Mar 28, 2017

Man possibly jailed forever for not giving up his encryption password

Cryptographically secure pseudorandom number g...
(Photo credit: Wikipedia)
I am a huge proponent for encryption. I'm also a huge proponent for the 5th Amendment which protects you from self incrimination through testimony. Apparently a judge in Philadelphia as well as the 3rd US Circuit court of appeals says the 5th Amendment doesn't apply in this particular case.

You see, Francis Rawls was charged with possession of child porn which is a horrendous crime. The issue here is that in order to make the case against him the police seized a number of devices including some encrypted hard drives. Without the contents of those drives, the prosecution doesn't really have a good enough case to really throw the book at him. Rawls apparently won't give up the passphrase for the drives citing the 5th Amendment despite the court's order, so Rawls is being held indefinitely until he coughs up his passphrase.

From Ars Technica:
On Monday, a US federal appeals court sided against a former Philadelphia police officer who has been in jail 17 months because he invoked his Fifth Amendment right against compelled self-incrimination. He had refused to comply with a court order commanding him to unlock two hard drives the authorities say contain child porn. 
The 3-0 decision (PDF) by the 3rd US Circuit Court of Appeals means that the suspect, Francis Rawls, likely will remain jailed indefinitely or until the order (PDF) finding him in contempt of court is lifted or overturned. However, he still can comply with the order and unlock two FileVault encrypted drives connected to his Apple Mac Pro. Using a warrant, authorities seized those drives from his residence in 2015. While Rawls could get out from under the contempt order by unlocking those drives, doing so might expose him to other legal troubles. 
In deciding against Rawls, the court of appeals found that the constitutional rights against being compelled to testify against oneself were not being breached. That's because the appeals court, like the police, agreed that the presence of child porn on his drives was a "foregone conclusion." The Fifth Amendment, at its most basic level, protects suspects from being forced to disclose incriminating evidence. In this instance, however, the authorities said they already know there's child porn on the drives, so Rawls' constitutional rights aren't compromised.
I'm no lawyer, but from what I can understand from the law surrounding the 5th Amendment and encryption is that it only applies if the police have no idea what's on your encrypted drive, and the only way to find out is by asking you for a password. In this case, they had eye witness testimony that child porn was indeed on the drive, as well as other system logs showing that illegal files were saved on those drives.

Another way the 5th Amendment doesn't apply to encryption is when there is a physical mechanism like a key to unlock the drive. A physical key does not require testimony, and therefore does not require you to testify against yourself to hand that key over.

There is a nice video explaining this here from the EFF:

I certainly don't condone Rawls' actions here, if he indeed does have child porn, but there is a lesson to be learned here for those of you that value your privacy and your rights. Number one, if you want to be able to use the 5th Amendment to protect your passphrase, then you can't have any other un-encrypted "tracks" pointing to what's on your encrypted devices.

What do you think about this? Let us know in the comments.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam