must provide the password in such cases. As far as I know, there has been only one prosecution of a man who refused to do so (he was accused of possessing child pornography on his computer).

 

1. It isn't recognized as anything. There is nothing to identify it, like there is with a LUKS header.

2. There is no way to *prove* a hidden volume exists (generally, let's assume no has had access to the container over time).

3. Random data (RAW) can just as easily be a DBAN'd partition. Or one erased with Acronis' 'Secure Erase' feature. etc...

3. You can provide a password and fully comply, Heck, you can provide TWO (Decoy OS and Outer Volume. The Hidden OS resides in the Outer Volume, so it *is* explorable, once you give them the throw away, second password.)...what more do they want? In this country (US, and for now, though it is eroding daily) they need to *prove* there is a hidden OS.

Anyone who uses encryption should be rooting for this lady, criminal or not. 'First they came for the mortgage thiefs, but I wasn't one, so I said nothing...'

PD

 

Why would I root for a criminal? They can get a warrant for a house they can get a warrant for a computer. There's no difference. They have to prove that there's a good reason to look and get a judge to sign off on it and that's it.

Encryption is (in my opinion) to stop unwarranted access to files from criminals. Not a tool for criminals to take advantage of.

The real issue here is that you can't prove she didn't forget the password. Holding her in contempt for something you can't prove is ridiculous and that's it.

 

Even if there is incriminating information on the HDD, it is still a
violation of someone's 5th amendment rights,

"5th amendment"

shall not be compelled in any criminal case to be
a witness against himself or herself

 

The way you're saying it is like if the police had a warrant to search my apartment and I said "Sorry, I can't let you in, I would be incriminating myself."

This is obviously not the case.

 

Not exactly, in regards handing over the key or password. The police, with a legal warrant can search your home within the scope of the warrant. For the warrant to include the contents of a safe, there must be probable cause - reasonable knowledge - to believe that what they're searching for is in the safe.

Can they compel you to provide the combination or key? No they cannot compel you to open the safe even if they have a search warrant. As far as I'm aware there is no criminal statute you would be violating in the above scenario.

The only way they would be able to file a contempt charge would be if a court of law compelled you to open the safe and you refused. As mentioned above, the police must provide the court with probable cause - knowledge - that incriminating evidence exists in the safe.

Normally they would document your refusal and take the safe to be opened by a locksmith.

The question I have regarding this case, do the authorities have probable cause to believe there is incriminating evidence on the computer? As I see it, not being a lawyer, suspicion doesn't count. There has to be reasonable knowledge. The suspect could have secret diaries detailing incidents that could harm other people, that she doesn't want revealed. There could be any number of reasons for not wanting strangers snooping through your computer.

 

At the same time, it isn't clear at all that it isn't a violation, right?
Food for thought all the way up to the US Supreme Court afaic.

The analogy safe vs. encryption is correct I think.
But what if one claims to not remember the safe combination and due to whatever reason, LAE can't crack the safe.
Would that be enough reason, in your opinion, to have someone convicted and incarcarated? Only because the person stated, he didn't know/remember a safe combination/encryption password?
Tbh, I really wouldn't be surprised if this became reality (especially after the US Senate vote for the recent NDAA bill). Catch as catch can, against your own citizens also, seems the way to go across the big pond.

 

This is where it gets sticky.

There was a case somewhere a few years ago where some Mafia boss refused to give up the password his encrypted computer, and he walked if I remember correctly. The FBI seized the computer and tried unsuccessfully to break in for months. They finally gave up.

This was a different court in a different part of the country.

 

As much as I don't think they should be allowed to punish you if you honestly forget your password. (remember you can't prove a negative; that you don't know it). I do have to agree with this from a legal standpoint. Technically speaking it is the same thing, that said it does also violate the 5th amendment. This is a very interesting grey area of the law. You can argue both sides very well and both have merits to there arguments.

Usually one side clearly out weighs the other (in terms of pros and cons) in this case both have an equal number of pros and cons.

Here in Canada the government can get a warrant for the password. It doesn't happen often (as most cases have evidence besides just on a computer). You can (and I have) just claim it's been wiped randomly. 9/10 they won't even bother if it looks like you are co-operating. I just gave them the "password" but it wouldn't work so they bought it as random data (the couldn't prove other wise so no warrant could be issued).

 

One must remember to distinguish between being prosecuted and being convicted. If you are ordered by a court to hand over a password to an encrypted drive and you refuse claiming that you cannot remember it, you might be prosecuted for contempt, but it would be up to the jury to decide whether they believe you. If you have an honest face and a good character you might well avoid conviction. Of course, there is no reliable procedure for determining whether someone is telling the truth, but juries make decisions every day in cases where the issue turns on whether they believe the witnesses. Mistakes will sometimes happen, but we haven't found anything better than the jury system yet.

 

What about the bootloader? In that case you can't claim random data, I guess?

 

The issue will be, what happens if you don't refuse but are willing to comply. (Opposite to the above mentioned mafia boss, not willing to comply).
You hand over the password, to the best of your knowledge after which it turns out not to be correct upon which you state, you (apparantly) forgot the password.
I'd wonder if that still would be 'contempt of court'; not remembering information correctly.

 

If it's a TC Bootloader, you give the decoy OS password. If they want to know what the second partition is, you can say DBAN wipe. After a while of really scary 'threats' (through your lawyer of course, never talk to the police) you can even give up the outer container (a second passphrase you have now cooperated for them). There is nothing giving away the hidden OS...it can't be proven. The LEO Forensic lists back this up. Many times questions are asked about TC. All the reply's I have seen state Hidden OS=bad news for the investigation. You can read them yourself...just search 'Fred Baclagan' and get the torrent.

Proof. That is what is required. If we were all forensic investigators, of course we'd say "TC huh? I want the decoy, hidden, and outer container passwords". But we could never *prove* that a hidden OS was in use.

PD